Help constructing a mail search that ignores case

38 views
Skip to first unread message

Jeffro

unread,
May 13, 2014, 3:27:21 PM5/13/14
to ruby...@googlegroups.com
Hello,

I'm not sure if this is simply my misunderstanding of LDAP, or a bug, or both.  I was hoping someone with a little more experience could point me in the right direction.

I have a Ruby script that takes an email address as input, and confirms it exists in our corporate LDAP server by searching through 'mail' entities, and simply returns a true or false value. I've come into a problem where the LDAP entry for some users is cased oddly.  For example, the user Joe Smith:

CN=Joe Smith,OU=My Company West Coast,OU=My Company,OU=People,DC=corprate,DC=parentCompany,DC=com
mail: JSm...@parentCompany.com


As a result, my search for "jsm...@parentCompany.com" fails.  I would like to have the LDAP search ignore case, so that it succeeds instead of fails in this example.  Before I discovered this problem, my code looked like this:

 
treebase = "OU=People,DC=corporate,DC=parentCompany,DC=com"
filter = Net::LDAP::Filter.eq("mail", addr)
@ldap.search(:base => treebase, :filter => filter,:return_result => false) { |entry|
   if entry.mail.first == addr
    addrMatchesMail = true
  end
} 
return addrMatchesMail 
 

I've tried a few variations of the extensible search to no avail:
# Neither of these attr strings worked:
attr = "mail:caseIgnoreMatch"
attr = "mail:1.3.6.1.4.1.1466.115.121.1.15"
filter = Net::LDAP::Filter.ex(attr, addr)

I also tried constructing a string, no worky:
filter = Net::LDAP::Filter.construct("(mail:caseIgnoreMatch:=#{addr})")

Any suggestions are much appreciated!  Thanks for your help.  Also thanks for cleaning the gem up and incorporating some of the older fixes; I had been stuck using the 0.2.2 gem due to the UndefinedConversionError.


Matt Todd

unread,
Sep 24, 2014, 4:08:59 AM9/24/14
to ruby...@googlegroups.com
Were you ever able to resolve this?

My first question would be: does this work when the `addr` input is the same exact case as the LDAP entry, either `JSm...@parentCompany.com` or otherwise? I'm also curious why you search for matching entries and but then check again for the entry's first `mail` attribute to match `addr` (which *is* case-sensitive, or the match might not be the first mail attribute, etc).

Depending on your exact schema, though, matching against the `mail` attribute *should* be case insensitive.
Reply all
Reply to author
Forward
0 new messages