Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[Samba] ldbsearch and controls
555 views
Skip to first unread message
Harry Jede
Oct 18, 2014, 9:50:03 AM10/18/14
to
Hello,
i wish to get search answers without referrals
this works with openldaps ldapsearch:
# ldapsearch -LLLb dc=ad,dc=schule,dc=lan -E '1.2.840.113556.1.4.1339' cn=user1 dn
SASL/GSSAPI authentication started
SASL username: admini...@AD.SCHULE.LAN
SASL SSF: 56
SASL data security layer installed.
dn: CN=user1,CN=Users,DC=ad,DC=schule,DC=lan
however, ldbsearch needs the control name, but which one?
all names I have found in ldb.h failed:
# ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan --controls=domain_scope cn=user1 dn
parsing controls failed: Invalid control name: 'domain_scope'
# ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan --controls=DOMAIN_SCOPE cn=user1 dn
parsing controls failed: Invalid control name: 'DOMAIN_SCOPE'
ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan --controls=LDB_SEARCH_OPTION_DOMAIN_SCOPE cn=user1 dn
parsing controls failed: Invalid control name: 'LDB_SEARCH_OPTION_DOMAIN_SCOPE'
--
Regard
Harry Jede
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
i wish to get search answers without referrals
this works with openldaps ldapsearch:
# ldapsearch -LLLb dc=ad,dc=schule,dc=lan -E '1.2.840.113556.1.4.1339' cn=user1 dn
SASL/GSSAPI authentication started
SASL username: admini...@AD.SCHULE.LAN
SASL SSF: 56
SASL data security layer installed.
dn: CN=user1,CN=Users,DC=ad,DC=schule,DC=lan
however, ldbsearch needs the control name, but which one?
all names I have found in ldb.h failed:
# ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan --controls=domain_scope cn=user1 dn
parsing controls failed: Invalid control name: 'domain_scope'
# ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan --controls=DOMAIN_SCOPE cn=user1 dn
parsing controls failed: Invalid control name: 'DOMAIN_SCOPE'
ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan --controls=LDB_SEARCH_OPTION_DOMAIN_SCOPE cn=user1 dn
parsing controls failed: Invalid control name: 'LDB_SEARCH_OPTION_DOMAIN_SCOPE'
--
Regard
Harry Jede
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Harry Jede
Oct 18, 2014, 2:50:02 PM10/18/14
to
On 20:17:53 wrote Harry Jede:
This hint comes from ldbsearch:
syntax: crit(b):search_options(n)
note: b = boolean, n = number
However,
crit is not honored, one may use 0 or 1
search_options, 0 (the default) turns referrals on, 1-15 turns referrals
off, >16 produces an error
So, a working example is:
# ldbsearch -H sam.ldb --controls "search_options:0:1" cn=user1 dn
# record 1
dn: CN=user1,CN=Users,DC=ad,DC=schule,DC=lan
# returned 1 records
# 1 entries
# 0 referrals
Next try, was to get rid of the other annoying #lines. so I played with
the -v option. No change. But if one use +v ...
I will stop here. grep is my friend :-)
--
Regards
> Hello,
>
> i wish to get search answers without referrals
>
> this works with openldaps ldapsearch:
>
> # ldapsearch -LLLb dc=ad,dc=schule,dc=lan -E
> '1.2.840.113556.1.4.1339' cn=user1 dn SASL/GSSAPI authentication
> started
> SASL username: admini...@AD.SCHULE.LAN
> SASL SSF: 56
> SASL data security layer installed.
> dn: CN=user1,CN=Users,DC=ad,DC=schule,DC=lan
>
>
> however, ldbsearch needs the control name, but which one?
>
> all names I have found in ldb.h failed:
>
> # ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan
> --controls=domain_scope cn=user1 dn parsing controls failed: Invalid
> control name: 'domain_scope'
>
> # ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan
> --controls=DOMAIN_SCOPE cn=user1 dn parsing controls failed: Invalid
> control name: 'DOMAIN_SCOPE'
>
> ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan
> --controls=LDB_SEARCH_OPTION_DOMAIN_SCOPE cn=user1 dn parsing
> controls failed: Invalid control name:
> 'LDB_SEARCH_OPTION_DOMAIN_SCOPE'
The control name is search_options.
>
> i wish to get search answers without referrals
>
> this works with openldaps ldapsearch:
>
> # ldapsearch -LLLb dc=ad,dc=schule,dc=lan -E
> '1.2.840.113556.1.4.1339' cn=user1 dn SASL/GSSAPI authentication
> started
> SASL username: admini...@AD.SCHULE.LAN
> SASL SSF: 56
> SASL data security layer installed.
> dn: CN=user1,CN=Users,DC=ad,DC=schule,DC=lan
>
>
> however, ldbsearch needs the control name, but which one?
>
> all names I have found in ldb.h failed:
>
> # ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan
> --controls=domain_scope cn=user1 dn parsing controls failed: Invalid
> control name: 'domain_scope'
>
> # ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan
> --controls=DOMAIN_SCOPE cn=user1 dn parsing controls failed: Invalid
> control name: 'DOMAIN_SCOPE'
>
> ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan
> --controls=LDB_SEARCH_OPTION_DOMAIN_SCOPE cn=user1 dn parsing
> controls failed: Invalid control name:
> 'LDB_SEARCH_OPTION_DOMAIN_SCOPE'
This hint comes from ldbsearch:
syntax: crit(b):search_options(n)
note: b = boolean, n = number
However,
crit is not honored, one may use 0 or 1
search_options, 0 (the default) turns referrals on, 1-15 turns referrals
off, >16 produces an error
So, a working example is:
# ldbsearch -H sam.ldb --controls "search_options:0:1" cn=user1 dn
# record 1
dn: CN=user1,CN=Users,DC=ad,DC=schule,DC=lan
# returned 1 records
# 1 entries
# 0 referrals
Next try, was to get rid of the other annoying #lines. so I played with
the -v option. No change. But if one use +v ...
I will stop here. grep is my friend :-)
--
Regards
Harry Jede
Oct 18, 2014, 3:20:01 PM10/18/14
to
On 21:06:30 wrote Harry Jede:
One more info:
n<2 diables the cross-ncs switch
n<2 diables the cross-ncs switch
0 new messages