[nssldap] Error in creating filter with nss_ldap
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[nssldap] Error in creating filter with nss_ldap
- From: "Markus Moeller" <huaraz [at] moeller.plus.com>
- To: nssldap [at] padl.com
- Subject: [nssldap] Error in creating filter with nss_ldap
- Date: Sat, 22 Dec 2007 23:40:22 -0000
I use OpenSuse 10.3 with nss_ldap 257 and try to use AD as ldap server. When
I use the following ldap.conf file:
ldap_version 3
uri ldap://w2k3r2.win2003r2.home/
base DC=win2003r2,DC=home
binddn cn=ldap user,cn=users,dc=win2003r2,dc=home
bindpw secret
scope sub
bind_policy soft
nss_initgroups_ignoreusers root,ldap
nss_schema rfc2307bis
nss_map_attribute uidnumber employeeid
nss_base_passwd
cn=users,dc=win2003r2,dc=home?sub?(&(&(objectclass=user)(uidnumber=*))(employeeid=*))
nss_base_shadow
cn=users,dc=win2003r2,dc=home?sub?(&(&(objectclass=user)(uidnumber=*))(employeeid=*))
nss_base_group
cn=users,dc=win2003r2,dc=home?sub?(&(objectclass=group)(gidnumber=*))
I don't get any valid responses (despite having valid entries in AD as I
checked with ldapsearch) . I recompiled nss_ldap with debug and some extra
output. The output is below and it looks like nss_ldap is builing an invalid
filter.
Is this a bug ?
Thank you
Markus
nss_ldap: ==> _nss_ldap_enter
nss_ldap: <== _nss_ldap_enter
nss_ldap: ==> _nss_ldap_ent_context_init_locked
nss_ldap: <== _nss_ldap_ent_context_init_locked
nss_ldap: ==> _nss_ldap_leave
nss_ldap: <== _nss_ldap_leave
nss_ldap: ==> _nss_ldap_enter
nss_ldap: <== _nss_ldap_enter
nss_ldap: ==> _nss_ldap_getent_ex
nss_ldap: ==> _nss_ldap_ent_context_init_locked
nss_ldap: <== _nss_ldap_ent_context_init_locked
nss_ldap: ==> _nss_ldap_search
nss_ldap: ==> do_init
nss_ldap: ==> do_close
nss_ldap: <== do_close
nss_ldap: ==> do_close
nss_ldap: <== do_close
nss_ldap: ==> do_atfork_setup
nss_ldap: <== do_atfork_setup
nss_ldap: ==> _nss_ldap_add_uri
nss_ldap: <== _nss_ldap_add_uri: added URI ldap://w2k3r2.win2003r2.home/
nss_ldap: <== do_init (initialized session)
nss_ldap: ==> do_filter
nss_ldap: :== do_filter:
(&(&(objectClass=posixGroup))((&(objectclass=group)(gidnumber=*))))
nss_ldap: <== do_filter
nss_ldap: ==> do_with_reconnect
nss_ldap: ==> do_open
nss_ldap: ==> do_init
nss_ldap: <== do_init (initialized session)
nss_ldap: ==> do_bind
nss_ldap: <== do_bind
nss_ldap: ==> do_set_sockopts
nss_ldap: <== do_set_sockopts
nss_ldap: <== do_open (session connected to DSA)
nss_ldap: ==> do_search
nss_ldap: <== MM Filter:
(&(&(objectClass=posixGroup))((&(objectclass=group)(gidnumber=*))))
nss_ldap: <== MM rc: -7(Bad search filter)
nss_ldap: <== do_search
nss_ldap: <== do_with_reconnect
nss_ldap: <== _nss_ldap_search
nss_ldap: <== _nss_ldap_getent_ex
nss_ldap: ==> _nss_ldap_leave
nss_ldap: <== _nss_ldap_leave
nss_ldap: ==> _nss_ldap_enter
nss_ldap: <== _nss_ldap_enter
nss_ldap: ==> _nss_ldap_ent_context_release
nss_ldap: <== _nss_ldap_ent_context_release
nss_ldap: ==> _nss_ldap_leave
nss_ldap: <== _nss_ldap_leave
- [nssldap] Error in creating filter with nss_ldap,
Markus Moeller