[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: 2.2.15 proxy database ldap
On my proxy:
#ldapsearch -x -h localhost -b "O=PIPO"
# extended LDIF
#
# LDAPv3
# base <O=PIPO> with scope sub
# filter: (objectclass=*)
# requesting: ALL
#
# PIPO
dn: o=PIPO
dc: pipo.fr
o: PIPO
# TEST, PIPO
dn: cn=TEST, o=PIPO
cn: TEST
sn: TEST
mail: test@pipo.fr
# search result
search: 2
result: 0 Success
# numResponses: 3
# numEntries: 2
On my ldap's server:
# ldapsearch -x -h localhost -b "O=PIPO"
version: 2
#
# filter: (objectclass=*)
# requesting: ALL
#
# PIPO
dn: o=PIPO
objectClass: Domain
objectClass: Organization
dc: pipo.fr
o: PIPO
# TEST, PIPO
dn: cn=TEST, o=PIPO
cn: TEST
objectClass: Person
login: test
sn: TEST
mail: test@pipo.fr
display-name: TEST
# search result
search: 2
result: 0 Success
# numResponses: 3
# numEntries: 2
-----Message d'origine-----
De : Pierangelo Masarati [mailto:ando@sys-net.it]
Envoyé : lundi 20 septembre 2004 12:37
À : Jean-Jacques Siquet
Cc : openldap-software@openldap.org
Objet : RE: 2.2.15 proxy database ldap
Importance : Haute
What if you directly search the remote server with the same filter?
p.
> On my proxy:
>
> conn=0 fd=7 ACCEPT from IP=127.0.0.1:60791 (IP=0.0.0.0:389)
> conn=0 op=0 BIND dn="" method=128
> conn=0 op=0 RESULT tag=97 err=0 textconn=0 op=1 SRCH base="o=PIPO" scope=2
> deref=0 filter="(objectClass=*)"
> request 1 done
> request 2 done
> conn=0 op=1 SEARCH RESULT tag=101 err=0 nentries=2 textconn=0 op=2 UNBIND
> conn=0 fd=7 closed
> conn=1 fd=7 ACCEPT from IP=127.0.0.1:60795 (IP=0.0.0.0:389)
> conn=1 op=0 BIND dn="" method=128
> conn=1 op=0 RESULT tag=97 err=0 textconn=1 op=1 SRCH base="o=PIPO" scope=2
> deref=0
> filter="(|(objectClass=organizationalPerson)(objectClass=person))"
> request 3 done
> conn=1 op=1 SEARCH RESULT tag=101 err=0 nentries=0 textconn=1 op=2 UNBIND
> conn=1 fd=7 closed
>
>
> it's not possible to stop the service ldap on my server.
>
>
> -----Message d'origine-----
> De : Pierangelo Masarati [mailto:ando@sys-net.it]
> Envoyé : lundi 20 septembre 2004 12:09
> À : Jean-Jacques Siquet
> Cc : openldap-software@openldap.org
> Objet : RE: 2.2.15 proxy database ldap
> Importance : Haute
>
> Please reply on the list
>
>> How can I have proxy's log?
>
> start the proxy slapd with "-d <X>", see slapd.conf(5), directive
> "loglevel" for details. Although "-1" would yield all the details, it may
> result in too much stuff. I suggest you start with 256 and, if anything
> useful shows up, add other relevant log levels; or work bottom-up: start
> with -1, see where's the problem and isolate the log level that yields the
> relevant info. It is likely that the problem is not with the proxy (which
> simply passes info to the remote server) but with the remote server
> itself; do the same there. I suspect they bot receive a query that's not
> what you expected.
>
> p.
>
>>
>> -----Message d'origine-----
>> De : Pierangelo Masarati [mailto:ando@sys-net.it]
>> Envoyé : lundi 20 septembre 2004 11:19
>> À : Jean-Jacques Siquet
>> Cc : openldap-software@openldap.org
>> Objet : Re: 2.2.15 proxy database ldap
>> Importance : Haute
>>
>>
>>> I would do a proxy ldap, i have compile with this option :
>>>
>>> ./configure --prefix=/usr --sysconfdir=/etc --libexecdir=/usr/sbin
>>> --enable-ldap --disable-bdb
>>
>> just a comment: --enable-ldap does not require to --disable-bdb;
>> it's a choice you explicitly make.
>>
>>>
>>>
>>>
>>> The proxy work but only with defaultfilter (objectclass=*), when i do
>>> with
>>> my Groupware the filter is <
>>> (|(objectclass=organizationalPerson)(objectclass=person)) > and there
>>> are
>>> no
>>> result.
>>
>> I don't because you don't provide any info
>> that could be of help. Can you post the
>> logs of the proxy and those of the remote
>> server at a reasonable level for those
>> operations that succeed and for those that fail?
>>
>> p.
>>
>> --
>> Pierangelo Masarati
>> mailto:pierangelo.masarati@sys-net.it
>>
>>
>> SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax:
>> +390382476497
>>
>>
>>
>>
>
>
> --
> Pierangelo Masarati
> mailto:pierangelo.masarati@sys-net.it
>
>
> SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497
>
>
>
>
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497