Menu
▾
▴
perl-ldap-dev
You can subscribe to this list here.
| 2000 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(200) |
Jun
(129) |
Jul
(184) |
Aug
(204) |
Sep
(106) |
Oct
(79) |
Nov
(72) |
Dec
(54) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2001 |
Jan
(83) |
Feb
(123) |
Mar
(84) |
Apr
(184) |
May
(106) |
Jun
(111) |
Jul
(104) |
Aug
(91) |
Sep
(59) |
Oct
(99) |
Nov
(100) |
Dec
(37) |
| 2002 |
Jan
(148) |
Feb
(88) |
Mar
(85) |
Apr
(151) |
May
(80) |
Jun
(110) |
Jul
(85) |
Aug
(43) |
Sep
(64) |
Oct
(89) |
Nov
(59) |
Dec
(42) |
| 2003 |
Jan
(129) |
Feb
(104) |
Mar
(162) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Stephane B. <sb...@oc...> - 2001-08-22 11:05:03
|
All I get from "nmake test" is:
I:\Perl-5.6\bin\Perl.exe -Mblib -II:\Perl-5.6\lib -II:\Perl-5.6\lib
-e "use Test::Harness qw
(&runtests $verbose); $verbose=0; runtests @ARGV;" t\00ldif-entry.t
t\01canon_dn.t t\02filter.t t\50
populate.t t\51search.t t\52modify.t t\53schema.t t\54dse.t t\55ssl.t
t\70sortctrl.t
Using I:/Perl-5.6/CPAN/build/perl-ldap-0.24/blib
t\00ldif-entry......test.cfg did not return a true value at t/common.pl line 4.
BEGIN failed--compilation aborted at t/common.pl line 45.
Compilation failed in require at t\00ldif-entry.t line 4.
BEGIN failed--compilation aborted at t\00ldif-entry.t line 5.
t\00ldif-entry......dubious
Test returned status 255 (wstat 65280, 0xff00)
t\01canon_dn........ok
t\02filter..........ok
t\50populate........test.cfg did not return a true value at t/common.pl line 4.
BEGIN failed--compilation aborted at t/common.pl line 45.
Compilation failed in require at t\50populate.t line 4.
BEGIN failed--compilation aborted at t\50populate.t line 6.
t\50populate........dubious
Test returned status 255 (wstat 65280, 0xff00)
t\51search..........test.cfg did not return a true value at t/common.pl line 4.
BEGIN failed--compilation aborted at t/common.pl line 45.
Compilation failed in require at t\51search.t line 4.
BEGIN failed--compilation aborted at t\51search.t line 6.
t\51search..........dubious
Test returned status 255 (wstat 65280, 0xff00)
t\52modify..........test.cfg did not return a true value at t/common.pl line 4.
BEGIN failed--compilation aborted at t/common.pl line 45.
Compilation failed in require at t\52modify.t line 4.
BEGIN failed--compilation aborted at t\52modify.t line 6.
t\52modify..........dubious
Test returned status 255 (wstat 65280, 0xff00)
t\53schema..........ok
t\54dse.............test.cfg did not return a true value at
t/common.pl line 4.
BEGIN failed--compilation aborted at t/common.pl line 45.
Compilation failed in require at t\54dse.t line 4.
BEGIN failed--compilation aborted at t\54dse.t line 6.
t\54dse.............dubious
Test returned status 255 (wstat 65280, 0xff00)
t\55ssl.............test.cfg did not return a true value at
t/common.pl line 4.
BEGIN failed--compilation aborted at t/common.pl line 45.
Compilation failed in require at t\55ssl.t line 4.
BEGIN failed--compilation aborted at t\55ssl.t line 6.
t\55ssl.............dubious
Test returned status 255 (wstat 65280, 0xff00)
t\70sortctrl........test.cfg did not return a true value at
t/common.pl line 4.
BEGIN failed--compilation aborted at t/common.pl line 45.
Compilation failed in require at t\70sortctrl.t line 25.
BEGIN failed--compilation aborted at t\70sortctrl.t line 25.
t\70sortctrl........dubious
Test returned status 255 (wstat 65280, 0xff00)
Failed Test Stat Wstat Total Fail Failed List of Failed
----------------------------------------------------------------------
---------
t\00ldif-entry.t 255 65280 ?? ?? % ??
t\50populate.t 255 65280 ?? ?? % ??
t\51search.t 255 65280 ?? ?? % ??
t\52modify.t 255 65280 ?? ?? % ??
t\54dse.t 255 65280 ?? ?? % ??
t\55ssl.t 255 65280 ?? ?? % ??
t\70sortctrl.t 255 65280 ?? ?? % ??
Failed 7/10 test scripts, 30.00% okay. 0/193 subtests failed, 100.00%
okay.
NMAKE : fatal error U1077: 'I:\Perl-5.6\bin\Perl.exe' : return code
'0x2'
Stop.
I:/PROGRA~1/MIAF9D~1/VC98/BIN/nmake.exe test -- NOT OK
Running make install
make test had returned bad status, won't install without force
My perl is:
Summary of my perl5 (revision 5 version 6 subversion 1) configuration:
Platform:
osname=MSWin32, osvers=4.0, archname=MSWin32-x86-multi-thread
uname=''
config_args='undef'
hint=recommended, useposix=true, d_sigaction=undef
usethreads=undef use5005threads=undef useithreads=define
usemultiplicity=define
useperlio=undef d_sfio=undef uselargefiles=undef usesocks=undef
use64bitint=undef use64bitall=undef uselongdouble=undef
Compiler:
cc='cl', ccflags ='-nologo -O1 -MD -DNDEBUG -DWIN32 -D_CONSOLE -
DNO_STRICT -DHAVE_DES_FCRYPT -DPERL_IMPLICIT_CONTEXT -
DPERL_IMPLICIT_SYS -DPERL_MSVCRT_READFIX',
optimize='-O1 -MD -DNDEBUG',
cppflags='-DWIN32'
ccversion='', gccversion='', gccosandvers=''
intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
d_longlong=undef, longlongsize=8, d_longdbl=define, longdblsize=10
ivtype='long', ivsize=4, nvtype='double', nvsize=8,
Off_t='off_t', lseeksize=4
alignbytes=8, usemymalloc=n, prototype=define
Linker and Libraries:
ld='link', ldflags ='-nologo -nodefaultlib -release -
libpath:"I:\Perl-5.6\lib\CORE" -machine:x86'
libpth="I:\Perl-5.6\lib\CORE"
libs= oldnames.lib kernel32.lib user32.lib gdi32.lib
winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib
oleaut32.lib netapi32.lib uuid.lib wsock32.lib mpr.lib winmm.lib
version.lib odbc32.lib odbccp32.lib msvcrt.lib
perllibs= oldnames.lib kernel32.lib user32.lib gdi32.lib
winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib
oleaut32.lib netapi32.lib uuid.lib wsock32.lib mpr.lib winmm.lib
version.lib odbc32.lib odbccp32.lib msvcrt.lib
libc=msvcrt.lib, so=dll, useshrplib=yes, libperl=perl56.lib
Dynamic Linking:
dlsrc=dl_win32.xs, dlext=dll, d_dlsymun=undef, ccdlflags=' '
cccdlflags=' ', lddlflags='-dll -nologo -nodefaultlib -release -
libpath:"I:\Perl-5.6\lib\CORE" -machine:x86'
Characteristics of this binary (from libperl):
Compile-time options: MULTIPLICITY USE_ITHREADS
PERL_IMPLICIT_CONTEXT PERL_IMPLICIT_SYS
Locally applied patches:
ActivePerl Build 626
Built under MSWin32
Compiled at May 2 2001 01:31:15
%ENV:
PERL_DL=" o=0"
@INC:
I:/Perl-5.6/lib
I:/Perl-5.6/site/lib
.
Any help would be appreciated.
Stephane Barizien
Senior Consultant
Oce' Print Logic Technologies S.A
R&D Creteil
1 rue Jean Lemoine
F94015 CRETEIL CEDEX
Phone: +33 (1) 48988231
Fax: +33 (1) 48985450
Internet e-mail: sb...@oc...
CompuServe: 100114,1527
|
|
From: Nadja W. <Nad...@gm...> - 2001-08-22 06:04:57
|
Hi ! Here=B4s a sample of my code:=20 #!/perl/bin/perl =20 use Net::LDAP; # New Net::LDAP Object $user =3D hoens; =20 print "Daten fuer: $user\n"; $server =3D "directory.gmd.de"; $port =3D 389; $base =3D "o=3Dgmd, c=3DDE"; $filter =3D "sn=3D$user"; @attrs =3D ('dn', 'cn', 'o', 'c', 'mail','telephonenumber'); =20 print "$base, $filter, @attrs, $server\n"; $ldap =3D Net::LDAP->new($server, port =3D> $port, debug =3D> 4, timeout =3D> 60, version =3D> 3 ) or die "$@"; $mesg =3D $ldap->bind() || die ("Konnte keine Verbindung zu $server = herstellen!"); =20 if ( $mesg->code() ) {("failed to bind with ",$mesg->code,"\n")}=20 =20 $mesg =3D $ldap->search(=20 base=3D> $base, scope =3D> 'sub', filter=3D> $filter, attrs=3D> @attrs ) || die (print "search failed with ",$mesg->code,"\n"); $number =3D $mesg->count(); print "$number\n"; =20 foreach $entry ($mesg->all_entries)=20 { print $entry->dump();=20 } =20 $ldap->unbind(); but I get always an emty hash. Nadja=20 |
|
From: Simon W. <sx...@sx...> - 2001-08-22 01:12:01
|
On Mon, 20 Aug 2001, Graham Barr wrote: > On Mon, Aug 20, 2001 at 02:18:59PM -0700, Johnson, Brian K wrote: > > supportedSASLMechanisms: GSSAPI > > GSS-SPNEGO > > Nothing has been done yet with either of these. If someone can point to the > description of thse then we can work on it. I've written a trivial shim to link the Cyrus SASL implementation of the GSSAPI SASL mechanism with Net::LDAP - I've tested it with OpenLDAP, and we're using it in a live environment. The code is available from http://www.sxw.org.uk/computing/ I believe that the SASL mapping for GSSAPI is defined in a RFC. I suspect that GSS-SPENGO is a particular instance of this. Cheers, Simon. |
|
From: Chris C. <ch...@ka...> - 2001-08-21 19:46:36
|
Brad, the attatched sample file works fine. I have covered the name of my directory and the base, but other than that it is exactly as I run it. Chris... > ----- Forwarded message from "Harum, Bradford" <Bra...@in...> > ----- > > Date: Tue, 21 Aug 2001 10:53:58 -0500 > To: <gb...@po...> > From: "Harum, Bradford" <Bra...@in...> > Subject: question about NET::LDAP > > HI, > > I recently installed the LDAP module from cpan and I am having problems > searching my directory server. Could you send me some more code > examples of how to build a search. I believe that it is binding > properly but the result hash is always empty. Can you send me a real > simple example of a search or a link to a site that has examples... > > Thanks. > > Thank you. > > Brad Harum > Phone 312-474-2312 > mailto:bra...@in... > > > ----- End forwarded message ----- |
|
From: Bob G. <Bob...@kp...> - 2001-08-21 16:36:58
|
Sounds like either the Bind or the Search returned an error. Can you clip a sample of the code you are using? BobG gb...@po... 08/21/2001 05:27 AM To: per...@li...@Internet cc: Nad...@gm...@Internet, (bcc: Bob Goolsby/CA/KAIPERM) Subject: [Fwd] Perl-LDAP ----- Forwarded message from Nadja Winter <Nad...@gm...> ----- Date: Tue, 21 Aug 2001 11:43:21 +0200 To: <gb...@po...> From: "Nadja Winter" <Nad...@gm...> Subject: Perl-LDAP X-Mailer: Microsoft Outlook Express 5.50.4522.1200 Hello Mr Barr ! I try to run the search-function with the Net::LDAP-module, but whenever I want to count the found Data, the editor says: "Cannot locate object method "count" via package "Net::LDAP::Bind" although I have installed it. What have I to do? Best wishes Nadja email: nad...@gm... ----- End forwarded message ----- |
|
From: Graham B. <gb...@po...> - 2001-08-21 15:57:06
|
----- Forwarded message from "Harum, Bradford" <Bra...@in...> ----- Date: Tue, 21 Aug 2001 10:53:58 -0500 To: <gb...@po...> From: "Harum, Bradford" <Bra...@in...> Subject: question about NET::LDAP HI, I recently installed the LDAP module from cpan and I am having problems searching my directory server. Could you send me some more code examples of how to build a search. I believe that it is binding properly but the result hash is always empty. Can you send me a real simple example of a search or a link to a site that has examples... Thanks. Thank you. Brad Harum Phone 312-474-2312 mailto:bra...@in... ----- End forwarded message ----- |
|
From: Chris R. <chr...@me...> - 2001-08-21 14:44:31
|
mar...@ge... wrote:
> Hi,
>
> I'm not able to get the syntax of an attribute.
>
> According to the POD documentation of Net::LDAP::Schema I received a list
> of all attributes of an specified object class and I was also able to get
> the syntax OID using the schema->syntax method.
>
> My question is how to get further information about a specific syntax
> type like e.g. description, minimum and maximum entry size.
>
I'm not sure your questions make complete sense: although syntaxes do have
(optional) descriptions, size restrictions aren't a property of the syntax
- they are properties of the attribute that *use* the syntax.
So you should do your queries on the attribute and not the syntax.
Also, the RFCs don't provide information on the min/max size of values for
a given attribute. What RFC 2252 *does* provide is a "minimum upper bound"
for values of given attributes. In other words, the server can say that it
will allow values *at least* as large as some number of bytes. Servers
don't have to report it at all, as the values are just "suggested" in RFC
2252. IMO a "minimum upper bound" seems a slightly useless thing to return
anyway.
From looking at the Schema.pm code it would appear that the minimum upper
bound as stashed as "max_length" (sic). So the following *might* work:
$maxcn = $schema->item("cn", "max_length");
You should be able to get any descriptions for syntaxes (if the server
returns any of course) using this:
$syntax = $schema->item("cn", "syntax");
$desc = $schema->item($syntax, "desc");
Cheers,
Chris
|
|
From: Chris F. <cf...@vi...> - 2001-08-21 14:40:40
|
On Tue, 21 Aug 2001 13:23:13 +0100 Graham Barr wrote: +------------------ | ----- Forwarded message from Nadja Winter <Nad...@gm...> ----- | | Date: Tue, 21 Aug 2001 11:43:21 +0200 | To: <gb...@po...> | From: "Nadja Winter" <Nad...@gm...> | Subject: Perl-LDAP | X-Mailer: Microsoft Outlook Express 5.50.4522.1200 | | Hello Mr Barr ! | | I try to run the search-function with the Net::LDAP-module, but | whenever I w ant to count the found Data, the editor says: "Cannot | locate object method "count" via package "Net::LDAP::Bind" although | I have installed it. | | What have I to do? +------------------ It sounds like you are trying to use a method on an object that does not support it. Show us some code. Create a small but complete test case that exhibits the problem that you are seeing and post it to the support list. Maybe we'll be able to spot your confusion. chris -- |
|
From: <mar...@ge...> - 2001-08-21 14:02:18
|
Hi, I'm not able to get the syntax of an attribute. According to the POD documentation of Net::LDAP::Schema I received a list of all attributes of an specified object class and I was also able to get the syntax OID using the schema->syntax method. My question is how to get further information about a specific syntax type like e.g. description, minimum and maximum entry size. Thanks Markus |
|
From: Graham B. <gb...@po...> - 2001-08-21 12:24:38
|
----- Forwarded message from Nadja Winter <Nad...@gm...> ----- Date: Tue, 21 Aug 2001 11:43:21 +0200 To: <gb...@po...> From: "Nadja Winter" <Nad...@gm...> Subject: Perl-LDAP X-Mailer: Microsoft Outlook Express 5.50.4522.1200 Hello Mr Barr ! I try to run the search-function with the Net::LDAP-module, but whenever I want to count the found Data, the editor says: "Cannot locate object method "count" via package "Net::LDAP::Bind" although I have installed it. What have I to do? Best wishes Nadja email: nad...@gm... ----- End forwarded message ----- |
|
From: Graham B. <gb...@po...> - 2001-08-20 21:39:54
|
On Mon, Aug 20, 2001 at 02:18:59PM -0700, Johnson, Brian K wrote: > Greetings, > > I just recently started using perl-ldap with Active Directory (AD) & I was > wondering if anyone has gotten SASL to work with AD. Or, if any work is > underway to make this work (I think adding support for GSS-SPNEGO would be > needed). Anyweay, I tried Authen::SASL with CRAM-MD5 & this did not work as > this is not a supported authentication method. If I query AD it tells me > (snippet below) that: > > supportedSASLMechanisms: GSSAPI > GSS-SPNEGO Nothing has been done yet with either of these. If someone can point to the description of thse then we can work on it. Graham. |
|
From: Johnson, B. K <bri...@lm...> - 2001-08-20 21:27:52
|
Greetings,
I just recently started using perl-ldap with Active Directory (AD) & I was
wondering if anyone has gotten SASL to work with AD. Or, if any work is
underway to make this work (I think adding support for GSS-SPNEGO would be
needed). Anyweay, I tried Authen::SASL with CRAM-MD5 & this did not work as
this is not a supported authentication method. If I query AD it tells me
(snippet below) that:
supportedSASLMechanisms: GSSAPI
GSS-SPNEGO
so this is no great surprise........more complete data from AD
follows........
supportedControl: 1.2.840.113556.1.4.319
1.2.840.113556.1.4.801
1.2.840.113556.1.4.473
1.2.840.113556.1.4.528
1.2.840.113556.1.4.417
1.2.840.113556.1.4.619
1.2.840.113556.1.4.841
1.2.840.113556.1.4.529
1.2.840.113556.1.4.805
1.2.840.113556.1.4.521
1.2.840.113556.1.4.970
1.2.840.113556.1.4.1338
1.2.840.113556.1.4.474
1.2.840.113556.1.4.1339
1.2.840.113556.1.4.1340
1.2.840.113556.1.4.1413
supportedLDAPVersion: 3
2
supportedLDAPPolicies: MaxPoolThreads
MaxDatagramRecv
MaxReceiveBuffer
InitRecvTimeout
MaxConnections
MaxConnIdleTime
MaxActiveQueries
MaxPageSize
MaxQueryDuration
MaxTempTableSize
MaxResultSetSize
MaxNotificationPerConn
highestCommittedUSN: 137647
supportedSASLMechanisms: GSSAPI
GSS-SPNEGO
supportedCapabilities: 1.2.840.113556.1.4.800
isSynchronized: TRUE
isGlobalCatalogReady: TRUE
|
|
From: Kartik S. <sub...@co...> - 2001-08-20 17:38:34
|
[Admittedly off-topic for Net::LDAP proper, but I hope interesting enough to be okay to post to this list.] We're happy to announce version 1.0 of an NT authentication plugin for iPlanet Directory Server running on Linux or HP-UX. This plugin allows you to leverage an existing NT domain infrastructure for LDAP pass-through authentication, saving you the trouble of managing or synchronizing individual userPassword attributes for each user. For more information on how the plugin works, see below. You can download the plugin at: http://prdownloads.sourceforge.net/dsntauth/ntauth-1.0.tar.gz The main project page is: http://sourceforge.net/projects/dsntauth The code is licensed under the GPL. We're eager to get feedback, and welcome anyone who is interested in participating to join the project. Cheers, Neil Dunbar and Kartik Subbarao How it works ============ To illustrate how the plugin works, take the following excerpts from two entries in an LDAP Directory: dn: uid=nei...@hp..., ou=Employees, o=hp.com cn: Neil Dunbar uid: nei...@hp... ntUserDomainID: EUROPE1:nd dn: uid=kar...@hp..., ou=Employees, o=hp.com cn: Kartik Subbarao uid: kar...@hp... ntUserDomainID: ATLANTA2:kssu When Neil Dunbar binds to the LDAP server with his distinguished name and password, an authentication request is sent to a domain controller for the EUROPE1 domain. This request attempts to authenticate the user "nd" using the password in the LDAP bind request. If the domain controller replies with a successful response, the bind is allowed, otherwise it is rejected. Similarly, when Kartik Subbarao binds to the LDAP server with his distinguished name and password, a request is sent to a domain controller for the ATLANTA2 domain to authenticate the user kssu in the ATLANTA2 domain. Currently, the plugin is written for iPlanet's Directory Server product. We are looking at porting it to OpenLDAP as well. The plugin has been tested extensively on Linux and HP-UX, and is likely to run on most other Unix platforms as well. As a security measure, binds are only accepted on port 636 (the standard LDAP/SSL port). |
|
From: Chris F. <cf...@vi...> - 2001-08-17 16:26:42
|
On Mon, 13 Aug 2001 21:35:35 +0100 Graham Barr wrote: +------------------ | From: "Gaudio, Anthony " <AG...@ab...> | Subject: LDAP and Outlook question | | I am using your module to query information from an Outlook Server. I have | come across an interesting dilemma. Inside the Outlook Address Book most | names are ordered by firstname then lastname. Some of the entries are | ordered by Lastname, Firstname. | | When I put in something like this (givenName=tony*) it will return all | entries in the Outlook Address Book that are ordered Firstname Lastname. It | will not return the name if the order is: Lastname, Firstname. | | Is there anyway around this? +------------------ I have no direct experience with Outlook Server but i suspect that the filter could be written as (givenName=*tony*) at some small performance impact. In general it is a mistake to depend on the structure of composit kes anyway. chris -- |
|
From: Chris R. <chr...@me...> - 2001-08-17 08:12:37
|
Robert Vera <ve...@gw...> wrote: > Hello, > > I am trying to verify that I understand and am using start_tls correctly. > > Quick Background: > I have used LDAPS to connect to NDS. I have been able to then make calls > to certificate->subject_name, certificate->issuer_name, and cipher to > retrieve appropriate data. > > Fast Forward: > I start out by using LDAP->new. > I am now trying to use start_tls. I pass the same arguments to start_tls > as to LDAPS->new (as mentioned in the Quick Background AND excepting the > server arg). I then try to print out certificate->subject_name, > certificate->issuer_name, and cipher, all to no avail (warning of > 'uninitialized value'). > > start_tls must work (it does not die). > > What am I missing? Doesn't the fact that cipher returns an uninitialized > value mean that I am still operating without any encryption? What kind of object does the certificate method return? Can you continue to send LDAP messages to the server on that connection? What type is the object returned by $ldap->socket? > As an aside, I have also tried using the start_tls option 'ciphers' with > the value of "DES-CBC3-SHA". (This is the return value of cipher in the > LDAPS background case.) I do not see the need to try any of the other > values that might be returned by openssl ciphers -v. Any other comments? The default is a list of cipher suites to try (ALL:!LOW:!EXP). There's no real harm in using a list of suites - it is a one-off cost of a couple of bytes on the network during the TLS handshake - and it makes your client more resilient to changes in your server's configuration. For example, a flaw might be discovered in that cipher suite or your server's implementation of it, and your server admin might chose to immediately disable it. Cheers, Chris |
|
From: Robert V. <ve...@gw...> - 2001-08-16 17:22:24
|
Hello, I am trying to verify that I understand and am using start_tls correctly. Quick Background: I have used LDAPS to connect to NDS. I have been able to then make calls = to certificate->subject_name, certificate->issuer_name, and cipher to = retrieve appropriate data. Fast Forward: I start out by using LDAP->new. I am now trying to use start_tls. I pass the same arguments to start_tls = as to LDAPS->new (as mentioned in the Quick Background AND excepting the = server arg). I then try to print out certificate->subject_name, certificate= ->issuer_name, and cipher, all to no avail (warning of 'uninitialized = value'). start_tls must work (it does not die).=20 What am I missing? Doesn't the fact that cipher returns an uninitialized = value mean that I am still operating without any encryption? As an aside, I have also tried using the start_tls option 'ciphers' with = the value of "DES-CBC3-SHA". (This is the return value of cipher in the = LDAPS background case.) I do not see the need to try any of the other = values that might be returned by openssl ciphers -v. Any other comments?=20= Thanks, |
|
From: Roel v. M. <ro...@li...> - 2001-08-15 07:49:53
|
Graham Barr wrote: > > When I put in something like this (givenName=tony*) it will return all > entries in the Outlook Address Book that are ordered Firstname Lastname. It > will not return the name if the order is: Lastname, Firstname. > > Is there anyway around this? I think the only thing is to use a filter that matches both entries. FYI, when outlook searches for entries, it searches on the cn,sn,givenname and mail entries. Maybe you chould compose a similar filter to make sure that if you can find an entry with your admin tool, Outlook can find it as well.. Regards, rolek -- 1A First Alternative ro...@al... www.alt001.com Linvision BV ro...@li... (www|devel).linvision.com -- |
|
From: Chris R. <chr...@me...> - 2001-08-15 07:11:15
|
Graham Barr <gb...@po...> wrote: > On Tue, Aug 14, 2001 at 08:08:11AM +0100, Chris Ridd wrote: >> Graham Barr <gb...@po...> wrote: >> > ----- Forwarded message from "Gaudio, Anthony " <AG...@ab...> >> > ----- >> > >> > Date: Mon, 13 Aug 2001 16:12:12 -0400 >> > To: "'gb...@po...'" <gb...@po...> >> > From: "Gaudio, Anthony " <AG...@ab...> >> > Subject: LDAP and Outlook question >> > X-Mailer: Internet Mail Service (5.5.2653.19) >> > >> > I am using your module to query information from an Outlook Server. I >> > have come across an interesting dilemma. Inside the Outlook Address >> > Book most names are ordered by firstname then lastname. Some of the >> > entries are ordered by Lastname, Firstname. >> > >> > When I put in something like this (givenName=tony*) it will return all >> > entries in the Outlook Address Book that are ordered Firstname >> > Lastname. It will not return the name if the order is: Lastname, >> > Firstname. >> > >> > Is there anyway around this? >> > >> > >> > Thanks, >> > - Anthony >> >> An LDAP server is not required to do any ordering when it returns results >> to a search, so you should consider any apparent ordering that you *do* >> see a complete coincidence :-) >> >> However, if the server supports RFC 2891 - Server-side Sorting - then you >> may be able to make the server do the sorting for you. If not, then >> you'll have to sort the results yourself; not too much of a big deal. >> >> Check out Net::LDAP::Control::Sort. > > I don't think Anthony is asking about the order they are returned. He is > talking about an inconsistency in the way the entries have been entered > into the directory. > > This really sounds like a problem for their admin to sort out. Yes, you're right. Cheers, Chris |
|
From: Graham B. <gb...@po...> - 2001-08-14 19:04:13
|
On Tue, Aug 14, 2001 at 08:08:11AM +0100, Chris Ridd wrote: > Graham Barr <gb...@po...> wrote: > > ----- Forwarded message from "Gaudio, Anthony " <AG...@ab...> > > ----- > > > > Date: Mon, 13 Aug 2001 16:12:12 -0400 > > To: "'gb...@po...'" <gb...@po...> > > From: "Gaudio, Anthony " <AG...@ab...> > > Subject: LDAP and Outlook question > > X-Mailer: Internet Mail Service (5.5.2653.19) > > > > I am using your module to query information from an Outlook Server. I > > have come across an interesting dilemma. Inside the Outlook Address Book > > most names are ordered by firstname then lastname. Some of the entries > > are ordered by Lastname, Firstname. > > > > When I put in something like this (givenName=tony*) it will return all > > entries in the Outlook Address Book that are ordered Firstname Lastname. > > It will not return the name if the order is: Lastname, Firstname. > > > > Is there anyway around this? > > > > > > Thanks, > > - Anthony > > An LDAP server is not required to do any ordering when it returns results > to a search, so you should consider any apparent ordering that you *do* see > a complete coincidence :-) > > However, if the server supports RFC 2891 - Server-side Sorting - then you > may be able to make the server do the sorting for you. If not, then you'll > have to sort the results yourself; not too much of a big deal. > > Check out Net::LDAP::Control::Sort. I don't think Anthony is asking about the order they are returned. He is talking about an inconsistency in the way the entries have been entered into the directory. This really sounds like a problem for their admin to sort out. Graham. |
|
From: Chris R. <chr...@me...> - 2001-08-14 07:09:40
|
Graham Barr <gb...@po...> wrote: > ----- Forwarded message from "Gaudio, Anthony " <AG...@ab...> > ----- > > Date: Mon, 13 Aug 2001 16:12:12 -0400 > To: "'gb...@po...'" <gb...@po...> > From: "Gaudio, Anthony " <AG...@ab...> > Subject: LDAP and Outlook question > X-Mailer: Internet Mail Service (5.5.2653.19) > > I am using your module to query information from an Outlook Server. I > have come across an interesting dilemma. Inside the Outlook Address Book > most names are ordered by firstname then lastname. Some of the entries > are ordered by Lastname, Firstname. > > When I put in something like this (givenName=tony*) it will return all > entries in the Outlook Address Book that are ordered Firstname Lastname. > It will not return the name if the order is: Lastname, Firstname. > > Is there anyway around this? > > > Thanks, > - Anthony An LDAP server is not required to do any ordering when it returns results to a search, so you should consider any apparent ordering that you *do* see a complete coincidence :-) However, if the server supports RFC 2891 - Server-side Sorting - then you may be able to make the server do the sorting for you. If not, then you'll have to sort the results yourself; not too much of a big deal. Check out Net::LDAP::Control::Sort. Cheers, Chris |
|
From: Graham B. <gb...@po...> - 2001-08-13 20:37:03
|
----- Forwarded message from "Gaudio, Anthony " <AG...@ab...> ----- Date: Mon, 13 Aug 2001 16:12:12 -0400 To: "'gb...@po...'" <gb...@po...> From: "Gaudio, Anthony " <AG...@ab...> Subject: LDAP and Outlook question X-Mailer: Internet Mail Service (5.5.2653.19) I am using your module to query information from an Outlook Server. I have come across an interesting dilemma. Inside the Outlook Address Book most names are ordered by firstname then lastname. Some of the entries are ordered by Lastname, Firstname. When I put in something like this (givenName=tony*) it will return all entries in the Outlook Address Book that are ordered Firstname Lastname. It will not return the name if the order is: Lastname, Firstname. Is there anyway around this? Thanks, - Anthony __________________________________________ Anthony Gaudio Tools Developer About The Human Internet http://www.about.com 1440 Broadway - New York, NY 10018 Ph: (212)-204-1690 Em: ag...@ab... __________________________________________ Your fantasies are unlikely, but beautiful -- Radiohead ------------------------------------------ ----- End forwarded message ----- |
|
From: Graham B. <gb...@po...> - 2001-08-13 19:12:01
|
On Mon, Aug 13, 2001 at 11:49:46AM -0500, Clif Harden wrote: > Security.pod is a good name for the page. Yes > When you are ready, I will put it into both the FAQ and > the Faq-o-matic. We should also add links in Net::LDAP.pod too Graham. |
|
From: Clif H. <cl...@di...> - 2001-08-13 16:49:50
|
> > In some discussions last week with Jim Dutton, a possible gap in the Fine > Documentation was perceived, namely something describing security and LDAP. > > I'm attaching what I've written so far, for inclusion as > Net::LDAP::Security.pod or something. It could go in a FAQ instead, I don't > mind too much. Jim's seen earlier drafts a couple of times already so > hopefully all the really embarrassing errors have been caught :-) > > Suggestions for improvements are welcomed. I'll pod-ify it in due course, > and will add references to other man pages at that point. > > Cheers, > > Chris Chris, Security.pod is a good name for the page. When you are ready, I will put it into both the FAQ and the Faq-o-matic. Regards, Clif |
|
From: Chris R. <chr...@me...> - 2001-08-13 16:29:32
|
In some discussions last week with Jim Dutton, a possible gap in the Fine Documentation was perceived, namely something describing security and LDAP. I'm attaching what I've written so far, for inclusion as Net::LDAP::Security.pod or something. It could go in a FAQ instead, I don't mind too much. Jim's seen earlier drafts a couple of times already so hopefully all the really embarrassing errors have been caught :-) Suggestions for improvements are welcomed. I'll pod-ify it in due course, and will add references to other man pages at that point. Cheers, Chris |
|
From: eric G. <eri...@wa...> - 2001-08-11 08:55:29
|
Hi ,
last month I read a message from openldap team about diff of member and
uniquemember . In fact uniquemember is the DN and an optionnal info :
eg : uniquemember : uid=eric.german,o=gouv,c=fr temp1
and an another :uniquemember : uid=eric.german,o=gouv,c=fr temp2
in the same ldap group .
thank
$a+
germanlinux
----- Original Message -----
From: Diffenderfer, Randy <ran...@ed...>
To: <per...@li...>
Sent: Friday, August 10, 2001 8:51 PM
Subject: ldap->modify method: problems with multi-valued attribute 'delete'
> Folks,
>
> Have run into this and haven't found a "good" way out. I have a
workaround
> (grab a complete group entry, edit it, and replace the entire entry), but
it
> is potentially dangerous, so I'd rather find the "right" answer!
>
> Background:
>
> Using objectClass 'groupOfUniqueNames' to provide network "group"
> credentials for network-based privilege requests, e.g. authentication for
> Netscape groups and firewall proxy server boxes. A schema dump of the
> directory shows that this class is subtly different from 'groupOfNames'.
> The 'owner' attribute is identical, but the 'members' attributes
'member'
> in 'groupOfNames' and 'uniqueMember' in 'groupOfUniqueNames' ) definitions
> are different, one lacking the "EQUALITY" clause:
>
> attributeTypes: ( 2.5.4.31 NAME 'member' EQUALITY distinguishedNameMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE directoryOperation )
> attributeTypes: ( 2.5.4.50 NAME 'uniqueMember' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.12{32767} USAGE directoryOperation )
>
> Problem:
>
> The values of the 'uniqueMember' attribute in the groups are true DN's. I
> can 'add' with no problem, but 'delete' of a single value is a problem,
> yielding this message:
>
> $result = $ldap->modify( $dn, 'delete' => { 'uniqueMember' =>
$user_dn } );
>
> Return code: 18
> Message: LDAP_INAPPROPRIATE_MATCHING: An extensible matching rule in the
> given filter does not apply to the specified attribute
>
> If I try to 'delete' an owner (substitute "owner" for "uniqueMember" in
the
> above code snippet), things are fine.
>
> Any ideas?
>
> Thanks,
> Randy Diffenderfer
>
|
7902 messages has been excluded from this view by a project administrator.
