Virtual list view problem
by Venish Khant
Hi all
I am using cpan Net::LDAP module to access LDAP entries. I want to
search LDAP entries using Net::LDAP search method. When I do search, I
want some limited number of entries from search result, for
this(searching) process I am using Net::LDAP::Control::VLV module. But
I get error on VLV response control. Please, any one have idea about
this error.
*
Error:* Died at vlv.pl line 50,
This is my example. I changed the font style of line 50
#!/usr/bin/perl -w
use Net::LDAP;
use Net::LDAP::Control::VLV;
use Net::LDAP::Constant qw( LDAP_CONTROL_VLVRESPONSE );
use Net::LDAP::Control::Sort;
sub procentry {
my ( $mesg, $entry) = @_;
# Return if there is no entry to process
if ( !defined($entry) ) {
return;
}
print "dn: " . $entry->dn() . "\n";
@attrs = $entry->attributes();
foreach $attr (@attrs) {
#printf("\t%s: %s\n", $attr, $entry->get_value($attr));
$attrvalue = $entry->get_value($attr,asref=>1);
#print $attr.":". $entry->get_value($attr)."\n";
foreach $value(@$attrvalue) {
print "$attr: $value\n";
}
}
$mesg->pop_entry;
print "\n";
}
$ldap = Net::LDAP->new( "localhost" );
# Get the first 20 entries
$vlv = Net::LDAP::Control::VLV->new(
before => 0, # No entries from before target entry
after => 19, # 19 entries after target entry
content => 0, # List size unknown
offset => 1, # Target entry is the first
);
my $sort = Net::LDAP::Control::Sort->new( order => 'cn' );
@args = ( base => "dc=example,dc=co,dc=in",
scope => "subtree",
filter => "(objectClass=inetOrgPerson)",
callback => \&procentry, # Call this sub for each entry
control => [ $sort, $vlv ],
);
$mesg = $ldap->search( @args );
# Get VLV response control
*($resp) = $mesg->control( LDAP_CONTROL_VLVRESPONSE ) or die;*
$vlv->response( $resp );
# Set the control to get the last 20 entries
$vlv->end;
$mesg = $ldap->search( @args );
# Get VLV response control
($resp) = $mesg->control( LDAP_CONTROL_VLVRESPONSE ) or die;
$vlv->response( $resp );
# Now get the previous page
$vlv->scroll_page( -1 );
$mesg = $ldap->search( @args );
# Get VLV response control
($resp) = $mes
# Now page with first entry starting with "B" in the middle
$vlv->before(9); # Change page to show 9 before
$vlv->after(10); # Change page to show 10 after
$vlv->assert("B"); # assert "B"
$mesg = $ldap->search( @args );g->control( LDAP_CONTROL_VLVRESPONSE ) or
die;
$vlv->response( $resp );
--
Venish Khant
www.deeproot.co.in
7 years, 6 months
dynlist overlay feature request
by Alexander 'Leo' Bergolth
Are there any plans to extend the dynlist overlays dynamic group feature
to return not the DNs of the matched entries but an attribute of the
entries?
This would be useful for defining dynamic groups based on posixGroup
(which need only the username, not the full DN) and populating them with
entries from posixAccounts.
If the dynlist-attrset could be extended by one parameter like:
dynlist-attrset <group-oc> <URL-ad> [<member-ad>] [<result-ad>]
... where the additional parameter specifies the attribute that should
be returned from the search results, a dynamic posixGroup could be
configured like that:
dynlist-attrset myposixGroup memberURL memberUid uid
with a search filter like that:
ldap:///ou=users,dc=local,dc=site??sub?(&(objectClass=posixAccount)(<searchfilter>))
I.e. "take the uid attribute of the matched entries and add them as
memberUid."
Could this extension be easily implemented?
Is there currently any workaround?
E.g. a way to dynamically add a memberUid to each posixAccount that
contains the same data as the uid attribute? If that works, a filter like
ldap:///ou=users,dc=local,dc=site?memberUid?sub?(&(objectClass=posixAccount)(<searchfilter>))
... could work.
Thanks in advance,
--leo
--
e-mail ::: Leo.Bergolth (at) wu.ac.at
fax ::: +43-1-31336-906050
location ::: IT-Services | Vienna University of Economics | Austria
14 years
Help on Replication
by Márcio Luciano Donada
Hi People,
I am doing replication and until yesterday I was doing successfully, but
now to include two new users to master the slave server does not have
the information yet, I'm checking the logs with the following message:
got empty syncUUID with LDAP_SYNC_ADD
configuration of the master server:
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
index entryCSN,entryUUID eq
lastmod on
configuration of the slave server:
syncrepl rid=001
provider=ldap://xxx.xxx.xxx.245
type=refreshOnly
interval=00:00:10:00
searchbase="dc=xxxxxxxxxxxxxx,dc=com,dc=br"
filter="(objectclass=*)"
scope=sub
attrs="*,+"
schemachecking=off
bindmethod=simple
binddn="cn=yyyyyyyyyy,dc=xxxxxxxxxxxx,dc=com,dc=br"
credentials="xxxxxxxxxxxxx"
updateref ldap://xxx.xxx.xxx.245
--
Márcio Luciano Donada <mdonada at auroraalimentos dot com dot br>
Aurora Alimentos - Cooperativa Central Oeste Catarinense
Departamento de T.I.
14 years
nonpresent_callback in syncrepl
by Volker Wetzelaer
> Hi there,
>
> i got a problem with syncrepl, o at least i think it is a problem.
> The consumer runs totally normal for a time and the the logfile shows messages
> like tge following one.
> In fact there are such messages for the whole ldap-entries and the consumer
> does no replication while
> it is "walking" through the database.
>
> Can anyone help me with that and tell me how to avoid ?
> Or is it not a problem at all ?
>
> I got 2 other consumers using exactly the same configuration (apart from the
> rid) ant those servers
> do not show the same problem.
>
> Oct 28 14:22:29 dusradius02-pluto-voip slapd[31908]: nonpresent_callback:
> rid=003 got UUID cf8e7434-574b-102e-9935-cd4b3be449f8, dn
> qscId=616351,dc=radius,dc=123
>
> thanks, volker
>
14 years, 1 month
Re: samba ldap
by Brett Maxfield
The log from samba says ldap: where's your test command says ldaps:
maybe try ldap: from test command in case you only listen for ssl?
On 27/10/2009, at 7:28 PM, Kaushal Shriyan <kaushalshriyan(a)gmail.com>
wrote:
> Hi,
>
> I am following https://help.ubuntu.com/8.10/serverguide/C/samba-ldap.html
> and ldap works perfectly fine.
> I have issues with connecting to ldap from samba.
>
> I get
>
> [2009/10/27 12:37:28, 1] lib/smbldap.c:another_ldap_try(1153)
> Connection to LDAP server failed for the 9 try!
> [2009/10/27 12:37:29, 2] lib/smbldap.c:smbldap_open_connection(786)
> smbldap_open_connection: connection opened
> [2009/10/27 12:37:29, 2] lib/smbldap.c:smbldap_connect_system(982)
> failed to bind to server ldap://localhost/ with
> dn="cn=admin,dc=mt,dc=webaroo,dc=com" Error: Can't contact LDAP server
> (unknown)
>
> I have ldapserver running on the same server as samba server is
> running. when i run ldapsearch -x -H ldaps://localhost. I am able to
> see the user details.
> Please let me know if anyone needs configs and additional information.
> Also when i run smbldap-populate, i get
> http://paste.ubuntu.com/302630/
>
> Thanks,
>
> Kaushal
14 years, 1 month
defining own attributes/class
by Zdenek Styblik
Hello,
I would like to ask, if somebody knows a really good how-to about $subj.
I've read couple books, let's say I'm able to define my own attribute,
even extend some existing object - I think these are no problem, as they
are based on trying right-wrong.
My biggest concern is about numbering [OID/PEN ?]. I've requested PEN
from IANA, no problem here. But how should I divide numbers to
attributes? Does it matter? Can I run out of space? Do something
[utterly] wrong? I just haven't seen this [numbering] explained to the
last bit anywhere. Or may be, I've just read wrong.
I mean, should it be like tree structure and eg. class1 =
prefix.PEN.1.X; class2 = prefix.PEN.2.X; ...; classN = prefix.PEN.N.X; ?
But may be there is no "bigger" sense I'm looking for and incremental
numbering (+1 per attribute) is just enough.
PS: for example, I would like to add JID [jabber ID]/IM [which would
hold whatever Instant Messaging string] attribute and extend
InetOrgPerson with this attribute.
Thanks in advance for explanation/pointing me to the right direction.
Regards,
Zdenek
--
Zdenek Styblik
Net/Linux admin
OS TurnovFree.net
email: stybla(a)turnovfree.net
jabber: stybla(a)jabber.turnovfree.net
14 years, 1 month
samba ldap
by Kaushal Shriyan
Hi,
I am following https://help.ubuntu.com/8.10/serverguide/C/samba-ldap.html
and ldap works perfectly fine.
I have issues with connecting to ldap from samba.
I get
[2009/10/27 12:37:28, 1] lib/smbldap.c:another_ldap_try(1153)
Connection to LDAP server failed for the 9 try!
[2009/10/27 12:37:29, 2] lib/smbldap.c:smbldap_open_connection(786)
smbldap_open_connection: connection opened
[2009/10/27 12:37:29, 2] lib/smbldap.c:smbldap_connect_system(982)
failed to bind to server ldap://localhost/ with
dn="cn=admin,dc=mt,dc=webaroo,dc=com" Error: Can't contact LDAP server
(unknown)
I have ldapserver running on the same server as samba server is
running. when i run ldapsearch -x -H ldaps://localhost. I am able to
see the user details.
Please let me know if anyone needs configs and additional information.
Also when i run smbldap-populate, i get
http://paste.ubuntu.com/302630/
Thanks,
Kaushal
14 years, 1 month
Making copies of attribute values
by Ravi Verma
Dear Friends,
I have a need to extend an LDAP schema by adding an attribute and copy the
value from an existing attribute to it. We need to keep the two copies of
the attribute values in synch. It is a kind of replication where it is
replicating one attribute into another in the same record.
I appreciate your help.
--
Kind regards.
Ravi Verma
Chief Executive Officer
Telecommand Software and Services
3175 Sunset Blvd, Suite 104-B
Rocklin, CA 95677
Phone:9167053261
Fax:9169142008
www.telecommand.com
14 years, 1 month
