Not a bug

LDAP search on multivalue attribute returns incorrect data

Bob Bradley 4 years ago in UNIFYBroker SDK and UNIFYCore updated by Beau Harrison (Senior Product Software Engineer) 4 years ago 1

The following shows a search result which incorrectly returns all org unit records where none of the inspected results actually matched the search criteria:


ldap_search_s(ld, "OU=orgUnits,DC=IdentityBroker", 2, "(hierarchy=50002000)", attrList, 0, &msg)

Matched DNs: OU=orgUnits,DC=IdentityBroker

Getting 1000 entries:

Dn: CN=50022695,OU=orgUnits,DC=IdentityBroker

costCentre: 0000045240;

costCentreGroup: CCCA;

costCentreID: d567d5b9d344523618fc25cc2efe70e7;

costCentreIDRef: CN=0000045240,CN=CCCA,OU=costCentres,DC=IdentityBroker;

costCentreText: International Climate Law;

createTimestamp: 30/11/2019 1:36:03 PM AUS Eastern Daylight Time;

distinguishedName: CN=50022695,OU=orgUnits,DC=IdentityBroker;

entryUUID: 08e5d654-d8a2-4b41-a516-00bd457a93b9;

EXTOBJID: 50022695;

hashDN: 60451482495227d7d95601c180bcceac;

hierarchy (7): 50000100; 50000500; 50022601; 50022677; 50022687; 50022692; 50022695;

hierarchyRef (7): CN=50000100,OU=orgUnits,DC=IdentityBroker; CN=50000500,OU=orgUnits,DC=IdentityBroker; CN=50022601,OU=orgUnits,DC=IdentityBroker; CN=50022677,OU=orgUnits,DC=IdentityBroker; CN=50022687,OU=orgUnits,DC=IdentityBroker; CN=50022692,OU=orgUnits,DC=IdentityBroker; CN=50022695,OU=orgUnits,DC=IdentityBroker;

longText: International Climate Law Section;

modifyTimestamp: 2/12/2019 10:23:42 PM AUS Eastern Daylight Time;

objectClass: orgUnit;

objectEndDate: 99991231000000.000Z;

objectID: 50022695;

objectStartDate: 20071203000000.000Z;


orgLevel: 7;

orgLevelName: Section;

OU: orgUnits;

parentOrgID: 50022692;

parentOrgIDRef: CN=50022692,OU=orgUnits,DC=IdentityBroker;



shortText: DCC ID;

status: Active;

subschemaSubentry: CN=orgUnits,cn=schema;

Not a bug

Hi Bob

Broker supports a limited subset of LDAP filtering options. Filtering on multi-valued fields is one of the things not currently supported.