[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Do DN's have to be rooted at country

To: Mark Wilcox <mewilcox@unt.edu>
Subject: Re: Do DN's have to be rooted at country
From: "Yusuf Goolambbas" <yusufg@huge.net>
Date: Thu, 15 Oct 1998 16:49:16 +0800 (CST)
Cc: Gerrit Thomson <334647@swin.edu.au>, openldap-general@openldap.org
In-reply-to: <3624A340.EC4E4D80@unt.edu>
References: <19981014041047.8203.qmail@yusufg.portal2.com> <36244E0C.DB4517FD@swin.edu.au> <3624A340.EC4E4D80@unt.edu>

>>>>> "Mark" == Mark Wilcox <mewilcox@unt.edu> writes:

  Mark> Country does not have to be a part of the dn. Actually there's
  Mark> a movment out now to make dn's a bit more easier to understand
  Mark> (see rfc2377 which came out last month).

  Mark> From the looks of your message Yusuf, that you didn't specify
  Mark> a search base in your ldapsearch request.  ldapsearch -h
  Mark> myhost -p 389 -b "brand=something" "(objectclass=*)"

Well, I did lots of tests and from what I can gather, the only queries 
I could get answered by OpenLDAP 1.0.2 is of the suffix form
"o=something, c=ISO-code" 

I checked the archives, in September Benjamin Heitman seemed to
indicate a similar problem in which tests would run okay but if you
create your own database, ldap_search returns no such object (using
very simple dn's and config files)

I compile 1.0.2 with a DEFAULT_BASE "o=KRDL, c=HK"

Here is my config file
----------------------------------------------------------------------

attribute brand cis
include		/usr/local/site/etc/ldap/slapd.at.conf
include		/usr/local/site/etc/ldap/slapd.oc.conf
schemacheck	off
#referral	ldap://ldap.itd.umich.edu

#######################################################################
# ldbm database definitions
#######################################################################

database	ldbm
defaultaccess write
suffix "brand=OB"
# Queries with the suffix's below seem to work
# The o=ebis suffix taken from Benjamin Heitman's post
#suffix "o=ebis, c=DE"
#suffix "o=KRDL, c=HK"
directory /usr/local/site/data
#rootdn		"cn=root, o=Your Organization Name, c=US"
#rootpw		secret
----------------------------------------------------------------------

I added the following lines in etc/ldap/slapd.oc.conf

objectclass puser
	requires
		objectClass
	allows
		id

A sample ldif file

dn: id=foo,brand=OB
id: foo
objectclass: puser

Now, I did the following commands
ldif2ldbm -f etc/ldap/slapd.conf -i ./testldif
slapd -p 9000
ldapsearch -b "brand=OB" -h localhost -p 9000 'objectclass=*'

Result is no such object

Would appreciate if someone else could try my configuration and report 
success or failure. If you have used openldap with non-standard DN's
and got queries to work, please let me know. My LDAP experience is a
grand total of 3 days and if I made a stupid mistake, let me know

Test 7 only works for me when I compile in pthread support, without
pthreads it fails consistently. Do others using RH 5.1 see this

Cheers, Yusuf

-- 
Yusuf Goolamabbas
yusufg@huge.net

Follow-Ups:
- RE: Do DN's have to be rooted at country
  - From: "Luke Howard" <lukeh@xedoc.com.au>
- Re: Do DN's have to be rooted at country
  - From: "James M. Moe" <moe_jim@burr-brown.com>

References:
- Do DN's have to be rooted at country
  - From: "Yusuf Goolambbas" <yusufg@huge.net>
- Re: Do DN's have to be rooted at country
  - From: Gerrit Thomson <334647@swin.edu.au>
- Re: Do DN's have to be rooted at country
  - From: Mark Wilcox <mewilcox@unt.edu>

Prev by Date: Re: Relational database as backend?
Next by Date: RE: Do DN's have to be rooted at country
Index(es):
- Chronological
- Thread