[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Alias dereferencing



Compiled from source, version current OpenLDAP RE24 (from GIT)

./configure --prefix=/opt/openldap

Data was added with same ldapadd progy, schema is the same version.

Here it is - config, slapcat from slapd.d (lengthy schema omitted):


dn: cn=config
objectClass: olcGlobal
cn: config
olcArgsFile: /opt/openldap/var/run/slapd.args
olcLogLevel: none
olcPidFile: /opt/openldap/var/run/slapd.pid
structuralObjectClass: olcGlobal
creatorsName: cn=config
entryUUID: a8df00ce-80fb-1031-8652-fff9cf1d6a3e
createTimestamp: 20120822232009Z
olcServerID: 1 ldap://spr1.lab.os
olcServerID: 2 ldap://spr2.lab.os
olcThreads: 2
olcToolThreads: 32
olcIdleTimeout: 10
entryCSN: 20130402101823.578807Z#000000#001#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20130402101823Z
contextCSN: 20130402101823.578807Z#000000#001#000000
contextCSN: 20130329141804.133907Z#000000#002#000000

dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema
structuralObjectClass: olcSchemaConfig
entryUUID: 9c79c918-80fb-1031-92fa-11190a1d893e
creatorsName: cn=config
createTimestamp: 20120822231948Z
entryCSN: 20120822231948.419573Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20120822231948Z

snip-----------------------------------------------------------------------------------------snip

dn: olcBackend={0}mdb,cn=config
objectClass: olcBackendConfig
olcBackend: {0}mdb
structuralObjectClass: olcBackendConfig
entryUUID: 8c59fb88-2cc3-1032-9b7c-c7b2eb845e03
creatorsName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
createTimestamp: 20130329135149Z
entryCSN: 20130329135149.548491Z#000000#001#000000
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20130329135149Z

dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external
 ,cn=auth manage by * break
olcAccess: {1}to dn.exact="" by * read
olcAccess: {2}to dn.base="cn=Subschema" by * read
structuralObjectClass: olcDatabaseConfig
creatorsName: cn=config
entryUUID: a8df0ace-80fb-1031-8653-fff9cf1d6a3e
createTimestamp: 20120822232009Z
olcSizeLimit: 5000000
entryCSN: 20130326133336.496532Z#000000#001#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20130326133336Z

dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external
 ,cn=auth manage by * break
structuralObjectClass: olcDatabaseConfig
entryUUID: a8df1960-80fb-1031-8654-fff9cf1d6a3e
creatorsName: cn=config
olcRootDN: cn=admin,cn=config
createTimestamp: 20120822232009Z
olcRootPW:: e1NTSEF9eDRVRTBiV2Z4YnFSNnZDVDdKRWEwSWRhWFRhMDN2M3I=
olcSyncrepl: {0}rid=001 provider=ldap://spr1.lab.os binddn="cn=admin,cn=config
 " bindmethod=simple credentials=siemens searchbase="cn=config" type=refreshAn
 dPersistretry="5 5 300 5" timeout=1
olcSyncrepl: {1}rid=002 provider=ldap://spr2.lab.os binddn="cn=admin,cn=config
 " bindmethod=simple credentials=siemens searchbase="cn=config" type=refreshAn
 dPersistretry="5 5 300 5" timeout=1
olcMirrorMode: TRUE
entryCSN: 20130329141804.133907Z#000000#002#000000
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20130329141804Z

dn: olcOverlay={0}syncprov,olcDatabase={0}config,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
structuralObjectClass: olcSyncProvConfig
creatorsName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
entryUUID: 36e07d68-2cc7-1032-8bf6-1905ee7d8e9d
createTimestamp: 20130329141804Z
entryCSN: 20130329141804.132859Z#000000#002#000000
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20130329141804Z

dn: olcDatabase={1}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {1}mdb
olcDbDirectory: /opt/openldap/var/openldap-data
olcSuffix: dc=spr
olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymou
 s auth by dn="cn=admin,dc=spr" write by * none
olcAccess: {1}to attrs=shadowLastChange by self write by * read
olcAccess: {2}to dn.base="" by * read
olcAccess: {3}to * by self write by dn="cn=admin,dc=spr" write by * read
olcLastMod: TRUE
olcRootDN: cn=admin,dc=spr
olcRootPW:: e1NTSEF9eDRVRTBiV2Z4YnFSNnZDVDdKRWEwSWRhWFRhMDN2M3I=
olcDbCheckpoint: 4096 10
olcDbNoSync: TRUE
olcDbMaxSize: 107374182400
structuralObjectClass: olcMdbConfig
entryUUID: 804a8ede-2cc3-1032-9b7a-c7b2eb845e03
creatorsName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
createTimestamp: 20130329135129Z
olcDbIndex: objectClass eq
olcDbIndex: uid eq
olcDbIndex: MSISDN eq
olcDbIndex: IMSI eq
olcDbIndex: pfUsername eq
olcDbIndex: entryCSN eq
olcDbIndex: entryUUID eq
olcDbIndex: contextCSN eq
olcMirrorMode: TRUE
olcSyncrepl: {0}rid=003 provider=ldap://spr1.lab.os binddn="cn=admin,dc=spr" b
 indmethod=simple credentials=siemens searchbase="dc=spr" type=refreshOnly int
 erval=00:00:00:10 retry="5 5 300 5" timeout=1
olcSyncrepl: {1}rid=004 provider=ldap://spr2.lab.os binddn="cn=admin,dc=spr" b
 indmethod=simple credentials=siemens searchbase="dc=spr" type=refreshOnly int
 erval=00:00:00:10 retry="5 5 300 5" timeout=1
entryCSN: 20130329141637.442296Z#000000#002#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20130329141637Z

dn: olcOverlay={0}syncprov,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
structuralObjectClass: olcSyncProvConfig
creatorsName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
entryUUID: e2aa5b24-2cc6-1032-8bf5-1905ee7d8e9d
createTimestamp: 20130329141542Z
entryCSN: 20130329141542.849443Z#000000#002#000000
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20130329141542Z


Output from ldapsearch done on server with mdb:

root@test7kde:~# ldapsearch -x -h 172.17.103.200 -D cn=admin,dc=spr -s sub -a always -W -b pfUsername=user1,dc=USERNAME,dc=spr
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <pfUsername=user1,dc=USERNAME,dc=spr> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 2
result: 0 Success

# numResponses: 1

Output from ldapsearch done on server with hdb:

root@test7kde:~# ldapsearch -x -h 172.17.103.215 -D cn=admin,dc=spr -s sub -a always -W -b pfUsername=user1,dc=USERNAME,dc=spr
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <pfUsername=user1,dc=USERNAME,dc=spr> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# 1, USERS, STANDARD, SPR
dn: uid=1,ds=USERS,o=STANDARD,dc=SPR
objectClass: sprUser
uid: 1

# userData, 1, USERS, STANDARD, SPR
dn: subdata=userData,uid=1,ds=USERS,o=STANDARD,dc=SPR
roamingAllowed: TRUE
objectClass: sprUserData
subdata: userData
prepaidFlag: TRUE
sn: TestProv
pfUsername: user1
givenName: pcrfUser
loginPassword: 123
pfPassword: 123

# applicationData, 1, USERS, STANDARD, SPR
dn: subdata=applicationData,uid=1,ds=USERS,o=STANDARD,dc=SPR
objectClass: sprUserData
subdata: applicationData

# aaa, applicationData, 1, USERS, STANDARD, SPR
dn: ds=aaa,subdata=applicationData,uid=1,ds=USERS,o=STANDARD,dc=SPR
objectClass: sprDs
ds: aaa

# 2g3g, aaa, applicationData, 1, USERS, STANDARD, SPR
dn: ds=2g3g,ds=aaa,subdata=applicationData,uid=1,ds=USERS,o=STANDARD,dc=SPR
objectClass: sprDs
ds: 2g3g

# pcrf, aaa, applicationData, 1, USERS, STANDARD, SPR
dn: ds=pcrf,ds=aaa,subdata=applicationData,uid=1,ds=USERS,o=STANDARD,dc=SPR
objectClass: sprDs
ds: pcrf

# 2g3gProf, 2g3g, aaa, applicationData, 1, USERS, STANDARD, SPR
dn: subdata=2g3gProf,ds=2g3g,ds=aaa,subdata=applicationData,uid=1,ds=USERS,o=S
 TANDARD,dc=SPR
service2g3g: defaultService
profile2g3g: profile1
productCode2g3g: prodCode
barringStatus2g3g: barringStatus
objectClass: spr2g3gUser
uniqueId2g3g: user1
apnGroup2g3g: apnGG
provider2g3g: me-myself-and-i
framedIPAddress2g3g: 1.1.1.1
accountGroup2g3g: acctGroup
subdata: 2g3gProf
msisdn: 1234560001
flagStatus2g3g: flagStatus
class2g3g: classs
type2g3g: type
creationDate2g3g: 01.10.2010.
classification2g3g: 111
poolGroup2g3g: poolGroup
status2g3g: ACTIVE

# pcrfProf, pcrf, aaa, applicationData, 1, USERS, STANDARD, SPR
dn: subdata=pcrfProf,ds=pcrf,ds=aaa,subdata=applicationData,uid=1,ds=USERS,o=S
 TANDARD,dc=SPR
profile: 3100
totalUsedVolume: 3
msisdn: 1234560001
objectClass: sprPcrfProf
totalMaximumVolume: 5
imsi: 1991234560001
subdata: pcrfProf
subscriberServiceProfile: TM00003100
featureList: Faeture1
paymentTypexy: NeverPaid
pfUsername: user1
tariffId: 1
pcrfServiceId: 3100

# search result
search: 2
result: 0 Success

# numResponses: 9
# numEntries: 8






On Thu, Apr 18, 2013 at 4:11 PM, Quanah Gibson-Mount <quanah@zimbra.com> wrote:
--On Thursday, April 18, 2013 1:55 PM +0200 Saša-Stjepan Bakša <ssbaksa@gmail.com> wrote:




I am using alias dereferencing with hdb backed because that was
application requirement. Now I am switching to mdb but I can't get the
same answer with ldapsearch.

Does dereferencing work for mdb?

OpenLDAP version?  Example configuration?

--Quanah

--

Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration