[Date Prev][Date Next]
Re: Too many candidates on ldapsearch
- To: Quanah Gibson-Mount <firstname.lastname@example.org>
- Subject: Re: Too many candidates on ldapsearch
- From: Marc-Andre Gaudreau <Marc-Andre.Gaudreau@USherbrooke.ca>
- Date: Mon, 02 Feb 2004 11:36:29 -0500
- Cc: openldap-software@OpenLDAP.org
- In-reply-to: <email@example.com>
- References: <4016AF10.50905@USherbrooke.ca> <firstname.lastname@example.org> <401A732D.4080304@USherbrooke.ca> <email@example.com>
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20030225
Even though this might really be a LDBM vs BDB issue, I'm still not
If I try something like this :
I also immediatlely get nothing back (add a star after "marc" and I get
the correct entry in both cases).
I did a little bit more research on this and here is what I found so far...
The problem seems to happen whenever these conditions are met :
1- The search filter tries an exact match on an attribute for "x" and
there exists at least one entry in the directory where the attribute is
2- The search filter contains at least one condition that is met by a
lot of entries.
3- The order in which the filter is built seems to matter.
However, it seems to happen pretty much all the time for "givenName" and
"sn" but I did not find any problems with the "cn" attribute...
Here are some further examples of working and non-working search filters :
For these examples, let's say we have these entries in the directory :
and a few thousand more... :)
Working filters :
(&(cn=marc)(objectClass=person)) => ("cn" seems to be ok...)
(&(objectClass=person)(givenName=marc)(sn=gaudreau)) => (because the
objectClass condition is before everything else, this works fine)
Non-working filters :
(&(givenName=marc)(sn=gaudreau)(objectClass=person)) => (this time the
objectClass condition is at the end and this does not work)
(&(givenName=quanah)(sn=gibson)(objectClass=person)) => (same problem
but with "sn" instead)
(&(givenName=joe)(sn=gibson)(objectClass=person)) => (this still does
not work because of the "Gibson-Mount" entry)
Thanks again for your help (please tell me if I could post any other
Quanah Gibson-Mount wrote:
I think this might be specific to the LDBM backend. With my BDB
database, when I do a query like this:
I immediately get nothing back (Note that I changed the real name,
which has a hyphenated entry to protect that person's identity.)
When I do:
I get the correct entry.
Principal Software Developer
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html