(ITS#5848) INDEXES IN BACK-NDB - openldap-bugs

3 Dec 2008


      Full_Name: Evaristo Camarero
Version: 2.4.13
OS: SuSe 10 SP1
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (83.32.53.80)
The issue is related with indexes support in the back-ndb that uses MySQL
Cluster NDB backend.
The problem happens when you define more than one index in the slapd.conf, and
you try a search operation using a filter that does not contain the first define
index.
This my config in slapd.conf for the back-ndb
########################################################
# NDB
#########################################################
database ndb
suffix dc=example,dc=com
rootdn cn=Manager,dc=example,dc=com
rootpw secret
dbname OpenLDAP
dbuser root
dbpass whatever
# MySQL Server
dbhost localhost
# NDB management host
dbconnect localhost
# Number of API connections in the NDB cluster
dbconnections 5
dbsocket /tmp/mysql.sock
index cn
index sn
I have loaded the following LDIF file in the server:
# root
dn: dc=example,dc=com
objectClass: organization
objectClass: dcObject
o: Example, Inc.
dc: example
# people
dn: ou=People,dc=example,dc=com
objectClass: organizationalUnit
ou: People
# company-wide address book
dn: ou=Address Book,dc=example,dc=com
objectClass: organizationalUnit
ou: Address Book
# entry in company-wide address book
dn: cn=Rosco P. Coltrane,ou=Address Book,dc=example,dc=com
objectClass: inetOrgPerson
cn: Rosco P. Coltrane
sn: Coltrane
mail: rpc@example.com
# address book administrator
dn: cn=Admin,ou=People,dc=example,dc=com
objectClass: inetOrgPerson
cn: Admin
sn: Admin
userPassword: admin
# person
dn: cn=Flash Gordon,ou=People,dc=example,dc=com
objectClass: inetOrgPerson
cn: Flash Gordon
sn: Gordon
mail: fg@example.com
userPassword: secret
# person's personal address book
dn: ou=Address Book,cn=Flash Gordon,ou=People,dc=example,dc=com
objectClass: organizationalUnit
ou: Address Book
# another person
dn: cn=Clark Kent,ou=People,dc=example,dc=com
objectClass: inetOrgPerson
cn: Clark Kent
sn: Kent
mail: ck@example.com
userPassword: secret
# another person's personal address book
dn: ou=Address Book,cn=Clark Kent,ou=People,dc=example,dc=com
objectClass: organizationalUnit
ou: Address Book
# entry in another person's personal address book
dn: cn=Mickey Mouse,ou=Address Book,cn=Clark Kent,ou=People,dc=example,dc=com
objectClass: inetOrgPerson
cn: Mickey Mouse
sn: Mouse
mail: mickey.mouse@example.com
# one more person, yet without personal address book
dn: cn=Donald Duck,ou=People,dc=example,dc=com
objectClass: inetOrgPerson
cn: Donald Duck
sn: Duck
mail: dd@example.com
userPassword: secret
Using the first defined index (cn), works fine:
ldapsearch -x -h localhost -p 20389 -b "dc=example,dc=com" 'cn=Clark Kent'
# extended LDIF
#
# LDAPv3
# base <dc=example,dc=com> with scope subtree
# filter: cn=Clark Kent
# requesting: ALL
#
# Clark Kent, People, example.com
dn: cn=Clark Kent,ou=People,dc=example,dc=com
objectClass: inetOrgPerson
userPassword:: c2VjcmV0
sn: Kent
cn: Clark Kent
mail: ck@example.com
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
But using the second defined index, does not work:
ldapsearch -x -h localhost -p 20389 -b "dc=example,dc=com" 'sn=Kent'
# extended LDIF
#
# LDAPv3
# base <dc=example,dc=com> with scope subtree
# filter: sn=Kent
# requesting: ALL
#
# search result
search: 2
result: 0 Success
# numResponses: 1
Tell me if you need more details.
Thanks in advance