[Date Prev][Date Next] [Chronological] [Thread] [Top]

how to configure deref overlay

It seems few use deref overlay. This feature is mentioned on feature listâ, but there is no manual for the overlay; only one line is about it in ldapsearch(1) manual. In the last years, only one person mentioned it in 2009 on this mailing list, and his question was unanswered.

I observed this is the way it is supposed to work:

$ ldapsearch -E deref=secretary:sn

Would put the surname of the secretary as the value of 'secretary' attribute.

In reality this search extension complains the "control is unavailable in context". I am afraid loading the model is not enough, it has to be configured first, somewhere in cn=config, but couldn't find any document.

	$ ldapsearch -x -E '!deref=secretary:sn' cn=Betsy secretary
	# extended LDIF
	# LDAPv3
	# base <dc=example,dc=com> (default) with scope subtree
	# filter: cn=Betsy
	# requesting: secretary with dereference critical control

	# search result
	search: 2
	result: 12 Critical extension is unavailable
	text: critical control unavailable in context

	# numResponses: 1

This is how I loaded the module (slapd didn't produce error in log, thus I consider it is loaded):

	$ slapcat -s cn=config | grep -C 8 deref
	entryCSN: 20130803010832.965676Z#000000#000#000000
	modifiersName: cn=config
	modifyTimestamp: 20130803010832Z

	dn: cn=module{1},cn=config
	objectClass: olcModuleList
	cn: module{1}
	olcModulePath: /usr/lib/ldap
	olcModuleLoad: {0}deref
	structuralObjectClass: olcModuleList
	entryUUID: cdb88ba8-9131-1032-8334-7700fe3e5919
	creatorsName: cn=admin,cn=config
	createTimestamp: 20130804091300Z
	entryCSN: 20130804091300.138105Z#000000#000#000000
	modifiersName: cn=admin,cn=config
	modifyTimestamp: 20130804091300Z

Here is the data I am experimenting with, very minimalism:

 	$ ldapsearch -x objectClass=pilotPerson
 	# extended LDIF
 	# LDAPv3
 	# base <dc=example,dc=com> (default) with scope subtree
 	# filter: objectClass=pilotPerson
 	# requesting: ALL

 	# David, editors
 	dn: cn=David,ou=editors,dc=example,dc=com
 	cn: David
 	objectClass: pilotPerson
 	objectClass: person
 	objectClass: top
 	sn: Jones

 	# Betsy, editors
 	dn: cn=Betsy,ou=editors,dc=example,dc=com
 	cn: Betsy
 	objectClass: pilotPerson
 	objectClass: person
 	objectClass: top
 	sn: Shwan
 	secretary: cn=David,ou=editors,dc=example,dc=com

 	# search result
 	search: 2
 	result: 0 Success

 	# numResponses: 3
 	# numEntries: 2

Any hint on how to make it work? Or more importantly, was there anyone using the overlay at all??


P.S. the email subject intends to guide googlers to land in this discussion.

â http://www.openldap.org/faq/data/cache/645.html