Good example. I would say the LDAP server was sending back a non-standard response for that situation then.
joe -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -----Original Message----- From: Agarwal, Sharad [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 15, 2008 12:17 PM To: joe; [EMAIL PROTECTED]; [email protected] Subject: RE: [ldap] Re: LDAP Error 32 v/s Empty Result Set Hi Joe, Thank you for elaborating on that. I think I was asking too generic a question. Here are two specific queries to the Oracle Virtual Directory server, both using the same bind information. One succeeds, the other fails. The only difference between the two is that one is searching for (uid=vgnadmin) and the other for (uid=foo). Query: ~~~~ String searchBase = "ou=People,dc=fmr,dc=com"; String searchFilter = "(uid=vgnadmin)"; //WORKS ~~~~ Output: ~~~~ LDAPEntry: uid=vgnadmin,ou=People,dc=fmr,dc=com; LDAPAttributeSet: LDAPAttribute: {type='cn', value='vgnadmin, VDS'} ~~~~ Query: ~~~~ String searchBase = "ou=People,dc=fmr,dc=com"; String searchFilter = "(uid=foo)"; //FAILS ~~~~ Output: ~~~~ Error: LDAPException: No Such Object (32) No Such Object LDAPException: Server Message: LDAP Error 32 : No Such Object ~~~~ -----Original Message----- From: joe [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 15, 2008 11:27 AM To: Agarwal, Sharad; [EMAIL PROTECTED]; [email protected] Subject: RE: [ldap] Re: LDAP Error 32 v/s Empty Result Set Does a base level search with a filter of objectclass=* return the base object or does it return an error? Alternately if you change your filter to objectclass=* and leave the rest of the query the same does it work? I could this being a problem with your search base as well as the DN specified for the uniqueMember match. Either of which not existing or you not having access rights to see them. joe -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Agarwal, Sharad Sent: Wednesday, October 15, 2008 11:10 AM To: [EMAIL PROTECTED]; [email protected] Subject: [ldap] Re: LDAP Error 32 v/s Empty Result Set Thanks Adam. My apologies, I should have been more clear on that front. Both the searchBase and bind information is valid. The only thing out of order (if we can call it that) is that the search is for something that does not exist. Put another way, we are searching for an item that does not exist in the searchBase. If the standard behavior for an LDAP server is to NOT give an error, can you please point me to an authoritative source that I could cite to the LDAP administrators? Thanks, Sharad -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Adam Tauno Williams Sent: Wednesday, October 15, 2008 11:04 AM To: [email protected] Subject: [ldap] Re: LDAP Error 32 v/s Empty Result Set > Is it standard behavior for an LDAP server to respond with (LDAP Error > 32) when a query is run that has no match? I suppose, if the specified searchBase does not exist or potentially if the simple bind fails (the latter isn't "correct" AFAIK, but I've seen it in the wild). > I tried a zero result query with the embedded LDAP Server (that comes > with WebLogic). This query does not return LDAP Error 32, it just > returns an empty result set. > > Code snippet: > ~~~~ > int ldapVersion = LDAPConnection.LDAP_V3; > int ldapPort = 27001; > String ldapHost = "fesbosbgdd33v3"; > String loginDN = > "uid=vgnadmin,ou=people,ou=VgnLDAPRealm,dc=vgndomain"; > String password = "password masked"; > String searchBase = "ou=groups,ou=VgnLDAPRealm,dc=vgndomain"; > String searchFilter = > "(&(uniquemember=cn=Administrators,ou=groups,ou=VgnLDAPRealm,dc=vgndomai > n)(objectclass=groupOfUniqueNames))"; > ~~~~ -- Consonance: an Open Source .NET OpenGroupware client. Contact:[EMAIL PROTECTED] http://freshmeat.net/projects/consonance/
