directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeffrey Reynolds (JIRA)" <j...@apache.org>
Subject [jira] [Created] (DIRSERVER-1616) LDAP searchRequest to Apache DS will not Return Exoected Results
Date Sun, 17 Apr 2011 04:03:05 GMT
LDAP searchRequest to Apache DS will not Return Exoected Results
----------------------------------------------------------------

                 Key: DIRSERVER-1616
                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1616
             Project: Directory ApacheDS
          Issue Type: Bug
          Components: ldap
    Affects Versions: 1.5.7
         Environment: Cent OS 5.5 x64

Java Version "1.6.0_17"
OpenJDK Runtime Environment (IcedTea6 1.7.5) (rhel-1.16.b17.el-x86_64)
OpenJDK 64-Bit Server VM (build 14.0-b16,mixed mode)
            Reporter: Jeffrey Reynolds
            Priority: Critical


When searching my directory via LDAP searchRequests, I receive erroneous results.  If an object
is created with an object class:

dn: uid=user,ou=People,dc=example,dc=com
changetype: add
objectClass: sambaSamAccount
objectClass: posixAccount
objectClass: shadowAccount
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: organizationalPerson
gidnumber: 513
homedirectory: /home/user
sambaSID: XXX
uidnumber: 30010
cn: user
sn: user
uid: user

Then:

ldapsearch -h localhost -p 389 -b "ou=People,dc=example,dc=com" "objectclass=posixAccount"
-x

Will return the new user.  However, if extra object classes are added to a previously existing
user:

dn: uid=user,ou=People,dc=example,dc=com
changetype: modify
add: objectClass
objectClass: sambaSamAccount
objectClass: posixAccount
objectClass: shadowAccount
-
add: gidnumber
gidnumber: 513
-
add: homedirectory
homedirectory: /home/user
-
add: sambaSID
sambaSID: XXX
-
add: uidnumber
uidnumber: 30010

Then:

ldapsearch -h localhost -p 389 -b "ou=People,dc=example,dc=com" "objectclass=posixAccount"
-x

Will not return the user.  However, any successful changes made will be visible if the user
itself is queried.  IE, I will be able to see all the changes I made, I just won't be able
to use any of them to search for the object.  This has been tested using both ldapmodify and
Apache Directory Studio 1.5.3.  This has caused issues in our transition to using LDAP to
authenticate our Samba servers.  Please let me knoe if any more information is needed.  Thanks!


--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message