[Date Prev][Date Next] [Chronological] [Thread] [Top]

LDAP searches don't work unless they're wildcards

Hey lists,

My problem is that searches for valid ldap entries return no results, unless the last character in the search is a wildcard.
[server]:/# ldapsearch -xh localhost -b "o=GSAT Ltd" "cn=andrew hosie" mail
version: 2
# filter: cn=andrew hosie
# requesting: mail
# search result
search: 2
result: 0 Success
# numResponses: 1
[server]:/# ldapsearch -xh localhost -b "o=GSAT Ltd" "cn=andrew hosie*" mail
version: 2
# filter: cn=andrew hosie*
# requesting: mail
# hosie, GSAT Ltd
dn: uid=hosie, o=GSAT Ltd
mail: hosie@gsat.net.au
# minime, GSAT Ltd
dn: uid=minime, o=GSAT Ltd
mail: minime@gsat.net.au
# search result
search: 2
result: 0 Success
# numResponses: 3
# numEntries: 2
Note: cn is not the only attribute tested, uid, mail, givenName and so on, all result in the same failure.

The server is:
	* Linux kernel 2.4.18
	* Debian woody (3.0r1) build
	* OpenLDAP: slapd 2.0.23-Release

I've analysed the content of entries returned with wildcard searches - there aren't any extra characters at the end of the cn.

I also thought it could be to do with the index's so I altered the following:
index   aci pres
index   cn pres,eq,sub
index   sn pres,eq,sub
index   givenName pres,eq,sub
index   mail pres,eq,sub
index   telephoneNumber pres,eq,sub
index   ntUserDomainId pres,eq,sub
index   uid eq
index   changenumber eq
index   uniquemember eq
index   member eq
index   owner  eq
index   seeAlso eq
To reflect "index   uid sub" - still no good.

I'm lost for ideas.

Any assistance will be appreciated.

P.S. /might/ have something to do with it - the schema is not default OpenLDAP - it's built 99% from converted NDS schema entries.
Schema: http://www.gsat.net.au/openldap_schema.tar.gz [11.2KB]


Andrew Hosie
GSAT Technical Consultant
Ph:   1300 65 4728
Ph:  +61 3 5227 8022
Fax: +61 3 5227 8023
http: www.gsat.net.au