[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Searchbase Bug in slapd?

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: Searchbase Bug in slapd?
From: "Jim Hud" <jdhz@btinternet.com>
Date: Sun, 8 Oct 2000 10:07:48 -0000
Cc: <openldap-software@OpenLDAP.org>
References: <5.0.0.25.0.20001007174007.00a4ecd0@router.boolean.net>

This is an Outlook *feature*.  I have run some more tests and established
the following:

MS Exchange ldap ignores any searchbase sent by an ldap client.
Outlook (Express 5 on NT) does not reset a searchbase to null but something
else, in my tests c=UK
If a new directory account is created and used immediately after another
account has been used with a reset searchbase, then the first search uses
the previous account's searchbase, subsequent searches are OK.

So I have proven that slapd is OK and Outlook has two distinct bugs.  It
reinforces my belief in opensource.  I doubt it is worth trying to report it
to MS.

Thanks for your comments Kurt.


----- Original Message -----
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
To: "Jim Hud" <jdhz@btinternet.com>
Cc: <openldap-software@OpenLDAP.org>
Sent: Sunday, October 08, 2000 12:56 AM
Subject: Re: Searchbase Bug in slapd?


> At 11:33 PM 10/7/00 +0000, Jim Hud wrote:
> >If I use Outlook to run a search against slapd (which has
defaultsearchbase
> >configured) I get data back OK.
>
> You've demonstrated that the defaultSearchBase kludge works for
> clients which don't send an appropriate search base.
>
> >If I then configure the Outlook search base
> >to the correct base (same as set in defaultsearchbase) I still get data
> >back, OK so far.
>
> You've demonstrated that slapd responds with a properly configured
> client.
>
> >However when I clear the Outlook search base to nothing I
> >get no data back from slapd.
>
> This is correct behavior for a server which doesn't hold the
> root namingContext (or doesn't have a defaultSearchBase set).
> If slapd cannot locate the base of the search, it cannot
> return any entries.
>
> >In fact the logs appear to say that Outlook is
> >giving a base of "c=UK".
>
> If the client requests "c=UK" and "c=UK" doesn't hold "c=UK", it
> cannot return "c=UK".
>
> >Restarting slapd makes no difference, nor does
> >rebooting the slapd machine.  Looks like an Outlook problem doesn't it.
> >
> >BUT if I then do the same but instead of slapd I use an MS Exchange LDAP
> >server then it resets OK.
>
> What resets?  Outlook?  That's its business.
>
> >Also if I create a new directory account on
> >Outlook with no searchbase set it does not work until I stop and restart
> >slapd.
>
> You likely changed something, like setting a defaultSearchBase, to
> change slapd behavior.
>
> >My theory is that the logic of dealing with null search bases is wrong
> >somewhere.
>
> Some clients expect servers to somehow guess at what they mean
> when given an empty search base.  However, LDAP/X.500 prescribes
> this behavior quite clearly.  If the server is not configured
> to hold the root namingContext, it cannot return any entries
> for a subtree or one-level search when an empty base DN (if
> scope is base, the RootDSE is returned).
>
> defaultSearchBase can be used to purposely break LDAP/X.500
> semantics and specify a defaulting to some DN.  Whether you
> use this mechanism or not is your choice.
>
> Kurt
>
>
>

References:
- Re: Searchbase Bug in slapd?
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: RE: Why does slapd need a searchbase?
Next by Date: Re: Why does slapd need a searchbase?
Index(es):
- Chronological
- Thread