Re: ldapsearch don't work correctly with '*' in the filter

["Pierangelo Masarati" <ando@sys-net.it>]

> Hi.
> I have instaled OpenLDAP 2.1.25 on Linux Red Hat 7.3.
>
> I have defined the next classes:
>     objectclass ( 1.1.2.2.1 NAME 'eba-instancia'
>         SUP top
>         MUST ( eba-id ))
>     objectclass ( 1.1.2.2.6 NAME 'eba-instancia-red'
>         SUP eba-instancia
>         MUST ( eba-other ))
>     objectclass ( 1.1.2.2.6 NAME 'eba-instancia-black'
>         SUP eba-instancia
>         MUST ( eba-other ))
>
> and in my OpenLDAP there are multiple objects of these
> classes.
>
> Does anyone know why these sentences don't work? (they don't
> find any objects):
>    > ldapsearch -x -b 'base' '(objectClass=eba-instancia*)'
>    > ldapsearch -x -b 'base'
> '(objectClass=eba-instancia*red)'
>
> but these sentences work fine  (they find the correctly
> object):
>    > ldapsearch -x -b 'base'
> '(objectClass=eba-instancia-red)'
>    > ldapsearch -x -b 'base'
> '(objectClass=eba-instancia-black)'
>
> It seems that the * character in the filter doesn't work with
> the objectClass
> attribute, but this character works well with any other
> attribute (cn, sn, ....).

None of the above commands complies with the requirements of the operation
you're trying to attempt:

1) -b requires a valid DN in string form; 'base' is not.
2) objectClass does not support any substrings equality rule, as per
schema definition (see RFC2252 5.1.7. objectClasses)

p.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it




    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497