|
Hi Guys,
I'm trying to understand why ldapsearch returns some objects of the dit only when the dn is set to the object I'm looking for and the search scope has to be base, e.g.:
There is an object at the dn: cn=repl keep alive 1,dc=example,dc=org" A search operation using dc=example,dc=org as base and the scope 'sub' will not return the entry. Setting the search base to the object itself does not work either:
ldapsearch -H ldap://ldap.example.org -D "cn=directory manager" -w secret -ZZZ -x -s sub -b "cn=repl keep alive 1,dc=example,dc=org" # extended LDIF # # LDAPv3 # base <cn=repl keep alive 1,dc=example,dc=org> with scope subtree # filter: (objectclass=*) # requesting: ALL # # search result search: 3 result: 0 Success But using the object's dn and setting the scope to 'base' does return the entry: ldapsearch -H ldap://ldap.example.org -D "cn=directory manager" -w secret -ZZZ -x -s base -b "cn=repl keep alive 1,dc=example,dc=org" # extended LDIF # # LDAPv3 # base <cn=repl keep alive 1,dc=example,dc=org> with scope baseObject # filter: (objectclass=*) # requesting: ALL # # repl keep alive 1, example.org dn: cn=repl keep alive 1,dc=example,dc=org objectClass: top objectClass: ldapsubentry objectClass: extensibleObject cn: repl keep alive 1 # search result search: 3 result: 0 Success
Does someone have an explanation for this?
thank you,
cheers, frank |
-- 389 users mailing list 389-users@%(host_name)s http://lists-dev.fedorainfracloud.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
