On 02/24/2012 09:17 PM, Nathan Stratton wrote: > On Fri, 24 Feb 2012, Yair Zaslavsky wrote: > >> Nathan, first of all, please try to run the query I suggested for you - >> change the filter to >> (&(objectClass=krbPrincipalAux)([email protected])) >> (I understand you try to query IPA with an external tool - please first >> try to use this filter and see if it works. >> In my humble opinion, I don't think that you need to change the code, we >> need to understand why IPA provider is not "detected". > > Sorry, new to LDAP, took me a while to figure out how to do the query > with ldapsearch. > > [root@ipa-master ~]# ldapsearch -x -b "dc=blinkmind,dc=net" > "(&(objectClass=krbPrincipalAux)([email protected]))" -h > localhost > # extended LDIF > # > # LDAPv3 > # base <dc=blinkmind,dc=net> with scope subtree > # filter: > (&(objectClass=krbPrincipalAux)([email protected])) > # requesting: ALL > # > > # nathan, users, accounts, blinkmind.net > dn: uid=nathan,cn=users,cn=accounts,dc=blinkmind,dc=net > displayName: Nathan Stratton > cn: Nathan Stratton > objectClass: top > objectClass: person > objectClass: organizationalperson > objectClass: inetorgperson > objectClass: inetuser > objectClass: posixaccount > objectClass: krbprincipalaux > objectClass: krbticketpolicyaux > objectClass: ipaobject > objectClass: mepOriginEntry > loginShell: /bin/sh > sn: Stratton > gecos: Nathan Stratton > homeDirectory: /home/nathan > krbPwdPolicyReference: > cn=global_policy,cn=BLINKMIND.NET,cn=kerberos,dc=blinkm > ind,dc=net > krbPrincipalName: [email protected] > givenName: Nathan > uid: nathan > initials: NS > uidNumber: 333400004 > gidNumber: 333400004 > ipaUniqueID: cfcf627e-5e5c-11e1-8e68-001a4a0d0004 > mepManagedEntry: cn=nathan,cn=groups,cn=accounts,dc=blinkmind,dc=net > krbLastPwdChange: 20120223202917Z > krbPasswordExpiration: 20220220202917Z > krbLoginFailedCount: 0 > krbExtraData:: AAgBAA== > krbExtraData:: AAKdoUZPbmF0aGFuQEJMSU5LTUlORC5ORVQA > krbLastFailedAuth: 20120223202750Z > krbLastSuccessfulAuth: 20120224191502Z > > # search result > search: 2 > result: 0 Success > > # numResponses: 2 > # numEntries: 1
Hi Nathan, that's awesome - looks like you got a result, so first of all - we know the query syntax is working:) Now, I would like to to run some queries on your psql db, so I will check your configuration select * from vdc_options where option_name ilike '%AdUser%'; select * from vdc_options where option_name = 'DomainName'; > > > >> <> > Nathan Stratton CTO, BlinkMind, Inc. > nathan at robotics.net nathan at blinkmind.com > http://www.robotics.net http://www.blinkmind.com _______________________________________________ Users mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/users
