tags:

views:

584

answers:

3
+4  Q: 

How do I make a complex query with Perl's Net::LDAP?

Hi.

I'm having trouble running a complex query against our company LDAP server. I'm using the following Perl script:

use Data::Dumper;
use Net::LDAP;

die "Can't connect to LDAP-Server: $@\n" 
    unless $ldap = Net::LDAP->new( 'xLDAPx' );


foreach my $filter ( 'ou=Personal', 'ou=BAR', 'ou=Personal,ou=BAR', 'ou=Personal,ou=FOO,o=FOO,dc=foo,dc=com' )
{ 
    $mesg = $ldap->search( base => "o=FOO,dc=foo,dc=com", filter => $filter );
    print Dumper($mesg), "\n\n";
}

While the first two filters work (as in returning the expected values) the last and complex one doesn't. It returns an empty array. What really puzzles me is that exactly the same query string works when I use it with a tool like the Softerra LDAP Browser.

I have also tried the same query using PHP's ldap_search & co, no avail.

Can somebody shed some light on this?

Thanks for reading

holli

Edit: This is the structure of the server:

Server
    ou=FOO
        ou=...
        ou=Personal
            uid=something

I need a list of uids.

+4  A: 

The reason is that you are not providing syntactically correct filter strings, but parts of a DN. I can't imagine this works in Ldap Browser - I just tried myself without success.

The first two are correct filter strings. They filter on a single object attribute in a "({attribute}={value})" fashion. The first ("ou=Personal") would return any OU named "Personal" within your search base.

If you explain in more detail what you are trying to find I can probably tell you what filter expression you need.

Tomalak  2008-10-28 09:31:34
added server structure to the OP
holli  2008-10-28 09:45:14
I'm sorry, but the question is still not clear. What are "uids" in your context? Objects in their own right, or attributes of different objects?
Tomalak  2008-10-28 09:48:05
+4  A: 

I think you want it to be more like (&(ou=Personal)(ou=FOO)(o=FOO)(dc=foo)(dc=com)). But you are not clear at all on what you want exactly, so I can't make a filter for you.

Edited to add: I'm guessing this is what you want to do: (|(ou=Personal)(ou=FOO))

Leon Timmermans  2008-10-28 10:23:17
No single object in LDAP will match such a filter. Besides, you are missing a closing paren. :-)
Tomalak  2008-10-28 10:25:54
Probably not, though it may match, it was just a syntactic example. Like I said, it's not clear to me from the question what he wants exactly.
Leon Timmermans  2008-10-28 10:36:08
+2  A: 

Write a filter that conforms to RFC 2254 and then see what happens. You don't need a complex query, you want one attribute for every entry under one branch. Look at the attrs argument for the search method.

Peter Scott  2008-10-28 11:23:15

related questions

Regex to replace Boolean with bool
How do I lock a file in Perl?
How do you use XML::Parser with Style => 'Objects'
Parsing XML Elements & Attributes with Perl
Regex to match all HTML tags except <p> and </p>
Best way to extract data from a FileMaker Pro database in a script?
What's the fastest way to determine a full URL from a relative URL (given a base URL).
Why can't I connect to my CAS server with Perl's AuthCAS?
Why can't I fetch wikipedia pages with LWP::Simple?
How do I perform a Perl substitution on a string while keeping the original?
How do I read in the contents of a directory in Perl?
How can Perl's system() print the command that it's running?
How can I test STDIN without blocking in Perl?
How do I tell if a variable has a numeric value in Perl?
Why doesn't my Perl map return anything?
How can I determine the type of a blessed reference in Perl?
Parsing attributes with regex in Perl
How do you retrieve selected text using Regex in C#?
Why does the Perl conditional operator not do what I expect?
Class::DBI-like library for php?
How do you create objects in Perl?
How do I remove duplicate items from an array in Perl?
Is The Perl Journal available online?
Can you force either a scalar or array ref to be an array in Perl?
What's the safest way to iterate through the keys of a Perl hash?