[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: a quick question
Kurt D. Zeilenga wrote:
> At 10:47 PM 6/26/00 +0000, Terry Lambert wrote:
> >> > But when I have someone to do the same thing it
> >> > says no object found. Do they have to do something in
> >> > order to read my stuff or did I forgot to do something?
> >
> >They probably built their ldapsearch with a different
> >base DN; the base DN is compiled into the binary.
>
> With OpenLDAP 1.x, no base DNs are compiled into the binary.
> The user just needs to use -b baseDN or specify a default
> baseDN via ldap.conf(5).
OK; let me ammend this:
They probably need to edit their ldap.conf on the remote
machine that's having the problem to match that on the
machine that's not having a problem.
8-).
> >This should really go away, and the binary should
> >determine the base DN programatically by querying the
> >directory, since this is easy to do for both LDAPv2
> >and LDAPv3 servers.
>
> Actually, LDAPv2 provide any discovery mechanism. And
> with LDAPv3, you likely would have to prompt the user to
> select one of many values of the root DSE's namingContext
> attribute (assuming it was readable)... and even then, these
> may not be the appropriate base DNs for general use.
Actually, this was the first real LDAP question that I
asked: how to get the base DN on an LDAPv2 server. I
got this answer from Gordon Good:
| For a v2 server, you can try retrieving the entry whose
| DN is "cn=config", as follows:
|
| ldap_search_s( ld, "cn=config", LDAP_SCOPE_BASE,
| "(objectclass=*)", attrs, 0, &res );
|
| Where "attrs" might be:
|
| char *attrs[] = { "database", NULL };
The UNIX command line to get the information is:
ldapsearch -s base -b "cn=config" "(objectclass=*)"
For UMICH, you had to enable a compilation option to get the
"monitor" stuff enabled to get this. I think it should be
"on" by default.
PS: We seem to be having a lot of people talking about LDAP
recently. It might be worthwhile thinking about creating a
user group in the Bay area, or at least confiscating a group
meeting at BayLISA or the FreeBSD or Linux user groups one
of these days...
Regards,
-- Terry Lambert
-- Whistle Communications, Inc., an I.B.M. Company
-- terry@whistle.com
-------------------------------------------------------------------
This is formal notice under California Assembly Bill 1629, enacted
9/26/98 that any UCE sent to my email address will be billed $50
per incident to the legally allowed maximum of $25,000.