[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: questions on overlay sssvlv

To: Nicolas RENAULT <nicolas_renault@yahoo.fr>, openldap-technical@openldap.org
Subject: Re: questions on overlay sssvlv
From: Howard Chu <hyc@symas.com>
Date: Wed, 05 Nov 2014 09:39:54 +0000
In-reply-to: <5459ED48.4090202@yahoo.fr>
References: <5459ED48.4090202@yahoo.fr>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0 SeaMonkey/2.32a1

Nicolas RENAULT wrote:

Hello,

I already post some question about this but without succes, perhaps because i
made a mistake and replys in another question thread.
So I restart here.

testing env so i can make all that i want.

openldap 2.4.40 build on opensuse 13.1.
try to make a proxy ldap, with use of meta to relay informations from one AD ,
one EDir and one openLDAP. (just use openLDAP for now)

I create a database to get locally the root "dc=example,dc=fr" and firstlevel
OU : "ou=TOUT,dc=example,dc=fr" , "ou=TEST,dc=example,dc=fr"
I bind the openLDAP on "ou=LDAP,ou=TOUT,dc=example,dc=fr"
I add users on the local ou "TEST"

simple requests are working without problem. (on "TEST" and on "TOUT" )

activate sssvlv on slapd.conf (because of meta)


back-meta supports dynamic config, this is not a reason to use slapd.conf.

globally (ie before the statement for the meta database)

                            overlay sssvlv

just this line.

when a try this search

ldapsearch -E 'sss=displayName' -H ldap://localhost -x -D
"cn=Manager,dc=example,dc=fr" -b "ou=TEST,dc=example,dc=fr" -w xxxx -s sub
"(&(objectClass=user)(displayName=ag*))" displayName

I got the user list sort by display name  ( they are local user)

when i try this :

ldapsearch -E 'sss=displayName' -H ldap://localhost -x -D
"cn=Manager,dc=example,dc=fr" -b "ou=LDAP,ou=TOUT,dc=example,dc=fr" -w xxxx -s
sub "(&(objectClass=user)(displayName=ag*))" displayName

I got this :


# extended LDIF
#
# LDAPv3
# base <ou=LDAP,ou=TOUT,dc=example,dc=fr> with scope subtree
# filter: (&(objectClass=user)(displayName=ag*))
# requesting: displayName
# with server side sorting control
#

# search result
search: 2
result: 0 Success
control: 1.2.840.113556.1.4.474 false MAMKAQA=
sortResult: (0) Success

# numResponses: 1

I understand that the request as been successfull but whitout any results ?

any idea ?

I'm thinking of a problem with :
* bad place for "overlay ssvlv" in slapd.conf (actually it take place juste
after moduleload section and just before the ACL statements


Then test with the overlay moved somewhere else.

* problem with remap attribute when asking the distant LDAP


Then test without remapping.

* overlay sssvlv not working with meta ?


Then test without sssvlv.

but need some clues to find where is the problem.

Regards

--
Nicolas



--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Follow-Ups:
- Re: questions on overlay sssvlv
  - From: Nicolas RENAULT <nicolas_renault@yahoo.fr>

References:
- questions on overlay sssvlv
  - From: Nicolas RENAULT <nicolas_renault@yahoo.fr>

Prev by Date: questions on overlay sssvlv
Next by Date: PFS: ITS#7506 in master but not in release
Index(es):
- Chronological
- Thread