[nssldap] Error in creating filter with nss_ldap

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: "Markus Moeller" <huaraz [at] moeller.plus.com>
To: nssldap [at] padl.com
Subject: [nssldap] Error in creating filter with nss_ldap
Date: Sat, 22 Dec 2007 23:40:22 -0000

I use OpenSuse 10.3 with nss_ldap 257 and try to use AD as ldap server. When 
I use the following ldap.conf file:

ldap_version    3
uri     ldap://w2k3r2.win2003r2.home/
base    DC=win2003r2,DC=home
binddn  cn=ldap user,cn=users,dc=win2003r2,dc=home
bindpw  secret
scope   sub
bind_policy     soft
nss_initgroups_ignoreusers      root,ldap
nss_schema      rfc2307bis

nss_map_attribute uidnumber employeeid

nss_base_passwd 
cn=users,dc=win2003r2,dc=home?sub?(&(&(objectclass=user)(uidnumber=*))(employeeid=*))
nss_base_shadow 
cn=users,dc=win2003r2,dc=home?sub?(&(&(objectclass=user)(uidnumber=*))(employeeid=*))
nss_base_group 
cn=users,dc=win2003r2,dc=home?sub?(&(objectclass=group)(gidnumber=*))

I don't get any valid responses (despite having valid entries in AD as I 
checked with ldapsearch) . I recompiled nss_ldap with debug and some extra 
output. The output is below and it looks like nss_ldap is builing an invalid 
filter.

Is this a bug ?

Thank you
Markus


nss_ldap: ==> _nss_ldap_enter
nss_ldap: <== _nss_ldap_enter
nss_ldap: ==> _nss_ldap_ent_context_init_locked
nss_ldap: <== _nss_ldap_ent_context_init_locked
nss_ldap: ==> _nss_ldap_leave
nss_ldap: <== _nss_ldap_leave
nss_ldap: ==> _nss_ldap_enter
nss_ldap: <== _nss_ldap_enter
nss_ldap: ==> _nss_ldap_getent_ex
nss_ldap: ==> _nss_ldap_ent_context_init_locked
nss_ldap: <== _nss_ldap_ent_context_init_locked
nss_ldap: ==> _nss_ldap_search
nss_ldap: ==> do_init
nss_ldap: ==> do_close
nss_ldap: <== do_close
nss_ldap: ==> do_close
nss_ldap: <== do_close
nss_ldap: ==> do_atfork_setup
nss_ldap: <== do_atfork_setup
nss_ldap: ==> _nss_ldap_add_uri
nss_ldap: <== _nss_ldap_add_uri: added URI ldap://w2k3r2.win2003r2.home/
nss_ldap: <== do_init (initialized session)
nss_ldap: ==> do_filter
nss_ldap: :== do_filter: 
(&(&(objectClass=posixGroup))((&(objectclass=group)(gidnumber=*))))
nss_ldap: <== do_filter
nss_ldap: ==> do_with_reconnect
nss_ldap: ==> do_open
nss_ldap: ==> do_init
nss_ldap: <== do_init (initialized session)
nss_ldap: ==> do_bind
nss_ldap: <== do_bind
nss_ldap: ==> do_set_sockopts
nss_ldap: <== do_set_sockopts
nss_ldap: <== do_open (session connected to DSA)
nss_ldap: ==> do_search
nss_ldap: <== MM Filter: 
(&(&(objectClass=posixGroup))((&(objectclass=group)(gidnumber=*))))
nss_ldap: <== MM rc: -7(Bad search filter)
nss_ldap: <== do_search
nss_ldap: <== do_with_reconnect
nss_ldap: <== _nss_ldap_search
nss_ldap: <== _nss_ldap_getent_ex
nss_ldap: ==> _nss_ldap_leave
nss_ldap: <== _nss_ldap_leave
nss_ldap: ==> _nss_ldap_enter
nss_ldap: <== _nss_ldap_enter
nss_ldap: ==> _nss_ldap_ent_context_release
nss_ldap: <== _nss_ldap_ent_context_release
nss_ldap: ==> _nss_ldap_leave
nss_ldap: <== _nss_ldap_leave

[nssldap] Error in creating filter with nss_ldap, Markus Moeller

Re: [nssldap] Error in creating filter with nss_ldap, Alex Samad
- [nssldap] Re: Error in creating filter with nss_ldap, Markus Moeller

Prev by Date: Re: [nssldap] NSS LDAP and z/Linux
Next by Date: Re: [nssldap] Error in creating filter with nss_ldap
Previous by thread: Re: [nssldap] NSS LDAP and z/Linux
Next by thread: Re: [nssldap] Error in creating filter with nss_ldap