Closed
Bug 2168
Opened 26 years ago
Closed 26 years ago
Missing attributes when searching...
Categories
(Directory :: PerLDAP, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: leif, Assigned: leif)
References
Details
Numerous reports on missing attributes when searching. I can't reproduce this,
but it seems to be primarily a problem on Windows/NT, and/or a problem with
rogue LDAP servers (not sure how).
More information from different people attached.
Assignee | ||
Comment 1•26 years ago
|
||
From: Stuart.Schneider@PacifiCorp.com
I think I've come across a problem either with your PerLDAP library or
with the Tie::Hash library on a Windows-NT system running ActiveState Perl5
build 506 (Perl 5.005_02). I'm using the version of PerLDAP available on
ActiveState's Package library (which appears to be the most recent version
you have available).
The problem is that when I execute a simple query against my LDAP server
(Microsoft Exchange Server v5.5, which works fine with the Net::LDAPapi
library), I don't get access to all of the data that is returned. An
example script attached below shows the results of a simple query where I am
attempting to display the objectClass for a user. Unless I access the
object behind the TieHash directly, I don't see the data. This is the case
for about 60% of the attributes returned from the LDAP server (some of the
attributes do make it into the TieHash, but there doesn't seem to be a
pattern although the missing fields are the same for each query).
Any insight you might be able to provide would be most useful. I also no
not have access to the CVS system so can't check to see if there is a more
recent version of the modules available. If you could either make a tarball
available somewhere or mail it to me, I might be able to debug a bit
further.
Thanks,
Stuart Schneider
Stuart.Schneider@PacifiCorp.com
-----Sample Script-----
$ld{"host"}="pdxexc01";
$ld{"port"}=389;
$ld{"root"}="";
$ld{"scope"}="sub";
$search = "uid=P75412";
$conn = new Mozilla::LDAP::Conn(\%ld);
die "Could't connect to LDAP server $ld{host}" unless $conn;
$entry = $conn->search($ld{root}, $ld{scope}, $search, 0);
$conn->printError() if $conn->getErrorCode();
while ($entry) {
print "objectClass=",join(",",@{ $entry->{objectClass} }),"\n";
print "objectClass=",join(",",@{ $entry->{_self_obj_}->{objectClass}
}),"\n";
$entry = $conn->nextEntry;
}
$conn->close if $conn;
----------
-----Script Output-----
objectClass=
objectClass=organizationalPerson,person,Top
----------
Assignee | ||
Updated•26 years ago
|
Status: NEW → ASSIGNED
Assignee | ||
Comment 2•26 years ago
|
||
From: Jeff Maaks <jmaaks@mdc.com>
For the boeingPerson object class, I've found that like Stuart Grace (see
http://cvs-mirror.mozilla.org/webtools/bugzilla/show_bug.cgi?id=1328) I
can see the attributes when accessing the entry object directly. Here's
some sample code that lets me see the attributes:
-------------------------------------------------------
use Mozilla::LDAP::Conn;
$root = "ou=people,o=boeing,c=us";
$conn = new Mozilla::LDAP::Conn("servername","port");
$entry =
$conn->search($root,"subtree","(boeingClockNumber=12345)", 0);
while($entry) {
# this prints nothing after the =
print "objectClass=",join(",",@{ $entry->{objectClass} }),"\n";
# this prints the various object classes correctly (inetOrgPerson,
# boeingPerson, etc)
print "objectClass=",join(",",@{ $entry->{_self_obj_}->{objectClass}
}),"\n";
# this prints the various returned attributed correctly (including
# the previously unprintable boeingPerson
print "objectClass=",join(",",@{ $entry->{_self_obj_}->{_oc_order_}
}),"\n";
# and this prints the attributes and values OK
foreach $attr (@{$entry->{_self_obj_}->{_oc_order_} }) {
grep((print "$attr: $_\n"), @{$entry->{_self_obj_}->{$attr}});
}
# this only prints cn,dn,mail, etc. - non-boeingPerson attributes
$entry->printLDIF();
$entry = $conn->nextEntry();
}
So, accessing the object internals works, but working through the
provided methods does not.
Thanks for any insight you could provide.....
----------------------------------------------------------------
More from Jeff Maaks <jmaaks@mdc.com>:
I am running ActiveState Perl 5 build 506 (Perl 5.005_02). I just
downloaded and installed build 508, and it didn't help. I've been poking
around in Conn.pm's sub nextEntry, and a print "clocknum: ",
$obj->{boeingClockNumber}, "\n"; just before the ldap_ber_free at the
end of the routine correctly prints the value.
One more clue:in sub nextEntry from Comm.pm, if I change the last line:
return bless \%entry, Mozilla::LDAP::Entry;
to:
return bless $obj, Mozilla::LDAP::Entry;
..then everything seems to work great! However, I'm not enough of a
Perl object/tie expert to know what this might be screwing up. Does this
give you any ideas?
Assignee | ||
Comment 3•26 years ago
|
||
From: Brad.Davis@online.disney.com
I'm working on a web page that will allow non technical people to update
personal info like phone and room numbers in an LDAP database and trying to use
PerlLDAP to do so.
My main problem is that the following code is in the following code:
$conn = new Mozilla::LDAP::Conn("mailhub", "389", "cn=Manager, ou=Online,
o=Disney, c=US", "asdfasdf");
if (!$conn) { die "Could't connect to LDAP server $ld{host}" };
$entry = $conn->search($query->param('DN'), "base", "(objectclass=*)", 0,
@attr);
if ($conn->getErrorCode())
{ print "Error: " . $conn->printError(); }
print $entry->printLDIF();
Which should produce roughly the same output as the command line tool ldapsearch
called as follows:
ldapsearch -p 389 -b "ou=Online,o=disney,c=US" -D "cn=Manager, ou=Online,
o=Disney, c=US" -w asdfasdf -h mailhub -v "cn=Brad Davis"
But instead I get a remarkably small subset of the information, containing only
the cn, sn, info and mail attributes. I hope I'm not being merely dense. Any
ideas?
------------------------------------------------------
And more from Brad:
Thanks for the response. The C-SDK was the lastest release of the Netscape 3.0
dir sdk for Unix, the client platform was Solaris 2.7, and the server platform
was Solaris 2.6. The PerlLDAP version was the most recent ZIP file in the
mozilla ftp server (I'm not quite up to speed with CVS). The server in question
is the LDAP portion of an integrated enterprise mail product by Control Data
Corp, called Mailhub (or Intrastore, depending on how much of the product you
buy).
I'm also working on my own OO encapsulation classes for LDAP in C++ using the
STL libraries and when I compile those against the same SDK on the same platform
or on my NT box (using the NT version of the same C-SDK) I get normal results. I
only reverted to PERL for the web page interface because of a possible shorter
development cycle with a non-interpreted language and also because I didn't want
to have to have to intergrate CGI handling into C++. If there is anything I can
to help you isolate this bug, let me know.
Assignee | ||
Comment 4•26 years ago
|
||
Note that changing the code to
return bless $obj, Mozilla::LDAP::Entry;
does not work as intended, since the TIE functionality is lost.
Assignee | ||
Comment 5•26 years ago
|
||
I'm moving bug #1381 over to this bug, here's the bug report:
Submitted by: "Ronan Cremin" <ronan.cremin@isocor.com>
Hi Leif,
First of all, great stuff - a really nice extension to Perl. Seconldy, if you
are not the person to talk to about this I
appologize.
I have an LDAP v3 directory (ISOCOR GDS) with objects of the following form:
Top
Person
organizationalPerson
inetOrgPerson
gtePerson
If I do an LDAP search on the directory using the standard command line tools I
see the following data for each user:
cn=Danial.McCullough, ou=internetworking, o=GTE, c=US
objectClass=top
objectClass=person
objectClass=organizationalPerson
objectClass=inetOrgPerson
objectClass=gtePerson
cn=McCullough, Danial P
cn=Danial.McCullough
sn=McCullough
title=Customer Care Specialist
telephoneNumber=617-843-2515
givenName=Danial
initials=P
mail=Danial.McCullough@Wireless.isocor.com
createTimeStamp=19981112003735.002Z
modifyTimeStamp=19981112003735.002Z
creatorsName=cn=manager
modifiersName=cn=manager
employeeNumber=2476
gteAlias=dmccull.lastname
But if I use PerLDAP to implement the same search as follows:
my $result = $conn->search("ou=internetworking, o=gte, c=us", "one", "cn=*");
$result->printLDIF();
I see only the following attributes:
dn: cn=Danial.McCullough, ou=internetworking, o=GTE, c=US
cn: McCullough, Danial P
cn: Danial.McCullough
sn: McCullough
title: Customer Care Specialist
initials: P
mail: Danial.McCullough@Wireless.isocor.com
Do you know why I can't see all of the returned attributes when using PerLDAP? I
can see from my directory log file that the
attributes *are* actually requested by PerlLDAP and they *are* all returned by
the directory.
I would appreciate any help you could give me with this.
------- Additional Comments From leif@netscape.com 11/16/98 03:26 -------
From: "Stuart Grace" <sgrace@hotpop.com>
Apparently this happens with other servers as well, from Stuart:
I am experiencing a problem in using PerLDAP on NT.
The setup is as follows:
Windows NT4 sp3
ICL I500 v8 X.500 Directory Service with LDAP V3.X LDAP server interface.
Perl 5.004_02
PerLDAP v1.0
I can use the ldapsearch.exe and ldapmodify.exe (v3.0) binaries to perform
read, search and updates against the directory without problems. For
example, the results I get from a simple search are as follows:
ldapsearch -h ,host> -p <port> -b "ou=People, o=XYZ, c=GB" "(cn=fred smith)"
dn: CN=fred smith, ou=People, o=XYZ, c=GB
objectClass: person
objectClass: organizationalPerson
commonName: fred smith
surname: smith
mail: fred . smith @ XYZ . co. uk
createTimeStamp: 19981113142229Z
modifyTimeStamp: 19981113142229Z
creatorsName: CN=DSAmanager
modifiersName: CN=DSAmanager
I have installed the PreLDAP binaries and I can also perform searches and
directory updates without problems from within PERL :-)
However, I see a problem with the PerLDAP install when I try and read
attribute values. I find the entry OK and I can read the 'mail' attribute
OK but can't read any of the other attributes, including the 'cn'. I see
the same effect when I call the printLDIF method, i.e. only the dn and mail
details are returned.
My code looks like:
if ( ! ( $ldapconn = Mozilla::LDAP::Conn->new ( $ldap_host, $ldap_port, "",
"" ) ) ) {
&fatalerr ( "No LDAP Connection Created." );
}
$cdbase = 'ou=people,o=xyz,c=gb';
$filter = '(cn=fred smith)'; # setup the filter...
@attributes = ( "cn", "mail" );
$foundentry = $ldapconn->search ( $cdbase, 'subtree', $filter, 0,
@attributes );
if ( $ldapconn->getErrorCode () ) { # return now if error
$ldapconn->printError ();
return 0;
}
if ( ! $foundentry ) { # return now if nothing found
&logmsg ( "No entries found in I500 with filter $filter." );
return 0;
}
# -- Getting the DN works OK
$dn = $foundentry->getDN ();
&logmsg ( "Found: $dn" );
# -- Displays only the users mail and dn OK, fails to get other attributes
inc the cn
$foundentry->printLDIF ();
# -- the following fails to return the cn, the mail attribute is returned
&logmsg ( "commonname: $foundentry->{cn}[0]" );
&logmsg ( "mail: $foundentry->{mail}[0]" );
foreach $attribute ( @attributes ) {
$entrydetails{$attribute} = $foundentry->{$attributes}[0];
}
$ldapconn->close;
The user objects have other attributes also propulated but I get the same
problem, i.e. I can't read them.
What am I doing wrong ?
Assignee | ||
Comment 7•26 years ago
|
||
Merging in another bug report, this looks very promising, I suspect it has
something to do with case sensitivity in the servers(?).
From: Jon Udell <udell@monad.net>
Hi Leif,
I've just been poking around in an Exchange Server with PerLDAP. Was
puzzled to see that PrintLDIF was only reporting all lowercase
attributes, not any mixed-case attributes. I haven't figured out why,
but I did notice that although the top level of the $entry structure
exhibited this pathology, its internal _self_obj_ looked OK. So I
changed to
grep((print "$attr: $_\n"), @{$self->{_self_obj_}->{$attr}});
from
grep((print "$attr: $_\n"), @{$self->{$attr}});
in ::Entry::PrintLDIF. Which seems to work, but I know there's got to be
more to the story. I'm attaching a Data::Dumper dump of $entry following
a search. As you can see, all non-lowercase attributes at the root level
of $entry are undef. I've only just noticed this because, working with
Netscape Directory Server, I think I've only been seeing lowercase
attributes. Exchange uses mixed-case attributes.
I can't find the place in your Perl code where this is happening, but
it's got to be there. Because in Conn::nextEntry, I can do
@vals = ldap_get_values_len($self->{"ld"}, $self->{"ldentry"}, $attr);
print "$attr: $vals[0]\n";
and see all the attributes. So they're coming back OK from the LDAP API
level. I guess one set of attributes mirrors the other, for
change-tracking purposes? I dunno, you sort of lost me with that
multilevel blessed object sleight of hand....
This is, by the way, using the Win32 ActiveState PerlDAP module, if that
matters (it shouldn't, I don't think).
Regards,
--
Jon Udell - http://udell.roninhouse.com/
$VAR1 = bless( {
'sn' => [
'Udell'
],
'_self_obj_' => bless( {
'title' => [
'foo'
],
'mail' => [
'judell@WALNUT.UdellInc..com'
],
'rfc822Mailbox' => [
'judell@WALNUT.UdellInc..com'
],
'rdn' => [
'judell'
],
'Hide-From-Address-Book' => [
'FALSE'
],
'st' => [
'NH'
],
'_oc_order_' => [
'objectClass',
'rdn',
'cn',
'distinguishedName',
'Hide-From-Address-Book',
'rfc822Mailbox',
'mail',
'textEncodedORaddress',
'otherMailbox',
'postalAddress',
'conferenceInformation',
'mailPreferenceOption',
'department',
'givenName',
'Home-MTA',
'l',
'physicalDeliveryOfficeName',
'postalCode',
'st',
'sn',
'telephoneNumber',
'title'
],
'l' => [
'Keene'
],
'telephoneNumber' => [
'555-1212'
],
'objectClass' => [
'organizationalPerson',
'person',
'Top'
],
'postalCode' => [
'03431'
],
'physicalDeliveryOfficeName'
=> [
'home office'
],
'otherMailbox' => [
'MS$UDELLINC/WALNUT/JUDELL',
'CCMAIL$Udell, Jon2 at WALNUT'
],
'cn' => [
'Jon Udell'
],
'dn' =>
'cn=judell,cn=Recipients,ou=WALNUT,o=Udell Inc.',
'department' => [
'no dept.'
],
'distinguishedName' => [
'cn=judell,cn=Recipients,ou=WALNUT,o=Udell Inc.'
],
'Home-MTA' => [
'cn=Microsoft
MTA,cn=INTERGRAPH,cn=Servers,cn=Configuration,ou=WALNUT,o=Udell Inc.'
],
'postalAddress' => [
'31
Walnut St'
],
'givenName' => [
'Jon'
],
'mailPreferenceOption' => [
'0'
],
'conferenceInformation' => [
'/'
],
'textEncodedORaddress' => [
'c=US;a= ;p=Udell Inc.;o=WALNUT;s=Udell2;g=Jon;'
]
}, 'Mozilla::LDAP::Entry' ),
'sn' => $VAR1->{'sn'},
'_self_obj_' => $VAR1->{'_self_obj_'},
'title' => $VAR1->{'_self_obj_'}{'title'},
'mail' => $VAR1->{'_self_obj_'}{'mail'},
'rfc822Mailbox' => undef,
'rdn' => $VAR1->{'_self_obj_'}{'rdn'},
'Hide-From-Address-Book' => undef,
'st' => $VAR1->{'_self_obj_'}{'st'},
'_oc_order_' => $VAR1->{'_self_obj_'}{'_oc_order_'},
'l' => $VAR1->{'_self_obj_'}{'l'},
'telephoneNumber' => undef,
'objectClass' => undef,
'postalCode' => undef,
'physicalDeliveryOfficeName' => undef,
'otherMailbox' => undef,
'cn' => $VAR1->{'_self_obj_'}{'cn'},
'dn' => 'cn=judell,cn=Recipients,ou=WALNUT,o=Udell
Inc.',
'department' => $VAR1->{'_self_obj_'}{'department'},
'distinguishedName' => undef,
'Home-MTA' => undef,
'postalAddress' => undef,
'givenName' => undef,
'mailPreferenceOption' => undef,
'conferenceInformation' => undef,
'textEncodedORaddress' => undef
}, 'Mozilla::LDAP::Entry' );
------- Additional Comments From leif@netscape.com 12/03/98 02:25 -------
More from Jon:
That's good. I have no further info. Where it stands: I'm not sure which of the
two attribute structures is canonical. I am pretty sure that arbitrarily
switching from one to the other, to work around the problem I cited, can't be
the right thing to do.
Assignee | ||
Comment 9•26 years ago
|
||
"Ronan Cremin" <ronan.cremin@isocor.com> reported the same problems when using
ISOCOR's LDAP server from an Solaris client.
Comment 10•26 years ago
|
||
Setting all current Open Critical and Major to M3
Comment 11•26 years ago
|
||
Clearing "M" field since Directory product is not used for 5.0 specific project
bug metrics and will mess up our queries on milestones.
Assignee | ||
Updated•26 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 26 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 12•26 years ago
|
||
I hope/believe this is resolved with all the other bug fixes that got into
PerLDAP v1.2. Please reopen the bug if it's still a problem.
You need to log in
before you can comment on or make changes to this bug.
Description
•