Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > Any LDAP folks around? I have a dumb question about ldapsearch.
 
  • Locked thread
nitrogen
May 21, 2004

Oh, what's a 217°C difference between friends?
 first off, yeah, i'm probably doing it wrong. I'm using some schema in ways it wasn't designed to be used; more as a proof of concept

ldap is something i'm trying to learn better for 2017, so i'm diving into crazy stuff.

Here's what i've got:
base is dc=CENSORED,dc=com.
I created an OU called "prodhosts" which is a container for lists of servers
under that there's cn=bedford and cn=dallas, both of which are "rooms" in schema.
Under that are lists of servers, with an attribute "roomnumber" for the type of server they are (e.g web, or job)

So, what i want to do is get a list of all servers under cn=bedford,ou=PRODhosts,DC=CENSORED,dc=com with attribute roomnumber=web:

code:

[lgreen@lgldapdev101 ~]$ ldapsearch -LLL -x ldap://lgldapdev100 \
-b "cn=bedford,ou=PRODhosts,dc=CENSORED,dc=com" \
-s one "(roomnumber=web)"  cn roomnumber


dn: cn=web1000,cn=bedford,ou=prodhosts,dc=CENSORED,dc=com
cn: web1000
roomnumber: web
 
dn: cn=job1000,cn=bedford,ou=prodhosts,dc=CENSORED,dc=com
cn: job1000
roomnumber: job
This is the output I get. which isnt what i want. What am I doing stupidly? (besides my misuse of the schema for this POC)

* # ? Jan 26, 2017 17:37
  • Quote
Adbot
ADBOT LOVES YOU

# ? Apr 25, 2024 16:42
  • Quote
Wicks
May 7, 2009
 Just shooting from the hip, but how is the room attrb defined? Some attributes can only hold certain types of values (string, int, ect). I seem to remember that this can also affect the matching algorithms used for that attribute.

What's the schema that provides room number? And what are the object classes that make up your server object?

* # ? Jan 27, 2017 03:26
  • Quote
Wicks
May 7, 2009
 Another thought is that you could run it with debug and see what the command is passing the server.

* # ? Jan 27, 2017 03:46
  • Quote
nitrogen
May 21, 2004

Oh, what's a 217°C difference between friends?
 ok, the debugmode hint gave me what i needed, but hell if I know why.

The command line iwas using, it compltelty ignored my filterspec. I am using a much simpler one and it works:

code:
ldapsearch -x  -LLL "(roomnumber=interface)" cn roomnumber
I have no clue why the commandline i was using before was no good, but meh. My proof of concept is pretty much live now, thanks for your help!

* # ? Jan 27, 2017 05:02
  • Quote
Wicks
May 7, 2009
 Cool, glad you got it working. Only thing I can think of is that it interpreted ldap://lgldapdev100 as a filter and then defaulted to objectClass=*. Your original command would probably work if you put a -H in front of ldap://lgldapdev100.

* # ? Jan 27, 2017 07:28
  • Quote
  • Locked thread
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > Any LDAP folks around? I have a dumb question about ldapsearch.