[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch and non existing objectclasses (ITS#3251)



Am Mittwoch, 21. Juli 2004 15:21 schrieben Sie:
> OpenLDAP's slapd is strongly schema aware.  A request for a nonexistent
> objectClass (i.e. not defined in the server's cn=subschema entry) results
> in an erroneous filter.  The result of negating an erroneous filter is
> another error.  The right approach to get alal entries is by using the
> presence filter '(objectClass=*)', since all entries must have an
> objectClass.
>
> This ITS will be closed, since it does not appear to indicate any bug
> in the software.

The problem is not the use of (objectClass=*). The software is looking
for i.e.

(&
  (objectClass=posixGroup)
  (!( |
       (objectClass=sambaGroupMapping)
       (objectClass=gosaApplicationGroup)
   ))
)

So, you suggest me to do checks if the objectclasses are present first
and then assemble the filters? Problem is that it is non trivial to get
the classes from several types/versions of ldap servers.

If you refer to objectClass definitions, it is logic for the software, but not
a logic result for the person who is editing the filter. Sorry.

Cheers,
Cajus