Can anyone provide insight on why the below might be happening, my best guess is a corrupt uniquemember index??
I initially tried it as a user which also fails but switched to Directory Manager to rule out an access control issue. We have identical prod, dev, and test environments and I only see this behavior in our production environment. mmacbook:~ morgan$ ldapsearch -LLL -H ldaps://prdds22.domain.org -x -y pass -D cn=directory\ manager -b 'cn=admin,ou=fwmgmt,ou=groups,dc=domain,dc=org' '(&(objectClass=groupofuniquenames)(uniqueMember=*))' mmacbook:~ morgan$ ldapsearch -LLL -H ldaps://prdds22.domain.org -x -y pass -D cn=directory\ manager -b 'cn=admin,ou=fwmgmt,ou=groups,dc=domain,dc=org' '(uniqueMember= groupofuniquenames)' mmacbook:~ morgan$ ldapsearch -LLL -H ldaps://prdds22.domain.org -x -y pass -D cn=directory\ manager -b 'cn=admin,ou=fwmgmt,ou=groups,dc=domain,dc=org' '(objectclass=*)' dn: cn=admin,ou=fwmgmt,ou=groups,dc=domain,dc=org objectClass: top objectClass: groupOfUniqueNames cn: admin uniqueMember: uid=u1,ou=employees,dc=domain,dc=org uniqueMember: uid=u2,ou=employees,dc=domain,dc=org uniqueMember: uid=u3,ou=employees,dc=domain,dc=org description: FW Mgmt group mmacbook:~ morgan$ mmacbook:~ morgan$ ldapsearch -x -y ~/Docs/.pass4 -D cn=directory\ manager -LLLb cn=config '(&(objectclass=nsindex)(cn=uniquemember))' dn: cn=uniquemember,cn=default indexes,cn=config,cn=ldbm database,cn=plugins,c n=config objectClass: top objectClass: nsIndex cn: uniquemember nsSystemIndex: false nsIndexType: eq dn: cn=uniquemember,cn=index,cn=NetscapeRoot,cn=ldbm database,cn=plugins,cn=co nfig objectClass: top objectClass: nsIndex cn: uniquemember nsSystemIndex: false nsIndexType: eq dn: cn=uniqueMember,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config cn: uniqueMember objectClass: top objectClass: nsIndex nsIndexType: eq nsIndexType: sub nsIndexType: pres nsSystemIndex: false mmacbook:~ morgan$ thank you! -morgan _______________________________________________ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
