[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Unique overlay confusing

Hi Michael,

On Wed, Aug 08, 2018 at 12:51:53PM +0200, Michael Ströder wrote:
> On 8/8/18 12:46 PM, Ervin Hegedüs wrote:
> >On Wed, Aug 08, 2018 at 12:36:06PM +0200, Michael Ströder wrote:
> >>*and*
> >>re-index the DB?
> >
> >no. (never)
> 
> Please check whether the search (mail=foo@example.com) really returns the
> existing entries.

# slapindex -n 1
...

# ... modified the entry's mail to an existing one...

# ldapsearch -vvv -x -H ldaps://dev-ldap-01:636 -b "dc=hu" -D "admin..." -w "mail=airween@company.hu" | grep ^mail
ldap_initialize( ldaps://dev-ldap-01:636/??base )
Enter LDAP Password: 
filter: mail=airween@company.hu
requesting: All userApplication attributes
mail: airween@company.hu
mail: airween@company.hu

(there are two entries)

# ... rollback the modification ...

# ldapsearch -vvv -x -H ldaps://dev-ldap-01:636 -b "dc=hu" -D "admin..." -w "mail=airween@company.hu" | grep ^mail
ldap_initialize( ldaps://dev-ldap-01:636/??base )
Enter LDAP Password: 
filter: mail=airween@company.hu
requesting: All userApplication attributes
mail: airween@company.hu

(there is only one entry)


relevant output of 'slapcat -b cn=config':

dn: cn=module{2},cn=config
objectClass: olcModuleList
cn: module{2}
olcModulePath: /usr/lib/ldap/
olcModuleLoad: {0}unique.la
structuralObjectClass: olcModuleList

...

dn: olcOverlay={1}unique,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcUniqueConfig
olcOverlay: {1}unique
olcUniqueURI: ldap:///?uid?sub?
olcUniqueURI: ldap:///?mail?sub?
olcUniqueURI: ldap:///?uidNumber?sub?
olcUniqueURI: ldap:///?sn?sub?
olcUniqueURI: ldap:///?cn?sub?
olcUniqueURI: ldaps:///?uid?sub?
olcUniqueURI: ldaps:///?mail?sub?
olcUniqueURI: ldaps:///?uidNumber?sub?
olcUniqueURI: ldaps:///?sn?sub?
olcUniqueURI: ldaps:///?cn?sub?

...

dn: olcDatabase={1}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {1}mdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=hu
...
olcDbIndex: objectClass eq
olcDbIndex: cn,uid eq
olcDbIndex: uidNumber,gidNumber eq
olcDbIndex: member,memberUid eq
olcDbIndex: mail eq
olcDbIndex: sn eq


Thanks,



a.