[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: extended / extensible search / in 2.3.38 ends with error code 34 invalid DN syntax [Virus checked]

To: openldap-software@openldap.org
Subject: Re: extended / extensible search / in 2.3.38 ends with error code 34 invalid DN syntax [Virus checked]
From: "Dieter Kluenter" <dieter@dkluenter.de>
Date: Fri, 21 Sep 2007 15:59:18 +0200
In-reply-to: <OFF0CE1712.7E191183-ONC125735D.003C6754-C125735D.003FF78E@sparkassen-informatik.de> (ems@sparkassen-informatik.de's message of "Fri, 21 Sep 2007 13:38:14 +0200")
References: <OFF0CE1712.7E191183-ONC125735D.003C6754-C125735D.003FF78E@sparkassen-informatik.de>
User-agent: Gnus/5.1006 (Gnus v5.10.6) XEmacs/21.5 (chestnut, linux)

ems@sparkassen-informatik.de writes:

> Hello,
>
> we use OpenLdap 2.3.38 on Solaris 10 (note we run openldap on high-Port, so ldap can run as a "normal" user, without
> root-rights)
>
> While the uid is not case-sensitiv, i want to search with an extensible search (e.g. in RFC 2254 desribed), in the
> hope that Apache this also can in the AuthLdapUrl Directive. But first, i try from console with ldapsearch
>
> But this ends with an Error-Code 34 invalid DN syntax
>
> Whats wrong ? Do extended search work correct in openldap, or whats the Error ?
>
> First,when i try a "normal" search like this, it works fine .. an extended not
>
> 1. ldapsearch -H ldap://10.11.12.15:2389 -x -b uid=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de
> 2. ldapsearch -H ldap://10.11.12.15:3389 -x -b uid:caseExactMatch:u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc
> =de
>
> Response from 1.
>
> # extended LDIF
> #
> # LDAPv3
> # base <uid=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de> with scope subtree
> # filter: (objectclass=*)
> # requesting: ALL
> #
>
> # u4711, SI, Benutzer, sparkassen-informatik.de
F> dn: uid=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de
> cn: u4711
> destinationIndicator: 100100,4600,,
> st: 6
> objectClass: person
> objectClass: uidObject
> objectClass: organizationalPerson
> l: alle
> sn: User von K.H. Ostertag
>
> # search result
> search: 2
> result: 0 Success
> # numResponses: 2
> # numEntries: 1
>
> But now, when i use extensible Search like this, i got an error 34 invalid DN syntax.
> .....uid:caseExactMatch:u4711....
>
> ldapsearch -H ldap://10.1.23.15:3389 -x -b uid:caseExactMatch:u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de
>
> # extended LDIF
> #
> # LDAPv3
> # base <uid:caseExactMatch:=u4711,ou=SI,ou=Benutzer,dc=sparkassen-informatik,dc=de> with scope subtree
> # filter: (objectclass=*)
> # requesting: ALL
> #
>
> # search result
> search: 2
> result: 34 Invalid DN syntax
> text: invalid DN

Your search base is wrong. Extensible search defines a search filter,
not a search base.
ldapsearch -x -b "ou=SI,ou=Benutzer,..." -s one "uid:caseExactmatch:=u4711"

will do the trick.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6

References:
- extended / extensible search / in 2.3.38 ends with error code 34 invalid DN syntax [Virus checked]
  - From: ems@Sparkassen-Informatik.de

Prev by Date: Re: cn=config example
Next by Date: Re: cn=config example
Index(es):
- Chronological
- Thread