ems@sparkassen-informatik.de writes:
Hello,
we use OpenLdap 2.3.38 on Solaris 10 (note we run openldap on high-Port, so ldap can run as a "normal" user, without root-rights)
While the uid is not case-sensitiv, i want to search with an extensible search (e.g. in RFC 2254 desribed), in the hope that Apache this also can in the AuthLdapUrl Directive. But first, i try from console with ldapsearch
But this ends with an Error-Code 34 invalid DN syntax
Whats wrong ? Do extended search work correct in openldap, or whats the Error ?
First,when i try a "normal" search like this, it works fine .. an extended not
- ldapsearch -H ldap://10.11.12.15:2389 -x -b uid=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de
- ldapsearch -H ldap://10.11.12.15:3389 -x -b uid:caseExactMatch:u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc
=de
Response from 1.
# extended LDIF # # LDAPv3 # base <uid=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de> with scope subtree # filter: (objectclass=*) # requesting: ALL #
# u4711, SI, Benutzer, sparkassen-informatik.de
F> dn: uid=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de
cn: u4711 destinationIndicator: 100100,4600,, st: 6 objectClass: person objectClass: uidObject objectClass: organizationalPerson l: alle sn: User von K.H. Ostertag
# search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1
But now, when i use extensible Search like this, i got an error 34 invalid DN syntax. .....uid:caseExactMatch:u4711....
ldapsearch -H ldap://10.1.23.15:3389 -x -b uid:caseExactMatch:u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de
# extended LDIF # # LDAPv3 # base uid:caseExactMatch:=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de with scope subtree # filter: (objectclass=*) # requesting: ALL #
# search result search: 2 result: 34 Invalid DN syntax text: invalid DN
Your search base is wrong. Extensible search defines a search filter, not a search base. ldapsearch -x -b "ou=SI,ou=Benutzer,..." -s one "uid:caseExactmatch:=u4711"
will do the trick.
-Dieter