Is it expected that the translucent overlay returns a proxied entry but also a "No such object" error when a remote entry exists but the matching local entry does not exist? For example, if there is no local entry for user "John Doe", then the search:

 

 ldapsearch -x -H ldaps://localhost -LLL \

     -b "cn=John Doe,ou=Users,dc=example,DC=com" -s base \

     -D "cn=admin,dc=example,dc=com" -w admin \

     '(&)' cn mail manager

 

returns:

 

  dn: cn=John Doe,ou=Users,dc=example,DC=com

  cn: John Doe

  mail: john.doe@example.com

  manager: cn=Jane Smith,ou=Users,dc=example,DC=com

 

  No such object (32)

 

In the slapd log I see:

 

  conn=1000 op=9 SEARCH RESULT tag=101 err=32 nentries=1 text=

 

For comparison, the search:

 

 ldapsearch -x -H ldaps://localhost -LLL –b dc=example,DC=com \

     -s sub \

     -D "cn=admin,dc=example,dc=com" -w admin \

     '(cn=John Doe)' cn mail manager

 

returns the same entry and attributes but no error.

 

Should the client use the one entry and ignore the error, or is there some way to ask the translucent overlay to not return that error, or how should we handle this?

 

Thanks.


Steve