Hi,

 

Could someone help me with this one? I have a user1 with inetUserStatus: active and user2 inetUserStatus: inactive. If I search for a user with a inetUserStatus=(in)active I don’t get any results:

 

# ldapsearch -x -H ldap://127.0.0.1:389 -D 'cn=admin,dc=gal,dc=example,dc=com' -w secret -LLL -b ou=people,dc=gal,dc=example,dc=com '(inetUserStatus=active)'

# ldapsearch -x -H ldap://127.0.0.1:389 -D 'cn=admin,dc=gal,dc=example,dc=com' -w secret -LLL -b ou=people,dc=gal,dc=example,dc=com '(inetUserStatus=inactive)'

 

What is wrong with my search or slapd config?

 

If I search for a * as attribute value I get both users.

 

# ldapsearch -x -H ldap://127.0.0.1:389 -D 'cn=admin,dc=gal,dc=example,dc=com' -w secret -LLL -b ou=people,dc=gal,dc=example,dc=com '(inetUserStatus=*)'

dn: uid=user2,ou=people,dc=gal,dc=example,dc=com

shadowWarning: 0

gidNumber: 100

shadowMax: 0

objectClass: top

objectClass: account

objectClass: posixAccount

objectClass: shadowAccount

objectClass: inetUser

loginShell: /bin/bash

userPassword:: e1NTSEF9TVk0WW432UzRxYjRBNWN1TFlTaXZCVFBHRFN3MzdoYWs=

uid: user2

shadowLastChange: 0

cn: user2

homeDirectory: /home/user2

uidNumber: 1006

gecos: user2

inetUserStatus: inactive

 

dn: uid=user1,ou=people,dc=gal,dc=example,dc=com

objectClass: top

objectClass: account

objectClass: posixAccount

objectClass: shadowAccount

objectClass: inetUser

cn: user1

uid: user1

uidNumber: 1005

gidNumber: 100

homeDirectory: /home/user1

loginShell: /bin/bash

userPassword:: e1NTSEF9TVk0WW1HU231xYjRBNWN1TFlTaXZCVFBHRFN3MzdoYWs=

shadowLastChange: 0

shadowMax: 0

shadowWarning: 0

inetUserStatus: active

gecos: user1

 

# ldapsearch -LLLQY EXTERNAL -H ldapi:/// -b cn=schema,cn=config dn

dn: cn=schema,cn=config

dn: cn={0}core,cn=schema,cn=config

dn: cn={1}cosine,cn=schema,cn=config

dn: cn={2}nis,cn=schema,cn=config

dn: cn={3}inetorgperson,cn=schema,cn=config

dn: cn={4}ldapab,cn=schema,cn=config

dn: cn={5}openxchange,cn=schema,cn=config

dn: cn={6}evolutionperson,cn=schema,cn=config

dn: cn={7}inetUser,cn=schema,cn=config

 

s# ldapsearch -LLLQY EXTERNAL -H ldapi:/// -o ldif-wrap=no -b cn={7}inetUser,cn=schema,cn=config

dn: cn={7}inetUser,cn=schema,cn=config

objectClass: olcSchemaConfig

cn: {7}inetUser

olcAttributeTypes: {0}( 1.2.840.113556.1.2.102 NAME 'memberOf' DESC 'Group that the entry belongs to' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Netscape Delegated Administrator' )

olcAttributeTypes: {1}( 2.16.840.1.113730.3.1.692 NAME 'inetUserStatus' DESC '"active", "inactive", or "deleted" status of a user' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape subscriber interoperability' )

olcAttributeTypes: {2}( 2.16.840.1.113730.3.1.693 NAME 'inetUserHttpURL' DESC 'A users Web addresses' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Netscape subscriber interoperability' )

olcObjectClasses: {0}( 2.16.840.1.113730.3.2.130 NAME 'inetUser' DESC 'Auxiliary class which must be present in an entry for delivery of subscriber services' SUP top AUXILIARY MAY ( uid $ inetUserStatus $ inetUserHTTPURL $ userPassword $ memberOf ) X-ORIGIN 'Netscape subscriber interoperability' )

 

Thanks