hume-ml@bofh.ca wrote:
Full_Name: Brandon Hume Version: 2.3.38 OS: OpenSolaris/Redhat Linux AS3 URL: Submission from: (NULL) (129.173.2.54)
When OpenLDAP is serving a tree split into multiple backends (for whatever reasons someone might do so), searching with the paged result control against the base DN and ranging across the subordinate trees causes a paged result cursor to be provided for each backend.
ie: With a config such as:
database bdb directory /opt/csw/var/openldap/people suffix "ou=People,dc=example,dc=com" subordinate rootdn "cn=NOC,dc=example,dc=com"
database bdb directory /opt/csw/var/openldap/default suffix "dc=domain,dc=com" rootdn "cn=NOC,dc=domain,dc=com" rootpw {SSHA}[...]
A search such as the following: ldapsearch -h localhost -x -E pr=2 -b dc=dal,dc=ca '(objectclass=*)'
... will produce the following result/control response:
[...] # search result search: 2 result: 0 Success control: 1.2.840.113556.1.4.319 false MAkCAQAEBAIAAAA= control: 1.2.840.113556.1.4.319 false MAkCAQAEBP////8= Press [size] Enter for the next {2|size} entries.
This has the effect of causing the next paged result to fail, since one of the two values is not correct and is rejected by the server.
Where is "dc=dal,dc=ca" set?