[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: space in filter?

To: Tobias Hofmann <tobias.hofmann@medien.uni-weimar.de>
Subject: Re: space in filter?
From: "Pierangelo Masarati" <masarati@aero.polimi.it>
Date: Wed, 28 Aug 2002 15:51:52 +0000
Cc: openldap-software@OpenLDAP.org
In-reply-to: <5.1.0.14.2.20020828150606.023e6de8@mailgate.uni-weimar.de>
References: <5.1.0.14.2.20020828150606.023e6de8@mailgate.uni-weimar.de>

Tobias Hofmann writes:

Hi there,

I am new to the list, since I just starting setting up and using OpenLDAP some weeks ago. Current setup is openldap2-2.0.12-33 (latest version available as rpm by Suse for 7.3) on Suse 7.3.

Most things I need seem to run fine, Samba authenticates against LDAP, my only problem I have is a commercial application sending a request for group membership authentication like this:

[output from starting using /usr/lib/openldap/slapd -f /etc/openldap/slapd.conf -d 255]

[...] filter: (&(objectClass=posixGroup) #line-break by me... (memberUid=uid=hofmann9,ou=Users, dc=medien,dc=uni-weimar,dc=de)) [...]

Please notice the leading space before "dc=medien,dc=..."

This leads to the fact that an entry like the following is not found, since there is no such space before dc=medien,...:

dn: cn=CMS Administrator, ou=Groups, dc=medien,dc=uni-weimar,dc=de gidNumber: 1000 memberUid: uid=hofmann9,ou=Users,dc=medien,dc=uni-weimar,dc=de objectClass: posixGroup cn: CMS Administrator

My questions are the following - I have googled and checked this lists archive but have not found the answers - all pointers to rtfm are welcome:

- Is such a search request considered valid, or should there be no such spaces before the search base entry? Reading RFC 2254 did not help me very much on this...

It should

- Should then OpenLDAP still find an entry as shown above?

yes

Would an update help me?

The point is that dn matching and so in OpenLDAP has always been made against "naively" normalized DNs until 2.1, where it became consistent with standard track docs. I can't recall significant improvements in 2.0.X (an upgrade is definitely recommended, anyway); at some point 2.0 became able to correctly handle extra-spaces in DNs in ACLs and other places, but I'm not sure about filters (note that extra spaces are deprecated, anyway)

I try to keep the installation of this server as close to Suses standard rpms as possible to facilitate managebility, which is why I have not yet updated to the current stable (?) 2.0.25, especially as I would like to know "whose fault it is"... :)

Pierangelo

Dr. Pierangelo Masarati | voice: +39 02 2399 8309 Dip. Ing. Aerospaziale | fax: +39 02 2399 8334 Politecnico di Milano | mailto:pierangelo.masarati@polimi.it via La Masa 34, 20156 Milano, Italy | http://www.aero.polimi.it/~masarati

Follow-Ups:
- Re: space in filter?
  - From: Tobias Hofmann <tobias.hofmann@medien.uni-weimar.de>

References:
- space in filter?
  - From: Tobias Hofmann <tobias.hofmann@medien.uni-weimar.de>

Prev by Date: unsubsribe
Next by Date: RE: Index repair after power outage
Index(es):
- Chronological
- Thread