Menu
▾
▴
perl-ldap-dev
You can subscribe to this list here.
| 2000 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(200) |
Jun
(129) |
Jul
(184) |
Aug
(204) |
Sep
(106) |
Oct
(79) |
Nov
(72) |
Dec
(54) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2001 |
Jan
(83) |
Feb
(123) |
Mar
(84) |
Apr
(184) |
May
(106) |
Jun
(111) |
Jul
(104) |
Aug
(91) |
Sep
(59) |
Oct
(99) |
Nov
(100) |
Dec
(37) |
| 2002 |
Jan
(148) |
Feb
(88) |
Mar
(85) |
Apr
(151) |
May
(80) |
Jun
(110) |
Jul
(85) |
Aug
(43) |
Sep
(64) |
Oct
(89) |
Nov
(59) |
Dec
(42) |
| 2003 |
Jan
(129) |
Feb
(104) |
Mar
(162) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Yary H. <ya...@ap...> - 2002-10-22 22:19:44
|
Once upon a time my LDAP server used Net::LDAP::BER->read to get and parse binary data all at once. It then used the "tag" and "decode" methods to see what it had to do. Now I'm converting to an OpenLDAP server w/a perl backend. The filter is passed as a flat string. I see that Net::LDAP::Filter will parse the string for me- but after that, I'm lost. What do I do with the Filter object? I would like to turn it into a BER object so I can re-use my code, but if there was any other way to traverse the tree I can use that too. I could use the internal representation of the Filter object, looks pretty straightforward, but don't want to be doing something undocumented that could break. -y ~~~~~ The Moon is Waning Gibbous (99% of Full) |
|
From: Graham B. <gb...@po...> - 2002-10-22 20:33:50
|
----- Forwarded message from Yary Hluchan <Yar...@lu...> -----
Date: Tue, 22 Oct 2002 13:25:57 -0700
To: <gb...@po...>
From: "Yary Hluchan" <Yar...@lu...>
Subject: Filter.pod
A couple lines of Filter.pod are confusing me:
parse ( FILTER )
Parse FILTER. The next call to ber will return this
filter encoded.
asn Return the data structure suitable for passing directly
to the Convert::ASN1 manpage to encode a filter object.
There is no asn method in Filter.pm as of version 0.13 (and I assume it's not really meant to be passed to the manpage)
I'm not sure what the "next call to ber" is... I am trying "new Filter Net::LDAP::BER->new(Net::LDAP::Filter->new($filterStr))," and it's doing something, but not sure what!
I'm turning a standalone, working Perl LDAP server into an OpenLDAP backend and am having trouble turning a filterstring into a BER object- might rip out the BER support and just use the Filter object's internals- wanted to alert you to the state of the docs.
-y
----- End forwarded message -----
|
|
From: Jim H. <ha...@us...> - 2002-10-22 20:22:43
|
One issue is that on most servers, the createtimestamp and modifytimestamp attributes are maintained by the server and cannot be manipulated by LDAP (or LDIF for that matter). --Jim Harle On Tue, 22 Oct 2002, Graham Barr wrote: > ----- Forwarded message from Reena John <rp...@ho...> ----- > > Date: Tue, 22 Oct 2002 14:19:36 -0500 > To: gb...@po... > From: Reena John <rp...@ho...> > Subject: Net::LDAP read/write pre-dn info? > > Graham, > > Is there a way using the Net::LDAP module to read/write pre-dn lines in > Net::LDAP? The ldif would be like this (also attached: sample.ldif.txt): > > replica: 163.185.18.246:392 > time: 1028702892 > dn: cn=Francois Leclerc 102494,ou=employee,o=slb,c=AN > changetype: add > cn: Francois Leclerc 102494 > sn: Leclerc > creatorsname: cn=LDAP Admin 100000,ou=role,o=SLB,c=AN > createtimestamp: 19990331160616Z > modifytimestamp: 19990426111958Z > modifiersname: cn=ldap admin 100000,ou=role,o=SLB,c=AN > objectclass: top > objectclass: organizationalPerson > objectclass: entrustUser > objectclass: account > > > > Specifically, I would like to read/write the timestamp that is tacked on to > the change ldif by the ldap server process (slapd). I ask because I am > writing a script that reads the change ldifs (in Innosoft's replog file/ > SunOne's audit file) which have been processed by the slapd, and filters > them, writing out only some dns and attributes to a file. For this purpose, > I also have to add replica information to the ldif. Both timestamp and > replica lines are before the dn. If Net::LDAP does not contain this > functionality, do you know of any work arounds? > > One more question: do you know where I can find documentation on the newer > methods in Net::LDAP, the pods being slightly behind the times... > > thanks, > Reena > > Reena John > LDAP Engineering > SchlumbergerSema NIS > > replica: 163.185.18.246:392 > time: 1028702892 > dn: cn=Francois Leclerc 102494,ou=employee,o=slb - web certificate,c=AN > changetype: add > cn: Francois Leclerc 102494 > sn: Leclerc > creatorsname: cn=LDAP Admin 100000,ou=role,o=SLB,c=AN > createtimestamp: 19990331160616Z > modifytimestamp: 19990426111958Z > modifiersname: cn=ldap admin 100000,ou=role,o=SLB,c=AN > objectclass: top > objectclass: organizationalPerson > objectclass: entrustUser > objectclass: account > |
|
From: Graham B. <gb...@po...> - 2002-10-22 19:39:33
|
----- Forwarded message from Reena John <rp...@ho...> ----- Date: Tue, 22 Oct 2002 14:19:36 -0500 To: gb...@po... From: Reena John <rp...@ho...> Subject: Net::LDAP read/write pre-dn info? Graham, Is there a way using the Net::LDAP module to read/write pre-dn lines in Net::LDAP? The ldif would be like this (also attached: sample.ldif.txt): replica: 163.185.18.246:392 time: 1028702892 dn: cn=Francois Leclerc 102494,ou=employee,o=slb,c=AN changetype: add cn: Francois Leclerc 102494 sn: Leclerc creatorsname: cn=LDAP Admin 100000,ou=role,o=SLB,c=AN createtimestamp: 19990331160616Z modifytimestamp: 19990426111958Z modifiersname: cn=ldap admin 100000,ou=role,o=SLB,c=AN objectclass: top objectclass: organizationalPerson objectclass: entrustUser objectclass: account Specifically, I would like to read/write the timestamp that is tacked on to the change ldif by the ldap server process (slapd). I ask because I am writing a script that reads the change ldifs (in Innosoft's replog file/ SunOne's audit file) which have been processed by the slapd, and filters them, writing out only some dns and attributes to a file. For this purpose, I also have to add replica information to the ldif. Both timestamp and replica lines are before the dn. If Net::LDAP does not contain this functionality, do you know of any work arounds? One more question: do you know where I can find documentation on the newer methods in Net::LDAP, the pods being slightly behind the times... thanks, Reena Reena John LDAP Engineering SchlumbergerSema NIS replica: 163.185.18.246:392 time: 1028702892 dn: cn=Francois Leclerc 102494,ou=employee,o=slb - web certificate,c=AN changetype: add cn: Francois Leclerc 102494 sn: Leclerc creatorsname: cn=LDAP Admin 100000,ou=role,o=SLB,c=AN createtimestamp: 19990331160616Z modifytimestamp: 19990426111958Z modifiersname: cn=ldap admin 100000,ou=role,o=SLB,c=AN objectclass: top objectclass: organizationalPerson objectclass: entrustUser objectclass: account ----- End forwarded message ----- |
|
From: <ti...@uc...> - 2002-10-22 18:20:21
|
No, the dn of the user is not available. The dn in the cert is not the
dn of user in the directory. In this case, I HAVE to use the cert in
the filter, it is the only thing guaranteed to be unique that I have
access to at this point.
Since the userceritificate entry is indexed in the directory, a search
works just fine, as long as the 5 characters ('*','(',')','\', and 'nul')
mentioned in RFC 2254 are converted beforehand, as detailed in
the RFC.
I was just wondering if there was a method in Net::LDAP::Filter to
do this, I take it the answer is no. (Note, remember to convert the
'\' first!)
|
|
From: Peter M. <pet...@ma...> - 2002-10-22 16:34:59
|
Hi,
On Tuesday 22 October 2002 16:33, you wrote:
> I'm writing a little script to keep a ldap database in sync with a
> password file. I'm getting weird errors trying to add new entries and I=
'm
> not sure what's going on. When I add the same data to the database in a=
n
> ldif form, it works fine. using perl-ldap gives me errors about invalid
> syntax or an object class violation. I'm using the following code which=
is
> pretty much right from the examples, any ideas? I am completely stumped=
=2E
>
> #
> # if the shadow entries are commented out, I get
> # Return code: 65 Error: LDAP_OBJECT_CLASS_VIOLATION
> #
> # if not, I get
> # Return code: 21 Error: LDAP_INVALID_SYNTAX
>
> sub ldap_add_user{
> my ($ldap,$uid,$password) =3D @_;
> my $attrs =3D [
> objectClass =3D> ["person", "organizationalPerson",
> "inetOrgPerson", "account", "posixAccount", "top", "shadowAccount"],
> cn =3D> $user{$uid}{gecos},
> gecos =3D> $user{$uid}{gecos},
> uid =3D> $uid,
> homeDirectory =3D> "/home/$uid",
> loginShell =3D> $user{$uid}{loginshell},
> shadowExpire =3D> $user{$uid}{shadowexpire},
> shadowInactive=3D> $user{$uid}{shadowinactive},
> shadowMax =3D> $user{$uid}{shadowmax},
> shadowWarning =3D> $user{$uid}{shadowwarning},
> shadowLastChange =3D> $user{$uid}{shadowlastchange},
> userPassword =3D> "$password",
> uidNumber =3D> $user{$uid}{uidnumber},
> gidNumber =3D> $user{$uid}{gidnumber}
> ];
>
> my $result =3D ldap_add($ldap,"uid=3D$uid,$LDAP_BASE", $attrs);
> return $result;
> }
>
> sub ldap_add{
> my ($ldap,$dn,$attrs) =3D @_;
> my $result =3D $ldap->add($dn, attrs =3D> [ @$attrs ] );
> return $result;
> }
Are you doing this against OpenLDAP 2.1.x ?
In this case, the object is not legal, since inetOrgPerson and
account are STRUCTURAL objectclasses, and no object must
have different object class chains.
You may recover by defining a private STRUCTURAL objectclass
that inherits from account and inetOrgPerson. i.e.=20
SUP ( account $ inetOrgPerson )
Of course, the attributes and objectclasses have to be loaded
into the server (with OL they are in nis.schema and inerorgperson.schema)
Have you checked the value of $user{$uid}{...}.
Are they array references ?
Do they match the syntax of the attributes ?
Yours
Peter
--=20
Peter Marschall | eMail: pet...@ma...
Scheffelstra=DFe 15 | pet...@is...
97072 W=FCrzburg | Tel: 0931/14721
PGP: D7 FF 20 FE E6 6B 31 74 D1 10 88 E0 3C FE 28 35
|
|
From: Chad C. <ccu...@ma...> - 2002-10-22 14:31:41
|
Hi,
I'm writing a little script to keep a ldap database in sync with a
password file. I'm getting weird errors trying to add new entries and I'm
not sure what's going on. When I add the same data to the database in an
ldif form, it works fine. using perl-ldap gives me errors about invalid
syntax or an object class violation. I'm using the following code which is
pretty much right from the examples, any ideas? I am completely stumped.
#
# if the shadow entries are commented out, I get
# Return code: 65 Error: LDAP_OBJECT_CLASS_VIOLATION
#
# if not, I get
# Return code: 21 Error: LDAP_INVALID_SYNTAX
sub ldap_add_user{
my ($ldap,$uid,$password) = @_;
my $attrs = [
objectClass => ["person", "organizationalPerson",
"inetOrgPerson", "account", "posixAccount", "top", "shadowAccount"],
cn => $user{$uid}{gecos},
gecos => $user{$uid}{gecos},
uid => $uid,
homeDirectory => "/home/$uid",
loginShell => $user{$uid}{loginshell},
shadowExpire => $user{$uid}{shadowexpire},
shadowInactive=> $user{$uid}{shadowinactive},
shadowMax => $user{$uid}{shadowmax},
shadowWarning => $user{$uid}{shadowwarning},
shadowLastChange => $user{$uid}{shadowlastchange},
userPassword => "$password",
uidNumber => $user{$uid}{uidnumber},
gidNumber => $user{$uid}{gidnumber}
];
my $result = ldap_add($ldap,"uid=$uid,$LDAP_BASE", $attrs);
return $result;
}
sub ldap_add{
my ($ldap,$dn,$attrs) = @_;
my $result = $ldap->add($dn, attrs => [ @$attrs ] );
return $result;
}
--
Chad Cunningham
ccu...@ma...
"Well, once again my friend, we find that science is a two-headed beast. One
head is nice, it gives us aspirin and other modern conveniences,...but the
other head of science is bad! Oh beware the other head of science, Arthur, it
bites!"
|
|
From: Chris R. <chr...@ma...> - 2002-10-22 11:34:08
|
On 22/10/02 12:14 pm, ti...@uc... <ti...@uc...> wrote:
> I am working on a script that starts with a server cert and proxies as a user.
> To do
> this I need to determine which user presented his cert to the web server. The
> web
> server puts the cert (MIME base 64 encoded) into the environment. It also
> puts
> other things like the user's CN, but that is not unique. So I need to do a
> search on
> the usercertificate;binary. I extract the cert from the env, then decode it.
>
> If I use regexs to replace the characters described by RFC 2254 with the
> proper
> encoding, everything works. Since this is sample code for others, I would
> like to use
> Net::LDAP::Filter, but so far I can't seem to get it to work.
>
> Is there an option to get Net::LDAP::Filter to do the encoding?
>
> I would like to do something like:
>
> $filter = Net::LDAP::Filter->new("(usercertificate=$webcert)");
> $mesg = $ldap->search( base => 'the base',
> scope => 'sub',
> filter => $filter);
>
> Is this a change or is it possible now?
Typically it isn't possible to use a certificate in a search filter. Well
you might be able to on some servers, but as there aren't any real standards
in this area yet you'd be best off avoiding it for now.
Does the entry containing the cert have a DN of the cert's subject name?
I posted some snippets which decoded certs (including the subject and issuer
DNs) to this list a while back. If you can't find them in the archives, I'll
have a hunt to see if I've still got 'em.
Cheers,
Chris
|
|
From: <ti...@uc...> - 2002-10-22 11:14:47
|
I am working on a script that starts with a server cert and proxies as a user. To do
this I need to determine which user presented his cert to the web server. The web
server puts the cert (MIME base 64 encoded) into the environment. It also puts
other things like the user's CN, but that is not unique. So I need to do a search on
the usercertificate;binary. I extract the cert from the env, then decode it.
If I use regexs to replace the characters described by RFC 2254 with the proper
encoding, everything works. Since this is sample code for others, I would like to use
Net::LDAP::Filter, but so far I can't seem to get it to work.
Is there an option to get Net::LDAP::Filter to do the encoding?
I would like to do something like:
$filter = Net::LDAP::Filter->new("(usercertificate=$webcert)");
$mesg = $ldap->search( base => 'the base',
scope => 'sub',
filter => $filter);
Is this a change or is it possible now?
|
|
From: HP D. <hp....@we...> - 2002-10-17 16:18:53
|
On Thu, 17 Oct 2002 12:56:07 +0100 Graham Barr <gb...@po...> wrote: > On Sat, Oct 12, 2002 at 05:32:00PM +0200, HP Doerr wrote: > > hi all > > > > i've got some problems here with perl-ldap and utf8 strings. if i'm calling update on an Net::LDAP::Entry object with some attributes as utf8 strings, the servers complains about an invalid syntax. > > > > but a > > $ldap->modify($entry, changes => [ replace => [ attribute => $string ] ] ); > > (where $string is the utf8 encoded string) > > works as expected. > > What exactly do you mean by "attributes as utf8 strings" ? hi i used the Unicode::MapUTF8 to convert some strings to utf8, and used this utf8 strings as values for some LDAP attributes. as far as i can see, the schema allows utf8 in those attributes. > What version of perl are you using ? Are you using 5.8 and passing a scalar > that you know perl has encoded as utf8 ? im using a debian 3.0 standard setup with perl 5.6.1. the above named module is also from a standard debian package. > I can imagine that may cause an issue, but I am not sure. i really hope you dont only know about the issue, but about the solution ;-) thanks, hp |
|
From: VAN D. W. <Wim...@eu...> - 2002-10-17 15:57:14
|
Thanks,
unfortunately, the Unicode::Map8 module won't compile on our solaris 8 =
box.
But otoh, I found a workaround by someone else. I managed to get this =
function to do just what I want.
In case anybody needs it :=20
sub utf8_to_latin1 #converts from UTF8 to Latin1
{
my $string =3D shift;
my $format=3D$ENV{"UCFORMAT"}||('%lx');
$string =3D~ s/([\xC0-\xDF])([\x80-\xBF])/sprintf =
("%c",hex(sprintf($format,
unpack("c",$1)<<6&0x07C0|unpack("c",$2)&0x003F)))/ge;
$string =3D~ =
s/([\xE0-\xEF])([\x80-\xBF])([\x80-\xBF])/sprintf("%c",
hex(sprintf($format,
unpack("c",$1)<<12&0xF000|unpack("c",$2)<<6&0x0FC0|unpack("c",$3)&0x003F=
)))/ge;
$string =3D~
s/([\xF0-\xF7])([\x80-\xBF])([\x80-\xBF])([\x80-\xBF])/sprintf ("%c", =
hex
(sprintf($format,
unpack("c",$1)<<18&0x1C0000|unpack("c",$2)<<12&0x3F000|
unpack("c",$3)<<6&0x0FC0|unpack("c",$4)&0x003F)))/ge;
return $string;
}
Regards,
Wim
-----Original Message-----
From: Mar...@ml... [mailto:Mar...@ml...]
Sent: 17 October 2002 15:16
To: per...@li...
Subject: Re: Dumping Unicode values into ascii text
>Hi,
>I'm trying to fetch values that are unicode(latin1) encoded, and dump =
them into
a csv textfile.
>I uploaded them myself, and I'm surprised at how difficult I find it =
to
retrieve them again
>The value I'm interested holds a "=E9". I uploaded in like this :
>my $u=3DUnicode::String::latin1($site);
>and then used $u as the value of the attribute to be uploaded.
>This worked perfect and the values are perfectly readable with an ldap =
browser
or the console (we're using iplanet DS >here)
i think they are readable because the ldap browser encodes unicode =
also
>Now the question is, how can I get it back in it's original format?
>The original word was Br=E9tigny; the way it's stored now is =
Br=C3=A9tigny.
>It tried using
>$site =3D Unicode::String::latin1("$u")->utf8
>and
>$site =3D Unicode::String::utf8("$u")
>and other combinations, but the problem is I don't even know to what =
specific
format I have to decode the Unicode >to...
you should convert the string to iso-8859-1
try the perlmodule Unicode::MapUTF8;
following lines will do the work.
use Unicode::MapUTF8 qw(from_utf8)
$the_latin_encoded_string =3D from_utf8({ -string =3D> =
$the_utf8_string,
-charset =3D> "ISO-8859-1" });
sure this only works when the input from the ldap is encoded in a =
right was
to test it you can add a value manually in utf8 format f.e. =
h=E9ll=F2 and
read it with perl out...
>Any help or pointers would be much appreciated.
>Best regards,
>--
>Wim Van Dijck
>MIS - Internet Team - Eurocontrol
>Support bacteria - they're the only culture some people have.
greets
Martin
-------------------------------------------------------
This sf.net email is sponsored by: viaVerio will pay you up to
$1,000 for every account that you consolidate with us.
http://ad.doubleclick.net/clk;4749864;7604308;v?
http://www.viaverio.com/consolidator/osdn.cfm
|
|
From: <Mar...@ml...> - 2002-10-17 13:15:52
|
>Hi,
>I'm trying to fetch values that are unicode(latin1) encoded, and dump =
them into
a csv textfile.
>I uploaded them myself, and I'm surprised at how difficult I find it t=
o
retrieve them again
>The value I'm interested holds a "=E9". I uploaded in like this :
>my $u=3DUnicode::String::latin1($site);
>and then used $u as the value of the attribute to be uploaded.
>This worked perfect and the values are perfectly readable with an ldap=
browser
or the console (we're using iplanet DS >here)
i think they are readable because the ldap browser encodes unicode=
also
>Now the question is, how can I get it back in it's original format?
>The original word was Br=E9tigny; the way it's stored now is Br=C3=A9t=
igny.
>It tried using
>$site =3D Unicode::String::latin1("$u")->utf8
>and
>$site =3D Unicode::String::utf8("$u")
>and other combinations, but the problem is I don't even know to what s=
pecific
format I have to decode the Unicode >to...
you should convert the string to iso-8859-1
try the perlmodule Unicode::MapUTF8;
following lines will do the work.
use Unicode::MapUTF8 qw(from_utf8)
$the_latin_encoded_string =3D from_utf8({ -string =3D> $the_u=
tf8_string,
-charset =3D> "ISO-8859-1" });
sure this only works when the input from the ldap is encoded in a =
right was
to test it you can add a value manually in utf8 format f.e. h=
=E9ll=F2 and
read it with perl out...
>Any help or pointers would be much appreciated.
>Best regards,
>--
>Wim Van Dijck
>MIS - Internet Team - Eurocontrol
>Support bacteria - they're the only culture some people have.
greets
Martin
=
|
|
From: Chris R. <chr...@ma...> - 2002-10-17 13:00:34
|
On 17/10/02 1:53 pm, VAN DIJCK Wim <Wim...@eu...> wrote: > This worked perfect and the values are perfectly readable with an ldap browser > or the console (we're using iplanet DS here) Netscape's server seems to return exactly the same bytes that you gave it without checking them for validity, so it isn't a very good indicator that something's right or not. Garbage In Garbage Out! What bytes are going across in protocol? (Use $ldap->debug(...) to get hex protocol dumps). Cheers, Chris |
|
From: <sk...@sm...> - 2002-10-17 12:57:36
|
On Thu, 17 Oct 2002, Peter Marschall wrote: > Because searching is the only way to retrieve data from an LDAP server. > You can do a search with scope=>'base' and the given DN as the base DN. Ahh, that is working (first time "base" makes any sense to me), I had to add a filter, though. Thanks & Bye, -- Steffen Kaiser |
|
From: VAN D. W. <Wim...@eu...> - 2002-10-17 12:53:12
|
Hi,
I'm trying to fetch values that are unicode(latin1) encoded, and dump =
them into a csv textfile.
I uploaded them myself, and I'm surprised at how difficult I find it to =
retrieve them again :o)
The value I'm interested holds a "=E9". I uploaded in like this :=20
my $u=3DUnicode::String::latin1($site);
and then used $u as the value of the attribute to be uploaded.=20
This worked perfect and the values are perfectly readable with an ldap =
browser or the console (we're using iplanet DS here)
Now the question is, how can I get it back in it's original format?
The original word was Br=E9tigny; the way it's stored now is =
Br=C3=A9tigny.
It tried using
$site =3D Unicode::String::latin1("$u")->utf8
and=20
$site =3D Unicode::String::utf8("$u")
and other combinations, but the problem is I don't even know to what =
specific format I have to decode the Unicode to...
Any help or pointers would be much appreciated.
Best regards,
--
Wim Van Dijck
MIS - Internet Team - Eurocontrol
Support bacteria - they're the only culture some people have.
|
|
From: <rm...@ds...> - 2002-10-17 12:42:10
|
Hi Graham,
Thanks for your suggestion,I added it to the code and I executed :
my $m = $ldap->search( base => $base,
attrs => ['dn'] ,
callback => sub { $_[0]->shift_entry },
filter => "sAMAccountName=*");
and the result was the same I/O Error.
I tried the next shell command on the same machine:
ldapsearch -x -P 2 -H ldaps://ldapserver "ou=,...,dc=com" "sAMAccountName=*"
with openldap-2.0.21-1, and it worked ok, returning 482 entries,
so I think the problem may be caused by the perl code.
Thanks.
Mensaje citado por Graham Barr <gb...@po...>:
> On Wed, Oct 16, 2002 at 01:35:29PM +0200, rm...@ds... wrote:
> >
> > Hi all,
> >
> > I get an I/O Error when executing this code:
> >
> > $ldap = Net::LDAPS->new($ldapserver,
> > port => '636',
> > verify => 'none',
> > );
> > my $m = $ldap->search( base => $base,
> > attrs => ['dn'] ,
> > filter => "(sAMAccountName=*)");
> >
>
> > I use:
> > Redhat 7.2
> > Perl 5.6.1
> > perl-ldap 0.26
> > Convert::BER 1.31 ( I updated it because I read it could be guilty)
> > the server is a Windows 2000 Advanced server SP2
>
> Hm, We have had this reported before on win2k. I have this funny feeling
> that if we dont read the packets fast enough it triggers an issue in thier
> tcp stack
> which results in an io error.
>
> What happenes of you add
>
> callback => sub { $_[0]->shift_entry }
>
> to the search arguments ?
>
> Graham.
>
########################################################################
Rafa Martinez Diaz
-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/
|
|
From: Graham B. <gb...@po...> - 2002-10-17 12:05:05
|
This is weird. I cannot imagine it being a mandrake issue though. Are you suing a hostname that resolves to 127.0.0.1 or to an IP of another interface ? It may be worth trying both. Do any other perl applications have problems connecting to servers on the same machine. For example can Net::SMTP connect to your local port 25. Graham. On Mon, Oct 14, 2002 at 12:42:15PM +0100, Pete Birkinshaw wrote: > Hi, > > I've been writing small Perl::LDAP apps for a while, and I've released a > couple of open source programs that use Perl LDAP. Unfortunately I've > recently hit a major problem. > > Since upgrading to Mandrake 9 I can't access my local "fake company" > LDAP server from Perl::LDAP when both are on the same PC. Every bind > fails with error code 1: "I/O Error Interrupted system call". > > However, I can bind to the same LDAP server with Net::LDAP version 0.25 > from my other computer with no problems. I can bind with Java apps from > either computer, and the OpenLDAP ldapsearch command works fine from > both computers. > > I've recompiled OpenLDAP (2.0.25), Perl::LDAP and Perl 5.8, but the > problem remains. The other, working, computer is running Perl 5.6.1 on > Mandrake 8.2. There's no IP filtering in place. > > Are there any known problems with Perl::LDAP and Perl 5.8 on Mandrake 9? > I would be very grateful for help in solving this. I'm baffled. > > Thanks, > > Pete Birkinshaw > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf |
|
From: Graham B. <gb...@po...> - 2002-10-17 11:59:44
|
On Sat, Oct 12, 2002 at 05:32:00PM +0200, HP Doerr wrote: > hi all > > i've got some problems here with perl-ldap and utf8 strings. if i'm calling update on an Net::LDAP::Entry object with some attributes as utf8 strings, the servers complains about an invalid syntax. > > but a > $ldap->modify($entry, changes => [ replace => [ attribute => $string ] ] ); > (where $string is the utf8 encoded string) > works as expected. What exactly do you mean by "attributes as utf8 strings" ? What version of perl are you using ? Are you using 5.8 and passing a scalar that you know perl has encoded as utf8 ? I can imagine that may cause an issue, but I am not sure. Graham. > as i can see from the sources of LDAP::Entry, the update method does quite the same. > > so does anybody know, what i'm doing wrong here? > > thans, hp > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf |
|
From: Graham B. <gb...@po...> - 2002-10-17 11:57:19
|
On Wed, Oct 16, 2002 at 01:35:29PM +0200, rm...@ds... wrote:
>
> Hi all,
>
> I get an I/O Error when executing this code:
>
> $ldap = Net::LDAPS->new($ldapserver,
> port => '636',
> verify => 'none',
> );
> my $m = $ldap->search( base => $base,
> attrs => ['dn'] ,
> filter => "(sAMAccountName=*)");
>
> I use:
> Redhat 7.2
> Perl 5.6.1
> perl-ldap 0.26
> Convert::BER 1.31 ( I updated it because I read it could be guilty)
> the server is a Windows 2000 Advanced server SP2
Hm, We have had this reported before on win2k. I have this funny feeling
that if we dont read the packets fast enough it triggers an issue in thier tcp stack
which results in an io error.
What happenes of you add
callback => sub { $_[0]->shift_entry }
to the search arguments ?
Graham.
|
|
From: Chris R. <chr...@ma...> - 2002-10-17 11:42:57
|
On 17/10/02 10:36 am, Peter Marschall <pet...@ma...> wrote: > Hi, > > I do not think it is a problem with Net::LDAP. > Net::LDAP can cope with more than 20.000 enbtries in one search result > (that's what I use regularly, so i know it works.) > > Ask your ADS-Admins to increase the sizelimit for LDAP searches. > > CU > PEter Alternatively, if your directory supports simple paged results (RFC 2696) you can get avoid the sizelimit. Check the Net::LDAP::Control::Paged class. Cheers, Chris |
|
From: Peter M. <pet...@ma...> - 2002-10-17 09:40:45
|
Hi, On Wednesday 16 October 2002 14:22, you wrote: > how can you create a Net::LDAP::Entry object of one specific DN, like > uid=3Dadmin,ou=3Dorganizational unit,o=3Dorg,c=3Dde? > I haven't found something useful tweaking Net::LDAP->search() into > returning just that DN, and why should I perform a search, when I exact= ly > know what entry to retreive? Because searching is the only way to retrieve data from an LDAP server. You can do a search with scope=3D>'base' and the given DN as the base DN. Yours Peter --=20 Peter Marschall | eMail: pet...@ma... Scheffelstra=DFe 15 | pet...@is... 97072 W=FCrzburg | Tel: 0931/14721 PGP: D7 FF 20 FE E6 6B 31 74 D1 10 88 E0 3C FE 28 35 |
|
From: Peter M. <pet...@ma...> - 2002-10-17 09:36:47
|
Hi, I do not think it is a problem with Net::LDAP. Net::LDAP can cope with more than 20.000 enbtries in one search result (that's what I use regularly, so i know it works.) Ask your ADS-Admins to increase the sizelimit for LDAP searches. CU PEter On Wednesday 16 October 2002 13:35, you wrote: > Hi all, > > I get an I/O Error when executing this code: > > =09$ldap =3D Net::LDAPS->new($ldapserver, > port =3D> '636', > verify =3D> 'none', > ); > =09my $m =3D $ldap->search( base =3D> $base, > =09=09=09=09 attrs =3D> ['dn'] , > =09=09=09=09filter =3D> "(sAMAccountName=3D*)"); > > I read the problem occurs because it returns too > much results, therefore I tried this other code ( note the r* ): > > =09my $m =3D $ldap->search( base =3D> $base, > =09=09=09=09 attrs =3D> ['dn'] , > =09=09=09=09filter =3D> "(sAMAccountName=3Dr*)"); > > and it worked ok, returning all the entries starting with 'r', > > The first code should return about 300 entries, > how could I get the whole search? > > I use: > Redhat 7.2 > Perl 5.6.1 > perl-ldap 0.26 > Convert::BER 1.31 ( I updated it because I read it could be guilty) > the server is a Windows 2000 Advanced server SP2 > > thanks, > #######################################################################= # > Rafa Martinez Diaz > Dep. Sistemas Inform=E1ticos y Computaci=F3n > Univ. Polit=E9cnica de Valencia > Camino de Vera, s/n > Valencia 46022 > Tel: (+34) 96 387 73 55 > Ext: 73553 > > ------------------------------------------------- > This mail sent through IMP: http://horde.org/imp/ > > > ------------------------------------------------------- > This sf.net email is sponsored by: viaVerio will pay you up to > $1,000 for every account that you consolidate with us. > http://ad.doubleclick.net/clk;4749864;7604308;v? > http://www.viaverio.com/consolidator/osdn.cfm --=20 Peter Marschall | eMail: pet...@ma... Scheffelstra=DFe 15 | pet...@is... 97072 W=FCrzburg | Tel: 0931/14721 PGP: D7 FF 20 FE E6 6B 31 74 D1 10 88 E0 3C FE 28 35 |
|
From: Chris R. <chr...@ma...> - 2002-10-16 14:34:55
|
On 16/10/02 3:27 pm, Gerald (Jerry) Carter <je...@sa...> wrote: > What syntax is used to stored the IPTimestamp ? Check here to see if the > string you are setting contains invalid characters, is single-valued, has > a length constraint, etc... Even easier than that - Martin forgot to chomp the \n returned by the date program :-) Cheers, Chris |
|
From: Gerald (J. C. <je...@sa...> - 2002-10-16 14:28:18
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 16 Oct 2002 Mar...@ml... wrote:
> Hi,
>
> i have problems with an attribute that uses the syntax utc time syntax.
> i generate the time with the following code line
>
> #Timestamp
> $timestamp = `date +%y%m%d%H%m%SZ`;
>
> when i try to add the content to the utc time atrtibute with
>
> $ldap->modify( $dnldap, replace => {IPTimestamp => $timestamp});
What syntax is used to stored the IPTimestamp ? Check here to see if the
string you are setting contains invalid characters, is single-valued, has
a length constraint, etc...
> i alway get an error in the log like 'invalid syntax'
>
> 2002-10-16-13:43:54.019+00:00--V2 Modify--bindDN: xxx --client: xxx
> :7809--connectionID: 2--received: 2002-10-16-13:43:54.015+00:00--Invalid syntax
You could convert the timestamp to generalized time YYYYMMDDHHMMSS.Z
Can't remember the perl construct for this, but in C gmtime(time(NULL))
cheers, jerry
---------------------------------------------------------------------
Hewlett-Packard ------------------------- http://www.hp.com
SAMBA Team ---------------------- http://www.samba.org
GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc
ISBN 0-672-32269-2 "SAMS Teach Yourself Samba in 24 Hours" 2ed
"I never saved anything for the swim back." Ethan Hawk in Gattaca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE9rXdOIR7qMdg1EfYRAr+9AJ94IUBENs0V5gU6380aNHaNT4fHtwCgwRXZ
I7kLPmC7Juv463xDC8oEnvY=
=ibKr
-----END PGP SIGNATURE-----
|
|
From: Chris R. <chr...@ma...> - 2002-10-16 14:16:35
|
On 16/10/02 3:09 pm, Punt, Ryan <Rya...@se...> wrote: > I can't seem to find instructions to get off this list anywhere. Please > help. > > ~rlp Try looking in the email headers! (eg the List-Unsubscribe header :-) Cheers, Chris |
7902 messages has been excluded from this view by a project administrator.
