Hello,
I’m working with OS X Server 10.9 who’s using OpenLDAP to provide directory services.
I’ve a problem with a simple LDAP request who is not consistent depending of the attribute filter requested.
Here are the two commands I’ve used in my CLI:
ldapsearch -x -H ldap://192.168.42.10 -b "cn=passwordserver,cn=config,dc=example,dc=com" "(objectclass=*)"
and
ldapsearch -x -H ldap://192.168.42.10 -b "cn=passwordserver,cn=config,dc=example,dc=com" "(objectclass=*)" apple-xmlplist
For each request, the content of apple-xmlplist is different. The problem is the same with ldap_search_ext_s in C.
I’ve looked the request with wireshark and the only difference I see is the presence or not of the attribute request. The rest of the request is exactly the same.
I don’t understand how is it possible.
Do you know this bug? Do you have a way to edit the stored record used for the request with the filter (it’s the one used by Apple internal tools, so it’s not really possible for me to change it).
Here are version info:
@(#) $OpenLDAP: slapd 2.4.28 (Nov 12 2013 12:02:47) $
root@hikkaduwa.apple.com:/private/var/tmp/OpenLDAP/OpenLDAP-491.1~1/servers/slapd
ldapsearch: @(#) $OpenLDAP: ldapsearch 2.4.28 (Nov 12 2013 12:04:43) $
root@hikkaduwa.apple.com:/private/var/tmp/OpenLDAP/OpenLDAP-491.1~1/clients/tools
(LDAP library: OpenLDAP 20428)
Best regards,
Yoann Gini