Birgit Ohlenbusch writes:
A wildcard search like ldapsearch (...) uid='xyzzs*' uid
lists only three entries: (...) dn: uid=xyzzs146,ou=Accounts,xx uid: xyzzs146
dn: uid=xyzzs147,ou=Accounts,xx uid: xyzzs147 dn: uid=xyzzs148,ou=Accounts,xx uid: xyzzs148though there exists more, which can be displayed with ldapsearch not specifying a filter or by specifying the object (...) Reindexing with slapindex solved the problem, ldapsearch with uid='xyzzs*' shows all those entries, not only three. But I'm afraid that this happens again. Can you tell me how somethink like this can happen and how I can prevent such a situation?
Your 'uid' index thought only three entries existed in the search scope. A search without an uid filter worked because it did not use the index.
Maybe you edited slapd.conf and inserted an uid index without running slapindex. Thata index would initially be empty, telling slapd there were no entries matching the filter. Later you added these three entries, which did get indexed.
The fix is to always run slapindex after editing the indexes. Or switch to using cn=config and modify the configuration over the LDAP protocol, then the attributes get reindexed automatically.