Re: [Freeipa-users] Ldapsearch with a trailing space
On 08/21/2014 02:32 AM, Rich Megginson wrote: On 08/20/2014 05:28 PM, William wrote: How did you manage to add an attribute value with a trailing space? Excellent question: Someone else in my workplace managed to stuff this one up, so that a users objectClass has a trailing space, thus is returning is base64 on search now. Ok. As to how to fix it: ldapsearch -xLLL -D "cn=directory manager" -W -s base -b "the dn with the broken objectclass" 'objectclass=*' objectclass > junk.ldif then edit junk.ldif to look like this: dn: the dn with the broken objectclass changetype: modify replace: objectclass objectclass: objectclass: Basically, all of the objectclasses from ldapsearch, but fixing the one with the trailing space Then use ldapmodify ldapmodify -x -D "cn=directory manager" -W -f junk.ldif As to your original question - I'm not sure - I would have thought the correct way to do it would have been to use the ldap escape sequence for space in the ldap search filter. I think the behaviour is correct, in caseIgnore match leading and trailing spaces are insignificant and any clever way to pass the space will be normalized away -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] Ldapsearch with a trailing space
On 08/20/2014 05:28 PM, William wrote: How did you manage to add an attribute value with a trailing space? Excellent question: Someone else in my workplace managed to stuff this one up, so that a users objectClass has a trailing space, thus is returning is base64 on search now. Ok. As to how to fix it: ldapsearch -xLLL -D "cn=directory manager" -W -s base -b "the dn with the broken objectclass" 'objectclass=*' objectclass > junk.ldif then edit junk.ldif to look like this: dn: the dn with the broken objectclass changetype: modify replace: objectclass objectclass: objectclass: Basically, all of the objectclasses from ldapsearch, but fixing the one with the trailing space Then use ldapmodify ldapmodify -x -D "cn=directory manager" -W -f junk.ldif As to your original question - I'm not sure - I would have thought the correct way to do it would have been to use the ldap escape sequence for space in the ldap search filter. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] Ldapsearch with a trailing space
> > > How did you manage to add an attribute value with a trailing space? > Excellent question: Someone else in my workplace managed to stuff this one up, so that a users objectClass has a trailing space, thus is returning is base64 on search now. -- William -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] Ldapsearch with a trailing space
On 08/20/2014 05:01 PM, William wrote: Hi, Semi offtopic, how does one search with ldap for an attribute instance with a trailing space. Consider: "cn=foo" How do you distinguish this from "cn=foo" in an ldapsearch? I have tried: ldapsearch (cn=foo) ldapsearch (cn='foo ') ldapsearch (&(cn=foo*)(!(cn=foo))) ldapsearch (cn=foo\20) Any other ideas? How did you manage to add an attribute value with a trailing space? -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
[Freeipa-users] Ldapsearch with a trailing space
Hi, Semi offtopic, how does one search with ldap for an attribute instance with a trailing space. Consider: "cn=foo " How do you distinguish this from "cn=foo" in an ldapsearch? I have tried: ldapsearch (cn=foo) ldapsearch (cn='foo ') ldapsearch (&(cn=foo*)(!(cn=foo))) ldapsearch (cn=foo\20) Any other ideas? -- William -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
