FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 11-24-2010, 06:57 AM
Angel Bosch Mora
 
Default get base dn from ldapsearch

hi,

not specifically 389 related but:

is there a way to guess default base dn for clients (the one configured in /etc/openldap/ldap.conf) with ldapsearch?

i've tried with -v, -n and -d but i only get the server, not the base.

regards,

abosch
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 11-24-2010, 07:07 AM
Andrey Ivanov
 
Default get base dn from ldapsearch

Hi,

yes, you need to make a search like this :

ldapsearch -x -h ldap-test.example.com -b "" -s base namingContexts
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter: (objectclass=*)
# requesting: namingContexts
#

#
dn:
namingContexts: dc=example,dc=com
namingContexts: o=netscaperoot

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

@+

2010/11/24 Angel Bosch Mora <angbosch@conselldemallorca.net>:
> hi,
>
> not specifically 389 related but:
>
> is there a way to guess default base dn for clients (the one configured in /etc/openldap/ldap.conf) with ldapsearch?
>
> i've tried with -v, -n and -d but i only get the server, not the base.
>
> regards,
>
> abosch
> --
> 389 users mailing list
> 389-users@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 11-24-2010, 07:20 AM
Angel Bosch Mora
 
Default get base dn from ldapsearch

----- Missatge original -----
> Hi,
>
> yes, you need to make a search like this :
>
> ldapsearch -x -h ldap-test.example.com -b "" -s base namingContexts
> # extended LDIF
> # # LDAPv3
> # base <> with scope baseObject
> # filter: (objectclass=*)
> # requesting: namingContexts
> #
>
> #
> dn:
> namingContexts: dc=example,dc=com
> namingContexts: o=netscaperoot
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
>

thx, i didn't know that option but i think is not what im looking for.

that command gives all root objects on server not the one configured in client. i need a way to evaluate what's configured on client side.


regards,

abosch
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 11-24-2010, 08:03 AM
Gerrard Geldenhuis
 
Default get base dn from ldapsearch

> -----Original Message-----
> From: 389-users-bounces@lists.fedoraproject.org [mailto:389-users-
> bounces@lists.fedoraproject.org] On Behalf Of Angel Bosch Mora
> Sent: 24 November 2010 08:20
> To: General discussion list for the 389 Directory server project.
> Subject: Re: [389-users] get base dn from ldapsearch
>
> ----- Missatge original -----
> > Hi,
> >
> > yes, you need to make a search like this :
> >
> > ldapsearch -x -h ldap-test.example.com -b "" -s base namingContexts #
> > extended LDIF # # LDAPv3 # base <> with scope baseObject # filter:
> > (objectclass=*) # requesting: namingContexts #
> >
> > #
> > dn:
> > namingContexts: dc=example,dc=com
> > namingContexts: o=netscaperoot
> >
> > # search result
> > search: 2
> > result: 0 Success
> >
> > # numResponses: 2
> > # numEntries: 1
> >
>
> thx, i didn't know that option but i think is not what im looking for.
>
> that command gives all root objects on server not the one configured in
> client. i need a way to evaluate what's configured on client side.
>
>
> regards,
>
> abosch

Maybe I am understanding this wrong but could you not just check in the config what the search base is set to on the client side? What is the problem you are trying to solve?

Regards

__________________________________________________ ______________________
In order to protect our email recipients, Betfair Group use SkyScan from
MessageLabs to scan all Incoming and Outgoing mail for viruses.

__________________________________________________ ______________________
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 11-24-2010, 08:20 AM
Angel Bosch Mora
 
Default get base dn from ldapsearch

> Maybe I am understanding this wrong but could you not just check in
> the config what the search base is set to on the client side? What is
> the problem you are trying to solve?
>

yes, you're right. i can just take a look at ldap.conf but there's several places to look:

- debian/ubuntu uses /etc/ldap/ldap.conf
- RHEL/CentOS uses /etc/openldap/ldap.conf
- custom compilations can use any path. ex: /usr/local/ldap/ldap.conf
- windows openldap uses... i don't really know :P

so what im trying to do is resolving configured base without knowing anything about the client.

for example, this command gives me the server even if i dont know anything about the conf:

ldapsearch -d1 -x -LLL "(uid=example)" uid 2>&1 | grep ldap_connect_to_host


im just a little bit surprised that i can't find any debuglevel that gives me the BASE


abosch
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 11-24-2010, 08:58 AM
Gerrard Geldenhuis
 
Default get base dn from ldapsearch

> -----Original Message-----
> From: 389-users-bounces@lists.fedoraproject.org [mailto:389-users-
> bounces@lists.fedoraproject.org] On Behalf Of Angel Bosch Mora
> Sent: 24 November 2010 09:20
> To: General discussion list for the 389 Directory server project.
> Subject: Re: [389-users] get base dn from ldapsearch
>
> > Maybe I am understanding this wrong but could you not just check in
> > the config what the search base is set to on the client side? What is
> > the problem you are trying to solve?
> >
>
> yes, you're right. i can just take a look at ldap.conf but there's several places
> to look:
>
> - debian/ubuntu uses /etc/ldap/ldap.conf
> - RHEL/CentOS uses /etc/openldap/ldap.conf
> - custom compilations can use any path. ex: /usr/local/ldap/ldap.conf
> - windows openldap uses... i don't really know :P
>
> so what im trying to do is resolving configured base without knowing
> anything about the client.
>
> for example, this command gives me the server even if i dont know
> anything about the conf:
>
> ldapsearch -d1 -x -LLL "(uid=example)" uid 2>&1 | grep
> ldap_connect_to_host
>
>
> im just a little bit surprised that i can't find any debuglevel that gives me the
> BASE
>
>
Hmmm, that is a really interesting problem. I could not find any solution to it either.

<rant>
from the man page
-d debuglevel
Set the LDAP debugging level to debuglevel. ldapsearch must be compiled with LDAP_DEBUG defined for this option to have any effect.

that is just bloody useless, why do I have to google to find a sun man page that contains the actual possible debug levels. Why is it not part of the man page in Red Hat / CentOS ?!!?!?!?!

Lets get rid of man pages save some disk space and find everything with google, who reads man pages anyway.
</rant>

Regards


__________________________________________________ ______________________
In order to protect our email recipients, Betfair Group use SkyScan from
MessageLabs to scan all Incoming and Outgoing mail for viruses.

__________________________________________________ ______________________
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 11-24-2010, 07:01 PM
Aaron Hagopian
 
Default get base dn from ldapsearch

Oddly enough it looks like it comes out as part of the LDIF comment. *If you skip the option to tell it to not output ldif comments you'll get your base:


$ ldapsearch -d1 -x "(uid=example)" 2>&1 | grep base
# base <dc=example,dc=com> (default) with scope subtree



On Wed, Nov 24, 2010 at 3:58 AM, Gerrard Geldenhuis <Gerrard.Geldenhuis@betfair.com> wrote:


> -----Original Message-----

> From: 389-users-bounces@lists.fedoraproject.org [mailto:389-users-

> bounces@lists.fedoraproject.org] On Behalf Of Angel Bosch Mora

> Sent: 24 November 2010 09:20

> To: General discussion list for the 389 Directory server project.

> Subject: Re: [389-users] get base dn from ldapsearch

>

> > Maybe I am understanding this wrong but could you not just check in

> > the config what the search base is set to on the client side? What is

> > the problem you are trying to solve?

> >

>

> yes, you're right. i can just take a look at ldap.conf but there's several places

> to look:

>

> - debian/ubuntu uses /etc/ldap/ldap.conf

> - RHEL/CentOS uses /etc/openldap/ldap.conf

> - custom compilations can use any path. ex: /usr/local/ldap/ldap.conf

> - windows openldap uses... i don't really know :P

>

> so what im trying to do is resolving configured base without knowing

> anything about the client.

>

> for example, this command gives me the server even if i dont know

> anything about the conf:

>

> ldapsearch -d1 -x -LLL "(uid=example)" uid 2>&1 | grep

> ldap_connect_to_host

>

>

> im just a little bit surprised that i can't find any debuglevel that gives me the

> BASE

>

>

Hmmm, that is a really interesting problem. I could not find any solution to it either.



<rant>

from the man page

-d debuglevel

* * * * * * *Set the LDAP debugging level to debuglevel. *ldapsearch must be compiled with LDAP_DEBUG defined for this option to have any effect.



that is just bloody useless, why do I have to google to find a sun man page that contains the actual possible debug levels. Why is it not part of the man page in Red Hat / CentOS ?!!?!?!?!



Lets get rid of man pages save some disk space and find everything with google, who reads man pages anyway.

</rant>



Regards





__________________________________________________ ______________________

In order to protect our email recipients, Betfair Group use SkyScan from

MessageLabs to scan all Incoming and Outgoing mail for viruses.



__________________________________________________ ______________________

--

389 users mailing list

389-users@lists.fedoraproject.org

https://admin.fedoraproject.org/mailman/listinfo/389-users



--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 11-25-2010, 07:04 AM
Angel Bosch Mora
 
Default get base dn from ldapsearch

----- Missatge original -----
> Oddly enough it looks like it comes out as part of the LDIF comment.
> If you skip the option to tell it to not output ldif comments you'll
> get your base:
>
>
> $ ldapsearch -d1 -x "(uid=example)" 2>&1 | grep base
>
>
> # base <dc=example,dc=com> (default) with scope subtree
>

i don't get any result i my machine and im pretty sure i've my ldap.conf configured:


$ ldapsearch -d1 -x "(uid=example)" 2>&1 | grep base

# base <> with scope subtree



can this be a bug?


abosch
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 

Thread Tools




All times are GMT. The time now is 10:51 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org