Menu
▾
▴
perl-ldap-dev
You can subscribe to this list here.
| 2000 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(200) |
Jun
(129) |
Jul
(184) |
Aug
(204) |
Sep
(106) |
Oct
(79) |
Nov
(72) |
Dec
(54) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2001 |
Jan
(83) |
Feb
(123) |
Mar
(84) |
Apr
(184) |
May
(106) |
Jun
(111) |
Jul
(104) |
Aug
(91) |
Sep
(59) |
Oct
(99) |
Nov
(100) |
Dec
(37) |
| 2002 |
Jan
(148) |
Feb
(88) |
Mar
(85) |
Apr
(151) |
May
(80) |
Jun
(110) |
Jul
(85) |
Aug
(43) |
Sep
(64) |
Oct
(89) |
Nov
(59) |
Dec
(42) |
| 2003 |
Jan
(129) |
Feb
(104) |
Mar
(162) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Pythagoras W. <py...@ec...> - 2000-05-09 05:41:10
|
On Mon, May 08, 2000 at 10:07:48PM +0100, Graham Barr wrote:
:On Mon, May 08, 2000 at 09:40:09PM +0100, Steve Haslam wrote:
:> On Mon, May 08, 2000 at 09:27:54PM +0100, Graham Barr wrote:
:> > On Mon, May 08, 2000 at 09:08:27PM +0100, Steve Haslam wrote:
:> > > Also, sometimes I get the "$ldap received:" message and then no hex
:> > > dump. Particularly if I'm requesting a large value (jpegPhoto
:> > > attributes for instance).
:> >
:> > Hm, does this happen if you changed to using asn_read ?
:>
:> If I change asn_recv to asn_read then it hangs before printing that
:> "$ldap received:" message.
:
:Is that with the patch from sourceforge ?
:
:Hm, that is because asn_recv is returning too early, but asn_read is waiting
:for more data. THis is exactly whay someone else reported on NT. The
:server says that it has sent the data.
:
:Now we know it is not platform specific.
:
:If anyone can help track this one down I would be very grateful as I
:have been unable to reproduce it.
I have attached a script that can be used to cause this problem.
Basically, the script sits between your client and the LDAP server.
Client requests are sent to the server. Server responses are sent to
the client, but are split into small packets that arrive slowly. This
causes asn_recv() to enter this "if" statement:
74 if ($len > length $buf) {
75 # Cannot get whole element
76 $_[1]='';
77 return $peer;
78 }
In my test, I ended up with a "$len=14", but "length $buf = 2".
Since $peer is defined, the call to asn_recv in LDAP.pm succeeds:
571 defined asn_recv($sock, $pdu, 0)
but $pdu is the empty string (from the "$_[1]=''" above). The debug
code happily prints out nothing but the "$ldap received:" message [1],
and then the call to decode:
586 my $result = $LDAPResponse->decode($pdu)
fails causing an LDAP_DECODING_ERROR to be returned:
572 or return LDAP_OPERATIONS_ERROR;
Normally, this is hard to notice, since packets usually arrive before
they need to be processed and/or an "LDAP" packet is completely
contained in a TCP packet. Note the openldap's ldapsearch does
succeed even with the really small buffer size of two.
Also, asn_recv goes into an infinite loop if you uncomment the XXX
line in my script. With warnings on it prints:
Use of uninitialized value at \
/opt/perl/lib/site_perl/5.00557/Convert/ASN1/IO.pm line 45.
Out of memory!
-Py
[1] See the attached patch for a minor recommendation that might have
made this a bit more obvious to notice.
--
Py (Amateur Radio: KF6WFP) -- 3.141592653589793238462643383...
Pythagoras Watson -- "Live long and may all your kernels pop."
=== py...@cs... ==== http://www.ecst.csuchico.edu/~py/ ===
|
|
From: Graham B. <gb...@po...> - 2000-05-08 21:09:53
|
On Mon, May 08, 2000 at 09:40:09PM +0100, Steve Haslam wrote: > On Mon, May 08, 2000 at 09:27:54PM +0100, Graham Barr wrote: > > On Mon, May 08, 2000 at 09:08:27PM +0100, Steve Haslam wrote: > > > On Mon, May 08, 2000 at 07:49:24PM +0100, Graham Barr wrote: > > > Hm, upon trying again, it did give me an entry but then > > > blocked... According to truss it's blocking in recvfrom()... > > > > Well if the search is not complete and there are no entries in the queue > > then it will block for the next entry. > > But the search *is* complete- in a test case it's returned the one > entry it should and then blocked... > > Hm, I didn't check whether the server had logged it as being complete... > > OK, I'm doing: > > bash$ perl5.00503 -Iblib/lib -l -MData::Dumper -MNet::LDAP -MNet::LDAP::LDIF -e '$ldap = Net::LDAP->new(q[ldap0.london.excite.com], debug => 3); $ldap->bind; $sr = $ldap->search(filter => q[(uid=shaslam)], base => q[ou=people, o=excite, c=gb], attrs => [qw(cn)]); while ($entry = $sr->shift_entry) { print $entry->dn; }' OK, in this case the search has completed. Hm, it should return undef after the one entry. > > > Also, sometimes I get the "$ldap received:" message and then no hex > > > dump. Particularly if I'm requesting a large value (jpegPhoto > > > attributes for instance). > > > > Hm, does this happen if you changed to using asn_read ? > > If I change asn_recv to asn_read then it hangs before printing that > "$ldap received:" message. Is that with the patch from sourceforge ? Hm, that is because asn_recv is returning too early, but asn_read is waiting for more data. THis is exactly whay someone else reported on NT. The server says that it has sent the data. Now we know it is not platform specific. If anyone can help track this one down I would be very grateful as I have been unable to reproduce it. Graham. |
|
From: Steve H. <ste...@ex...> - 2000-05-08 20:40:36
|
On Mon, May 08, 2000 at 09:27:54PM +0100, Graham Barr wrote: > On Mon, May 08, 2000 at 09:08:27PM +0100, Steve Haslam wrote: > > On Mon, May 08, 2000 at 07:49:24PM +0100, Graham Barr wrote: > > Hm, upon trying again, it did give me an entry but then > > blocked... According to truss it's blocking in recvfrom()... > > Well if the search is not complete and there are no entries in the queue > then it will block for the next entry. But the search *is* complete- in a test case it's returned the one entry it should and then blocked... Hm, I didn't check whether the server had logged it as being complete... OK, I'm doing: bash$ perl5.00503 -Iblib/lib -l -MData::Dumper -MNet::LDAP -MNet::LDAP::LDIF -e '$ldap = Net::LDAP->new(q[ldap0.london.excite.com], debug => 3); $ldap->bind; $sr = $ldap->search(filter => q[(uid=shaslam)], base => q[ou=people, o=excite, c=gb], attrs => [qw(cn)]); while ($entry = $sr->shift_entry) { print $entry->dn; }' and I get: Net::LDAP=HASH(0xc0a44) sending: 30 0C 02 01 01 60 07 02 01 02 04 00 80 00 __ __ 0....`........ Net::LDAP=HASH(0xc0a44) received: 30 0C 02 01 01 61 07 0A 01 00 04 00 04 00 __ __ 0....a........ Net::LDAP=HASH(0xc0a44) sending: 30 45 02 01 02 63 40 04 19 6F 75 3D 70 65 6F 70 0E...c@..ou=peop 6C 65 2C 20 6F 3D 65 78 63 69 74 65 2C 20 63 3D le, o=excite, c= 67 62 0A 01 02 0A 01 02 02 01 00 02 01 00 01 01 gb.............. 00 A3 0E 04 03 75 69 64 04 07 73 68 61 73 6C 61 .....uid..shasla 6D 30 04 04 02 63 6E __ __ __ __ __ __ __ __ __ m0...cn Net::LDAP=HASH(0xc0a44) received: 30 45 02 01 02 64 40 04 26 75 69 64 3D 73 68 61 0E...d@.&uid=sha 73 6C 61 6D 2C 20 6F 75 3D 50 65 6F 70 6C 65 2C slam, ou=People, 20 6F 3D 45 78 63 69 74 65 2C 20 63 3D 47 42 30 o=Excite, c=GB0 16 30 14 04 02 63 6E 31 0E 04 0C 53 74 65 76 65 .0...cn1...Steve 20 48 61 73 6C 61 6D __ __ __ __ __ __ __ __ __ Haslam Net::LDAP=HASH(0xc0a44) received: 30 0C 02 01 02 65 07 0A 01 00 04 00 04 00 __ __ 0....e........ uid=shaslam, ou=People, o=Excite, c=GB and it blocks, and the server log contains: May 8 21:35:48 vertex slapd[28859]: conn=789 fd=7 connection from box.london.excite.com (194.216.238.12) accepted. May 8 21:35:48 vertex slapd[9067]: conn=789 op=0 BIND dn="" method=128 May 8 21:35:48 vertex slapd[9067]: conn=789 op=0 RESULT err=0 tag=97 nentries=0 May 8 21:35:48 vertex slapd[9068]: conn=789 op=1 SRCH base="OU=PEOPLE,O=EXCITE,C=GB" scope=2 filter="(uid=SHASLAM)" May 8 21:35:48 vertex slapd[9068]: conn=789 op=1 RESULT err=0 tag=101 nentries=1 I hit C-c and it logs: May 8 21:36:09 vertex slapd[28859]: conn=789 op=-1 fd=7 closed errno=0 > > Also, sometimes I get the "$ldap received:" message and then no hex > > dump. Particularly if I'm requesting a large value (jpegPhoto > > attributes for instance). > > Hm, does this happen if you changed to using asn_read ? If I change asn_recv to asn_read then it hangs before printing that "$ldap received:" message. SRH -- Steve Haslam, Production Engineer, Excite UK ste...@ex... father, we're so close to death, you told us this time would come we were full of scorn, now we see the wrong deeds bloom you told us that we were wrong |
|
From: Graham B. <gb...@po...> - 2000-05-08 20:30:07
|
On Mon, May 08, 2000 at 09:08:27PM +0100, Steve Haslam wrote: > On Mon, May 08, 2000 at 07:49:24PM +0100, Graham Barr wrote: > > The problem is that on Solaris recv will not always return the address > > of the sender if the socket is connected. The fix for this is that > > in Net::LDAP where is uses asn_recv it should have a defined check on the > > result. > > > > The CVS respository on sourceforge has this fix. There is also a patch > > at http://download.sourceforge.net/perl-ldap > > Ah, thanks... > > OK, I still get a problem with 0.16 over 0.13. I can't use > $sr->shift_entry. I can do > > foreach $entry ($sr->entries) { ... } > > but not > > while ($entry = $sr->shift_entry) { ... } > > Hm, upon trying again, it did give me an entry but then > blocked... According to truss it's blocking in recvfrom()... Well if the search is not complete and there are no entries in the queue then it will block for the next entry. > Also, sometimes I get the "$ldap received:" message and then no hex > dump. Particularly if I'm requesting a large value (jpegPhoto > attributes for instance). Hm, does this happen if you changed to using asn_read ? Graham. |
|
From: Steve H. <ste...@ex...> - 2000-05-08 20:08:56
|
On Mon, May 08, 2000 at 07:49:24PM +0100, Graham Barr wrote: > The problem is that on Solaris recv will not always return the address > of the sender if the socket is connected. The fix for this is that > in Net::LDAP where is uses asn_recv it should have a defined check on the > result. > > The CVS respository on sourceforge has this fix. There is also a patch > at http://download.sourceforge.net/perl-ldap Ah, thanks... OK, I still get a problem with 0.16 over 0.13. I can't use $sr->shift_entry. I can do foreach $entry ($sr->entries) { ... } but not while ($entry = $sr->shift_entry) { ... } Hm, upon trying again, it did give me an entry but then blocked... According to truss it's blocking in recvfrom()... Also, sometimes I get the "$ldap received:" message and then no hex dump. Particularly if I'm requesting a large value (jpegPhoto attributes for instance). SRH -- Steve Haslam, Production Engineer, Excite UK ste...@ex... i sit and stare at the gun pointed at my head and think about all the possibilities |
|
From: Graham B. <gb...@po...> - 2000-05-08 18:51:26
|
The problem is that on Solaris recv will not always return the address of the sender if the socket is connected. The fix for this is that in Net::LDAP where is uses asn_recv it should have a defined check on the result. The CVS respository on sourceforge has this fix. There is also a patch at http://download.sourceforge.net/perl-ldap Graham. On Mon, May 08, 2000 at 06:19:27PM +0100, Steve Haslam wrote: > On Mon, May 08, 2000 at 06:04:40PM +0100, Steve Haslam wrote: > > On Mon, May 08, 2000 at 05:50:47PM +0100, Steve Haslam wrote: > > > I'm having trouble with Net::LDAP 0.16 on Solaris (SunOS box 5.7 > > > Generic_106541-02 sun4u sparc SUNW,Ultra-5_10). It appears to compile > > > fine, but I can't get the test suite to pass. > > > Net::LDAP=HASH(0xc0a44) sending: > > > > > > 30 0C 02 01 01 60 07 02 01 02 04 00 80 00 __ __ 0....`........ > > > > > > bind: Server encountered an internal error > > > > Hm, using asn_read() instead of asn_recv() in Net/LDAP.pm seems to fix > > it. Maybe (Solaris 7|my Perl installation) doesn't like using > > MSG_PEEK? > > Attached is a version of t/07io.t from Convert::ASN1 that fails on my > machine until I change asn_recv to asn_read for the TCP socket... > > SRH > -- > Steve Haslam, Production Engineer, Excite UK ste...@ex... > there is no life worth living when you can't explore the mind > and all the losing souls will stay behind remaining blind |
|
From: Steve H. <ste...@ex...> - 2000-05-08 17:19:52
|
On Mon, May 08, 2000 at 06:04:40PM +0100, Steve Haslam wrote:
> On Mon, May 08, 2000 at 05:50:47PM +0100, Steve Haslam wrote:
> > I'm having trouble with Net::LDAP 0.16 on Solaris (SunOS box 5.7
> > Generic_106541-02 sun4u sparc SUNW,Ultra-5_10). It appears to compile
> > fine, but I can't get the test suite to pass.
> > Net::LDAP=HASH(0xc0a44) sending:
> >
> > 30 0C 02 01 01 60 07 02 01 02 04 00 80 00 __ __ 0....`........
> >
> > bind: Server encountered an internal error
>
> Hm, using asn_read() instead of asn_recv() in Net/LDAP.pm seems to fix
> it. Maybe (Solaris 7|my Perl installation) doesn't like using
> MSG_PEEK?
Attached is a version of t/07io.t from Convert::ASN1 that fails on my
machine until I change asn_recv to asn_read for the TCP socket...
SRH
--
Steve Haslam, Production Engineer, Excite UK ste...@ex...
there is no life worth living when you can't explore the mind
and all the losing souls will stay behind remaining blind
|
|
From: Steve H. <ste...@ex...> - 2000-05-08 17:05:08
|
On Mon, May 08, 2000 at 05:50:47PM +0100, Steve Haslam wrote:
> I'm having trouble with Net::LDAP 0.16 on Solaris (SunOS box 5.7
> Generic_106541-02 sun4u sparc SUNW,Ultra-5_10). It appears to compile
> fine, but I can't get the test suite to pass.
> Net::LDAP=HASH(0xc0a44) sending:
>
> 30 0C 02 01 01 60 07 02 01 02 04 00 80 00 __ __ 0....`........
>
> bind: Server encountered an internal error
Hm, using asn_read() instead of asn_recv() in Net/LDAP.pm seems to fix
it. Maybe (Solaris 7|my Perl installation) doesn't like using
MSG_PEEK?
SRH
--
Steve Haslam, Production Engineer, Excite UK ste...@ex...
there is no life worth living when you can't explore the mind
and all the losing souls will stay behind remaining blind
|
|
From: Steve H. <ste...@ex...> - 2000-05-08 16:51:13
|
Hi, I'm having trouble with Net::LDAP 0.16 on Solaris (SunOS box 5.7 Generic_106541-02 sun4u sparc SUNW,Ultra-5_10). It appears to compile fine, but I can't get the test suite to pass. I did some experimenting and got this (sorry about the hideous test command!): bash$ perl5.00503 -Iblib/lib -MNet::LDAP -MNet::LDAP::Util -MNet::LDAP::LDIF -e '$ldap = Net::LDAP->new(q[ldap0.london.excite.com], debug => 3); $br = $ldap->bind; $br->code && die q[bind: ].Net::LDAP::Util::ldap_error_text($br->code); $sr = $ldap->search(filter => q[(uid=shaslam)], base => q[ou=People,o=Excite,c=GB], attrs => [qw(cn)]); $sr->code && die q[search: ].Net::LDAP::Util::ldap_error_text($sr->code); $count = $sr->count; print qq[$sr, $count results\n]; $ldif = new Net::LDAP::LDIF(\*STDOUT, q[w]); $ldif->write($sr->entries)' Net::LDAP=HASH(0xc0a44) sending: 30 0C 02 01 01 60 07 02 01 02 04 00 80 00 __ __ 0....`........ bind: Server encountered an internal error ldap0.london.excite.com is running OpenLDAP 1.2.10 Similarly, when I try to run t/50populate, I get: 1..44 ok 1 #1 not ok 2 ok 3 ok 4 #1 which afaict means essentially the same thing. I get just the same results with Perl 5.6.0 as with 5.00503. Net::LDAP 0.13 works fine. On my Linux machine (Linux hell 2.2.14 #1-DellLatCPi Sun Mar 19 17:26:31 GMT 2000 i686 unknown) the same command gives: Net::LDAP=HASH(0x80cb8fc) received: 30 0C 02 01 01 61 07 0A 01 00 04 00 04 00 __ __ 0....a........ Net::LDAP=HASH(0x80cb8fc) sending: [more stuff...] instead of the bind error. Has anyone else had this? I don't know enough about the innards of Net::LDAP to know precisely where to look, but it returning an internal server error before receiving any data suggests there's a problem in the receiver select() loop? SRH -- Steve Haslam, Production Engineer, Excite UK ste...@ex... father, we're so close to death, you told us this time would come we were full of scorn, now we see the wrong deeds bloom you told us that we were wrong |
|
From: Graham B. <gb...@po...> - 2000-05-08 09:32:28
|
On Mon, May 08, 2000 at 10:00:56AM +0100, Chris Ridd wrote: > On Mon, 08 May 2000 12:06:46 +1000, David Bussenschutt wrote: > > $result ->code returns..... > > > > just let me check.... > > > > error code 2. (on add and delete) - what does error code 2 mean? > > > > David. > > > > "Protocol error". Hm.. Protocol error is usually a problem in Net::LDAP somewhere. Either we have sent a bad PDU or got one back. Or if there is a problem reading one asn_recv may return an empty PDU which will result in this too. It needs further investigation, with debug turned on, to determine where the real problem lies. Graham. |
|
From: Chris R. <Chr...@me...> - 2000-05-08 09:04:39
|
On Mon, 08 May 2000 12:06:46 +1000, David Bussenschutt wrote: > $result ->code returns..... > > just let me check.... > > error code 2. (on add and delete) - what does error code 2 mean? > > David. > "Protocol error". Hm.. You can find out from RFC 2252, just do a search for 'resultCode'. Or use Net::LDAP::Util::ldap_error_name($result->code) Cheers, Chris |
|
From: Graham B. <gb...@po...> - 2000-05-08 08:06:12
|
Net::LDAP::Util will help you determine what the error codes mean. Error code 2 is LDAP_PROTOCOL_ERROR and now I am wondering if you have hit the same problem as someone else I have been talking to. What platforms are you running on and what is the server you are talking to ? Graham. On Mon, May 08, 2000 at 12:06:46PM +1000, David Bussenschutt wrote: > $result ->code returns..... > > just let me check.... > > error code 2. (on add and delete) - what does error code 2 mean? > > David. > > At 09:17 AM 5/5/00 +0100, Graham Barr wrote: > >On Fri, May 05, 2000 at 02:10:05PM +1000, David Bussenschutt wrote: > >> Howdy, > >> Using the following code, I found that for creating users in a batch like > >> this, I get $result->code reporting that the 'add' failed after 125 users > >> are created. > >> (from 126 to 150, all are reported as 'failed' even thought they are > created.) > >> Interestingly though, the users are actually added to the ldap database > >> successfully. > > > >What value do you get from $result->code ? |
|
From: David B. <D.B...@ma...> - 2000-05-08 02:06:34
|
$result ->code returns.....
just let me check....
error code 2. (on add and delete) - what does error code 2 mean?
David.
At 09:17 AM 5/5/00 +0100, Graham Barr wrote:
>On Fri, May 05, 2000 at 02:10:05PM +1000, David Bussenschutt wrote:
>> Howdy,
>> Using the following code, I found that for creating users in a batch like
>> this, I get $result->code reporting that the 'add' failed after 125 users
>> are created.
>> (from 126 to 150, all are reported as 'failed' even thought they are
created.)
>> Interestingly though, the users are actually added to the ldap database
>> successfully.
>
>What value do you get from $result->code ?
>
>Graham.
>
>
--------------------------------------------------------------------
David Bussenschutt Email: D.B...@ma...
Senior Computing Support Officer & Systems Administrator/Programmer
Location: Griffith University. Information Technology Services
Brisbane Qld. Aust. (TEN bldg. rm 1.33) Ph:(07)38757079
--------------------------------------------------------------------
|
|
From: Graham B. <gb...@po...> - 2000-05-05 08:19:13
|
On Fri, May 05, 2000 at 02:10:05PM +1000, David Bussenschutt wrote: > Howdy, > Using the following code, I found that for creating users in a batch like > this, I get $result->code reporting that the 'add' failed after 125 users > are created. > (from 126 to 150, all are reported as 'failed' even thought they are created.) > Interestingly though, the users are actually added to the ldap database > successfully. What value do you get from $result->code ? Graham. |
|
From: Graham B. <gb...@po...> - 2000-05-05 08:13:45
|
On Fri, May 05, 2000 at 09:06:05AM +0200, Gerald Roehrbein wrote: > Hello Graham, > Hello Chris, > > > > I use the newest Version of ACTIVE PERL (5.6.0.613) and I've downloaded the > LDAP Module from Graham's website last tuesday. Oh dear. perl 5.6.0 has been found to have some bad bugs in it. I would suggest using 5.005_03 until 5.6.1 is released. > The example code I used to test if it work may be old but the LDAP module > is not old. It's from the File (Perl/html/site/lib/Net/LDAP.html). At the > end of the file there is a copyright notice (c) 1997-1999 Graham Barr. Ooops, that website was old, it will now point you to the new website at http://perl-ldap.sourceforge.net where you will find the latest docs etc. There is also http://download.sourceforge.net/perl-ldap/perl-ldap-0.16_01.tar.gz which has a couple of bug fixes in. > I think the sample code is really great because it's all I need. ;-) > I've only to add some fancy gizmos and then it's complete. But first it > should be run! Hopefully the sameple code in the latest docs is more correct. Graham. |
|
From: Chris R. <Chr...@me...> - 2000-05-05 07:53:24
|
On Fri, 05 May 2000 13:25:32 +1000, David Bussenschutt wrote: > Thankyou all for such quick responses to my filtering problems... > It's working great now..... > > > Another question, where would I find a comprehensive list of attributes? > I've been browsing the web for a couple of hours, and can only find bits > and pieces, like names for objects, and basic samples containing > cn,sn,mail,etc common attributes. The LDAP RFCs are a good place to start. Start with RFC 2256, then take a quick look at RFC 1274. There are some commonly used bits of schema defined in internet drafts as well, like inetOrgPerson. You'll have to find the latest draft for yourself though. > I want a comprehensive list, with all the obscure ones too, as I need to > define my own mappings between ldap attributes and Netware NDS object > attributes(in the ldap->NDS server config) and didn't want to be > "making-up" ldap attribute names to map to the existing NDS attributes. > It doesn't really matter too much in my case as I'm writing the client ldap > software - thanks to perl, but it seems to me to be good practice to stick > to standard attribute names if they exist. > > It seems a bit strange to me that Novell would only predefine a subset of > their NDS attributes to have ldap equivalents? I agree. Some directories support the interrogation of schema actually over protocol. If you investigate using the Net::LDAP::Schema class with Novell this may also provide some useful information. Cheers, Chris |
|
From: Gerald R. <gro...@q8...> - 2000-05-05 07:04:05
|
Hello Graham, Hello Chris, I use the newest Version of ACTIVE PERL (5.6.0.613) and I've downloaded the LDAP Module from Graham's website last tuesday. The example code I used to test if it work may be old but the LDAP module is not old. It's from the File (Perl/html/site/lib/Net/LDAP.html). At the end of the file there is a copyright notice (c) 1997-1999 Graham Barr. I think the sample code is really great because it's all I need. ;-) I've only to add some fancy gizmos and then it's complete. But first it should be run! best regards Gerald Graham Barr wrote: > On Thu, May 04, 2000 at 04:27:02PM +0100, Chris Ridd wrote: > > Graham, does the sample script look awfully familiar to you? Like the > > start of an old version of LDAP.pod perhaps? :-) > > Now that you mention it. > > Graham. |
|
From: David B. <D.B...@ma...> - 2000-05-05 04:09:31
|
Howdy,
Using the following code, I found that for creating users in a batch like
this, I get $result->code reporting that the 'add' failed after 125 users
are created.
(from 126 to 150, all are reported as 'failed' even thought they are created.)
Interestingly though, the users are actually added to the ldap database
successfully.
It also occurs when you do more than 125 deletes or any combination of adds
and deletes I tried it with 100 of each, and it reported failing after 125
transactions (is that the right word?), but it does actually succeed...
every time.
I can probably get around it by re-binding after 125 transactions, but I
don't think I should have to...
Anyone feel like a bug hunt?
David.
----------------------------------------------------------------------------
print "setting up LDAP connection....\n";
$ldap = Net::LDAP->new('192.168.0.10') or die "dying: $@";
$ldap->bind ( # bind to a directory with dn and password
dn => 'cn=admin, o=SGCS ',
password => 'mypassword'
);
print "\n";
for ($i=0;$i<150;$i++){
print "attempting to create user....$i\n";
$shortusername = "testuser".$i;
$result = $ldap->add (
dn => 'cn='.$shortusername.',o=SGCS',
attr => [ 'cn' => $shortusername,
'givenName' => 'givennametest',
'surname' => 'Surnametest',
'fullName' => 'Fullname test',
'groupMembership' =>
['cn=everyone, o=SGCS','cn=testgroup,
o=SGCS'],
# don't forget to also add user to group when group added to user...not
like here
'mail' => $shortusername.'@test.domain.edu.au',
'objectclass' => ['top', 'person',
'organizationalPerson',
'inetOrgPerson' ], ]
);
$result->code && warn "failed to add entry: ", $result->error ," ",$i;
} # end of add loop
--------------------------------------------------------------------
David Bussenschutt Email: D.B...@ma...
Senior Computing Support Officer & Systems Administrator/Programmer
Location: Griffith University. Information Technology Services
Brisbane Qld. Aust. (TEN bldg. rm 1.33) Ph:(07)38757079
--------------------------------------------------------------------
|
|
From: David B. <D.B...@ma...> - 2000-05-05 03:25:02
|
Thankyou all for such quick responses to my filtering problems...
It's working great now.....
Another question, where would I find a comprehensive list of attributes?
I've been browsing the web for a couple of hours, and can only find bits
and pieces, like names for objects, and basic samples containing
cn,sn,mail,etc common attributes.
I want a comprehensive list, with all the obscure ones too, as I need to
define my own mappings between ldap attributes and Netware NDS object
attributes(in the ldap->NDS server config) and didn't want to be
"making-up" ldap attribute names to map to the existing NDS attributes.
It doesn't really matter too much in my case as I'm writing the client ldap
software - thanks to perl, but it seems to me to be good practice to stick
to standard attribute names if they exist.
It seems a bit strange to me that Novell would only predefine a subset of
their NDS attributes to have ldap equivalents?
Any ideas?
David
--------------------------------------------------------------------
David Bussenschutt Email: D.B...@ma...
Senior Computing Support Officer & Systems Administrator/Programmer
Location: Griffith University. Information Technology Services
Brisbane Qld. Aust. (TEN bldg. rm 1.33) Ph:(07)38757079
--------------------------------------------------------------------
|
|
From: Pythagoras W. <py...@ec...> - 2000-05-05 02:15:56
|
On Fri, May 05, 2000 at 10:17:33AM +1000, David Bussenschutt wrote:
:So far, I have borrowed POD example code, and managed to connect, bind,
:add, and delete user objects quite easily...but I can't get search to work.
: What to I have to provide as a filter in order to return all objects in a
:particular ou (or o)?
For this, I search on the "objectclass" attribute being present.
Something like:
$mesg = $ldap->search (
base => 'o=SGCS',
filter => '(objectclass=*)',
);
would do it.
:When I unbind at the end of the script, I get the following error:
:"Can't call method "pdu" on an undefined value at
:/usr/lib/perl5/site_perl/5.005/Net/LDAP.pm line 536"
This is a minor bug, which is corrected in the development version.
:$mesg = $ldap->search (
: base => 'o=SGCS',
: filter => '(&(sn=Surnametest) (o=SGCS))',
: );
"o" is not an attribute in the specified objectclasses, so you cannot
search on it. Since you are already limiting yourself to the "o=SGCS"
users with the "base", using:
$mesg = $ldap->search (
base => 'o=SGCS',
filter => '(sn=Surnametest)',
);
should get you what you want.
--
Py (Amateur Radio: KF6WFP) -- 3.141592653589793238462643383...
Pythagoras Watson -- "Live long and may all your kernels pop."
=== py...@cs... ==== http://www.ecst.csuchico.edu/~py/ ===
|
|
From: Jim H. <ha...@us...> - 2000-05-05 01:38:36
|
The problem is with your filter. o is not an attribute, it is a portion
of the dn. Just leave out the (0=SGCS).
filter => '(&(sn=Surnametest) (o=SGCS))'
I have been using Netware 5 LDAP in conjunction with a unique set of
files, databases etc. I have been at it for about 6 months. Your timing
is better than mine. The Novell server was terribly buggy, but is now
much more stable. The next release (currently in beta, doesn't play
terribly well with some other Netware stuff) has enough speed to make it
worthy of being called a real production LDAP server. It also fixes some
deviations from standards. It is due out "early summer".
I'm happy to offer poiners.
Jim Harle
US Naval Academy
On Fri, 5 May 2000, David Bussenschutt wrote:
> Howdy folks...
>
> I just joined the list, and have already checked the archives for the
> answer...no luck there...
> (seings the archives apparently don't exist yet on the new mailserver)
>
> I'm connecting to a Novell Netware 5 LDAP server (from a unix box), and
> need a few clues....
>
> I wanted to know if anyone is using/used perl-ldap to communicate with
> netware 5?
>
> I'm going to(hopefully) use it to automatically generate large
> quantities of users (students - about 6000 of them ) from our primary
> sun solaris box (a propriety user database) into a Novell NDS (across
> about 12 different contexts (I mean ou's) ) ...(using netware 5's LDAP
> server functionality)....
>
> So far, I have borrowed POD example code, and managed to connect, bind,
> add, and delete user objects quite easily...but I can't get search to work.
> What to I have to provide as a filter in order to return all objects in a
> particular ou (or o)?
>
> When I unbind at the end of the script, I get the following error:
> "Can't call method "pdu" on an undefined value at
> /usr/lib/perl5/site_perl/5.005/Net/LDAP.pm line 536"
>
> Netware specific Q's:
> Is it possible to create users 'homefolders' using an ldap query?
>
>
> Thanks.
>
> David.
>
> P.S. In case you're interested, here's the test code I'm using...
> (add and remove both work like a charm!)
>
> ------------------------------------------------------------------------
> #!/usr/bin/perl
>
> use Net::LDAP;
>
>
> print "setting up LDAP connection....\n";
> $ldap = Net::LDAP->new('192.168.0.10') or die "dying: $@";
>
> $ldap->bind ( # bind to a directory with dn and password
> dn => 'cn=admin, o=SGCS ',
> password => 'mypassword'
> );
>
> print "\n";
>
> print "attempting to create user....\n";
> $shortusername = "testuser1";
> $result = $ldap->add (
> dn => 'cn='.$shortusername.',o=SGCS',
> attr => [ 'cn' => $shortusername,
> 'givenName' => 'givennametest',
> 'surname' => 'Surnametest',
> 'fullName' => 'Fullname test',
> 'groupMembership' =>
> ['cn=everyone, o=SGCS','cn=testgroup,
> o=SGCS'],
> # don't forget to also add user to group when group added to user...not
> like here
> 'mail' => $shortusername.'@gucis.cit-student.gu.edu.au',
> 'objectclass' => ['top', 'person',
> 'organizationalPerson',
> 'inetOrgPerson' ], ]
> );
> $result->code && warn "failed to add entry: ", $result->error ;
> $result->code || print "added entry successfully.\n ";
>
> print "\n";
>
> print "attempting to search for users....\n";
> $mesg = $ldap->search (
> base => 'o=SGCS',
> filter => '(&(sn=Surnametest) (o=SGCS))',
> );
>
> $mesg->code && warn "LDAP search failed:", $mesg->error;
> $mesg->code || print "LDAP search succeeded\n";
>
> print "search results:\n";
> foreach $entry ($mesg->all_entries) { $entry->dump;}
>
> print "\n";
>
> print "attempting to remove user....\n";
> $result = $ldap->delete (
> dn => 'cn=testuser, o=SGCS',
> );
>
> $result->code && warn "failed to delete entry: ", $result->error ;
> $result->code || print "deleted entry successfully. \n";
>
>
> # unbind doesn't work!
> #print "unbind\n";
> #$ldap->unbind;
>
>
> ------------------------------------------------------------------------
>
>
> --------------------------------------------------------------------
> David Bussenschutt Email: D.B...@ma...
> Senior Computing Support Officer & Systems Administrator/Programmer
> Location: Griffith University. Information Technology Services
> Brisbane Qld. Aust. (TEN bldg. rm 1.33) Ph:(07)38757079
> --------------------------------------------------------------------
>
>
|
|
From: David B. <D.B...@ma...> - 2000-05-05 00:17:55
|
Howdy folks...
I just joined the list, and have already checked the archives for the
answer...no luck there...
(seings the archives apparently don't exist yet on the new mailserver)
I'm connecting to a Novell Netware 5 LDAP server (from a unix box), and
need a few clues....
I wanted to know if anyone is using/used perl-ldap to communicate with
netware 5?
I'm going to(hopefully) use it to automatically generate large
quantities of users (students - about 6000 of them ) from our primary
sun solaris box (a propriety user database) into a Novell NDS (across
about 12 different contexts (I mean ou's) ) ...(using netware 5's LDAP
server functionality)....
So far, I have borrowed POD example code, and managed to connect, bind,
add, and delete user objects quite easily...but I can't get search to work.
What to I have to provide as a filter in order to return all objects in a
particular ou (or o)?
When I unbind at the end of the script, I get the following error:
"Can't call method "pdu" on an undefined value at
/usr/lib/perl5/site_perl/5.005/Net/LDAP.pm line 536"
Netware specific Q's:
Is it possible to create users 'homefolders' using an ldap query?
Thanks.
David.
P.S. In case you're interested, here's the test code I'm using...
(add and remove both work like a charm!)
------------------------------------------------------------------------
#!/usr/bin/perl
use Net::LDAP;
print "setting up LDAP connection....\n";
$ldap = Net::LDAP->new('192.168.0.10') or die "dying: $@";
$ldap->bind ( # bind to a directory with dn and password
dn => 'cn=admin, o=SGCS ',
password => 'mypassword'
);
print "\n";
print "attempting to create user....\n";
$shortusername = "testuser1";
$result = $ldap->add (
dn => 'cn='.$shortusername.',o=SGCS',
attr => [ 'cn' => $shortusername,
'givenName' => 'givennametest',
'surname' => 'Surnametest',
'fullName' => 'Fullname test',
'groupMembership' =>
['cn=everyone, o=SGCS','cn=testgroup,
o=SGCS'],
# don't forget to also add user to group when group added to user...not
like here
'mail' => $shortusername.'@gucis.cit-student.gu.edu.au',
'objectclass' => ['top', 'person',
'organizationalPerson',
'inetOrgPerson' ], ]
);
$result->code && warn "failed to add entry: ", $result->error ;
$result->code || print "added entry successfully.\n ";
print "\n";
print "attempting to search for users....\n";
$mesg = $ldap->search (
base => 'o=SGCS',
filter => '(&(sn=Surnametest) (o=SGCS))',
);
$mesg->code && warn "LDAP search failed:", $mesg->error;
$mesg->code || print "LDAP search succeeded\n";
print "search results:\n";
foreach $entry ($mesg->all_entries) { $entry->dump;}
print "\n";
print "attempting to remove user....\n";
$result = $ldap->delete (
dn => 'cn=testuser, o=SGCS',
);
$result->code && warn "failed to delete entry: ", $result->error ;
$result->code || print "deleted entry successfully. \n";
# unbind doesn't work!
#print "unbind\n";
#$ldap->unbind;
------------------------------------------------------------------------
--------------------------------------------------------------------
David Bussenschutt Email: D.B...@ma...
Senior Computing Support Officer & Systems Administrator/Programmer
Location: Griffith University. Information Technology Services
Brisbane Qld. Aust. (TEN bldg. rm 1.33) Ph:(07)38757079
--------------------------------------------------------------------
|
|
From: Graham B. <gb...@po...> - 2000-05-04 20:23:43
|
On Thu, May 04, 2000 at 06:50:41PM +0100, Graham Barr wrote: > On Thu, May 04, 2000 at 01:26:16PM -0400, Jim Harle wrote: > > > Yes. And for now if method does not exist we can be compatable and give > > > a warning. > > > > This seems that it would eventually break every currently existing script, > > since method isn't used. Arghh!! > > --Jim Harle > > Yes, but I have said before Net::FTP is still alpha and as such can change. Someone give me coffee :) Graham. |
|
From: Richard H. <rh...@me...> - 2000-05-04 18:24:20
|
This is a test for the autoreply and forwarding to the new list address. --rhu |
|
From: Graham B. <gb...@po...> - 2000-05-04 17:52:24
|
On Thu, May 04, 2000 at 01:26:16PM -0400, Jim Harle wrote: > > Yes. And for now if method does not exist we can be compatable and give > > a warning. > > This seems that it would eventually break every currently existing script, > since method isn't used. Arghh!! > --Jim Harle Yes, but I have said before Net::FTP is still alpha and as such can change. Although script would not break until the backwards compat is removed, which would not be for quite a while. Graham. |
7902 messages has been excluded from this view by a project administrator.
