Andrew Kay wrote:
Thanks for your response, as a result of checked out the head tag
within CVS, compiled and tested with the same configuration as before.
By the way, the fix for ITS#4615 is now in 2.3.31.
The query works perfectly against the Active Directory portion of
unified directory, but doesn't return the user from the OpenLDAP
portion of the directory. If a rerun the last query but set the base
explicitly to the OpenLDAP portion of the directory:
It sounds like you've now run into ITS#4638, a bug in the rwm overlay.
It maps the filter for searching in the first database, but doesn't
restore the original value before proceeding to the next database, so
it's using the wrong filter there. I usually don't touch the rwm code
since Ando mainly works on it, but can take a look later.
I get the user, but unfortunately can't get the user if the base
set to the unified directory base.
It seems to work correctly if I am dealing with:
- an attribute that is the same in both directories (cn for example)
- an attribute that is rewritten (uid works against the Active
Directory portion, although it must be rewritten as SAMAccountName
when performing the underlying query)
- when I explicitly set the base to the OpenLDAP directory portion
and then perform a query referring to an entry within it
I hope I have explained the problem I'm having in sufficient depth, I
can send you the results of running slapd in "trace, args, filter,
parse" debug mode if you wish.
Thanks again for your help so far.
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/