[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch and LDAP URLs

The -H option to OpenLDAP clients is intended to allow to provide a
protocol scheme in addition to the host and port (or path, in case of
ldapi).  The rest, i.e. DN, attrs, scope, filter and extensions are not
just meaningless, but forbidden (unless URL-encoded).  In fact, the
argument to -H is actually supposed to be a space/comma separated list of
URLs, that are tried by the library until one succeeds.  I don't recall
where this is documented, but I guess it should.


> Can anyone point me to better documentation on ldapsearch with -H and
> specifying a URI? I could not find much of this online or in the archives.
> I provide what I *think* is a valid URL based on RFC 2255 and get errors
> from ldapsearch. For example:
> ldapsearch -x -D "cn=manager,dc=me,dc=com" -w secret -H
> 'ldap:///?objectClass?sub?(cn=Test5)'
> will give me everything in the directory, not just the objectclasses and
> the output says that the filter is (objectclass=*). Any idea why neither
> the
> attribute nor the filter in my URI is recognized?
> Then I try:
> ldapsearch -H ldap:///ou=People,dc=me,dc=com
> or anything with a comma in the dn gives an error of:
> ldap_initialize( ldap:///ou=People,dc=visa,dc=com )
> Could not create LDAP session handle for
> URI=ldap:///ou=People,dc=visa,dc=com (-9): Bad parameter to an ldap
> routine
> Any ideas? This is on 2.2.19.
> Thanks,
> Steve

Pierangelo Masarati

    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497