At 07:42 AM 8/9/2006, Benjamin Podszun wrote: >Hi there. > >I'm using openldap tools for my client and connect to a proprietary LDAP >server. I'm not entirely sure on which side my problem is caused, I just >don't understand the ldapsearch error messages/behaviour. If that's OT >here: Sorry for that - don't read on.
Questions regarding the behavior of ldapsearch(1) is certainly on-topic. Of course, questions regarding the behavior of LDAP servers other than slapd(8) are not. Hence, my answers are confined accordingly. >An external company provides me access to their LDAP server. Basically >I'm just planning to do lots of "does this entry exist" lookups. > >The tree is quite simple, like this: > >- c=Country >-- o=Company >--- customClass=<I'm looking for one of those> >---- subClass=whatever > >Some operations/results: > >ldapsearch -H ldap://127.0.0.1 -D "myuser" -x -w mypassword -b >"o=company,c=Country" > >The result is a list of all results of class "customClass". Fine so far. > >-- > >ldapsearch -H ldap://127.0.0.1 -D "myuser" -x -w mypassword -b >"o=company,c=Country" "(objectClass=customClass)" > >fails with ># search result >search: 2 >result: 1 Operations error This message indicates that the server returned an OperationsError result code. See Appendix A.2 of RFC 4511 for a general description of this (and other) LDAP result codes. As to why the server returned this code, well, you'd have to ask someone familiar with the particular LDAP server involved. >-- > >ldapsearch -H ldap://127.0.0.1 -D "myuser" -x -w mypassword -b >"o=company,c=Country" "(objectClassKey=someValue)" > >just hangs. Debug output shows, that it stalls after >ldap_chkResponseList for msgid=-1, all=0 >ldap_chkResponseList returns NULL >ldap_int_select The absence of further messages implies the client is awaiting further messages from the server. >-- > >ldapsearch -H ldap://127.0.0.1 -D "myuser" -x -w mypassword -b >"objectClassKey=someValue, o=company,c=Country" > >works fine. That is, the above retrieves the single entry that matches >this searchbase. > >Now I'm lost. Am I just too dumb to specify a basic ldap filter? Can >anyone see a problem with my usage or the reported behaviour? >Any hints how I can go on and solve this problem? > >Thanks in advance, >Ben
