[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Resolving groups (neophyte question)

To: "Philip A. Prindeville" <philipp@mirapoint.com>
Subject: Re: Resolving groups (neophyte question)
From: "Mark Wilcox" <mark@mjwilcox.com>
Date: Tue, 8 Jun 1999 21:14:55 -0500
Cc: <openldap-general@OpenLDAP.org>

ldapsearch -b "dn_of_entry" -s base "cn=*"

The filter is actually insignifigant but is required by ldapsearch to work.
Mark
-----Original Message-----
From: Philip A. Prindeville <philipp@mirapoint.com>
To: Mark Wilcox <mark@mjwilcox.com>
Cc: openldap-general@OpenLDAP.org <openldap-general@OpenLDAP.org>
Date: Monday, June 07, 1999 11:43 PM
Subject: Re: Resolving groups (neophyte question)


>
>
>Mark Wilcox wrote:
>>
>> Hi,
>> try a filter like this
>> (uniquemember=uid=bryan*)
>>
>> btw inetOrgperson is a standard object class.
>>
>> Mark
>
>You've misunderstood what I was trying to do.  I've already
>gotten the uniquemember attributes of a group.  Now I want to
>search the directory for those person (or whatever subclass)
>records that I got back in the original query.
>
>My question is, given that the 'uniquemember' field supposedly
>contains a DN, why can't I search based on that value (as a
>filter)?
>
>-Philip
>
>
>> -----Original Message-----
>> From: Philip A. Prindeville <philipp@mirapoint.com>
>> To: openldap-general@OpenLDAP.org <openldap-general@OpenLDAP.org>
>> Date: Monday, June 07, 1999 6:19 PM
>> Subject: Resolving groups (neophyte question)
>>
>> >I have a question regarding resolving lists (groups).  If I have a group
>> >that
>> >looks like:
>> >
>> >% ldapsearch -v -L -s sub -b 'o=mirapoint.com' -h ugh "cn=Software
>> >Engineers"
>> >ldap_init( ugh, 0 )
>> >filter pattern: cn=Software Engineers
>> >returning: ALL
>> >filter is: (cn=Software Engineers)
>> >dn: cn=Software Engineers,ou=Groups, o=mirapoint.com
>> >objectclass: top
>> >objectclass: groupofuniquenames
>> >cn: Software Engineers
>> >creatorsname:
>> >uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
>> >createtimestamp: 19990603220646Z
>> >uniquemember: uid=bryan,ou=People, o=mirapoint.com
>> >uniquemember: uid=philipp,ou=People, o=mirapoint.com
>> >uniquemember: uid=btaylor,ou=People, o=mirapoint.com
>> >description: Hackers
>> >modifiersname:
>> >uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
>> >modifytimestamp: 19990603220951Z
>> >1 matches
>> >
>> >and I try to search on the returned DNs in the uniquemember attribute
>> >field,
>> >then the search always fails:
>> >
>> >ldapsearch -v -L -s sub -D 'cn=Directory Manager' -w 'directory' -b
>> >'o=mirapoint.com' -h ugh 'uid=bryan,ou=People,o=mirapoint.com'
>> >putois% ldapsearch -v -L -s sub  -b 'o=mirapoint.com' -h ugh
>> >'uid=bryan,ou=People, o=mirapoint.com'
>> >ldap_init( ugh, 0 )
>> >filter pattern: uid=bryan,ou=People,o=mirapoint.com
>> >returning: ALL
>> >filter is: (uid=bryan,ou=People,o=mirapoint.com)
>> >0 matches
>> >
>> >But if I search on just "uid=bryan" then it finds the person record just
>> >
>> >fine.  Actually it's an inetOrgPerson since I'm using the Netscape
>> >directory server.
>> >
>> >No doubt I'm missing something obvious.  I just don't know what.
>> >
>> >Someone want to help me out here?
>> >
>> >Thanks,
>> >
>> >-Philip
>> >
>> >
>> >
>> >
>
>

Prev by Date: Re: Netscape Directory Server
Next by Date: Re: Resolving groups (neophyte question)
Index(es):
- Chronological
- Thread