[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Cannot Index uniqueMember ( uniqueMemberMatch)

This may be unrelated to your situation, or it may be the reason you are trying to index uniqueMember.

We wanted to index uniqueMember because when our install of red hat enterprise linux 3 does a lookup for group (as dictated in our nsswitch) it ORs the expected query (what we get from our sun machines) with (uniqueMember=uid=blah blah blah).

this made logins take 6 seconds.
We upgraded to the latest nss_ldap module for redhat (fixes bugs with attribute mapping), and then mapped unqieMember to memberUid in ldap.conf and logins are now fast

We only cared about stopping logins from taking 6 seconds, since we do absolutely nothing with uniqueMember.

If you are trying to index uniqueMember to speed up red hat logins then this might help, otherwise I can't help you:)


On Mar 30, 2004, at 11:41 AM, Gary Allen (ldap) wrote:

Please correct me if I'm wrong but:

I would guess (educated guess) that you cannot index on uniqueMember because it is a multi valued attribute. Whereas, uid and cn are only single valued attributes (only one uid and cn are allowed within an entry).

Gary Allen

Wachdorf, Daniel R wrote:

I am trying to setup indexing for the attribute uniqueMember. I have added
the following line to my slapd.conf

index uniqueMember eq

When I start slapd in debug mode it get:

/usr/local/etc/openldap/slapd.conf: line 69: equality index of attribute
"uniqueMember" disallowed

I have tried 2.2.7, 2.2.8, 2.1.19. All three versions seem to have the same
Any ideas?


Daniel Wachdorf
Sandia National Laboratories
System Security Research and Integration