[Users] LDAP

Yaniv Kaul ykaul at redhat.com
Sun Feb 19 20:24:28 UTC 2012


----- Original Message -----
> On Sun, 19 Feb 2012, Yaniv Kaul wrote:
> 
> > I'd try with wireshark to capture ports 88, 53 and 389 (something
> > like '-s
> > 1500 -w /tmp/file.pcap port 53 or port 88 or port 389' if you are
> > using
> > tcpdump).
> 
> http://share.robotics.net/ldap.pcap
> 
> > Then check that indeed the responses from DNS correlate well with
> > what we are
> > trying to connect to.
> 
> Yep, its hitting the LDAP server, just not getting what it wants
> back. Is
> it possible that it does not like the "<ROOT>" and that it should be
> ""?
> 
> I.E. If I do:
> 
> [root at ovirt-engine ~]# ldapsearch -H ldap://10.10.0.105 -x -s base -b
> "" +
> # extended LDIF
> #
> # LDAPv3
> # base <> with scope baseObject
> # filter: (objectclass=*)
> # requesting: +
> #
> 
> #
> dn:
> structuralObjectClass: OpenLDAProotDSE

Sorry, my fault - should have seen it earlier - we do not support OpenLDAP yet - we fail to parse its rootDSE, therefore do not have a way to proceed.
I think there's a RFE for it somewhere filed, but if not, worth filing.
Y.

> configContext: cn=config
> namingContexts: dc=blinkmind,dc=net
> supportedControl: 1.3.6.1.4.1.4203.1.9.1.1
> supportedControl: 2.16.840.1.113730.3.4.18
> supportedControl: 2.16.840.1.113730.3.4.2
> supportedControl: 1.3.6.1.4.1.4203.1.10.1
> supportedControl: 1.2.840.113556.1.4.319
> supportedControl: 1.2.826.0.1.3344810.2.3
> supportedControl: 1.3.6.1.1.13.2
> supportedControl: 1.3.6.1.1.13.1
> supportedControl: 1.3.6.1.1.12
> supportedExtension: 1.3.6.1.4.1.4203.1.11.1
> supportedExtension: 1.3.6.1.4.1.4203.1.11.3
> supportedExtension: 1.3.6.1.1.8
> supportedFeatures: 1.3.6.1.1.14
> supportedFeatures: 1.3.6.1.4.1.4203.1.5.1
> supportedFeatures: 1.3.6.1.4.1.4203.1.5.2
> supportedFeatures: 1.3.6.1.4.1.4203.1.5.3
> supportedFeatures: 1.3.6.1.4.1.4203.1.5.4
> supportedFeatures: 1.3.6.1.4.1.4203.1.5.5
> supportedLDAPVersion: 3
> entryDN:
> subschemaSubentry: cn=Subschema
> 
> # search result
> search: 2
> result: 0 Success
> 
> # numResponses: 2
> # numEntries: 1
> 
> But if I do:
> 
> [root at ovirt-engine ~]# ldapsearch -H ldap://10.10.0.105 -x -s base -b
> "<ROOT>" +
> # extended LDIF
> #
> # LDAPv3
> # base <<ROOT>> with scope baseObject
> # filter: (objectclass=*)
> # requesting: +
> #
> 
> # search result
> search: 2
> result: 34 Invalid DN syntax
> text: invalid DN
> 
> # numResponses: 1
> 
> 
> 
> > (BTW, there was a regression in the code not so long ago in that
> > area - are
> > you using latest code?).
> 
> 3.0.0_0001-1.6.fc16
> 
> ><>
> Nathan Stratton                                CTO, BlinkMind, Inc.
> nathan at robotics.net                         nathan at
> blinkmind.com
> http://www.robotics.net
>                        http://www.blinkmind.com
> 



More information about the Users mailing list