Zitat von Michael Ströder michael@stroeder.com:
Alexander Bruckner wrote:
An entry should look like this (as it is entered into the directory): .... mail: testing1@test.com mail: testing2@test.com
What does "should look like" mean? Is it really added like this? Can you confirm that with OpenLDAP's command-line tool ldapsearch?
The entry is initially created with ldapadd from an ldif-file with only one mail-attribute. The second mail-attribute is added with phpldapadmin. ldapsearch then shows the entry as posted above (with two mail attributes), and everthing works fine.
This is not a server issue for sure. Either a client is modifying the data or the client producing the second LDIF output is misbehaving on multi-valued attributes. Please verify your directory content by looking at the LDIF output generated by OpenLDAP's command-line tool ldapsearch.
If really the content of the entry changed you have to search harder... ;-)
I found out that the saslauthd is configured with write-access to the ldap directory. I will now change this to anonymous bind and turn an logging again.
Thanks for your help, Alex Bruckner