Ryan Lovett wrote:
I turned up the logging on the OpenLDAP server and spotted several instances of:
get_ava: illegal value for attributeType nisNetgroupTriple
I've looked over RFC 2307 and the values stored in OpenLDAP seem to be consistent with the defined syntax. Additionally, the server did not object when I inserted the data so I don't know why there is a problem when reading it.
Most likely this error message is reporting the wrong thing. In fact there is no equality matching rule for the nisNetgroupTriple attributetype, so it cannot be used in a search filter.
Is there a specific loglevel setting that will tell me more precisely what is going on? I bumped it up enough for it to show me:
slapd[26143]: get_ava: illegal value for attributeType nisNetgroupTriple slapd[26143]: end get_filter 0 slapd[26143]: begin get_filter slapd[26143]: EQUALITY slapd[26143]: get_ava: illegal value for attributeType nisNetgroupTriple slapd[26143]: end get_filter 0 slapd[26143]: begin get_filter slapd[26143]: SUBSTRINGS slapd[26143]: begin get_ssa slapd[26143]: error=18 slapd[26143]: end get_filter 0 slapd[26143]: begin get_filter slapd[26143]: get_filter: unknown filter type=130 slapd[26143]: end get_filter 0 slapd[26143]: begin get_filter slapd[26143]: EQUALITY slapd[26143]: get_ava: illegal value for attributeType nisNetgroupTriple slapd[26143]: end get_filter 0 slapd[26143]: begin get_filter slapd[26143]: EQUALITY slapd[26143]: get_ava: illegal value for attributeType nisNetgroupTriple slapd[26143]: end get_filter 0
"error=18" and "unknown filter type=130" searches haven't led me to a solution.
Thanks for your time, Ryan