[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: using -y option for ldapsearch
- To: "'SATOH Fumiyasu'" <fumiyas@osstech.jp>, <openldap-technical@openldap.org>
- Subject: RE: using -y option for ldapsearch
- From: "Sai" <bangaru.adabala@gmail.com>
- Date: Mon, 1 Jun 2009 09:24:03 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:references:subject :date:message-id:mime-version:content-type:content-transfer-encoding :x-mailer:x-mimeole:thread-index:in-reply-to; bh=Z0KO3dhp6Ui3Morp2OXqkH5UzxmkwdCh7h5qmyWJEFI=; b=BgX7xtd0cXjpKG+eB/Ob52LVvlLEWx11DkMmTD9XAwGr48I46ExqpOHAlCJRQCJRdW h4nXK2gTTrf9QAXYs4z4yY80AqMJ+iiMrGMJ1lqUD15QKjkt1JPmUfA4fgZF5LFNx4+R dPBvCFNCJHZWBSu4+0OzQMzAvMtZI4tUmRVMg=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:references:subject:date:message-id:mime-version :content-type:content-transfer-encoding:x-mailer:x-mimeole :thread-index:in-reply-to; b=lCuXBo335IYKpZovRMarsZbT46K7Cd1clHioPhn9g5iEWh/ECpOp/Fn5R+ZxyqA6cb ecFaPE4qjw+gdArJ4YECvo1DN6YUgujjBF5FYvHFUCLllBdeaeMyBxvb8l4bGz4pYUSa c+/4/JfhwY3kNOZH2u65Ym7ODQg/aeZv6CkRY=
- In-reply-to: <87iqjghzgn.wl%fumiyas@osstech.jp>
- References: <5291CE201E3C450DB656C423B1B2A253@SURYA><87k53whzkt.wl%fumiyas@osstech.jp> <87iqjghzgn.wl%fumiyas@osstech.jp>
- Thread-index: Acniujnmei86kmqiSHGylmh27+7OzwAAVWNA
Hi Fumiyasu,
That worked. I was thinking of the extra lines at the end but I was not
thinking about the line end characters.
Thanks Once again.
I suppose it should only contain plain text and not any encrypted / hashed
form? I tried the hashed form generated by slappasswd but in vain.
If you think there is any other option, please let me know.
-To love is to risk not being loved in return. To hope is to risk pain. To
try is to risk failure, but risk must be taken because the greatest hazard
in life is to risk nothing.
Thanks,
-Sai
-----Original Message-----
From: SATOH Fumiyasu [mailto:fumiyas@osstech.jp]
Sent: Monday, June 01, 2009 9:10 AM
To: Sai; openldap-technical@openldap.org
Subject: Re: using -y option for ldapsearch
Oops...
At Mon, 01 Jun 2009 22:07:46 +0900,
SATOH Fumiyasu wrote:
> If the pwdfile contains LF (\x0a) or others, strip it.
> OpenLDAP ldap* commands use the entire contents in a pwdfile.
> I think this is a bad design...
>
> Try:
>
> $ (umask 0077; echo -n "DN's password" >pwdfile)
> $
$ ldapsearch -x -h <Machine> -p <port> -s one -D <DN> -b <BASE_DN> -y
pwdfile
>
> or:
>
> $ tr -d '\n' <pwdfile \
> |ldapsearch -x -h <Machine> -p <port> -s one -D <DN> -b <BASE_DN> -y
/dev/stdin
>
> IIRC, older OpenLDAP ldap* commands cannot use /dev/stdin for
> the -y option.