Page 1 of 1

Fun With LDAP

Posted: Sun Jun 18, 2006 2:35 pm
by nontrivial
Hello All,

I am trying to do some exciting stuff that I have posted about elsewhere. What this post is about is that I am having an issue searching LDAP. The issue is that I can't seem to get it to work at all. I know it is working, because I can go to SWA and entries from the SYSTEM directory show up. And I can use omsearch just fine. But I can't get ldapsearch or omldapsearch to work at all. Here are some typical examples:

public:/opt/scalix/bin# ./omldapsearch *
ldap_search: Bad search filter
public:/opt/scalix/bin# ./omldapsearch cn=*
ldap_search: No such object
public:/opt/scalix/bin# ./omldapsearch '(cn=*)'
ldap_search: No such object
public:/opt/scalix/bin# ./omldapsearch '(cn=*)' cn=*
ldap_search: No such object
public:/opt/scalix/bin# ./omldapsearch -w somepassword -v -D "cn=sxadmin" cn=*
ldap_bind: Invalid credentials

And yes, I actually used the real password, the one that works for omlogon.

Any help would be appreciated!
James

Posted: Sun Jun 18, 2006 3:05 pm
by AussieOwner
You need to specify a baseDN..

Code: Select all

omldapsearch -b 'o=Scalix' '(cn=*)' cn


should work for you.

Darrell

Thanks

Posted: Sun Jun 18, 2006 5:54 pm
by nontrivial
Darrell,

Thanks for the reply, but it did not work for me:

public:/opt/scalix/bin# ./omldapsearch -v -h localhost -b 'o=scalix' '(cn=*)' cn
ldap_open( localhost, 389 )
filter pattern: (cn=*)
returning: cn
filter is: ((cn=*))
ldap_search: No such object
0 matches

I'm really not sure what a baseDB is, but according to my swa.properties (which appears to access LDAP just fine) scalix is it. Am I doing something crazy here? I'm running this command as root. I haven't tried opening up a firewall port because I figure if SWA works then this ought to work.

The slapd.debug log has the following:
Jun 18 10:29:33 public omslapd[26308]: conn=19 op=0 RESULT err=0 tag=97 nentries=0
Jun 18 10:29:33 public omslapd[26308]: conn=19 op=1 SRCH base="o=scalix" scope=1 filter="(cn=null)"
Jun 18 10:29:33 public omslapd[26308]: conn=19 op=1 RESULT err=0 tag=101 nentries=0
Jun 18 10:29:33 public omslapd[26308]: conn=19 op=2 UNBIND
Jun 18 10:29:33 public omslapd[26308]: conn=19 op=2 fd=12 closed errno=0
Jun 18 10:29:33 public omslapd[26308]: conn=18 op=2 UNBIND
Jun 18 10:29:33 public omslapd[26308]: conn=18 op=2 fd=11 closed errno=0
Jun 18 10:31:19 public omslapd[26308]: conn=1 op=2 UNBIND
Jun 18 10:31:19 public omslapd[26308]: conn=1 op=2 fd=9 closed errno=0

Is there another log I could check somewhere for clues?

James

Posted: Mon Jun 19, 2006 8:56 am
by ScalixSupport
Looks like you do not have any users.

What does omshowu -m all give you? omsearch -m @all-attr@ -s ?

Cheers,

Sascha.

Thanks Again

Posted: Mon Jun 19, 2006 10:09 am
by nontrivial
Sascha,

Thanks again for the reply, but I do have users. I guess I forgot to mention that I have no other real problems with scalix. The SMTP and other servers work great, SWA works great, and I have no problems using other commands like omsearch and omlogon. For instance:

public:/opt/scalix/bin# ./omshowu -m all
Postmaster NonTrivial /public,scalix/CN=NonTrivial, Postmaster
sxqueryadmin /public,scalix/CN=sxqueryadmin

And I get a bunch or other stuff for omsearch -m @all-attr@ -s

James

Posted: Mon Jun 19, 2006 10:14 am
by ScalixSupport
Odd. Can you do an

strace omldapsearch -v -h localhost -b 'o=scalix' '(cn=*)' cn

and lsof -i tcp:389

Sascha.

Interesting

Posted: Mon Jun 19, 2006 10:26 am
by nontrivial
Hello,

Somebody more knowledgable with LDAP than me asked if I had run slapcat just to see what I had to work with. So it turns out that I have 3 LDAP databases, and none of them look like they contain scalix information. What the heck does that mean?

James

Posted: Mon Jun 19, 2006 10:50 am
by ScalixSupport
In the context of the problem it means absolutely nothing.

Can you tell me what the output of the two commands is?

Sascha.

Found the Problem

Posted: Mon Jun 19, 2006 11:33 am
by nontrivial
Sascha,

I'm sorry to waste your time, I found the problem. I'm running the Xandros edition of scalix, and apparently xandros isn't using the standard LDAP setup. I haven't figured out exactly what is going on, but if you use port 3890 omldapsearch and all the other omldap commands work just fine.

James

Posted: Tue Jun 20, 2006 11:03 am
by florian
Hi James,

thanks for providing this feedback - when I read over your thread, it was actually my first thought that you could be talking to a different LDAP... (Actually, I did manage the Xandros integration from our side and the port number in question, 3890, was my choice... ;-) ).

Anyway, one general remark here - Xandros Scalix Edition _is_ an OEM product where some things (on configuration level, the bits are basically the same) behave different - the product is supported by Xandros who will apply the specifics of the version to questions.

Obviously, a lot of what can be found on our forum, will apply to Xandros Edition as well.

Cheers,
Florian.