[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Inconsistant results with meta backend,
Essentially, (at least) one of the targets is returning that error, while
others are returning entries. My guess is that the back-meta is trying to
speculate, in presence of an error and results, what's better to return,
and does both. Usually, no such object is something bad, e.g. you
searched witha a nonexistent base. If you search with scope "base", then
back-meta must be able to detect what target must serve that search;
something similar if yous earch with scope "one"; if you search with scope
"subtree", the base should be legal for all the targets. If you search
with a legal base, the worst you can get is an empty result set.
I note that you're showing only one target. Unless you intentionally
stripped the rest of your configuration, if all you need is naming context
rewrite for a single proxy, then use back-ldap and the suffixmassage
directive. This will save you a lot of headaches.
p.
> Hi, I'm trying to tie together several AD & LDAP directories, using the
> meta backend, and I'm getting some very odd search results.
>
> Esentially, a search does return the expected objects, however it also
> returns a result: 32 No such object error, which is confusing me and the
> client software (phpldapadmin and outlook). Both these client applications
> fail on searches, simply showing a No such object error, whereas
> ldapsearch shows me the results, then shows the error.
>
> I'm running openldap 2.2.14, on a Redhat 9 workstation.
>
> Does anyone have any clues as to what I've done wrong?
>
> my slapd.conf looks like this:
> ----------------------------------------------------------------------------------------------------------------------------------
> include /opt/openldap-2.2.14/etc/openldap/schema/core.schema
> access to *
> by self write
> by users read
> by anonymous auth
>
> database meta
> suffix "dc=metadomain,dc=com"
> lastmod off
> uri " ldap://server.realdomain.com:389/dc=metadomain,dc=com";
> default-target
> rewriteEngine on
> rewriteContext default
> rewriteRule "(.*)dc=metadomain,dc=com$"
> "%1dc=realdomain,dc=com"
> rewriteContext searchResult
> rewriteRule "(.*)dc=realdomain,dc=com$"
> "%1dc=metadomain,dc=com"
> rewriteContext searchAttrDN alias searchResult
> rewriteContext matchedDN alias searchResult
> ----------------------------------------------------------------------------------------------------------------------------------
>
> my ldapsearch result for:
> ldapsearch -x -D [binddn] -W -b dc=metadomain,dc=com -s sub -h localhost
> -z 5000 -A -C (cn=tristan*)
> ----------------------------------------------------------------------------------------------------------------------------------
> # extended LDIF
> #
> # LDAPv3
> # base <dc=metadomain,dc=com> with scope sub
> # filter: (cn=tristan*)
> # requesting: ALL
> #
>
> # Tristan Ball, User Accounts - IT, Exchange, metadomain.com
> dn: CN=Tristan Ball,OU=User Accounts - IT,OU=Exchange,dc=metadomain,dc=com
> cn:
> description:
> mail:
> givenName:
> distinguishedName:
> objectClass:
> name:
> sn:
> telephoneNumber:
>
> # Tristan Downs, User Accounts - IPL, Exchange, metadomain.com
> dn: CN=Tristan Downs,OU=User Accounts -
> IPL,OU=Exchange,dc=metadomain,dc=com
> cn:
> description:
> mail:
> givenName:
> distinguishedName:
> objectClass:
> name:
> sn:
> telephoneNumber:
>
> # search result
> search: 2
> result: 32 No such object
>
> # numResponses: 3
> # numEntries: 2
> ----------------------------------------------------------------------------------------------------------------------------------
>
>
> Any help or clues will be greatly appreciated! :-)
>
> T.
>
> ------------------------------------------------------------------
> Tristan Ball
> System Administrator, Vision Systems
> www.vsl.com.au <http://www.vsl.com.au/>
> Phone: +61 3 9211 7064
> Email: Tristan.Ball@vsl.com.au
>
>
>
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497