On Nov 30, 2021, at 5:24 PM, William Brown
<william.brown(a)suse.com> wrote:
> On 1 Dec 2021, at 07:26, Morgan Jones <morgan(a)morganjones.org> wrote:
>
>
> Can anyone provide insight on why the below might be happening, my best guess is a
corrupt uniquemember index??
If you add the uniquemember index, but never trigger a reindex, the server treats it as
an empty result set until you do a reindex.
So I'd say do a reindex and see if that resolves it.
Understood: we did a full re-index.
Thank you, will do.
-morgan
>
> I initially tried it as a user which also fails but switched to Directory Manager to
rule out an access control issue.
>
> We have identical prod, dev, and test environments and I only see this behavior in
our production environment.
>
> mmacbook:~ morgan$ ldapsearch -LLL -H
ldaps://prdds22.domain.org -x -y pass -D
cn=directory\ manager -b 'cn=admin,ou=fwmgmt,ou=groups,dc=domain,dc=org'
'(&(objectClass=groupofuniquenames)(uniqueMember=*))'
> mmacbook:~ morgan$ ldapsearch -LLL -H
ldaps://prdds22.domain.org -x -y pass -D
cn=directory\ manager -b 'cn=admin,ou=fwmgmt,ou=groups,dc=domain,dc=org'
'(uniqueMember= groupofuniquenames)'
> mmacbook:~ morgan$ ldapsearch -LLL -H
ldaps://prdds22.domain.org -x -y pass -D
cn=directory\ manager -b 'cn=admin,ou=fwmgmt,ou=groups,dc=domain,dc=org'
'(objectclass=*)'
> dn: cn=admin,ou=fwmgmt,ou=groups,dc=domain,dc=org
> objectClass: top
> objectClass: groupOfUniqueNames
> cn: admin
> uniqueMember: uid=u1,ou=employees,dc=domain,dc=org
> uniqueMember: uid=u2,ou=employees,dc=domain,dc=org
> uniqueMember: uid=u3,ou=employees,dc=domain,dc=org
> description: FW Mgmt group
>
> mmacbook:~ morgan$
>
>
>
> mmacbook:~ morgan$ ldapsearch -x -y ~/Docs/.pass4 -D cn=directory\ manager -LLLb
cn=config '(&(objectclass=nsindex)(cn=uniquemember))'
> dn: cn=uniquemember,cn=default indexes,cn=config,cn=ldbm database,cn=plugins,c
> n=config
> objectClass: top
> objectClass: nsIndex
> cn: uniquemember
> nsSystemIndex: false
> nsIndexType: eq
>
> dn: cn=uniquemember,cn=index,cn=NetscapeRoot,cn=ldbm database,cn=plugins,cn=co
> nfig
> objectClass: top
> objectClass: nsIndex
> cn: uniquemember
> nsSystemIndex: false
> nsIndexType: eq
>
> dn: cn=uniqueMember,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config
> cn: uniqueMember
> objectClass: top
> objectClass: nsIndex
> nsIndexType: eq
> nsIndexType: sub
> nsIndexType: pres
> nsSystemIndex: false
>
> mmacbook:~ morgan$
>
>
> thank you!
>
> -morgan
> _______________________________________________
> 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
> Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
> Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
--
Sincerely,
William Brown
Senior Software Engineer, Identity and Access Management
SUSE Labs, Australia
_______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure