[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Meta Directory err=32 'No Such Object' Returns the Object :-)
Hi.
Usually this is the result of a misconfiguration. I don't see any
significant error in your slapd.conf at a first glance; however, if you
could tell us the version of the software you're running this could help a
bit. I note that if you need to point to just one target, there's no need
to use back-meta, you can use back-ldap, which supports exactly the same
mapping and rewirte features.
p.
>
> Greetings,
>
> I'm seeing something I think to be squirrelly and I'm not sure exactly
> what's happening.
>
> I am running a search against a meta-directory, a la:
>
> ldapsearch -H "ldaps://jaas.itsp.purdue.edu:2490" -b
> "uid=wbormann,cn=users,dc=purdue,dc=edu" -s "base" -x -v
> "(objectClass=*)"
> ldap_initialize( ldaps://jaas.itsp.purdue.edu:2490 )
> filter: (objectClass=*)
> requesting: ALL
> # extended LDIF
> #
> # LDAPv3
> # base <uid=wbormann,cn=users,dc=purdue,dc=edu> with scope base
> # filter: (objectClass=*)
> # requesting: ALL
> #
>
> # wbormann, users, purdue.edu
> dn: uid=wbormann,cn=users,dc=purdue,dc=edu
> objectClass: top
> objectClass: puidObject
> objectClass: uidObject
> cn: WILLIAM IRVIN BORMANN
> givenName: WILLIAM
> sn: BORMANN
> employeeNumber: 10099899
> uid: wbormann
>
> # search result
> search: 2
> result: 32 No such object
>
> # numResponses: 2
> # numEntries: 1
>
> ===================================================================
>
> The log for the search looks like:
>
> ===================================================================
>
> May 17 13:54:01 jaas slapd[20049]: slapd starting
> May 17 13:54:19 jaas slapd[20048]: conn=0 fd=10 ACCEPT from
> IP=128.210.177.118:40687 (IP=128.210.177.118:2490)
> May 17 13:54:19 jaas slapd[20054]: conn=0 op=0 BIND dn="" method=128 May
> 17 13:54:19 jaas slapd[20054]: conn=0 op=0 RESULT tag=97 err=0 text= May
> 17 13:54:19 jaas slapd[20054]: conn=0 op=1 SRCH
> base="uid=wbormann,cn=users,dc=purdue,dc=edu" scope=0 deref=0
> filter="(objectClass=*)"
> May 17 13:54:19 jaas slapd[20054]: conn=0 op=1 SEARCH RESULT tag=101
> err=32 nentries=1 text=
> May 17 13:54:19 jaas slapd[20054]: conn=0 op=2 UNBIND
> May 17 13:54:19 jaas slapd[20054]: conn=0 fd=10 closed
>
> ===================================================================
>
> The configuration file for the cn=users,dc=purdue,dc=edu portion looks
> like:
>
> ===================================================================
>
> #
> # Global Directives
> #
> #
> access to dn.base="" by * read
> access to dn.base="dc=purdue,dc=edu"
> by * read
> #######################################################################
> # Meta directory rules for cn=users,dc=purdue,dc=edu
> #######################################################################
>
> database meta
> lastmod off
> suffix "dc=purdue,dc=edu"
>
> #
> # Rewrite rules for user authentication against I2A2
> #
> uri
> "ldaps://dbm.i2a2.purdue.edu:636/cn=users,dc=purdue,dc=edu"
> suffixmassage "cn=users,dc=purdue,dc=edu"
> "ou=authenticate,dc=purdue,dc=edu"
> map objectclass * *
> map attribute employeeNumber puid
>
> #
> # Local Access Rules
> #
>
> access to dn.subtree="cn=users,dc=purdue,dc=edu"
> by * read
> by anonymous auth
>
> ===================================================================
>
> What I don't understand is why an error is being reported but data is
> being returned. Isn't this incorrect?
>
> --
> William I. Bormann
> IT Security and Privacy
> Phone: 496-3186
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497