On 7 Jul 2009, at 22:06, bill.co...@unh.edu wrote:
Dear Perl LDAP users,
After lurking for a very long time on this list, I have a
question of my own. I'm trying to dump the schema from an Oracle
Internet Directory LDAP, a.k.a. OID. After successfully
connecting and binding to the LDAP server here's the code snippet
in question:
119 print(STDERR "\nLoading schema...\n\n");
120 my $schema = $ldap->schema(); # Works for OpenLDAP
121 if (not defined($schema)) # But not for OID
122 {
123 my $baseDN = $ldap->root_dse-
>get_value('subSchemaSubentry');
124 print("BASEDN = <$baseDN>\n");
125 my $result = $ldap->search(
126 base => $baseDN,
127 scope => 'base',
128 filter => '(objectclass=subSchema)',
129 );
130
131 ldapAssert($result, "failed to find subSchema from root
DSE");
132 my $entry = $result->entry();
133 my $entryDN = $entry->dn();
134 print("ENTRYDN = <$entryDN>\n");
135 $schema = $ldap->schema(dn => $entryDN);
136 die if (not defined($schema));
137 }
As the comment in line 120 says, a simple call to the schema
method works fine with an OpenLDAP server, but for OID, it
returns undefined. The code above reflects my attempt to
dynamically find out what the correct DN should be to feed to the
schema method. Here's the output:
Loading schema...
BASEDN = <cn=subschemasubentry>
ENTRYDN = <cn=subschemasubentry>
Cannot parse [( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC
address in maximal, colon separated hex notation, eg.
00:00:92:90:ee:e2' EQUALITY caseIgnoreIA5Match SYNTAX
'1.3.6.1.4.1.1466.115.121.1.27'{128} )] {{128}} at /usr/lib/perl5/
site_perl/5.8.5/Net/LDAP/Schema.pm line 355, <DATA> line 466.
...propagated at ./dump-schema.pl line 136, <DATA> line 466.
I think the problem's in the way Oracle's representing the SYNTAX oid
value. RFC 4512 does not appear to permit quotes around the value for
SYNTAX; and any quotes present for other kinds of values need to be
around the *entire* value not just part of it. RFC 2252 seems to have
a compatible definition here.
Note the error reported says {{128}}.
So there are a couple of bugs in the server. Net::LDAP tries to handle
the quotes that shouldn't be there in the first place, but then gets
tripped up because the trailing quote is in the wrong place.
You could ask Oracle how to configure the server to return valid schema.
Now here's the really weird part. In line 135 the schema comes
back undefined. (Fine, I'm probably doing something wrong.) But
the "Cannot parse" error message is being generated by the naked
die statement in line 136. If that die statement is removed, the
program continues to execute and this parse error is not
displayed at all. I've never seen this bit of Perl magic before.
In any case I'm looking for advise on how to get the schema
method to work with this flavor of LDAP server. But I'm also
curious how a module's own error message can be piggybacked on
the caller's own die() statement as appears to be happening here.
I'm afraid my brain starts hurting when I look at Schema.pm :-)
Test Environment for the above:
Operating System: Red Hat Enterprise Linux AS release 4
Perl: 5.8.5 built for i386-linux-thread-multi
Net::LDAP: 0.39
- - - - - - - - - - - - - - - - - - -
One last question -- in the "LDAP SCHEMA RETRIEVAL" section of:
http://search.cpan.org/~gbarr/perl-ldap/lib/Net/LDAP/Examples.pod
I don't understand the '$self' variable in
$mesg = $self->search ( base => $dn,
scope => 'base',
filter => '(objectClass=subschema)',
);
This variable seems like a non sequitur when seen in the context
of all the other surround code. Should '$self' really be '$ldap'
in this example?
Yes, it should be.
Cheers,
Chris