[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OL 2.2.23 extensible matching on dn components

On Tue, 1 Mar 2005, Dariush Forouher wrote:

OpenLDAP 2.2.23 BDB 4.3.27 Backend: back-bdb Debian GNU/Linux 3.0

I've experiencing the same odd behavour after upgrading from 2.1.30 to
2.2.23 last weekend.

For example:

$ ldapsearch -LLL -x -b "dc=brgs,dc=org" "(ou:dn:=Sonstige)" dn
dn: ou=Sonstige,ou=People,dc=brgs,dc=org

returns only the ou entry itself but not the entries below:

$ ldapsearch -LLL -x -b "ou=Sonstige,ou=People,dc=brgs,dc=org" dn
dn: ou=Sonstige,ou=People,dc=brgs,dc=org

dn: uid=flow,ou=Sonstige,ou=People,dc=brgs,dc=org

dn: uid=floriankaine,ou=Sonstige,ou=People,dc=brgs,dc=org

dn: uid=cormoran,ou=Sonstige,ou=People,dc=brgs,dc=org

dn: uid=bronietzki,ou=Sonstige,ou=People,dc=brgs,dc=org


I'm open to any suggestions on how to fix/workaround this but it looks like a slapd-sided bug in my eyes...

Thanks for confirming this. At the moment, I've done nothing further about it (e.g., filing an ITS) other than to rewrite some local routines to avoid using extensible matching on the ou dn component in search filters. Luckily, our DIT is pretty small. I hope to spend some more time with the problem this week.

For anyone else who's following this, I neglected to mention that
the problem occurs even when I bind as rootdn, eliminating my ACLs
as a source of the problem.

  Kirk Turner-Rustin       | Programmer/Analyst
  Ohio Wesleyan University | Libraries and Information Services
  http://www.owu.edu       | http://lis.owu.edu