While trying to debug my problems with authentication I discovered the problem was with searching the LDAP entries.
If I search my database by the CN field I get this output: ldapsearch -D "cn=manager,dc=example,dc=com" -x -W "cn=myuser"
# myuser, Users, example.com dn: uid=myuser,o=Users,dc=example,dc=com uid: myuser cn: myUser objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount shadowLastChange: 13789 shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 10002 gidNumber: 10001 homeDirectory: /home/ldap/john gecos: myUser (LDAP) userPassword:: <stuff>
It seems pretty normal to me and working. However, if I try to search with "uid=myuser" nothing is returned.
What is more, if I instead search with "uid=myuser*" the entry is returned successfully, which tells me that somewhere on the LDAP structure I probably have a problem with strange characters. Is there a way to efficiently correct this or do I have to import everything again?
Of course, I could be wrong in my assumption... anything else that could be causing this behaviour besides strange "invisible" characters on UID field?
Thank you, Nuno