First I apologize for posting a non-technical question / follow up to this list, however I
can speak for the high value add that having official support for OpenLDAP that the Symas
team offers. Like most folks on this list, we have a great deal of in house expertise on
many software stacks including directory services in general. With that said, the Symas
team members are great to work with, literally write the software that we are asking
questions about and as a result have many years of experience and expertise that is easy
to reach for. IMO the support that the Symas org puts forward is a model that vendors
should be striving for.
From: Quanah Gibson-Mount <quanah(a)symas.com>
Sent: Wednesday, September 2, 2020 2:45 PM
To: Howard Chu <hyc(a)symas.com>; chrichardso27(a)gmail.com;
Subject: Re: Index seems to return wrong amount of candidate causing really poor search
Warning: This email is from outside the company. Be careful clicking links or
--On Wednesday, September 2, 2020 8:37 PM +0100 Howard Chu <hyc(a)symas.com>
> The depth is the same, the values are different from the actual
> we use. I cannot share the actual values without disclosing internal
There's not a lot we can do without being able to reproduce the issue
and see what's going on.
You could try starting with a mostly empty DB, adding just the
offending value, looking at the filter debug output for a lookup on
that, and see if it looks sensible first.
is the attribute abc=foo actually unique, or are there multiple
occurrences of it in the DB?
I would optionally note that Symas does provide support contracts for OpenLDAP and has
NDAs if this is a mission critical problem for your company. As Howard notes, without a
reproduction case, it's virtually impossible for us to help here.
One option may be to see if you can reproduce the same problem after renaming the
attribute to something you can disclose, combined with values that are the same exact
length but are simillarly obfuscated to see if you can reproduce the issue that way. If
so, you should be able to share those details.
Looking at the open bugs, I wonder if it is
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
The information contained in this message may be privileged, confidential and protected
from disclosure. If the reader of this message is not the intended recipient, or an
employee or agent responsible for delivering this message to the intended recipient, you
are hereby notified that any dissemination, distribution or copying of this communication
is strictly prohibited. If you have received this communication in error, please notify
your representative immediately and delete this message from your computer. Thank you.