1 Apr
2013
1 Apr
'13
11:34 p.m.
Hello,
Everything is now resolved, I am documenting it for future reference by others:
I am trying to publish information only when the exact DN is used, as a measure against iteration of accounts.
I discovered that setting up search indexes for only "eq" on attribute "uid" does just that -- but it feels a bit like a coincidence, or something that future OpenLDAP revisions could alter.
A subtree would still display the "uid" objects that I prefer to conceal. This could be resolved by adding a "filter=(!(objectClass=uidObject))" or similar expression.
I get reports "bdb_substring_candidates: not indexed" errors. Is this a feature, or a (coincidental/temporary) bug?
The filter does not rely on this anymore. Happy :)
-Rick