[imp] LDAP - GWIA

[Cliff Green]

Quoting Craig White <craigwhite@azapple.com>:

> Having a small problem...
> 
> I have LDAP working with my LDAP server at my home (sort of a test lab) but
> at another site, I am failing to get anything but a 'too many results to
> display error'.

That latter result usually means you've tried to retrieve more hits than the 
administrator of the directory is willing to let you have.  If the admin there 
hasn't explicitly set the sizelimit, there may be a default you're bumping up 
against (in openldap, I believe the default is something like 500 - we crank it 
down to around 50 to discourage spammers trolling for addresses).

> 
> The LDAP server is NDS / Groupwise and if I simply
> 
> ldapsearch -x -D "dc=aidssc,dc=org" -h host_ip "(objectclass=*) -v -P 2

You're using the -D flag but not passing a dn to bind with, and not passing the 
-b option to indicate that "dc=aidssc,dc=org" is your basedn for the filter.  
Since you're also using -P2, I'd guess your server won't have a 
defaultsearchbase.  I wouldn't think you'd get anything back with this.

[munch]

> but if I
> 
> ldapsearch -x -b "dc=aidssc,dc=org" -h host_ip "(objectclass=*) -v -P 2
> 
> I get the whole enchilada...last record and summary looks like...

Ah.  Now you're using -b and providing the basedn, and using an anonymous bind - 
 no problemo, eh?

[munch]

>   # numResponses: 208
>   # numEntries: 207

Ah.  You're still beneath the default sizelimit, assuming there isn't an 
explicit one.

> 
> 
> $LDAPServers['aidssc'] = new LDAPServer('aidssc',
>                                            'AIDSSC',
>                                            '192.168.1.2',
>                                            'dc=aidssc,dc=org',
>                                            'sn',
>                                            'cn,mail,sn,givenname',
> 
> 'is,is_strict,contains,begins,ends');
> 
> If I don't use the -P 2, I get an error saying...
> 
> ldap_bind: Protocol error
>         additional info: version not supported

That's from the command line with ldapsearch, right?

> 
> Does this affect imp's LDAP query?

Shouldn't.  Which version of imp, etc.?

> do I have to change some file to adjust for different commands for querying
> Novell LDAP the -P 2 for example, and the -b instead of -D before the basedn?

I didn't.  I can query LDAPv2 and LDAPv3 servers just fine without any added 
options that are already there.

> Is my configuration in ldap.php3 wrong?

Ah.  I don't know if it makes a difference, I'm using imp 2.3.7-cvs, you're 
using an earlier version.  But I don't know why it would make a difference.  
Hmm, what version of ldap was your php built with?

c
-- 
Cliff Green
Academic Computing Services - UMDNJ
signature under NDA

-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/