[389-users] Equality when schema does not define

Rich Megginson rmeggins at redhat.com
Mon Dec 15 14:27:55 UTC 2014 

On 12/12/2014 09:44 PM, William wrote:
>
>> On 13 Dec 2014, at 08:08, Rich Megginson <rmeggins at redhat.com> wrote:
>>
>>> On 12/12/2014 02:27 PM, William B wrote:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>>>>>> What is the default behaviour if no equality type is defined?
>>>>   From http://tools.ietf.org/html/rfc4512
>>>> "
>>>>
>>>>      If no equality matching is specified for the attribute type:
>>>>
>>>>         - the attribute (of the type) cannot be used for naming;
>>>>         - when adding the attribute (or replacing all values), no two
>>>>           values may be equivalent (see 2.2);
>>>>         - individual values of a multi-valued attribute are not to be
>>>>           independently added or deleted;
>>>>         - attribute value assertions (such as matching in search
>>>> filters and comparisons) using values of such a type cannot be
>>>>           performed."
>>>>
>>>> Which means, you are not supposed to use it in a search filter.
>>> Ahh that's good to know. This kind of thing should be in the RHDS documentation
>>> as we couldn't find anything about the topic, and it's an invaluable piece of
>>> knowledge in solving this issue.
>> There is a _lot_ of information in the LDAP RFCs that is not in the RHDS documentation . . .
>>
> While that may be the case, I would like to see clearly in the indexing section a description, even brief, of the behaviour when an index with equality is set. Link to the rfc for detailed description even.
>
> Perhaps also a warning in the errors file when such an index is created / at start up?

Please file tickets for these - https://fedorahosted.org/389/newticket

>
>
>>>> However, 389 provides a default equality matching rule, which is
>>>> essentially a memcmp(3).  When you create an index, it attempts to
>>>> use the equality matching rule to create the equality index.  I guess
>>>> the indexing code is getting confused.  Do you have
>>>> a /var/lib/dirsrv/slapd-INST/db/userRoot/maildeliveryoption.db4
>>>> file?  If so, does it have anything in it?  dbscan
>>>> -f /var/lib/dirsrv/slapd-INST/db/userRoot/maildeliveryoption.db4
>>> The db4 file in question was empty. I am assuming that this indicates an issue
>>> with the indexing yielding no data, but if it was empty, and an index search was
>>> performed I am assuming that is why our search begins to return no data.
>> Correct.
> Thank you. I appreciate your help and advice.
>
> Sincerely
>
> William
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users

More information about the 389-users mailing list