Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

LDAP Search for all attributes of a DN

338 views
Skip to first unread message

Brian Gaber

unread,
Mar 4, 2011, 1:38:56 PM3/4/11
to perl...@perl.org
I have tried these two Net::LDAP approaches, but $numEnt is zero in both cases:

$mesg = $ldap->search( base => $dn );
$numEnt = $mesg->count;

$mesg = $ldap->search ( base => $dn, scope => 'base',);
$numEnt = $mesg->count;

A command line ldapsearch like so works fine:

ldapsearch -h my_ldap_server -x -b "fully qualfied dn"

Christopher Bongaarts

unread,
Mar 5, 2011, 11:44:58 AM3/5/11
to Brian Gaber, perl...@perl.org

Try using your second attempt but add a filter of "(objectClass=*)".

--
%% Christopher A. Bongaarts %% c...@umn.edu %%
%% OIT - Identity Management %% http://umn.edu/~cab %%
%% University of Minnesota %% +1 (612) 625-1809 %%

Dieter Kluenter

unread,
Mar 5, 2011, 4:49:44 PM3/5/11
to perl...@perl.org
Am Fri, 4 Mar 2011 13:38:56 -0500
schrieb Brian Gaber <Brian...@tpsgc-pwgsc.gc.ca>:

> I have tried these two Net::LDAP approaches, but $numEnt is zero in
> both cases:
>
> $mesg = $ldap->search( base => $dn );
> $numEnt = $mesg->count;

you should add a scope, IFAIK default is base, so scope onelevel or
subtree would present the intended results.



> $mesg = $ldap->search ( base => $dn, scope => 'base',);
> $numEnt = $mesg->count;

scope base only returns the baseDN

> A command line ldapsearch like so works fine:
>
> ldapsearch -h my_ldap_server -x -b "fully qualfied dn"

If this is OpenLDAP ldapsearch, the default scope is onelevel

-Dieter

--
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:DA147B05
53°37'09,95"N
10°08'02,42"E

Brian Gaber

unread,
Mar 7, 2011, 2:13:41 PM3/7/11
to Christopher Bongaarts, perl...@perl.org
Thanks for your help. The dn begins with the form cn=lastname, firstname, ou=... I had the dn in double quotes. When I put the dn in single quotes and escaped the comma after the lastname then the search worked.

Christopher Bongaarts

unread,
Mar 7, 2011, 2:05:33 PM3/7/11
to Brian Gaber, perl...@perl.org
Brian Gaber wrote:
>> Try using your second attempt but add a filter of "(objectClass=*)".
>
> I tried this and still do not get expected return
>
> $mesg = $ldap->search(
> base => $dn,
> scope => 'base',
> filter => '(objectClass=*)',
> );

Is the search succeeding or failing? Add something like this:

$mesg->code && die $mesg->error;


> Both of these command line searches work:
>
> ldapsearch -h ldap_host -x -s sub -b "dn"
> ldapsearch -h ldap_host -x -b "dn"

Brian Gaber

unread,
Mar 7, 2011, 12:00:49 PM3/7/11
to Christopher Bongaarts, perl...@perl.org
> Try using your second attempt but add a filter of "(objectClass=*)".

I tried this and still do not get expected return

$mesg = $ldap->search(


base => $dn,
scope => 'base',
filter => '(objectClass=*)',
);

Both of these command line searches work:

0 new messages