What are the searches being run (from your slapd.log)?
The ldap.log contains
Aug 27 12:36:24 msldap01 slapd2.4[22363]: connection_get(21) Aug 27 12:36:24 msldap01 slapd2.4[22363]: SRCH "" 0 3 Aug 27 12:36:24 msldap01 slapd2.4[22363]: 0 30 0 Aug 27 12:36:24 msldap01 slapd2.4[22363]: filter: (objectClass=*) Aug 27 12:36:24 msldap01 slapd2.4[22363]: attrs: Aug 27 12:36:24 msldap01 slapd2.4[22363]: namingcontexts Aug 27 12:36:24 msldap01 slapd2.4[22363]: Aug 27 12:36:24 msldap01 slapd2.4[22363]: send_ldap_result: err=0 matched="" text="" Aug 27 12:36:24 msldap01 slapd2.4[22363]: connection_get(21) Aug 27 12:36:24 msldap01 slapd2.4[22363]: connection_get(21) Aug 27 12:36:24 msldap01 slapd2.4[22363]: SRCH "dc=ldn,dc=sw,dc=com" 2 3 Aug 27 12:36:24 msldap01 slapd2.4[22363]: 0 30 0 Aug 27 12:36:24 msldap01 slapd2.4[22363]: filter: (&(objectClass=nisDomainObject)(nisDomain=ldn.sw.com)) Aug 27 12:36:24 msldap01 slapd2.4[22363]: attrs: Aug 27 12:36:24 msldap01 slapd2.4[22363]: Aug 27 12:36:24 msldap01 slapd2.4[22363]: send_ldap_result: err=32 matched="" text="" Aug 27 12:36:24 msldap01 slapd2.4[22363]: connection_get(21)
So that one failed with LDAP_NO_SUCH_OBJECT (err=32).
OOI - How do you know err=32 means LDAP_NO_SUCH_OBJECT?
Which balances out your next statement :-)
Do the work?
The first search '(&(objectClass=nisDomainObject)(nisDomain=your domain')) should return your nisDomain, the next the profile.
I think I got the query syntax correct on the query
[root@msldap01 ~]# ldapsearch2.4 -h 10.2.250.15 -D cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com -w xxxxx-b dc=ldn,dc=sw,dc=com "(&(objectClass=nisDomainObject)(nisDomain=ldn.sw.com))"
Just -h 10.2.250.15 -x -b 'dc=ldn,dc=sw,dc=com' "(&(objectClass=nisDomainObject)(nisDomain=ldn.sw.com))" should match the scripted search.
OK - I ran
ldapsearch2.4 -h 10.2.250.15 -D cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com -w xxxxx -x -b 'dc=ldn,dc=sw,dc=com'
It showed me everything in the LDAP tree, Last few lines are
# search result search: 2 result: 0 Success
# numResponses: 310 # numEntries: 309
Which seems to work OK.
The log output says
Aug 31 09:38:00 msldap01 slapd2.4[22363]: connection_get(21) Aug 31 09:38:00 msldap01 slapd2.4[22363]: ==> bdb_bind: dn: cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com Aug 31 09:38:00 msldap01 slapd2.4[22363]: send_ldap_result: err=0 matched="" text="" Aug 31 09:38:00 msldap01 slapd2.4[22363]: connection_get(21) Aug 31 09:38:00 msldap01 slapd2.4[22363]: SRCH "dc=ldn,dc=sw,dc=com" 2 0 Aug 31 09:38:00 msldap01 slapd2.4[22363]: 0 0 0 Aug 31 09:38:00 msldap01 slapd2.4[22363]: filter: (objectClass=*) Aug 31 09:38:00 msldap01 slapd2.4[22363]: attrs: Aug 31 09:38:00 msldap01 slapd2.4[22363]: Aug 31 09:38:00 msldap01 slapd2.4[22363]: connection_get(21) Aug 31 09:38:00 msldap01 slapd2.4[22363]: send_ldap_result: err=0 matched="" text="" Aug 31 09:38:01 msldap01 slapd2.4[22363]: connection_get(21)
# extended LDIF # # LDAPv3 # base <dc=ldn,dc=sw,dc=com> with scope subtree # filter: (&(objectClass=nisDomainObject)(nisDomain=ldn.sw.com)) # requesting: ALL #
# ldn.sw.com dn: dc=ldn,dc=sw,dc=com
and that one worked. Compare the log entry for the manual search with the scripted one.
-- Ian.