Re: Querying Apache DS via .NET C# DirectorySearcher

Wed, 23 Feb 2011 01:29:56 -0800 

On 2/23/11 9:49 AM, Laporte Sylvain (GIE) wrote:

Hi,

Thanks for your reply.
We are using v1.5.7 with Java 1.6 update 23

When talking about "an old issue related to sub level searching on RootDSE", do 
you think that restricting the search on the OU or at least on the domain could help 
solve the problem?
Just try starting on another naming context than RootDSE. Your baseDN is empty, searching from 'dc=myDomain,dc=myTLD' could work.
Also, searching the whole tree with a size limit set to 1 and a filter set to (ObjectClass=*) does not make a lot of sense, but this is another story... 
Thanks



-----Message d'origine-----
De : [email protected] [mailto:[email protected]] De la part de 
Kiran Ayyagari
Envoyé : mardi 22 février 2011 21:13
À : [email protected]
Objet : Re: Querying Apache DS via .NET C# DirectorySearcher

hi Laporte,

   Which version you are using? I guess you are encountering an old issue 
related to sub level searching on RootDSE, a fix for this issue
   was committed to the trunk quite sometime back, may be you can test your 
program against the server built from trunk sources.

On Tue, Feb 22, 2011 at 9:22 PM, Laporte Sylvain 
(GIE)<[email protected]>  wrote:

Hi all,



We've just implemented Apache Directory Server on one of our Windows
2008 Servers.

Some of our developpers have to create a C# web service that query
this new ApacheDS directory using the DirectorySearcher class.



When he comes to query the LDAP directory, he gets a strange message
on his side:<  A network peripheral is not functionning>

Switching the logs to DEBUG, I can see that the bind performs well,
but the search throws a java exception when ADS is handling the request :



[15:55:49] DEBUG
[org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
]
- OTHER: failed for     SearchRequest

                  baseDn : ''

        filter : '(2.5.4.0=*:[3232])'

        scope : whole subtree

        typesOnly : false

        Size Limit : 1

        Time Limit : no limit

        Deref Aliases : never Deref Aliases

        attributes : 'objectclass', 'cn'

: -1

java.lang.ArrayIndexOutOfBoundsException: -1



ADS adds a<  : -1>  at the end of the request although the original
search request seems to be well received :



[15:55:49] DEBUG
[org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
]
- Handling single reply request:     SearchRequest

        baseDn : ''

        filter : '(objectClass=*)'

        scope : whole subtree

        typesOnly : false

        Size Limit : 1

        Time Limit : no limit

        Deref Aliases : never Deref Aliases

        attributes : 'objectclass', 'cn'



The transaction is although very simple :



//Declares the Directory entry object

DirectoryEntry Ldap = new DirectoryEntry(_ldapserver, _bindDN,
_password, AuthenticationTypes.None);

try

{

//Declares the search object

DirectorySearcher search = new DirectorySearcher(Ldap);

// Adds a filter

search.Filter = "(objectClass=*)";  // version APACHE

      //Defines the attributes to retrieve

search.PropertiesToLoad.Add("objectClass");

search.PropertiesToLoad.Add("cn");

            //Performs the search

SearchResult result = search.FindOne();

}



Can anybody help? I cannot understand where does this ": -1" come from
as it doesn't appear using Apache Directory Studio.



If useful the full query log is following...



Thank you very much,



S. Laporte

-------------------------------





[15:40:39] DEBUG
[org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
]
- Handling single reply request:     SearchRequest

        baseDn :
'cn=myBindUser,ou=myBindOU,ou=anotherOU,dc=myDomain,dc=myTLD'

        filter : '(objectClass=*)'

        scope : single level

        typesOnly : false

        Size Limit : 1000

        Time Limit : no limit

        Deref Aliases : deref Always

        attributes : 'hassubordinates', 'objectclass'



[15:40:39] DEBUG
[org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
]
- ManageDsaITControl NOT detected.

[15:40:39] DEBUG
[org.apache.directory.server.ldap.handlers.SearchHandler] - Entry
cn=myBindUser,ou=myBindOU,ou=anotherOU,dc=myDomain,dc=myTLD is NOT a
referral.

[15:40:39] DEBUG
[org.apache.directory.server.ldap.handlers.SearchHandler] - Message
received:      SearchRequest

        baseDn :
'cn=myBindUser,ou=myBindOU,ou=anotherOU,dc=myDomain,dc=myTLD'

        filter : '(objectClass=*)'

        scope : single level

        typesOnly : false

        Size Limit : 1000

        Time Limit : no limit

        Deref Aliases : deref Always

        attributes : 'hassubordinates', 'objectclass'



[15:40:39] DEBUG
[org.apache.directory.server.ldap.handlers.SearchHandler] - using
<1000,1000>  for size limit

[15:55:49] DEBUG
[org.apache.directory.server.ldap.handlers.BindHandler]
- Received:     BindRequest

        Version : '3'

        Name :
'cn=myBindUser,ou=myBindOU,ou=anotherOU,dc=myDomain,dc=myTLD'

        Simple authentication : 'password/0x3F 0x41 0x66 0x73 0x4B 0x3C
0x3D 0x6A '



[15:55:49] DEBUG
[org.apache.directory.server.ldap.handlers.BindHandler]
- Returned SUCCESS message:     BindResponse

        Ldap Result

            Result code : (SUCCESS) success

            Matched DN : 'null'

            Error message : 'null'

.

[15:55:49] DEBUG
[org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
]
- Handling single reply request:     SearchRequest

        baseDn : ''

        filter : '(objectClass=*)'

        scope : base object

        typesOnly : false

        Size Limit : no limit

        Time Limit : no limit

        Deref Aliases : never Deref Aliases

        attributes : 'subschemasubentry', 'dsservicename',
'namingcontexts', 'defaultnamingcontext', 'schemanamingcontext',
'configurationnamingcontext', 'rootdomainnamingcontext',
'supportedcontrol', 'supportedldapversion', 'supportedldappolicies',
'supportedsaslmechanisms', 'dnshostname', 'ldapservicename',
'servername', 'supportedcapabilities'



[15:55:49] DEBUG
[org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
]
- ManageDsaITControl NOT detected.

[15:55:49] DEBUG
[org.apache.directory.server.ldap.handlers.SearchHandler] - Entry  is
NOT a referral.

[15:55:49] DEBUG
[org.apache.directory.server.ldap.handlers.SearchHandler] - Message
received:      SearchRequest

        baseDn : ''

        filter : '(objectClass=*)'

        scope : base object

        typesOnly : false

        Size Limit : no limit

        Time Limit : no limit

        Deref Aliases : never Deref Aliases

        attributes : 'subschemasubentry', 'dsservicename',
'namingcontexts', 'defaultnamingcontext', 'schemanamingcontext',
'configurationnamingcontext', 'rootdomainnamingcontext',
'supportedcontrol', 'supportedldapversion', 'supportedldappolicies',
'supportedsaslmechanisms', 'dnshostname', 'ldapservicename',
'servername', 'supportedcapabilities'



[15:55:49] WARN
[org.apache.directory.server.core.interceptor.context.SearchingOperati
on Context] - Requested attribute dsservicename does not exist in the
schema, it will be ignored

[15:55:49] WARN
[org.apache.directory.server.core.interceptor.context.SearchingOperati
on Context] - Requested attribute defaultnamingcontext does not exist
in the schema, it will be ignored

[15:55:49] WARN
[org.apache.directory.server.core.interceptor.context.SearchingOperati
on Context] - Requested attribute schemanamingcontext does not exist
in the schema, it will be ignored

[15:55:49] WARN
[org.apache.directory.server.core.interceptor.context.SearchingOperati
on Context] - Requested attribute configurationnamingcontext does not
exist in the schema, it will be ignored

[15:55:49] WARN
[org.apache.directory.server.core.interceptor.context.SearchingOperati
on Context] - Requested attribute rootdomainnamingcontext does not
exist in the schema, it will be ignored

[15:55:49] WARN
[org.apache.directory.server.core.interceptor.context.SearchingOperati
on Context] - Requested attribute supportedldappolicies does not exist
in the schema, it will be ignored

[15:55:49] WARN
[org.apache.directory.server.core.interceptor.context.SearchingOperati
on Context] - Requested attribute dnshostname does not exist in the
schema, it will be ignored

[15:55:49] WARN
[org.apache.directory.server.core.interceptor.context.SearchingOperati
on Context] - Requested attribute ldapservicename does not exist in
the schema, it will be ignored

[15:55:49] WARN
[org.apache.directory.server.core.interceptor.context.SearchingOperati
on Context] - Requested attribute servername does not exist in the
schema, it will be ignored

[15:55:49] WARN
[org.apache.directory.server.core.interceptor.context.SearchingOperati
on Context] - Requested attribute supportedcapabilities does not exist
in the schema, it will be ignored

[15:55:49] DEBUG
[org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
]
- Handling single reply request:     SearchRequest

        baseDn : ''

        filter : '(objectClass=*)'

        scope : whole subtree

        typesOnly : false

        Size Limit : 1

        Time Limit : no limit

        Deref Aliases : never Deref Aliases

        attributes : 'objectclass', 'cn'



[15:55:49] DEBUG
[org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
]
- ManageDsaITControl NOT detected.

[15:55:49] DEBUG
[org.apache.directory.server.ldap.handlers.SearchHandler] - Entry  is
NOT a referral.

[15:55:49] DEBUG
[org.apache.directory.server.ldap.handlers.SearchHandler] - Message
received:      SearchRequest

        baseDn : ''

        filter : '(objectClass=*)'

        scope : whole subtree

        typesOnly : false

        Size Limit : 1

        Time Limit : no limit

        Deref Aliases : never Deref Aliases

        attributes : 'objectclass', 'cn'



[15:55:49] DEBUG
[org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
]
- OTHER: failed for     SearchRequest

        baseDn : ''

        filter : '(2.5.4.0=*:[3232])'

        scope : whole subtree

        typesOnly : false

        Size Limit : 1

        Time Limit : no limit

        Deref Aliases : never Deref Aliases

        attributes : 'objectclass', 'cn'

: -1

java.lang.ArrayIndexOutOfBoundsException: -1

                at java.util.ArrayList.get(Unknown Source)

                at
org.apache.directory.server.core.filtering.CursorList.beforeFirst(Curs
or
List.java:170)

                at
org.apache.directory.server.ldap.handlers.SearchHandler.doSimpleSearch
(S
earchHandler.java:729)

                at
org.apache.directory.server.ldap.handlers.SearchHandler.handleIgnoring
Re
ferrals(SearchHandler.java:978)

                at
org.apache.directory.server.ldap.handlers.SearchHandler.handleWithRefe
rr
als(SearchHandler.java:1054)

                at
org.apache.directory.server.ldap.handlers.SearchHandler.handleWithRefe
rr
als(SearchHandler.java:78)

                at
org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler.
ha
ndle(ReferralAwareRequestHandler.java:94)

                at
org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler.
ha
ndle(ReferralAwareRequestHandler.java:57)

                at
org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMes
sa
ge(LdapRequestHandler.java:208)

                at
org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMes
sa
ge(LdapRequestHandler.java:58)

                at
org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(Demuxi
ng
IoHandler.java:232)

                at
org.apache.directory.server.ldap.LdapProtocolHandler.messageReceived(L
da
pProtocolHandler.java:193)

                at
org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messa
ge
Received(DefaultIoFilterChain.java:713)

                at
org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageR
ec
eived(DefaultIoFilterChain.java:434)

                at
org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(Defa
ul
tIoFilterChain.java:46)

                at
org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.mess
ag
eReceived(DefaultIoFilterChain.java:793)

                at
org.apache.mina.core.filterchain.IoFilterEvent.fire(IoFilterEvent.java
:7
1)

                at
org.apache.mina.core.session.IoEvent.run(IoEvent.java:63)

                at
org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.run
Ta
sk(UnorderedThreadPoolExecutor.java:480)

                at
org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.run
(U
norderedThreadPoolExecutor.java:434)

                at java.lang.Thread.run(Unknown Source)

[15:55:49] DEBUG
[org.apache.directory.server.ldap.LdapProtocolHandler]
- Cleaning the LdapSession :
<2.5.4.3=mybinduser,2.5.4.11=mybinfou,2.5.4.11=anotherou,0.9.2342.1920
03 00.100.1.25=mydomain,0.9.2342.19200300.100.1.25=mytld,...>  session

[15:55:49] INFO
[org.apache.directory.server.ldap.handlers.LdapRequestHandler] -
ignoring the message
org.apache.directory.shared.ldap.message.UnbindRequestImpl@374e67ab
received from null session





--
Kiran Ayyagari




--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com

Reply via email to