Pierangelo Masarati wrote:
Pierangelo Masarati wrote:
What authz-regexp does is run an internal search. If the search returns exactly one entry, then there's no way it can be, say, returned twice, otherwise it would also when running aregular search. Moreover, I've recrated you scenario in 2.3.27 and HEAD, and everything seems to work as expected in all cases. I suspect something else is wrong, for example data in your DB is not like it appears.
The objects used actually were 'person's with auxiliary 'posixAccount' and 'organizationalRoles' on the other side. I also installed a clean directory and at least I must agree with you, that the problem is caused somewhere else: After I dumped and reloaded data with slapcat/slapadd into bdb it finally works as expected.
Thanks for verifing and sorry for the inconvenience caused.
A