directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRSERVER-1616) LDAP searchRequest to Apache DS will not Return Exoected Results
Date Sun, 17 Apr 2011 09:00:05 GMT

    [ https://issues.apache.org/jira/browse/DIRSERVER-1616?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13020743#comment-13020743
] 

Emmanuel Lecharny commented on DIRSERVER-1616:
----------------------------------------------

You most certainly added the ObjectClass in the schema with existing entries present in the
base.

Let me explain : when you ad entries into the base, the server computes all the index this
entry uses, and update them. If you add some new ObjectClass into the server, it does not
update indexes, and if you modify an entry using this new ObjectClass, it's likely the index
is not updated too.

Can you confirm this scenario ? Because if it's what happened, it's a bug in the way we handled
indexed attributes when we do a modify.

Thanks !

> LDAP searchRequest to Apache DS will not Return Exoected Results
> ----------------------------------------------------------------
>
>                 Key: DIRSERVER-1616
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1616
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: ldap
>    Affects Versions: 1.5.7
>         Environment: Cent OS 5.5 x64
> Java Version "1.6.0_17"
> OpenJDK Runtime Environment (IcedTea6 1.7.5) (rhel-1.16.b17.el-x86_64)
> OpenJDK 64-Bit Server VM (build 14.0-b16,mixed mode)
>            Reporter: Jeffrey Reynolds
>            Priority: Critical
>
> When searching my directory via LDAP searchRequests, I receive erroneous results.  If
an object is created with an object class:
> dn: uid=user,ou=People,dc=example,dc=com
> changetype: add
> objectClass: sambaSamAccount
> objectClass: posixAccount
> objectClass: shadowAccount
> objectClass: top
> objectClass: person
> objectClass: inetOrgPerson
> objectClass: organizationalPerson
> gidnumber: 513
> homedirectory: /home/user
> sambaSID: XXX
> uidnumber: 30010
> cn: user
> sn: user
> uid: user
> Then:
> ldapsearch -h localhost -p 389 -b "ou=People,dc=example,dc=com" "objectclass=posixAccount"
-x
> Will return the new user.  However, if extra object classes are added to a previously
existing user:
> dn: uid=user,ou=People,dc=example,dc=com
> changetype: modify
> add: objectClass
> objectClass: sambaSamAccount
> objectClass: posixAccount
> objectClass: shadowAccount
> -
> add: gidnumber
> gidnumber: 513
> -
> add: homedirectory
> homedirectory: /home/user
> -
> add: sambaSID
> sambaSID: XXX
> -
> add: uidnumber
> uidnumber: 30010
> Then:
> ldapsearch -h localhost -p 389 -b "ou=People,dc=example,dc=com" "objectclass=posixAccount"
-x
> Will not return the user.  However, any successful changes made will be visible if the
user itself is queried.  IE, I will be able to see all the changes I made, I just won't be
able to use any of them to search for the object.  This has been tested using both ldapmodify
and Apache Directory Studio 1.5.3.  This has caused issues in our transition to using LDAP
to authenticate our Samba servers.  Please let me knoe if any more information is needed.
 Thanks!

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message