s_entradas is null or s_entradas[0] is null and the operation is ignored.
What could the reason?
If anyone can be useful, this plugin simulates a samba domain trust,
making some users of other organization in a group, change dinamycally
their sambasid to make them a valid user in the target windows domain.
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
03-22-2012, 02:42 PM
Rich Megginson
Problem with plugin
On 03/21/2012 05:54 AM, Juan Asensio Sánchez wrote:
Hi
We have done a plugin that dynamically change some attributes of the
search results. The main code is like this:
s_entradas is null or s_entradas[0] is null and the operation is ignored.
What could the reason?
What platform? What version of 389-ds-base?
Can you reproduce the same results with ldapsearch?
If anyone can be useful, this plugin simulates a samba domain trust,
making some users of other organization in a group, change dinamycally
their sambasid to make them a valid user in the target windows domain.
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
04-03-2012, 11:50 AM
Juan Asensio Sánchez
Problem with plugin
Yes, this is reproduceable with ldapsearch, using CentOS 5.5 i385,
389-ds-base 1.2.5. If I do this search (simulating the search done by
Samba), the plugin works fine, being s_entradas not null and not
empty, returning the command 1 entry:
El día 22 de marzo de 2012 16:42, Rich Megginson <rmeggins@redhat.com> escribió:
> On 03/21/2012 05:54 AM, Juan Asensio Sánchez wrote:
>>
>> Hi
>>
>> We have done a plugin that dynamically change some attributes of the
>> search results. The main code is like this:
>>
>>
>> int smbhack_hook( Slapi_PBlock* pb ) {
>> * * * *// ...
>> * * * *Slapi_Entry** s_entradas = NULL;
>> * * * *Slapi_PBlock* pbi = NULL;
>>
>> * * * *// ...
>> * * * *rv = slapi_pblock_get(
>> * * * * * * * *pb,
>> * * * * * * * *SLAPI_SEARCH_STRFILTER,
>> * * * * * * * *&s_strfilter
>> * * * *);
>> * * * *if (rv == -1) {
>> * * * * * * * *slapi_unlock_mutex(cfg_lock);
>> * * * * * * * *return LDAP_OP_IGNORED;
>> * * * *}
>>
>> * * * *// ...
>> * * * *slapi_search_internal_set_pb(
>> * * * * * * * *pbi,
>> * * * * * * * *s_dn, * * * * * * * * * * *// Base
>> * * * * * * * *s_scope, * * * * * * * * * // Ambito
>> * * * * * * * *s_strfilter, * * * * * * * // Filtro
>> * * * * * * * *s_attrs, * * * * * * * * * // Atributos buscados
>> * * * * * * * *s_attrsonly, * * * * * * * // Flag de seleccion
>> * * * * * * * *s_controls, * * * * * * * *// Controls
>> * * * * * * * *s_uid, * * * * * * * * * * // DN vs uid
>> * * * * * * * *plugin_id, * * * * * * * * // ComponentId
>> * * * * * * * *SLAPI_OP_FLAG_NEVER_CHAIN *// Flags
>> * * * * * * * *);
>>
>> * * * *// ...
>> * * * *rv = slapi_pblock_get(
>> * * * * * * * *pbi,
>> * * * * * * * *SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES,
>> * * * * * * * *&s_entradas
>> * * * *);
>>
>> * * * *// ...
>> * * * *if (s_entradas == NULL || s_entradas[0] == NULL) {
>> * * * * * * * *slapi_unlock_mutex(cfg_lock);
>> * * * * * * * *destruir_estructura_dn(pila_dn_invocador);
>> * * * * * * * *slapi_pblock_destroy(pbi);
>> * * * * * * * *return LDAP_OP_IGNORED;
>> * * * *}
>>
>> * * * *// ...
>> }
>>
>> The problem is thar when doing a search with this filter:
>>
>> (&(ou:dn:=People)(uid=myuid)(objectClass=sambaSamA ccount))
>>
>> the method slapi_pblock_getfor the attribute
>> SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES returns s_entradas != null, but if I
>> do a search with this filter:
>>
>>
>> (&(|(ou:dn:=Computers)(ou:dn:=People))(uid=myuid)( objectClass=sambaSamAccount))
>>
>> s_entradas is null or s_entradas[0] is null and the operation is ignored.
>>
>> What could the reason?
>
> What platform? *What version of 389-ds-base?
>
> Can you reproduce the same results with ldapsearch?
>>
>>
>> If anyone can be useful, this plugin simulates a samba domain trust,
>> making some users of other organization in a group, change dinamycally
>> their sambasid to make them a valid user in the target windows domain.
>> --
>> 389 users mailing list
>> 389-users@lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
>
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
04-03-2012, 01:15 PM
Rich Megginson
Problem with plugin
On 04/03/2012 05:50 AM, Juan Asensio Sánchez wrote:
Yes, this is reproduceable with ldapsearch, using CentOS 5.5 i385,
389-ds-base 1.2.5. If I do this search (simulating the search done by
Samba), the plugin works fine, being s_entradas not null and not
empty, returning the command 1 entry:
s_entradas is null or s_entradas[0] is null and the operation is ignored.
What could the reason?
What platform? What version of 389-ds-base?
Can you reproduce the same results with ldapsearch?
If anyone can be useful, this plugin simulates a samba domain trust,
making some users of other organization in a group, change dinamycally
their sambasid to make them a valid user in the target windows domain.
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
Problem with plugin
