Brandon Hume wrote:
I have a large number of mail aliases stored in LDAP used by sendmail. They're stored off by themselves as opposed to hung off the user objects, so that the mail servers can have their own LDAP replicas containing only a portion of the tree rather than all the user objects as well. An example entry would be thus:
dn: cn=broken2,cn=dal,cn=Mailmaps,cn=Services,dc=DAL,dc=CA objectClass: top objectClass: applicationProcess objectClass: inetLocalMailRecipient cn: broken2 mailRoutingAddress: broken2@dal.ca mailLocalAddress: broken2@imap.dal.ca
However, this entry will not show up in searches, depending on what I use as a search base:
I can confirm that I also saw such a strange effect on a customer's server running OpenLDAP 2.4.28 with back-hdb based on BDB 5.2.x (not sure about x). All compiled as 64-bit software on HP-UX 10.x (not sure about the exact version). I don't have easy access to this production system so it's quite hard to examine this. But I'm somewhat glad I'm not alone.
In my case I had to use search base ou=xxx,dc=example,dc=org instead of also valid dc=example,dc=org to find the entries. I also examined that no ACLs were standing in the way.
Ciao, Michael.