Express (Distributed operating systems), v8.0 > Secure applications and their environment > Authenticate users > Select a registry or repository > Manage realms in a federated repository > Virtual member manager > Troubleshoot and Support > Support issues and limitations > LDAP repository issues


Domino LDAP server subtree search failure

The Domino LDAP server does not support searching subtrees with multiple level of organizational hierarchy.

For example, an entity in the second level of the organizational structure can be searched using the base search but not with the subtree search.

Organization 1 UniqueName = o=Organization 1,o=Root Organization

A base search with a complete UniqueName works.

[C:\] ldapsearch -h
<hostname> -D "cn=admin,o=ibm" -w "password"
                 -b "o=Organization 1,o=Root Organization" -s base "(objectclass=*)"

However, a subtree search with a first level entity as the search DN fails.

[C:\] ldapsearch -h
<hostname> -D "cn=admin,o=ibm" -w "password"
                 -b "o=Root Organization" "(o=Organization 1)"
This limitation might also cause the getting groups of an entity to fail by returning incorrect empty search results.

When using a Domino version 6 LDAP server, avoid multiple organization structures such as an organization nested under another organization. Searches might fail, if you use that type of organization hierarchy.

Parent topic: LDAP repository issues



+

Search Tips   |   Advanced Search