Hello, I found the solution to the problem described below: the attributes not returned by the backsock backend to the ldapsearch command were not defined in the schema file I had included in slapd.conf.
By including additional schema files with those attributes defined, ldapsearch returns all the requested attributes. Best regards Gianluca Ramunno ________________________________ From: Gianluca Ramunno <g.ramu...@criticalcase.com> Sent: Monday, June 23, 2025 17:41 To: openldap-technical@openldap.org <openldap-technical@openldap.org> Subject: Another request related to openldap backsock backend Hello, I made quite some progress with developing an LDAP proxy using openldap + backsock backend + a python server. The backsock backend and the python server communicate via UNIX socket according to the protocol described here: https://linux.die.net/man/5/slapd-sock<https://urlsand.esvalabs.com/?u=https%3A%2F%2Flinux.die.net%2Fman%2F5%2Fslapd-sock&e=5bedb835&h=573ea929&f=y&p=n> The python server at the moment implements the execution of the BIND and of the SEARCH operations against a remote LDAP server and returns back the results to the backsock backend. Using the command ldapsearch I perform some SEARCH operations and I see a weird behaviour when the output is printed out by ldapsearch; I request a number of attributes which are returned correctly by the remote LDAP server to the python server, then the latter prepares an LDIF chunk with the returned entry (with all requested attributes) and sends this chunk back to the openldap backsock backend via UNIX socket. Unfortunately, ldapsearch prints out the received entry with a lower number of attributes. The missing attributes are always the same (at a repeated execution of the same SEARCH), but non necessarily the last one(s). I don't receive back any error. In the python server I also print out the whole LDIF chunk just before sending it back to the backsock backend and all attributes are there. I also checked that the protocol between backsock backend and the python server is correct according to the specifications. Note that if I perform the same SEARCH operations with ldapsearch directly against the remote LDAP server (i.e. without the LDAP proxy in between), all requested attributes are returned and printed correctly. Any clue on what's happening or on how to debug this problem in openldap? Thank you in advance. Best regards Gianluca Ramunno
