Re: searching a ldap tree

[mark@mjwilcox.com]

On 7 Apr 00, at 9:57, fnijen wrote:

> 
> Hi, ldap guru's,
> 
> I've a fairly simple ldap tree:
> 
> a: top=whatever
> b: oc=country
> c: oc=organisation
> d: oc=person
> 
> When I do a search on companyname with searchfilter (companyname=bos.nl), the
> server returns all entry's found, no matter under which country they resort.
> But when I specify the countrycode. Like 
> (&(|(countrycode=nl)(countrycode=uk))(companyname=bos.nl))
> the server does not return anything, and it should return two entry's since 
> the company has an office in uk and nl. (I confirmed that the entry's exist).
> The countrycode is an attribute of oc=country, the companyname an attribute 
> of oc=companyname.
>
The filter looks right by me. If your program didn't return an LDAP 
error code and you have verified that the entries exist with these 
values, then what comes to mind is an ACL problem. It could be 
that your client as you are currently authenticated can't read or 
search those attributes.

Also have you checked the LDAP server error logs.
> I think I missed some serious information about the use of searchfilters 
> and traversing an ldap tree structure.
> Are there some papers on the net about this topic? The rfc isn't of much help.
> 
Most often questions like this are answered in newsgroups/mailing 
lists dedicated to a particular API (I haven't seen any code on this 
list in a long time, if ever).

However, I do have an article in the upcoming PerlMonth e-zine 
(www.perlmonth.com), which I think will be out next week or so. 

If you like books, I have plenty of examples in a variety of 
languages in my "Implementing LDAP". If you just want to look at 
source code you can download it for free at www.wrox.com.

Mark
> Can anyone help me out here?
> 
> Thanks
> 
> Frank
> 
> 
>