[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP and DNS SRV records

Thank you.  could you provide an example of this functionality with ldapsearch?

ldapsearch -x -v -H "dc%3Ddomain%2Cdc%3Dcom" -b "CN=Users,DC=domain,DC=com" -D "CN=Matt Kowske,CN=Users,DC=domain,DC=com" -W "samaccountname=mkowske"

Could not parse LDAP URI(s)=dc%3Ddomain%2Cdc%3Dcom (3)

This is ldap version 2.4.11.  I (tried) to look at the code, and and found the section of code in common.c where it is erroring out, but couldn't determine much beyond that. Why is the above not being recognized as a DN?  It should not be parsed as a URI according to the man page.


On Wed, Dec 17, 2008 at 3:14 PM, Gavin Henry <ghenry@openldap.org> wrote:

----- "Matt Kowske" <jmkowske@gmail.com> wrote:

> I apologize, but I did find a reference on how to do this in the man
> page for ldapsearch:
> .BI \-H \ ldapuri
> Specify URI(s) referring to the ldap server(s);
> a list of URI, separated by whitespace or commas is expected;
> only the protocol/host/port fields are allowed.
> As an exception, if no host/port is specified, but a DN is,
> the DN is used to look up the corresponding host(s) using the
> DNS SRV records, according to RFC 2782. The DN must be a non-empty
> sequence of AVAs whose attribute type is "dc" (domain component),
> and must be escaped according to RFC 2396.
> My question then, is this also possible when not using the ldapsearch
> tool, but using the ldap library calls/API or is this change in 2.4
> exclusive to the command line tools?

The client tools all use libldap.


Kind Regards,

Gavin Henry.
OpenLDAP Engineering Team.

E ghenry@OpenLDAP.org

Community developed LDAP software.