--On Thursday, June 14, 2012 3:09 PM -0700 Kurt Zeilenga Kurt@OpenLDAP.org wrote:
On Jun 14, 2012, at 2:10 PM, quanah@openldap.org wrote:
Full_Name: Quanah Gibson-Mount Version: 2.4.31 OS: Linux 2.6 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (75.108.184.39)
Handling "!" with objectClasses appears to be broken. For example, if I perform the following ldap query:
zimbra@zre-ldap002:~$ ldapsearch -LLL -x -H ldapi:/// -D cn=config -w zimbra -b "" '(!(objectclass=junk))' zimbra@zre-ldap002:~$
This result appears incorrect to me. I would expect it to return all entries without that objectClass (which in this case, would be every entry).
which object class (by OID)? If the server doesn't know what junk is, (!(objectClass=junk)) is just as undefined (objectclass=junk) is.
Doing the same sort of search on a different attribute, the behavior is as expected:
Bad expectation, as junk here is a string not a descriptor.
Well, I would note that AD at least behaves the way in which I expect. Just because the objectClass doesn't exist in the schema, I don't think it should fail to evaluate. Clearly, if none of the objects match the filter, it should return them.
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
-
quanah@zimbra.com