Menu
▾
▴
perl-ldap-dev
|
From: Armin F. <ar...@co...> - 2002-03-05 13:48:33
|
hi! i am using the Net::LDAP library to create a little maintenance utility for a ldap-server. searching and removing was working perfectly, but i now have a problem adding new entries. the ldap-server used is from data connection limited. i created a new entry using (before, i used 'new' and 'bind'): $ldapresults=$ldapconnection->add ($dn) and this did something in the database, but i'm not sure exactly what. when i try to search this entry, i don't see it (but i see other entries). with the directory admin tool that came with the ldap-server, i see the entry, but when i try to access it, i receive the error-message, that the entry has been deleted. when i try again, the entry appears again and when i try to delete it, the directory admin closes without any comment (crashes?). when i try to create the entry again (like above), i get the error-message: "The entry already exists", when i try to delete it, i get the error-message : "No such object". when i try to delete the whole tree in the directory admin, i get the error-message: Unable to delete the entry "..." (or any of its superiors) because this area of the directroy contains links or aliases. can you please tell me: * how can i get rid of the entry? * what did i do wrong when trying to create the entry? kind regards, armin fuerst |
|
From: Jim H. <ha...@us...> - 2002-03-05 14:24:46
|
Here are a few things to try. Make sure that you print the full dn ($dn) and that it is what you think. Use a generic tool like ldapsearch to display the contents of that dn and and also the contents of something created by the vendor's tool that you think should be very similar. It is possible that their tool expects a certain objectclass or attribute to be present that you aren't supplying. Use Net::LDAP to delete the object with the same dn. Check the status that comes back to be sure that it worked. It is possible that the dn that you are dinding with doesn't have sufficient privileges to eithr add a certain attribute of to deleted objects. --Jim Harle On Tue, 5 Mar 2002, Armin Fuerst wrote: > > hi! > > i am using the Net::LDAP library to create a little maintenance utility > for a ldap-server. > searching and removing was working perfectly, but i now have a problem > adding new entries. > the ldap-server used is from data connection limited. > i created a new entry using (before, i used 'new' and 'bind'): > > $ldapresults=$ldapconnection->add ($dn) > > and this did something in the database, but i'm not sure exactly what. > when i try to search this entry, i don't see it (but i see other entries). > with the directory admin tool that came with the ldap-server, i see the > entry, but when i try to access it, i receive the error-message, that the > entry has been deleted. when i try again, the entry appears again and when > i try to delete it, the directory admin closes without any comment > (crashes?). > > when i try to create the entry again (like above), i get the > error-message: "The entry already exists", when i try to delete it, i get > the error-message : "No such object". > when i try to delete the whole tree in the directory admin, i get the > error-message: > Unable to delete the entry "..." (or any of its superiors) because this > area of the directroy contains links or aliases. > > > can you please tell me: > * how can i get rid of the entry? > * what did i do wrong when trying to create the entry? > > kind regards, > > armin fuerst > > |
|
From: Armin F. <ar...@co...> - 2002-03-05 15:11:54
|
On Tue, 5 Mar 2002, Jim Harle wrote: > Here are a few things to try. > > Make sure that you print the full dn ($dn) and that it is what you think. i am sure to use the correct (and fully specified) dn. > Use a generic tool like ldapsearch to display the contents of that dn and > and also the contents of something created by the vendor's tool that you > think should be very similar. It is possible that their tool expects a > certain objectclass or attribute to be present that you aren't supplying. ldapsearch brings: # # filter: (objectclass=*) # requesting: ALL # # PersonalAddressBook, armin_info, user_info, CCN, cisco.com dn: ou=PersonalAddressBook,ou=armin_info,ou=user_info,ou=CCN,o=cisco.com objectClass: organizationalUnit objectClass: top ou: PersonalAddressBook # search result search: 2 result: 0 Success text: Success # numResponses: 2 # numEntries: 1 when i try to delete it with ldapdelete the specific object: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "cn=BBBB,ou=PersonalAddressBook,ou=armin_info,ou=user_info,ou=CCN,o=cisco.com" ldap_init( x.x.x.x, y ) deleting entry "cn=BBBB,ou=PersonalAddressBook,ou=armin_info,ou=user_info,ou=CCN,o=cisco.com" deleting children of: cn=BBBB,ou=PersonalAddressBook,ou=armin_info,ou=user_info,ou=CCN,o=cisco.com ldap_search: No such object matched DN: "ou=PersonalAddressBook,ou=armin_info,ou=user_info,ou=CCN,o=cisco.com" additional info: No such object Delete Result: No such object (32) Additional info: No such object Matched DN: ou=PersonalAddressBook,ou=armin_info,ou=user_info,ou=CCN,o=cisco.com when i try to delete the whole tree: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "ou=PersonalAddressBook,ou=armin_info,ou=user_info,ou=CCN,o=cisco.com" ldap_init( x.x.x.x, y ) deleting entry "ou=PersonalAddressBook,ou=armin_info,ou=user_info,ou=CCN,o=cisco.com" deleting children of: ou=PersonalAddressBook,ou=armin_info,ou=user_info,ou=CCN,o=cisco.com Delete Result: Operation not allowed on nonleaf (66) Additional info: The operation cannot be performed on a non-leaf node > Use Net::LDAP to delete the object with the same dn. Check the status > that comes back to be sure that it worked. It is possible that the dn > that you are dinding with doesn't have sufficient privileges to eithr add > a certain attribute of to deleted objects. this is what i originally did: $BASE1="ou=PersonalAddressBook,ou="; $USER="armin"; $BASE2="_info,ou=user_info,ou=CCN,o=cisco.com"; dn="cn=BBBB,".$BASE1.$USER.$BASE2; $ldapresults=$ldapconnection->add ($dn,attr=>['objectClass'=>['top', 'person', 'ciscoocUser', 'dcdPerson', 'organizationalPerson', 'inetOrgPerson']]); print "x ".$ldapresults->error." x\n"; $ldapresults=$ldapconnection->search (base=>$BASE1.$USER.$BASE2,filter=>'cn=*'); print "x ".$ldapresults->error." x\n"; foreach $entry ($ldapresults->all_entries) { print sprintf("%s",$entry->get("cn"))."\n"; } $ldapresults=$ldapconnection->delete ($dn); print "x ".$ldapresults->error." x\n"; this script returns: x The entry already exists x x Success x x No such object x when i first tried to create an entry, i didn't specify any objectclass. there is no permission problem with the login, with the same login and different utilities, i can modify the ldap-directory without any problem. kind regards, armin fuerst > > --Jim Harle > > On Tue, 5 Mar 2002, Armin Fuerst wrote: > > > > > hi! > > > > i am using the Net::LDAP library to create a little maintenance utility > > for a ldap-server. > > searching and removing was working perfectly, but i now have a problem > > adding new entries. > > the ldap-server used is from data connection limited. > > i created a new entry using (before, i used 'new' and 'bind'): > > > > $ldapresults=$ldapconnection->add ($dn) > > > > and this did something in the database, but i'm not sure exactly what. > > when i try to search this entry, i don't see it (but i see other entries). > > with the directory admin tool that came with the ldap-server, i see the > > entry, but when i try to access it, i receive the error-message, that the > > entry has been deleted. when i try again, the entry appears again and when > > i try to delete it, the directory admin closes without any comment > > (crashes?). > > > > when i try to create the entry again (like above), i get the > > error-message: "The entry already exists", when i try to delete it, i get > > the error-message : "No such object". > > when i try to delete the whole tree in the directory admin, i get the > > error-message: > > Unable to delete the entry "..." (or any of its superiors) because this > > area of the directroy contains links or aliases. > > > > > > can you please tell me: > > * how can i get rid of the entry? > > * what did i do wrong when trying to create the entry? > > > > kind regards, > > > > armin fuerst > > > > > |
|
From: Chris R. <chr...@me...> - 2002-03-05 17:44:30
|
Armin Fuerst <ar...@co...> wrote: > $ldapresults=$ldapconnection->add ($dn,attr=>['objectClass'=>['top', > 'person', > 'ciscoocUser', > 'dcdPerson', > 'organizationalPerson', > 'inetOrgPerson']]); You haven't specified any other attributes in the entry, so the server should have rejected the add operation. The entry has an RDN of cn=BBBB, so you *must* at least have a cn attribute, which you haven't specified. (The server does not infer it from the RDN.) The person object class requires that you specify the sn attribute, and I'm not sure what ciscoocUser and dcdPerson require; are there any content rules which permit the absence of these mandatory attributes? Cheers, Chris |
|
From: Chris R. <chr...@me...> - 2002-03-05 14:49:06
|
Armin Fuerst <ar...@co...> wrote:
>
> hi!
>
> i am using the Net::LDAP library to create a little maintenance utility
> for a ldap-server.
> searching and removing was working perfectly, but i now have a problem
> adding new entries.
> the ldap-server used is from data connection limited.
> i created a new entry using (before, i used 'new' and 'bind'):
>
> $ldapresults=$ldapconnection->add ($dn)
What type is the $dn variable? If it is just a string representing a DN,
then you've possibly found two bugs:
1) Net::LDAP shouldn't let you add an entry with no attributes
2) your server has added an incomplete and illegal entry
> and this did something in the database, but i'm not sure exactly what.
> when i try to search this entry, i don't see it (but i see other entries).
> with the directory admin tool that came with the ldap-server, i see the
> entry, but when i try to access it, i receive the error-message, that the
> entry has been deleted. when i try again, the entry appears again and when
> i try to delete it, the directory admin closes without any comment
> (crashes?).
>
> when i try to create the entry again (like above), i get the
> error-message: "The entry already exists", when i try to delete it, i get
> the error-message : "No such object".
> when i try to delete the whole tree in the directory admin, i get the
> error-message:
> Unable to delete the entry "..." (or any of its superiors) because this
> area of the directroy contains links or aliases.
>
>
> can you please tell me:
> * how can i get rid of the entry?
Since you don't seem to be able to delete it over protocol, that will
probably depend on what brand of server it is. You might need to dump the
database contents to some text file (eg LDIF), edit the text file, and
reload it.
> * what did i do wrong when trying to create the entry?
Probably, you forgot to specify any attributes in the entry. As far as I
can recall, you can use add() two ways:
1) specifying the whole entry in the arguments:
$ldap->add("cn=My Entry,o=My Company,c=WW",
attr => [
"objectClass" => [qw(top person)],
"cn" => ["My Entry"],
"sn" => ["Entry"],
]);
2) creating a Net::LDAP::Entry object, and adding that object:
$e = new Net::LDAP::Entry;
$e->dn("cn=My Entry,o=My Company,c=WW");
$e->add(
"objectClass" => [qw(top person)],
"cn" => ["My Entry"],
"sn" => ["Entry"],
);
$ldap->add($e);
> kind regards,
>
> armin fuerst
>
>
Cheers,
Chris
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X