RE: Getting Solaris to use Openldap

[Stuart Cherrington <stuart_cherrington@hotmail.co.uk>]

> > >
> > > What are the searches being run (from your slapd.log)?
> > >
> >
> > The ldap.log contains
> >
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]: connection_get(21)
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]: SRCH "" 0 3
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]: 0 30 0
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]: filter: (objectClass=*)
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]: attrs:
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]: namingcontexts
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]:
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]: send_ldap_result: err=0
> > matched="" text=""
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]: connection_get(21)
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]: connection_get(21)
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]: SRCH "dc=ldn,dc=sw,dc=com" 2 3
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]: 0 30 0
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]: filter:
> > (&(objectClass=nisDomainObject)(nisDomain=ldn.sw.com))
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]: attrs:
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]:
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]: send_ldap_result: err=32
> > matched="" text=""
> > Aug 27 12:36:24 msldap01 slapd2.4[22363]: connection_get(21)
> >
> So that one failed with LDAP_NO_SUCH_OBJECT (err=32).


OOI - How do you know err=32 means LDAP_NO_SUCH_OBJECT?


>
> > Which balances out your next statement :-)
> >
> > > Do the work?
> > >
> > > The first search '(&(objectClass=nisDomainObject)(nisDomain=your
> > > domain')) should return your nisDomain, the next the profile.
> >
> > I think I got the query syntax correct on the query
> >
> > [root@msldap01 ~]# ldapsearch2.4 -h 10.2.250.15 -D
> > cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com -w xxxxx-b
> > dc=ldn,dc=sw,dc=com
> > "(&(objectClass=nisDomainObject)(nisDomain=ldn.sw.com))"
>
> Just -h 10.2.250.15 -x -b 'dc=ldn,dc=sw,dc=com'
> "(&(objectClass=nisDomainObject)(nisDomain=ldn.sw.com))" should match
> the scripted search.
>

OK - I ran

ldapsearch2.4 -h 10.2.250.15 -D cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com -w xxxxx -x -b 'dc=ldn,dc=sw,dc=com'

It showed me everything in the LDAP tree, Last few lines are

# search result
search: 2
result: 0 Success

# numResponses: 310
# numEntries: 309

Which seems to work OK.

The log output says

Aug 31 09:38:00 msldap01 slapd2.4[22363]: connection_get(21)
Aug 31 09:38:00 msldap01 slapd2.4[22363]: ==> bdb_bind: dn: cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com
Aug 31 09:38:00 msldap01 slapd2.4[22363]: send_ldap_result: err=0 matched="" text=""
Aug 31 09:38:00 msldap01 slapd2.4[22363]: connection_get(21)
Aug 31 09:38:00 msldap01 slapd2.4[22363]: SRCH "dc=ldn,dc=sw,dc=com" 2 0
Aug 31 09:38:00 msldap01 slapd2.4[22363]:     0 0 0
Aug 31 09:38:00 msldap01 slapd2.4[22363]:     filter: (objectClass=*)
Aug 31 09:38:00 msldap01 slapd2.4[22363]:     attrs:
Aug 31 09:38:00 msldap01 slapd2.4[22363]:
Aug 31 09:38:00 msldap01 slapd2.4[22363]: connection_get(21)
Aug 31 09:38:00 msldap01 slapd2.4[22363]: send_ldap_result: err=0 matched="" text=""
Aug 31 09:38:01 msldap01 slapd2.4[22363]: connection_get(21)


> > # extended LDIF
> > #
> > # LDAPv3
> > # base <dc=ldn,dc=sw,dc=com> with scope subtree
> > # filter: (&(objectClass=nisDomainObject)(nisDomain=ldn.sw.com))
> > # requesting: ALL
> > #
> >
> > # ldn.sw.com
> > dn: dc=ldn,dc=sw,dc=com
>
> and that one worked. Compare the log entry for the manual search with
> the scripted one.
>
> --
> Ian.
>