4:38 a.m.
Hello,
we use OpenLdap 2.3.38 on Solaris 10 (note we run openldap on high-Port,
so ldap can run as a "normal" user, without root-rights)
While the uid is not case-sensitiv, i want to search with an extensible
search (e.g. in RFC 2254 desribed), in the hope that Apache this also can
in the AuthLdapUrl Directive. But first, i try from console with
ldapsearch
But this ends with an Error-Code 34 invalid DN syntax
Whats wrong ? Do extended search work correct in openldap, or whats the
Error ?
First,when i try a "normal" search like this, it works fine .. an extended
not
1. ldapsearch -H ldap://10.11.12.15:2389 -x -b
uid=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de
2. ldapsearch -H ldap://10.11.12.15:3389 -x -b
uid:caseExactMatch:u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de
Response from 1.
# extended LDIF
#
# LDAPv3
# base <uid=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de> with
scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# u4711, SI, Benutzer, sparkassen-informatik.de
dn: uid=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de
cn: u4711
destinationIndicator: 100100,4600,,
st: 6
objectClass: person
objectClass: uidObject
objectClass: organizationalPerson
l: alle
sn: User von K.H. Ostertag
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
But now, when i use extensible Search like this, i got an error 34 invalid
DN syntax. .....uid:caseExactMatch:u4711....
ldapsearch -H ldap://10.1.23.15:3389 -x -b
uid:caseExactMatch:u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de
# extended LDIF
#
# LDAPv3
# base
<uid:caseExactMatch:=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de>
with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 2
result: 34 Invalid DN syntax
text: invalid DN
# numResponses: 1
And here is the Entry in LDIF-Format for this Test-User
dn: uid=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de
cn: u4711
uid: u4711
description: ServiceView-Nutzer
userPassword:: e2NyedsfWERWER1Nk1Sd2VldzlnOC4=
destinationIndicator: 100100,4600,,
st: 6
street: 1146137613
objectClass: person
objectClass: uidObject
objectClass: organizationalPerson
structuralObjectClass: organizationalPerson
entryUUID: 676dba36-6a2d-102a-99f4-a3736da85288
creatorsName: cn=Manager,dc=sparkassen-informatik,dc=de
createTimestamp: 20060427113433Z
l: alle
sn: Test-User von K.H. Ostertag
entryCSN: 20060530041127Z#000001#00#000000
modifiersName: cn=Manager,dc=sparkassen-informatik,dc=de
modifyTimestamp: 20060530041137Z
6:59 a.m.
New subject: extended / extensible search / in 2.3.38 ends with error code 34 invalid DN syntax [Virus checked]
ems(a)sparkassen-informatik.de writes:
Hello,
we use OpenLdap 2.3.38 on Solaris 10 (note we run openldap on high-Port, so ldap can run
as a "normal" user, without
root-rights)
While the uid is not case-sensitiv, i want to search with an extensible search (e.g. in
RFC 2254 desribed), in the
hope that Apache this also can in the AuthLdapUrl Directive. But first, i try from
console with ldapsearch
But this ends with an Error-Code 34 invalid DN syntax
Whats wrong ? Do extended search work correct in openldap, or whats the Error ?
First,when i try a "normal" search like this, it works fine .. an extended not
1. ldapsearch -H ldap://10.11.12.15:2389 -x -b
uid=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de
2. ldapsearch -H ldap://10.11.12.15:3389 -x -b
uid:caseExactMatch:u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc
=de
Response from 1.
# extended LDIF
#
# LDAPv3
# base <uid=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de> with scope
subtree
# filter: (objectclass=*)
# requesting: ALL
#
# u4711, SI, Benutzer, sparkassen-informatik.de
F> dn:
uid=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de
cn: u4711
destinationIndicator: 100100,4600,,
st: 6
objectClass: person
objectClass: uidObject
objectClass: organizationalPerson
l: alle
sn: User von K.H. Ostertag
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
But now, when i use extensible Search like this, i got an error 34 invalid DN syntax.
.....uid:caseExactMatch:u4711....
ldapsearch -H ldap://10.1.23.15:3389 -x -b
uid:caseExactMatch:u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de
# extended LDIF
#
# LDAPv3
# base <uid:caseExactMatch:=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de>
with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 2
result: 34 Invalid DN syntax
text: invalid DN
Your search base is wrong. Extensible search defines a search filter,
not a search base.
ldapsearch -x -b "ou=SI,ou=Benutzer,..." -s one
"uid:caseExactmatch:=u4711"
will do the trick.
-Dieter
--
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6
5915
days inactive
5915
days old
openldap-software@openldap.org
1 comments
2 participants
participants (2)
-
Dieter Kluenter -
ems@Sparkassen-Informatik.de