[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: meta backend subtree directive ignored by conversion to cn=config

To: <masarati@aero.polimi.it>
Subject: Re: meta backend subtree directive ignored by conversion to cn=config
From: <francesco.policastro@selex-es.com>
Date: Wed, 27 Feb 2013 15:39:01 +0100
Cc: openldap-technical@openldap.org
In-reply-to: <4349_1361957772_512DD38C_4349_1618_1_512DCEBB.3060204@aero.polimi.it>
References: <24928_1361432142_5125CE4E_24928_7482_1_OF1403664F.1059C853-ONC1257B19.00275BB7-C1257B19.0027DEEA@selex-es.com> <13772_1361885750_512CBA35_13772_79_1_OFF8978457.612C19B4-ONC1257B1E.0047B8F5-C1257B1E.00492DF9@selex-es.com> <4349_1361957772_512DD38C_4349_1618_1_512DCEBB.3060204@aero.polimi.it>

Sorry!
I mistyped the uri where the user is found (this happens because I saw this behaviour on the real configuration and I had to massage it).
The search command, issued from the openldap server itself, is:

ldapsearch -xLLL -H ldap:/// -D " "cn=LdapBindUser,dc=newco,dc=com"-w secret1 -E pr=647/noprompt -b 'DC=newco,DC=com' 'sn=policastro' dn

I find two records, one correct and one unexpected:

dn: cn=Policastro Francesco,ou=Users,ou=2nd-location,dc=first,dc=newco,dc=com" (matches the line marked with *)

dn: cn=Policastro Francesco,ou=UsersDisable,dc=second,dc=newco,dc=com

Francesco Policastro

From:	Pierangelo Masarati <masarati@aero.polimi.it>
To:	<openldap-technical@openldap.org>
Date:	27/02/2013 10:36
Subject:	Re: meta backend subtree directive ignored by conversion to cn=config
Sent by:	<openldap-technical-bounces@OpenLDAP.org>

On 02/26/2013 02:19 PM, francesco.policastro@selex-es.com wrote: > Even worse: if I start the server using slapd.conf, not cn=config, the > subtree-include directives seem to be ignored. > With reference to the previously attached file if I search users from the > root ( "dc=newco,dc=com") I find them also outside the included subtrees; > e.g I find users under "ou=UsersDisable, > ou=Users,ou=2nd-location,dc=first,dc=newco,dc=com". > Is it there anything wrong in my config file? Did I misunderstand the > directive? According to your configuration file, whose relevant directives I summarized below, the entry "ou=UsersDisable,ou=Users,ou=2nd-location,dc=first,dc=newco,dc=com" matches the 3rd subtree-include of the 1st target (marked with [*]). So it seems to behave as intended. p. ----- database meta suffix "dc=newco,dc=com" ... uri "ldap://server1.it.domain1.com/dc=first,dc=newco,dc=com" ... subtree-include "ou=Applications,ou=Groups Shared,dc=first,dc=newco,dc=com" subtree-include "ou=Users,ou=1st-location,dc=first,dc=newco,dc=com" subtree-include "ou=Users,ou=2nd-location,dc=first,dc=newco,dc=com" [*] subtree-include "ou=Users,ou=3rd-location,dc=first,dc=newco,dc=com" ... uri "ldap://server2.domain2.net/ou=organizationalUnit,dc=second,dc=newco,dc=com" ... subtree-include "ou=Users,ou=1st-location,ou=organizationalUnit,dc=second,dc=newco,dc=com" subtree-include "ou=My-ou,ou=1st-location,ou=organizationalUnit,dc=second,dc=newco,dc=com" subtree-include "ou=Remote Sites,ou=organizationalUnit,dc=second,dc=newco,dc=com" -- Pierangelo Masarati Associate Professor Dipartimento di Scienze e Tecnologie Aerospaziali Politecnico di Milano

Prev by Date: Re: N-Way Multimaster with syncrepl and delta-repl -- slapd stops responding
Next by Date: Re: meta backend subtree directive ignored by conversion to cn=config
Index(es):
- Chronological
- Thread