[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4232) proxy cache and "no objectClass attribute"

Full_Name: Ashish Gawarikar
Version: 2.3.12
OS: Linux 2.6
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

My search is "mailLocalAddress=test1@example.com" and the return attribute is
mailRoutingAddress. If I limit the return to the attribute only (no return of
objectClass attribute) then the first time the query hits the local proxy cache
server (entry is non-existent), I see the dn and the attribute (in this case
mailRoutingAddress), but the next time onwards I do not get anything back and I
see an error being logged in the ldap.log saying:

Nov 24 02:59:13 hostname slapd[18180]: conn=13 op=1 SRCH
Nov 24 02:59:13 hostname slapd[18180]: is_entry_objectclass("", "") no
objectClass attribute

I had to change my ACLs on the remote server (replica in this case) from 

access to attr=entry by * read
access to attr=objectClass by * =scx
access to * by * read

The puzzle is, why does it show the right dn and the right attribute the first
time, and never after that.