[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: "No such object" error with translucent overlay and base scope search

Thanks, Howard. Your hint about translucent_local allowed me to solve the problem. I looked again at the actual query we were using. It had objectClass in the filter. In our translucent config we have objectClass as both translucent_local and translucent_remote. If I change the filter to something that isn't tagged with translucent_local then the remote entry is returned and there is no error from a local search.


-----Original Message-----
From: Howard Chu [mailto:hyc@symas.com] 
Sent: Wednesday, July 10, 2013 11:40 AM
To: Steve Eckmann; openldap-technical@openldap.org
Subject: Re: "No such object" error with translucent overlay and base scope search

Steve Eckmann wrote:
> We found that we get a "No such object" error from the translucent 
> overlay when we do a search like this:
>   ldapsearch -x -H ldaps://localhost -LLL \
>       -b "cn=John Doe,ou=Users,dc=example,dc=com" -s base \
>       -D "cn=admin,dc=example,dc=com" -w admin \
>       '(&)'
> if there is no entry for "cn=John Doe,ou=Users,dc=example,dc=com" in 
> the local database, whether or not the remote entry exists. It seems 
> like a mistake for the translucent overlay to report an error if the 
> remote entry exists, since it only means that we haven't added any 
> local attributes yet. Is there a way to suppress the error result when 
> the proxied server returns an entry, so we don't have to hack around this weirdness in our client?

Re-read the slapo-translucent manpage, check your local/remote configuration. 
The overlay won't query the remote server if you've only specified translucent_local attributes.

   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/