[Date Prev][Date Next] [Chronological] [Thread] [Top]

openldap search question...


following search query using ldapsearch does not return anything.

# /usr/local/bin/ldapsearch -P 3 -x -LLL -S "" -b "ou=Users,o=cisco.com" -h -p 8404 "objectClass=ciscoocUser"

whereas I have following entry in the directory.

dn: cn=ab,ou=Users, o=cisco.com
givenName: a
sn: b
userPassword:: Y2NjYw==
objectClass: top
objectClass: User
objectClass: ciscoocUser
mail: ab
cn: ab

and if I use following search command, I am able to get this entry.

# /usr/local/bin/ldapsearch -P 3 -x -LLL -S "" -b "ou=Users,o=cisco.com" -h -p 8404

I have debug log for the server ( with -1 option ) from the log I can see that server gets this entry but rejects it saying "does not match filter" including the portion of the log below:

====> cache_find_entry_id( 16 ) "cn=ab,ou=Users, o=cisco.com" (found) (1 tries) <= id2entry_r( 16 ) 0x80f98e0 (cache)
=> test_filter
=> access_allowed: search access to "cn=ab,ou=Users, o=cisco.com" "objectClass"requested
=> acl_get: [1] check attr objectClass
<= acl_get: [1] acl cn=ab,ou=Users, o=cisco.com attr: objectClass
=> acl_mask: access to entry "cn=ab,ou=Users, o=cisco.com", attr "objectClass" r
=> acl_mask: to value by "", (=n)
<= check a_dn_pat: *
<= acl_mask: [1] applying write (=wrscx) (stop)
<= acl_mask: [1] mask: write (=wrscx)
=> access_allowed: search access granted by write (=wrscx)
<= test_filter -1
ldbm_search: candidate 16 does not match filter

please let me know what can be the problem here.