It is Buchan. See andos reply. On 30/12/2008, Buchan Milne <[email protected]> wrote: > On Thursday 18 December 2008 01:24:11 Pierangelo Masarati wrote: >> Matt Kowske wrote: >> > Thank you. could you provide an example of this functionality with >> > ldapsearch? >> > >> > ldapsearch -x -v -H "dc%3Ddomain%2Cdc%3Dcom" -b >> > "CN=Users,DC=domain,DC=com" -D "CN=Matt >> > Kowske,CN=Users,DC=domain,DC=com" >> > -W "samaccountname=mkowske" >> > >> > Could not parse LDAP URI(s)=dc%3Ddomain%2Cdc%3Dcom (3) >> > >> > This is ldap version 2.4.11. I (tried) to look at the code, and and >> > found the section of code in common.c where it is erroring out, but >> > couldn't determine much beyond that. Why is the above not being >> > recognized as a DN? It should not be parsed as a URI according to the >> > man >> > page. >> >> The man page says: "if no host/port is specified, but a DN is...". It >> means that: >> >> - you must provide a(n RFC 45) LDAP URI >> >> - it must contain no host/port >> >> - it must contain a DN >> >> yours is not a LDAP URI. Try something like "ldap:///dc=domain,dc=com";. >> >> The 2.4 client tools have been modified to support this feature. >> However, they use libldap to perform this. See clients/tools/common.c, >> the calls to ldap_dn2domain(3) and ldap_domain2hostlist(3) calls (I >> don't think they actually have a man page...). Those calls are >> available in libldap since 2.0, I believe, in 2000. > > Is there a reason this isn't implemented in the library? As far as I > understand, at present only the OpenLDAP utilities will work with this URI, > while if it were implemented in the library, other LDAP clients using the > OpenLDAP library which don't already support a similar feature (sudo is the > best example I can think of in this case, though various other desktop > software could benefit) would get it for free? > > (nss_ldap has it's own implementation of this feature, but the configuration > is different and probably not compatible with sudo if sudo uses the nss_ldap > configuration file). > > Regards, > Buchan >
-- Sent from my mobile device http://www.suretecsystems.com/services/openldap/
