[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: How to get searches to work from root dn?



All right, I will use the "dc=iscape, dc=fi" suffix.. but I'm still
wondering how/why do Four11 etc implement their service so that they do not
require a search base.

Can I alias a null dn somehow to point to "dc=iscape, dc=fi" so that both
would work? I understand that "by the book" a null search base is something
I shouldn't do but since everyone else does it.. ;)

And maybe I'll implement that -b to in.xfingerd myself to thank for the
help.

Jukka Väisänen		vaizki@iscape.fi
Iscape Software 		http://www.iscape.fi/


> -----Original Message-----
> From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.Org]
> Sent: 16. syyskuuta 1999 10:25
> To: Jukka.Vaisanen@iscape.fi
> Cc: openldap-software@OpenLDAP.Org
> Subject: Re: How to get searches to work from root dn?
>
>
> At 10:03 PM 9/14/99 +0300, Jukka Vaisanen wrote:
> >
> >I am trying to set up a LDAP server that would service our Outlook
> >software with email addresses.
> >
> >The problem is, I cannot seem to add nodes directly under the root in the
> >slapd and a search with no base dn doesn't seem to find the nodes under
> >dc=iscape,dc=fi.
> >
> >This works:  ldapsearch "(sn=Vai*)" -h dell -b "dc=iscape, dc=fi"
> >This doesnt: ldapsearch "(sn=Vai*)" -h dell
>
> You can set a default search base via ldap.conf(5).
>
> >Outlook can be configured to give a search root but I'd rather not since
> >some other programs (like in.xfingerd in the package) can't be configured
> >for it.
>
> Specify a search base.  Using a search base of "" makes little
> sense (excepting if you are search for an LDAPv3 RootDSE).
>
> in.xfingerd(8) should use the default search base defined
> in ldap.conf(5).  If not, submit an ITS and someone will look
> into it when they get a chance.  A "-b base" option should be
> added, you can submit a separate ITS requesting this enhancement
> if you like.  Both would be nice intro projects for developers.
>
> >This is how I have populated the db now with ldapadd:
> >
> >dn: dc=iscape, dc=fi
> >dc: iscape
> >o: Iscape Software Ltd
> >objectclass: organization
> >objectclass: dcObject
> >
> >dn: cn=Jukka Vaisanen, dc=iscape, dc=fi
> >objectClass: person
> >cn: Jukka Vaisanen
> >sn: Vaisanen
> >title: Managing Director
> >mail: jukka.vaisanen@iscape.fi
> >uid: vaizki
> >
> >And I cannot seem to be able to add a node just for dc=fi.. How do I
> >change my config/data to make searches work without a base dn?
>
> All search operations have a base dn.  It makes little sense
> (in general) to configure a database with null suffix ("") and
> may not provide the results you are looking for.
>
> I recommend you configure clients to use an appropriate
> non-null search base such as "dc=iscape, dc=fi".
>
> Kurt
>