Of course there are differences, I have seen this before
D:\Lotus\Domino>ldapsearch -h 172.25.0.19 -p 389 uid="vogels"
CN=Stefan Vogel,OU=nu,OU=eu,OU=au,O=cag
cn=Stefan Vogel
shortname=VogelS
uid=VogelS
[EMAIL PROTECTED]
objectclass=top
objectclass=person
objectclass=organizationalPerson
objectclass=inetOrgPerson
objectclass=dominoPerson
givenname=Stefan
sn=Vogel
D:\Lotus\Domino>ldapsearch -h 172.25.0.19 -p 389 cn="CAS_NU_Internetuser"
CN=CAS_NU_Internetuser
cn=CAS_NU_Internetuser
[EMAIL PROTECTED]
objectclass=top
objectclass=groupOfNames
objectclass=dominoGroup
member=CN=Klaus Steger,OU=nu,OU=eu,OU=au,O=cag
member=CN=Stefan Vogel,OU=nu,OU=eu,OU=au,O=cag
member=CN=Stephan Malaga,OU=nu,OU=eu,OU=au,O=cag
but when I try this
D:\Lotus\Domino>ldapsearch -h 172.25.0.19 -p 389 (&(member="CN=Stefan
Vogel,OU=n
u,OU=eu,OU=au,O=cag")(cn="CAS_NU_Internetuser"))
it results in this
(cn was unexpected at this time.
what I don't understand.
Regards
Stefan
Henrik Nordstrom
<[EMAIL PROTECTED]
org> To
[EMAIL PROTECTED]
02.04.2003 17:01 cc
[EMAIL PROTECTED]
Subject
Re: [squid-users] Authentification
against DominoNotes LDAP
ldapsearch expects a single LDAP filter argument. The next argument is
what data you want to have returned. To search for a object having both
attribtues uid=vogels and cn=CAS_NU_Internetuser the filter becomes
(&(uid=vogels)(cn=CAS_NU_Internetuser))
However, this does not make sense as the group does not have
uid=vogels.. uid=vogels belongs to the user object, while
cn=CAS_NU_Internetuser belongs to the group object.
To get a better understanding of how groups works in LDAP try these two
searches:
ldapsearch ... uid=vogels
ldapsearch ... cn=CAS_NU_Internetuser
and then compare the returned data, considering that the first is a
user, the second a group with several users as members..
Regards
Henrik
ons 2003-04-02 klockan 15.43 skrev [EMAIL PROTECTED]:
> I have used your syntax with the changed groupname:
>
> squid_ldap_group -b "o=cag" -f "
> (&(cn=CAS_NU_Internetuser)(objectClass=groupOfNames)(member=%u))" -F "
> (&(uid=%s)(objectClass=Person))" 172.25.0.19
>
> Of cource I have tried ldapsearch on my Server, with:
> ldapsearch -h 172.25.0.19 -p 389 uid="vogels" cn="CAS_NU_Internetuser"
> as result I get:
> CN=Stefan Vogel,OU=nu,OU=eu,OU=au,O=cag
> what is correct for my name. The result is the entry that is in the
> "member-field" of the group
> Tests with other users are resulting in their names, even if they are not
> in the group.
>
> May be I do not completely understand ldap :-(
>
> Regards
> Stefan
>
>
>
> Henrik Nordstrom
> <[EMAIL PROTECTED]
> org>
To
> [EMAIL PROTECTED]
> 02.04.2003 14:27
cc
> [EMAIL PROTECTED]
>
Subject
> Re: [squid-users] Authentification
> against DominoNotes LDAP
>
>
>
>
>
>
>
>
>
>
> Exacly what are you using now?
>
> Have you tried using the ldapsearch tool to gain an understanding of the
> LDAP structure of your server?
>
> Regards
> Henrik
>
>
> ons 2003-04-02 klockan 13.53 skrev [EMAIL PROTECTED]:
> > Hello,
> >
> > I have checked your syntax, but it still does not work.
> >
> > I have now renamed the group to "CAS_NU_Internetuser", so it now does
not
> > have any spaces anymore, but this is not still not working.
> >
> > When I start the script on the shell, I enter the Shortname (vogels)
and
> > the goupname (cas_nu_internetuser) seperated by a blank. As result I
> > always get ERR.
> >
> > Any more ideas?
> > Is there a way to see more detailed results, but ERR?
> >
> > Regards
> > Stefan
> >
> >
> >
> >
>
> > Henrik Nordstrom
>
> > <[EMAIL PROTECTED]
>
> > org>
> To
> > [EMAIL PROTECTED]
>
> > 02.04.2003 11:45
> cc
> > [EMAIL PROTECTED]
>
> >
> Subject
> > Re: [squid-users]
Authentification
>
> > against DominoNotes LDAP
>
> >
>
> >
>
> >
>
> >
>
> >
>
> >
>
> >
> >
> >
> >
> > ons 2003-04-02 klockan 09.56 skrev [EMAIL PROTECTED]:
> > > Thanks, it didn't install correctly, but now I found it in the
> > > sourcedirectory.
> > >
> > > Nevertheless I did not get it working.
> > > I have a group called "Internetuser NU" and a basedn "o=cag"
> > > I have tried
> > > squid_ldap_group -b "o=cag" -f "Internetuser NU" -F uid=%s
172.25.0.19
> >
> >
> > The above -f argument is not a valid LDAP filter specification...
> >
> > Try this
> >
> > squid_ldap_group -b "o=cag" -f "(&(cn=Internetuser
> > NU)(objectClass=groupOfNames)(member=%u))" -F
> > "(&(uid=%s)(objectClass=Person))" 172.25.0.19
> >
> >
> > --
> > Henrik Nordstrom <[EMAIL PROTECTED]>
> > MARA Systems AB, Sweden
> >
> >
> --
> Henrik Nordstrom <[EMAIL PROTECTED]>
> MARA Systems AB, Sweden
>
>
--
Henrik Nordstrom <[EMAIL PROTECTED]>
MARA Systems AB, Sweden
