[PHP] ldap_read() with NULL search base
Is there something wrong with this, or am I missing something? ldap_read(link, NULL filter) IS supposed to return the RootDSE, but it doesn't (always). On my Debian GNU/Linux systems, I have to remove the 'BASE ...' config option from ldap.conf, but now I see the same strange behaviour on a SuSE 10.0, Apache2 and PHP5 (ldap module linked against the OpenLDAP libraries) connecting to a Fedora Directory Server... A 'ldapsearch' from the commandline works as expected, but not the ldap_read() above... Any ideas? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] force load of ldap.conf
It seems like the OpenLDAP libs is forcing a load of the ldap.conf file... In that there's the BASE option (which tells the clients where/what the base is). In my development systems, I use LDAP as database for users etc (together with Kerberos). The problem is that I also run development database(s) on localhost, with different base(s), sometimes different ports etc. When (trying) to get the namingContexts from the database, I can't retreive them if BASE is set... Is there a way to get ldap_read() to NOT use this value, OR is my string wrong ($attrib here is 'namingcontexts')? - s n i p - $sr = @ldap_read($this-ldap_linkid, NULL, '(objectClass=*)', array($attrib)); if(! $sr) die(Can't find base dn - .ldap_error($this-ldap_linkid)); $entry = ldap_get_entries($this-ldap_linkid, $sr); print_r($entry); die(); - s n i p - By having 'BASE dc=com' in ldap.conf (which is the only base I have in my non-development system), I will get this: - s n i p - Array ( [count] = 1 [0] = Array ( [count] = 0 [dn] = dc=com ) ) - s n i p - Uncommenting the BASE value from ldap.conf and restart apache, I get the intended values: - s n i p - Array ( [count] = 1 [0] = Array ( [namingcontexts] = Array ( [count] = 2 [0] = c=SE [1] = dc=com ) [0] = namingcontexts [count] = 1 [dn] = ) ) - s n i p - The intention is to copy the behaviour of the following shell command: ldapsearch -x -LLL -h localhost -s base -b '' objectclass=* namingContexts -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] ldap_read() and 'No such object'
I'm using ldap_read() to get the namingContexts from the LDAP
server.
- s n i p -
$sr = ldap_read($this-ldap_linkid, '', '(objectClass=*)', array('namingContexts'));
if(! $sr) die(Can't find base dn - .ldap_error($this-ldap_linkid));
$entry = ldap_get_entries($this-ldap_linkid, $sr);
- s n i p -
Unfortunatly, I get:
- s n i p -
Warning: LDAP: Unable to perform the search: No such object in
/afs/bayour.com/public/web/ldap/phpQLAdmin-CVS.latest/include/pql.inc on line 45
Can't find base dn - No such object
- s n i p -
This only shows up if the namingContexts have a space in it (ie, base DN contains
a space):
- s n i p -
[papadoc.pts/9]$ /usr/bin/ldapsearch -x -LLL -h localhost -s base -b ''
'(objectclass=*)' namingContexts
dn:
namingContexts: o=Turbo Fredriksson
- s n i p -
On my live server, I have 'namingContexts: dc=com', and the PHP page(s) work
on that...
Any ideas?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] ldap_read() and 'No such object'
I'm using ldap_read() to get the namingContexts from the LDAP
server.
- s n i p -
$sr = ldap_read($this-ldap_linkid, '', '(objectClass=*)', array('namingContexts'));
if(! $sr) die(Can't find base dn - .ldap_error($this-ldap_linkid));
$entry = ldap_get_entries($this-ldap_linkid, $sr);
- s n i p -
Unfortunatly, I get:
- s n i p -
Warning: LDAP: Unable to perform the search: No such object in
/afs/bayour.com/public/web/ldap/phpQLAdmin-CVS.latest/include/pql.inc on line 45
Can't find base dn - No such object
- s n i p -
This only shows up if the namingContexts have a space in it (ie, base DN contains
a space):
- s n i p -
[papadoc.pts/9]$ /usr/bin/ldapsearch -x -LLL -h localhost -s base -b ''
'(objectclass=*)' namingContexts
dn:
namingContexts: o=Turbo Fredriksson
- s n i p -
On my live server, I have 'namingContexts: dc=com', and the PHP page(s) work
on that...
Any ideas?
--
FSF assassination Ft. Bragg Mossad counter-intelligence arrangements
Qaddafi PLO 747 supercomputer Marxist BATF South Africa kibo Serbian
[See http://www.aclu.org/echelonwatch/index.html for more about this]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: confirm unsubscribe from php-general@lists.php.net
-- Ft. Meade cryptographic KGB munitions jihad nitrate class struggle Semtex radar spy Iran supercomputer Treasury FSF nuclear [See http://www.aclu.org/echelonwatch/index.html for more about this] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Kerberos and AFS module
I'm creating (not from scratch, I've taken over an existing application) an interface to my LDAP, Qmail-LDAP, Kerberos and AFS server system. Everything works fine from the LDAP point of view, but I'd like to be able to create Kerberos principals and AFS entries (volumes, users etc). Now, I guess I could do this through external meens (shell/perl scripts etc), but I'd like to have a module in PHP that gives me access to the Kerberos/AFS API. Checking through the 'Net for weeks, talking about this on the MIT Kerberos and OpenAFS lists, I've came to the conclution that there is no such thing (yet). What I'd like to know is 'how difficult task is this'. Naturaly some would say 'piece of cake', while's some would say 'very difficult'. Anything is easy once you know it, but I never made a PHP module/extension before... I'm a C/Perl coder at heart (and for may years), but... If someone have done the job for me previosly, I don't need to :) I've looked at the LDAP module, and from what I can tell it's just a wrapper to the LDAP API's... It doesn't do much it self, it relies on the LDAP API's to take care of business. How true is this? -- cryptographic Kennedy Rule Psix Qaddafi BATF Ortega terrorist 767 AK-47 toluene DES strategic Peking Mossad Waco, Texas [See http://www.aclu.org/echelonwatch/index.html for more about this] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
