[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: aliasedObject not found

Andreas Schoe <andi@gfz-potsdam.de> writes:

> Hello,
> I post the operation with debug level "-1". I can read out an error with
> the indexed DB dn2id, the suffix is called "cn=intern,dc=de" and in the
> logs there is an entry "c=intern,dc=de". For testing the server is
> contacted by the manager account.

A search with rootdn disables all access rules, and slapd -d acl would
have shown acl parsing. But anyhow...

> base="cn=alias,ou=Groups,dc=extern,dc=de" scope=2 deref=3 filter="(cn=*)"
> [ID 325447 local4.debug] => bdb_search
> [ID 449132 local4.debug] bdb_dn2entry("cn=alias,ou=groups,dc=extern,dc=de")
> [ID 449132 local4.debug] bdb_dn2entry("cn=alias,ou=groups,dc=intern,dc=de")
> [ID 603319 local4.debug] => bdb_dn2id("c=intern,dc=de")
> [ID 433641 local4.debug] <= bdb_dn2id: get failed: DB_NOTFOUND: No
> matching key/data pair found (-30988)
> [ID 923158 local4.debug] => access_allowed: disclose access to
> "cn=alias,ou=Groups,dc=extern,dc=de" "entry" requested
> [ID 592946 local4.debug] <= root access granted
> [ID 384072 local4.debug] => access_allowed: disclose access granted by
> manage(=mwrscxd)
> [ID 131099 local4.debug] send_ldap_result: conn=1389 op=1 p=3
> [ID 291653 local4.debug] send_ldap_result: err=33
> matched="cn=alias,ou=Groups,dc=extern,dc=de" text="aliasedObject not found"
> [ID 324658 local4.debug] send_ldap_response: msgid=2 tag=101 err=33
> [ID 832699 local4.debug] conn=1389 op=1 SEARCH RESULT tag=101 err=33
> nentries=0 text=aliasedObject not found

The result is quite clear, the object ou=groups,dc=intern,dc=de does
not exist within the servers naming context.
> This will pick up the group account:
> ldapsearch -x -h ldap.intern.de -b "cn=alias,ou=Groups,dc=intern,dc=de"
> '(cn=*)'

It seems that you either connect to a different host or to a different
search base. In both cases you cannot dereference an alias, you should
probably create referrals.


Dieter Klünter | Systemberatung