[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Resolving aliasedobjectname(s)

Quanah Gibson-Mount wrote:
You fail to mention what version of OpenLDAP you are running, which would
be useful information.  But I would not that if you have a poorly designed
DIT, this may be the expected behavior as the query will look at every
entry in the scope.

It will look at every *alias* in the scope.

For the original question:

dn: uid=alias,ou=People,dc=example,dc=net
 objectclass: alias
 objectclass: extensibleObject
 uid: alias
 aliasedobjectname: uid=target,ou=Retired People,dc=example,dc=com

... then

ldapsearch -x -a always -b uid=alias,ou=People,dc=example,dc=net 'objectclass=*'

will return results from the "target" DN.

Yes, this would give the same result as a subtree search with a baseDN of uid=target,ou=Retired People,...

Should the same results be expected from searching with ...

ldapsearch -x -a always -b ou=People,dc=example,dc=net uid=alias

... assuming uid was indexed for equality.

Probably not, because the filters are not the same. This search would only return results that match the (uid=alias) filter. If all of the entries in the target branch have a matching uid attribute, then the result sets might look the same.
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/