[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
OpenLDAP returns all entries while processing >10000 aliases (ITS#1174)
Full_Name: Kentaro Fujinuma
Version: 2.0.7-2.0.10
OS: RedHat 6.2
URL:
Submission from: (NULL) (210.198.9.9)
I have a DIT with entry which have >10000 alias entries.
ldapsearch -x -D "cn=Manager,dc=example,dc=com" -W -b \
"cn=anEntry,ou=Dept,dc=example,dc=com" -a never -s sub \
"(objectClass=alias)" aliasedObjectName \
| grep aliasedObjectName | wc -l
10108
All of the alias have corresponding (non-alias) entry. These entries
resides on subtree "ou=People,dc=example,dc=com".
I have expected getting same number of entries while searching
that entry with alias-dereference mode.
But I got all of the entries that "ou=People,dc=example,dc=com" has,
or sometime I got all of the entry my DIT has.
# searching entry same as above, but too many entries returned.
ldapsearch -x -D "cn=Manager,dc=example,dc=com" -W -b \
"cn=anEntry,ou=Dept,dc=example,dc=com" -a always -s sub \
"(objectClass=myClass)" myAttr1 \
| grep myAttr1 | wc -l
144337
# "ou=People" has these entries...
ldapsearch -x -D "cn=Manager,dc=example,dc=com" -W -b \
"ou=People,dc=example,dc=com" -a never -s sub \
"(objectClass=myClass)" myAttr1 \
| grep myAttr1 | wc -l
35292
If the entry doesn't have >10000 aliases, search operation
with alias-dereferencing works very well.
ldapsearch -x -D "cn=Manager,dc=example,dc=com" -W \
-b "cn=anotherEntry,ou=Dept,dc=example,dc=com" -a never -s sub \
"(objectClass=alias)" aliasedObjectName | grep aliasedObjectName | wc -l
26
ldapsearch -x -D "cn=Manager,dc=mmm-keio,dc=net" -W \
-b "cn=anotherEntry,ou=Dept,dc=example,dc=com" -a always -s sub \
"(objectClass=myClass)" myAttr1 | grep myAttr1 | wc -l
26
Here is my database setting.
database ldbm
suffix "dc=example,dc=com"
rootdn "cn=Manager, dc=example, dc=com"
rootpw Secret
directory /var/openldap/openldap-ldbm
index objectClass eq
index cn eq
index myAttr1 eq
index myAttr2 eq
Is this a OpenLDAP's problem?
Best regards.