[Pkg-openldap-devel] Bug#444936: slapd-ldap failure [RESOLVED]
Pierangelo Masarati
ando at sys-net.it
Wed Sep 3 19:42:02 UTC 2008
The filter
(&(objectClass=ibmPerson)(notesShortName=cowboy))
=>
(&(!(objectclass=*))(!(objectClass=*)))
is being rewritten like that because the proxy does not know anything
about objectClass "ibmPerson" and attribute "notesShortName". You
should augment the proxy's schema in order to let it know about those
attributes, otherwise slapd will silently (as per RFC4511, and thus by
design) ignore the resulting undefined filter. There is one exception:
if the filter uses attributes/objectClasses that have already been
returned by the proxy, it will not result in an undefined filter, as
those attributes/objectClasses will be recognized as "proxied".
Undefined filters are replaced by instances of (!(objectClass=*)), which
is guaranteed to match nothing.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Fax: +39 0382 476497
Email: ando at sys-net.it
-----------------------------------
More information about the Pkg-openldap-devel
mailing list