From dev-return-37783-apmail-directory-dev-archive=directory.apache.org@directory.apache.org Sun Apr 17 09:10:55 2011 Return-Path: Delivered-To: apmail-directory-dev-archive@www.apache.org Received: (qmail 98353 invoked from network); 17 Apr 2011 09:10:55 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 17 Apr 2011 09:10:55 -0000 Received: (qmail 82309 invoked by uid 500); 17 Apr 2011 09:10:55 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 82088 invoked by uid 500); 17 Apr 2011 09:10:46 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 82019 invoked by uid 99); 17 Apr 2011 09:10:44 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 17 Apr 2011 09:10:44 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED,T_RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.116] (HELO hel.zones.apache.org) (140.211.11.116) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 17 Apr 2011 09:10:42 +0000 Received: from hel.zones.apache.org (hel.zones.apache.org [140.211.11.116]) by hel.zones.apache.org (Postfix) with ESMTP id B33E3A51EE for ; Sun, 17 Apr 2011 09:10:05 +0000 (UTC) Date: Sun, 17 Apr 2011 09:10:05 +0000 (UTC) From: "Emmanuel Lecharny (JIRA)" To: dev@directory.apache.org Message-ID: <810578784.63019.1303031405731.JavaMail.tomcat@hel.zones.apache.org> In-Reply-To: <705354412.62875.1303012985723.JavaMail.tomcat@hel.zones.apache.org> Subject: [jira] [Commented] (DIRSERVER-1616) LDAP searchRequest to Apache DS will not Return Exoected Results MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/DIRSERVER-1616?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13020745#comment-13020745 ] Emmanuel Lecharny commented on DIRSERVER-1616: ---------------------------------------------- Oh thanks Stefan. It confirms that's a bug. I think that exporting and importing all entries might workaround the bug, no ? > LDAP searchRequest to Apache DS will not Return Exoected Results > ---------------------------------------------------------------- > > Key: DIRSERVER-1616 > URL: https://issues.apache.org/jira/browse/DIRSERVER-1616 > Project: Directory ApacheDS > Issue Type: Bug > Components: ldap > Affects Versions: 1.5.7 > Environment: Cent OS 5.5 x64 > Java Version "1.6.0_17" > OpenJDK Runtime Environment (IcedTea6 1.7.5) (rhel-1.16.b17.el-x86_64) > OpenJDK 64-Bit Server VM (build 14.0-b16,mixed mode) > Reporter: Jeffrey Reynolds > Priority: Critical > > When searching my directory via LDAP searchRequests, I receive erroneous results. If an object is created with an object class: > dn: uid=user,ou=People,dc=example,dc=com > changetype: add > objectClass: sambaSamAccount > objectClass: posixAccount > objectClass: shadowAccount > objectClass: top > objectClass: person > objectClass: inetOrgPerson > objectClass: organizationalPerson > gidnumber: 513 > homedirectory: /home/user > sambaSID: XXX > uidnumber: 30010 > cn: user > sn: user > uid: user > Then: > ldapsearch -h localhost -p 389 -b "ou=People,dc=example,dc=com" "objectclass=posixAccount" -x > Will return the new user. However, if extra object classes are added to a previously existing user: > dn: uid=user,ou=People,dc=example,dc=com > changetype: modify > add: objectClass > objectClass: sambaSamAccount > objectClass: posixAccount > objectClass: shadowAccount > - > add: gidnumber > gidnumber: 513 > - > add: homedirectory > homedirectory: /home/user > - > add: sambaSID > sambaSID: XXX > - > add: uidnumber > uidnumber: 30010 > Then: > ldapsearch -h localhost -p 389 -b "ou=People,dc=example,dc=com" "objectclass=posixAccount" -x > Will not return the user. However, any successful changes made will be visible if the user itself is queried. IE, I will be able to see all the changes I made, I just won't be able to use any of them to search for the object. This has been tested using both ldapmodify and Apache Directory Studio 1.5.3. This has caused issues in our transition to using LDAP to authenticate our Samba servers. Please let me knoe if any more information is needed. Thanks! -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira