--On Monday, June 05, 2017 6:08 PM +0000 [email protected] wrote: > Full_Name: Alex Crow > Version: 2.4.40-13.el7 > OS: Centos 7.3 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (95.172.237.70) > > > I'm using OpenLDAP with the caching overlay as a proxy to AD, mostly for > use with Postfix and Dovecot. > > I have been experiencing a strange issue whereby, when a user is moved to > a different OU in AD, the caching server initially returns only the > original OU until the cache entry expires. However, after this time, it > returns both the entry in the original OU and the entry in the new OU. > This does not seem to change even after the next expiry time has elapsed. > I can only seem to clear out the "old" result by wiping the cache's > database.
Hi Alex, The first thing to do would be to upgrade to OpenLDAP 2.4.44 or 2.4.45 and confirm you can reproduce the issue in a current release. If you can, then you need to provide a full backtrace, where debug symbols are enabled (the "-g" flag for CFLAGS for gcc), and the slapd binary is not stripped (or if using packaged RPMs, the debuginfo etc bits are installed). You can grab pre-compiled packages for OpenLDAP 2.4.44 from the LTB project at <http://ltb-project.org/wiki/download#openldap>. I expect they'll have 2.4.45 packages available soon as well. Thanks, Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>
