Re: ldapsearch does not work properly

[Prentice Bisbal <prentice@ias.edu>]

Any chance that the entry for s_sarwar is the 501st entry in your
directory?

In slapd.conf the sizelimit is usually set to 500, which means that
slapd will only return the first 500 entries it finds. This limit
doesn't apply to the administrator account. In your slapd.conf file
change your sizelimit to "unlimited":

sizelimit       unlimited

and see if that fixes your problem.


Martin Jungowski wrote:
> I'm facing a weird problem with ldapsearch on our companies CentOS 
> OpenLDAP Server (CentOS 5.5, OpenLDAP 2.3.43-12.el5). Our DIT is as 
> follows:
> 
> o=company_name,c=country,ou=branch,ou=pool
> 
> Within that pool are all users of that particular branch office. With 
> some of those ldapsearch does not return a result when the search base is 
> o=company_name but does return one starting with c=country,o=company_name:
> 
> martin/linux2$ ldapsearch -x -h icld -b c=de,o=company_name uid | grep dn 
> | grep s_sarwar
> dn: uid=s_sarwar,ou=pool,ou=branch,c=de,o=company_name
> martin/linux2$ ldapsearch -x -h icld -b o=company_name uid | grep dn | 
> grep s_sarwar
> martin/linux2$
> 
> With other users within that same branch it works as expected:
> 
> martin/linux2$ ldapsearch -x -h icld -b c=de,o=company_name uid | grep dn 
> | grep t_ceylan
> dn: uid=t_ceylan,ou=pool,ou=branch,c=de,o=company_name
> martin/linux2$ ldapsearch -x -h icld -b o=company_name uid | grep dn | 
> grep t_ceylan
> dn: uid=t_ceylan,ou=pool,ou=branch,c=de,o=company_name
> martin/linux2$
> 
> It does work for s_sarwar when I use the admin account to bind to in 
> ldapsearch but my understanding is that it should work without it as 
> well. We have no roles, no ACLs, no encryption, no nothing in that 
> server. Simple authentication, nothing complicated.
> 
> Any ideas?
> Martin
> 

Prentice