[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: 2 unrelated questions -- Control::Paged and SASL

To: <openldap-software@OpenLDAP.org>
Subject: Re: 2 unrelated questions -- Control::Paged and SASL
From: "Jonathan Higgins" <jhiggins@kennesaw.edu>
Date: Fri, 11 Jun 2004 15:50:28 -0400
Content-disposition: inline

ok.. please to ignore my Perl question.. there are so many things that
are partially correct and completely wrong at the same time in the
code.. sorry bout that.  but still looking for an answer to the SASL
question.

Jonathan Higgins
Network Service Specialist IV
Kennesaw State University
jhiggins@kennesaw.edu


>>> "Jonathan Higgins" <jhiggins@kennesaw.edu> 6/11/2004 2:26:22 PM
>>>
Question 1  = about SASL using openldap-2.2.11 + sasl-2.1.18 with the
saslauthd running and {SASL} in the userpassword attribute.. 
All of this works properly for simple binds and apparently for SASL
binds except that the SASL bind prompts me for a username.  If I just
hit enter, it pulls the info from my Kerberos ticket I think, cause I
get the correct response.. 
... so my question is do I need "saslRegexp" in my slapd.conf any
more?

Question 2 = is about Net::LDAP::Control::Paged .. I have read that
there is an open issue with paged responses, but Im not sure if the
error Im getting is related to the know bug.  The errors I receive are
similar to:
Deep recursion on subroutine "Net::LDAP::_sendmesg" at
/usr/lib/perl5/site_perl/5.6.1/Net/LDAP.pm line 549, <DATA> line 456.

I get about 7 of those entries all referring to the ldap search.  I
use
(almost) the exact same code to get paged results from an AD system. 
Below is a snip.. which you will notice is almost identical to
http://search.cpan.org/~gbarr/perl-ldap/lib/Net/LDAP/Control/Paged.pm 

can ignore the code inside the callback also.. because it fails before
that I think..

#--<snip>--
use Net::LDAP;
use Net::LDAPS;
use Net::LDAP::Control::Paged;
use Net::LDAP::Constant qw( LDAP_CONTROL_PAGED );

$BASE = "dc=example,dc=org";
$NAME = "manager";
$pass = "secret";

$ldap = new Net::LDAPS('beta.example.org',
	port => '636',
	verify => 'require',
	sslversion => 'sslv3',
	cafile => '/path/to/my/CA.cer') or die "$@";

$page = Net::LDAP::Control::Paged->new( size => 100 );

@searchargs = ( base    => "dc=example,dc=org",
	scope	=> "subtree",
                filter  => "(objectClass=posixGroup)",
                callback => \&callback,
                control => [ $page ],
	);
## This is added because I require auth to my tree
$ldap->bind(dn => "$NAME,$BASE", password => $pass);

my $cookie;
while(1){
        $mesg = $ldap->search( @searchargs );
        $mesg->code and last;
        my($resp) = $mesg->control( LDAP_CONTROL_PAGED ) or last;
        $cookie = $resp->cookie or last;
        $page->cookie($cookie);
}
if($cookie) {
        $page->cookie($cookie);
        $page->size(0);
        $ldap->search( @searchargs );
}
$ldap->unbind;

sub callback{
	my($mesg,$entry) = @_;
	if(ref($entry) eq 'Net::LDAP::Entry'){
		$cn = join("cn",$entry->get_value("cn"));
		$entry->add(objectClass => "groupOfURLs");
		$entry->add(memberURL =>
"ldap://beta.example.org:636/ou=people,dc=example,dc=org??sub?isaMemberof=$cn";);
		my $mesg = $entry->update($ldap);
	}
}
#--<snip>--

Jonathan Higgins
Network Service Specialist IV
Kennesaw State University
jhiggins@kennesaw.edu

Follow-Ups:
- Re: 2 unrelated questions -- Control::Paged and SASL
  - From: Dieter Kluenter <dieter@dkluenter.de>

Prev by Date: 2 unrelated questions -- Control::Paged and SASL
Next by Date: Re: both 8 hour 200 vu tests end in a server abort
Index(es):
- Chronological
- Thread