[imp] LDAP - GWIA
Craig White
craigwhite@azapple.com
Sun, 24 Jun 2001 18:50:03 -0700
Cliff Green wrote:
>
> On Sun, 24 Jun 2001, Craig White wrote:
>
> CW> Which I guess gets me back to my original question...
> CW>
> CW> If I can query the Novell/GWIA LDAP with...
> CW>
> CW> ldapsearch -x -b "dc=aidssc,dc=org" -h host_ip "(objectclass=*) -v -P 2
> CW>
> CW> and it returns a stream of data that includes a sample like...
> CW>
> CW> (please ignore real data)
> CW> # YCB,ASC,ASCDOM,dc=aidssc,dc=org
> CW> dn: cn=YCB,ou=ASC,ou=ASCDOM,dc=aidssc,dc=org
> CW> sn: Benson
> CW> givenname: Yvonne
> CW> telephonenumber: 222
> CW> objectclass: person
> CW> cn:: WXZvbm5lIEJlbnNvbiA=
> CW> mail: YCB@aidssc.org
>
> Pardon the questions, but the above return is interesting...
>
> Is this a complete entry for this person? The reason I ask is that it
> shows two different cn values, one consisting of initials, and one of a
> base64 representation of a (presumably) binary value. That's odd.
>
> Are the ou values consistent across the organization? That is, does
> everyone have ou=ASC, ou=ASCDOM? Also, strange as this may sound, are
> other objects besides people being stored in the directory (ie, like
> equipment, groups, etc.). If so, then expanding the basedn may help weed
> out the stuff you don't want.
>
> CW> and my imp/config/ldap.php3 - includes...
> CW>
> CW> $LDAPServers['aidssc'] = new LDAPServer('aidssc',
> CW> 'AIDSSC',
> CW> '192.168.1.2',
> CW> 'dc=aidssc,dc=org',
> ^^^^^^^^^^^^^^^^^^
>
> What happens when this is 'ou=ASCDOM,dc=aidssc,dc=org' ? I know this may
> be too restrictive, but just for testing purposes...
>
-------------
I am not familiar enough with ldap to tell whether the base64 code as a
cn property is odd or not, but it is typical of the entire listing. Note
that this cn line always has 2 '::' (colon's) instead of just one - this
may be significant but I don't know.
Yes, the ou values are consistent across the organization.
Yes, - if I obtain the entire listing from ...
ldapsearch -x -b "ou=ASC,ou=ASCDOM,dc=aidssc,dc=org" -h 192.168.1.2
"(objectclass=*)" -P 2
I get only objectclass=alias and objectclass=person records (203)
ldapsearch -x -b "ou=ASCDOM,dc=aidssc,dc=org" -h 192.168.1.2
"(objectclass=*)" -P 2
I get objectclass=alias, objectclass=person and objectclass=organization
unit records (207)
ldapsearch -x -b "dc=aidssc,dc=org" -h 192.168.1.2 "(objectclass=*)" -P
2
I get objectclass=alias, objectclass=person and objectclass=organization
unit records - same as above (207)
an alias record looks like this...
(again - real data - please ignore)
# Yvonne,ASC,ASCDOM,dc=aidssc,dc=org
dn: cn=Yvonne,ou=ASC,ou=ASCDOM,dc=aidssc,dc=org
objectclass: alias
mail: Yvonne@aidssc.org
GWIA creates these alias records when you create email aliases.
If I change the line per your suggestion in imp/config/ldap.php3'
'ou=ASC,ou=ASCDOM,dc=aidssc,dc=org
or
'ou=ASCDOM,dc=aidssc,dc=org'
or
'dc=aidssc,dc=org'
the result is the same ... too many results to display
but I am neither restarting php, apache nor logging out (i.e. ending
horde/imp/phpsession) with each subsequent change to ldap config file in
imp. I am however closing the contacts window before I make the change
to imp/config/ldap.php3 and then re-opening contacts window in imp to
check whether it works. That was sufficient enough to make it work for
me on my home test (without Novell/GWIA but rather openldap server.
Those were very good questions and even though I think I went through it
all, it forced me to look it all through again and that is a good thing.
Thanks but still stumped...
Craig