Maybe someone can point out that I'm being a complete idiot.
I've got a custom LDAP schema ( see below ) that defines 2 attributes, namely "clientAccountEnabled" and "clientDownloadsAvailable". Their sytax is defined by the LDAP schema for Boolean and Int values. I'm also making use of a "dead-space" OID of 1.1.x until the enterprise allocation goes through. The objectClass of "clientAccount" enforces that both fields must exist in any object of this type.
I've got a few objects which have the objectType of clientAccount ( example below ).
The problem I'm running into is that any filtering I do with these fields doesn't work. Only testing that the fields exists seems to work.
1. '(&(uid=robert)(objectClass=clientAccount))' - works 2. '(&(uid=robert)(objectClass=clientAccount)(clientAccountEnabled=*))' - works ( tests if the field exists ) 3. '(&(uid=robert)(objectClass=clientAccount)(clientAccountEnabled=TRUE))' - Fails 4. '(&(uid=robert)(objectClass=clientAccount)(!(clientAccountEnabled=TRUE)))' - Fails
Obviously 3 and 4 should be mutually exclusive, but nothing shows up. I've checked that the field types ( 1.3.6.1.4.1.1466.115.121.1.7 and 1.3.6.1.4.1.1446.115.121.1.27 ) are valid, as setting them to another type fails with syntax errors.
Any thoughts or suggestions would be much appreciated.. I've been banging my head against the wall for a couple hours now.
Rob
Schema:
n: cn={4}client,cn=schema,cn=config objectClass: olcSchemaConfig cn: {4}client olcAttributeTypes: {0}( 1.1.1.1 NAME 'clientAccountEnabled' SYNTAX 1.3.6.1.4.1 .1466.115.121.1.7 SINGLE-VALUE ) olcAttributeTypes: {1}( 1.1.1.2 NAME 'clientDownloadsAvailable' SYNTAX 1.3.6.1 .4.1.1466.115.121.1.27 SINGLE-VALUE ) olcObjectClasses: {0}(1.1.2.1 NAME 'clientAccount' DESC 'A Client Account' SUP top AUXILIARY MUST ( uid $ clientAccountEnabled $ clientDownloadsAvailable ) )
LDAP Object with objectClass=clientAccount:
# robert, people, younessleeptechnologies.com dn: uid=robert,ou=people,dc=younessleeptechnologies,dc=com uid: robert uidNumber: 20000 gidNumber: 20000 cn: robert sn: robert objectClass: top objectClass: person objectClass: posixAccount objectClass: shadowAccount objectClass: clientAccount loginShell: /bin/sh homeDirectory: /home/robert clientDownloadsAvailable: 10 clientAccountEnabled: TRUE