Please excuse me if I am misunderstanding something (I'm an LDAP newbie) -
but is this a Net::LDAP bug:
Supplying an extra attribute to the "dn" of a Net::LDAP::add request,
as with:
$ldap->add(
'cn='.$myUserObject{cn}.',uid='.${myUserObject}{uid}.',o=att.com',
$myUserObject) # FAILS
results in an error response with an error code of 32 and an empty error
message - while removing the "cn=" portion of the DN allows the add to succeed:
$ldap->add( 'uid='.${myUserObject}{uid}.',o=att.com', $myUserObject) #
SUCCEEDS
It seems to me that if the "FAILS" request contains a bad DN, Net::LDAP ought to
detect this and report a "Bad DN" error message, as it does for other types of
bad dn .
I added the extra "cn=" because when I issue the OpenLDAP command:
$ ldapsearch -x -b "o=att.com" | grep 'Jason Vas Dias'
dn: cn=Jason Vas Dias,uid=XXXXX,o=att.com
I see the cn in the dn string, so I thought this may be required when creating
a new object.
What was my error in prepending the CN ?
If it was an error, why can't Net::LDAP report it as such ?
(our "Base DN" is "o=att.com" and "Manager DN" is "cn=Directory
Manager,o=att.com") .
What does the resultCode=32 refer to here ?
I've put some print statements in LDAP.pm and turned on debugging to illustrate
-
confidential attribute values have been removed :
Debug output from failed add() request:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Net::LDAP=HASH(0xca22c0) sending:
30 32 02 01 01 60 2D 02 01 03 04 1E 63 6E 3D 44 02...`-.....cn=D
69 72 65 63 74 6F 72 79 20 4D 61 6E 61 67 65 72 irectory Manager
2C 6F 3D 61 74 74 2E 63 6F 6D 80 08 54 46 43 56 ,o=att.com..XXXX
42 6E 6A 69 __ __ __ __ __ __ __ __ __ __ __ __ XXXX
LDAP::process
Net::LDAP=HASH(0xca22c0) received:14 bytes
30 0C 02 01 01 61 07 0A 01 00 04 00 04 00 __ __ 0....a........
0000 12: SEQUENCE {
0002 1: INTEGER = 1
0005 7: [APPLICATION 1] {
0007 1: ENUM = 0
000A 0: STRING = ''
000C 0: STRING = ''
000E : }
000E : }
sync: $VAR1 = '0';
AFTER SYNC: $VAR1 = '0';
Net::LDAP=HASH(0xca22c0) _sendmesg: resultCode:$VAR1 = bless( {
'net_ldap_version' => 3,
'net_ldap_scheme' => 'ldap',
'net_ldap_debug' => 1,
'net_ldap_socket' => bless( \*Symbol::GEN1, 'IO::Socket::INET'
),
'net_ldap_onerror' => sub { "DUMMY" },
'net_ldap_host' => 'localhost',
'net_ldap_uri' => 'localhost',
'net_ldap_resp' => {},
'net_ldap_mesg' => {},
'net_ldap_async' => 0,
'net_ldap_port' => '389',
'net_ldap_refcnt' => 1
}, 'Net::LDAP' );
$VAR1 = bless( {
'parent' => bless( {
'net_ldap_version' => 3,
'net_ldap_scheme' => 'ldap',
'net_ldap_debug' => 1,
'net_ldap_socket' => bless(
\*Symbol::GEN1, 'IO::Socket::INET' ),
'net_ldap_onerror' => sub { "DUMMY" },
'net_ldap_host' => 'localhost',
'net_ldap_uri' => 'localhost',
'net_ldap_resp' => {},
'net_ldap_mesg' => {},
'net_ldap_async' => 0,
'net_ldap_port' => '389',
'net_ldap_refcnt' => 1
}, 'Net::LDAP' ),
'callback' => undef,
'mesgid' => 2,
'pdu' => CONFIDENTIAL DATA REMOVED
'raw' => undef
}, 'Net::LDAP::Add' );
Net::LDAP=HASH(0xca22c0) sending:
LDAP::process
Net::LDAP=HASH(0xca22c0) received:23 bytes
30 15 02 01 02 69 10 0A 01 20 04 09 6F 3D 61 74 0....i... ..o=at
74 2E 63 6F 6D 04 00 __ __ __ __ __ __ __ __ __ t.com..
0000 21: SEQUENCE {
0002 1: INTEGER = 2
0005 16: [APPLICATION 9] {
0007 1: ENUM = 32
000A 9: STRING = 'o=att.com'
0015 0: STRING = ''
0017 : }
0017 : }
sync: $VAR1 = '0';
AFTER SYNC: $VAR1 = '0';
1224198910.141223 ERROR: ATT:LDAP Error: Net::LDAP::Add=HASH(0xa6fc10)
resultCode:32: $VAR1 = bless( {
'parent' => bless( {
'net_ldap_version' => 3,
'net_ldap_scheme' => 'ldap',
'net_ldap_debug' => 1,
'net_ldap_socket' => bless(
\*Symbol::GEN1, 'IO::Socket::INET' ),
'net_ldap_onerror' => sub { "DUMMY" },
'net_ldap_host' => 'localhost',
'net_ldap_uri' => 'localhost',
'net_ldap_resp' => {},
'net_ldap_mesg' => {},
'net_ldap_async' => 0,
'net_ldap_port' => '389',
'net_ldap_refcnt' => 1
}, 'Net::LDAP' ),
'errorMessage' => '',
'ctrl_hash' => undef,
'resultCode' => 32,
'callback' => undef,
'mesgid' => 2,
'matchedDN' => 'o=att.com',
'controls' => undef,
'raw' => undef
}, 'Net::LDAP::Add' );
