Using SERVER_NOTIFICATION Control (1.2.840.113556.1.4.528) with Active Directory Server

Fri, 04 Feb 2011 08:32:02 -0800 

Hello,

I'm trying to use the Server Notification Control with an Win2003 AD
Server. On the list archive I read, that there wasn't a wrapper class
for OID 1.2.840.113556.1.4.528, but that it could be used without one
(http://perl.markmail.org/message/pk3lfdk6np5r3c7j?q=1%2E2%2E840%2E113556%2E1%2E4%2E528).

So I tried the following code, which works (to some degree):

  #!/usr/bin/perl -w

  use strict;
  use Net::LDAP;
  use Net::LDAP::Control;

  my $ldap = Net::LDAP->new( "172.20.0.123" );
  $ldap->bind( "cn=ldap,cn=Users,DC=test,DC=loc", password => "secret" );

  my $notify = Net::LDAP::Control->new(
    type => "1.2.840.113556.1.4.528", critical => 1 );

  my $srch = $ldap->search( base     => "ou=test Users,DC=test,DC=loc",
                            scope    => "sub",
                            filter   => "(objectclass=*)",
                            callback => \&process_entry,
                            control  => [ $notify ] );

  sub process_entry {
    my ($msg, $entry) = @_;
    print "DEBUG1: got called!\n";
    print "DEBUG2: ". $entry->dn() ."\n";
    print "DEBUG3: ". $msg->code ."\n";
  }

  -----
  ./test.pl
  (blocks until the first change is made in AD)
  DEBUG1: got called!
  DEBUG2: CN=foo bar,OU=test Users,DC=test,DC=loc
  (blocks until the second change is made)
  DEBUG1: got called!
  DEBUG2: CN=foo bar,OU=test Users,DC=test,DC=loc

The problem is, that any call to $msg within the callback function (like
$msg->code in the above) recurses into my callback function again.
That's why "DEBUG3" is never printed.
The recursion happens around:

Net::LDAP::Search::decode(/usr/lib/perl5/vendor_perl/5.8.8/Net/LDAP/Search.pm:52):
  52:        $self->{callback}->($self,$entry)
  53:          if (defined $self->{callback});

Then it re-blocks around:

  Net::LDAP::_recvresp(/usr/lib/perl5/vendor_perl/5.8.8/Net/LDAP.pm:759):
  759:        asn_read($sock, $pdu)
  760:          or return _drop_conn($ldap, LDAP_OPERATIONS_ERROR,
"Communications Error");

With the 389 Directory Server + Net::LDAP::Control::PersistentSearch
Control instead the same thing works just fine.
I'm not sure, if I am trying something, that Net::LDAP does not support
or if there is a more general mistake in this approach. Has anyone got
the Server Notification feature running with Net::LDAP?

Thanks in advance,
Dirk

Reply via email to