From: quanah@zimbra.com
Subject: Re: OpenLDAP wildcard searches.
Date: Wed, 16 Sep 2015 02:40:14 -0500
To: mlstarling31@hotmail.com
CC: frank.swasey@uvm.edu; openldap-technical@openldap.org

Your schema definition is missing a substring matching rule. Thus it is expected that substring searches will fail.  You should fix your schema. You can run slapindex with slapd offline to regenerate the indices. 

--Quanah


On Sep 15, 2015, at 2:28 PM, Michael <mlstarling31@hotmail.com> wrote:


> Date: Tue, 15 Sep 2015 14:53:37 -0400
> From: Frank.Swasey@uvm.edu
> To: mlstarling31@hotmail.com
> CC: openldap-technical@openldap.org
> Subject: Re: OpenLDAP wildcard searches.
>
> Today at 10:51am, Michael wrote:
>
> > Hello all,
> > I've come across an issue where java developers using one of our LDAP environments want to be able to do wildcard searches on non-standard LDAP attributes. They are using a custom schema in the LDAP environment which contains the following attributes for example.
> > retailerId:jurisdictionID:
> > They want to be able to perform the following search filter to pull all entries with 21 as the jurisdictionID and any wildcard for the retailerID.
> > '(&(retailerId=*)(jurisdictionID=21))' works as expected but of course this returns all objects with any retailerID.
> > They would like to narrow the search results using the filters below. Is there something that needs to be added to the custom schema to allow this to work like it does for the standard LDAP attributes like cn,sn,mail etc?
> > '(&(retailerId=177*)(jurisdictionID=21))' returns zero results'(&(retailerId=*389)(jurisdictionID=21))' returns zero results'(&(retailerId=1*389)(jurisdictionID=21))' returns zero results
>
> From your examples - I can guess. But nobody can know.
>
> How does this custom schema define retailerID? What are the matching
> rules?
>
> --
> Frank Swasey | http://www.uvm.edu/~fcs
> Sr Systems Administrator | Always remember: You are UNIQUE,
> University of Vermont | just like everyone else.
> "I am not young enough to know everything." - Oscar Wilde (1854-1900)


Hi Frank. See below.

attributetype ( 3.0.0.3 NAME 'retailerId'
        DESC 'ID of the retailer a user is assigned to'
        EQUALITY integerMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

Thanks all for the help.