[Kolab-devel] Search: Invalid DN syntax function.ldap-search
ComCept Soliva
soliva at comcept.ch
Wed Feb 24 05:43:04 CET 2010
Hi Gunnar
This works meaning created a new user using a "," or "=" in the First Name
for test:
Type Name E-mail uid
U Test User, Andrea,Soliva test1 at comcept-net.ch
test1 at comcept-net.ch
U Test User, Andrea=Soliva test2 at comcept-net.ch
test2 at comcept-net.ch
This works also meaning created a new user using a "," or "=" in the Last
Name for test:
Type Name E-mail uid
U Test,User, Andrea Soliva test3 at comcept-net.ch
test3 at comcept-net.ch
U Test=User, Andrea Soliva test4 at comcept-net.ch
test4 at comcept-net.ch
I don't think that this should work correct? I thinks this works "probably
only on my system" because the "," or "=" is not really used in the
background because I deleted afterward the test3 at comcept-net.ch as
test4 at comcept-net.ch and it appears on the Webpage a confirmation:
"The user with DN cn=Andrea Soliva Test\2CUser,dc=comcept-net,dc=ch has been
deleted"
"The user with DN cn=Andrea Soliva Test\3DUser,dc=comcept-net,dc=ch has been
deleted"
This means "=" is used as "/3D" and for ";" is used "/2C".
In the log for creating the user nothing specially appears except the normal
entry:
==> /kolab/var/apache/log/apache-access.log <==
192.168.101.11 - - [24/Feb/2010:05:29:43 +0100] "GET /admin/user/ HTTP/1.1"
200 14475
192.168.101.11 - - [24/Feb/2010:05:29:58 +0100] "GET
/admin/user/user.php?action=create HTTP/1.1" 200 10501
If you need mor tell me
Kind regards
Andrea Soliva
Mail: soliva at comcept.ch
-----Ursprüngliche Nachricht-----
Von: Gunnar Wrobel [mailto:wrobel at pardus.de] Im Auftrag von
kolab-devel-bounces at kolab.org
Gesendet: Sonntag, 21. Februar 2010 21:31
An: kolab-devel at kolab.org
Betreff: [Kolab-devel] Search: Invalid DN syntax function.ldap-search
Hi Andrea,
Quoting ComCept Soliva <soliva at comcept.ch>:
> Hi Gunnar
>
> Man thanks fort he hint and I modified the file as in your patch shown:
>
> --------------- /kolab/var/kolab/php/admin/include/ldap.class.php
> ---------------
>
>
> 411 // Count the number of occurences of an email address
> 412 // in users' mail and alias attributes and in dist.
lists.
> 413 // This can be used to check for uniqueness etc.
> 412 // in users' mail and alias attributes and in dist.
lists.
> 413 // This can be used to check for uniqueness etc.
> 414 function countMail( $base, $mail , $excludedn=false ) {
> 415 // First count users
> 416 $filter = '(|(|(mail='.$this->escape($mail).')
> 417 (alias='.$this->escape($mail).')
> 418 )
> 419 (uid='.$this->escape($mail).')
> 420 )';
> 421 // $res = $this->search( $this->dn_escape($base),
> $filter, array( 'dn' ) );
> 422 $res = $this->search( $base, $filter, array( 'dn'
)
> );
> 423 $count = 0;
> 424
> 425 $entries = ldap_get_entries( $this->connection,
$res
> );
> 426 if( $excludedn ) {
> 427 for ( $i = 0; $i < count( $entries ); $i++ ) {
> 428 // if( is_null( $entries[$i] ) ) continue;
> 429 if( !isset($entries[$i]) || is_null(
> $entries[$i] ) ) continue;
> 430 if(
> KolabLDAP::unescape_dn_value($entries[$i]['dn']) ==
> KolabLDAP::unescape_dn_value($excludedn) ) continue;
> 431 debug("found ".$entries[$i]['dn'] );
> 432 $count++;
>
> --------------- /kolab/var/kolab/php/admin/include/ldap.class.php
> ---------------
>
> After that I created a new user, modified as deleted the user without any
> warnings etc. in the log /kolab/var/apache/log/php/php-errors.log. From
this
> point it seems the warning are gone. I saw somewhere also in the devel
> messages (can not remember anymore) that without this patch it is possible
> to configure a mail alias to two different uid's (users)?
> Right....?
Correct.
> .....after the patch this is not possible meaning a warning is
> shown/poping up that this alias is already set to another uid/user etc.
Nice. Many thanks for the feedback!
>
> As mentioned I did not find anything else after the patch was applied
> meaning warnings, errros etc. even I manipulated the new user I created
for
> the test in different ways. Hope this helps and if you need more tests or
> wathever give me a hint.
If you want, you can check if creating users that contain a "," or a
"=" in the first or last name works as well.
That was what the original patch was actually about. Breaking the
countMail() function was an undesired side effect.
Cheers,
Gunnar
>
> Many thnks and kind regards
>
> Andrea Soliva
>
> Mail: soliva at comcept.ch
> -----Ursprüngliche Nachricht-----
> Von: Gunnar Wrobel [mailto:wrobel at pardus.de] Im Auftrag von
> kolab-devel-bounces at kolab.org
> Gesendet: Sonntag, 21. Februar 2010 14:15
> An: kolab-devel at kolab.org
> Betreff: Re: [Kolab-devel] Search: Invalid DN syntax function.ldap-search
>
> Quoting ComCept Soliva <soliva at comcept.ch>:
>
>> Hi Gunnar
>>
>> No problem can give a try...give me a hint as soon as the patch is
>> available....
>
> Here it is: http://kolab.org/pipermail/kolab-commits/2010q1/011956.html
>
> Cheers,
>
> Gunnar
>
>>
>> Kind regards
>>
>> Andrea
>>
>> Mail: soliva at comcept.ch
>>
>> -----Ursprüngliche Nachricht-----
>> Von: Gunnar Wrobel [mailto:wrobel at pardus.de] Im Auftrag von
>> kolab-devel-bounces at kolab.org
>> Gesendet: Montag, 15. Februar 2010 10:00
>> An: kolab-devel at kolab.org
>> Betreff: Re: [Kolab-devel] Search: Invalid DN syntax function.ldap-search
>>
>> Hi Andrea,
>>
>> actually the error you see is probably a side effect of the bug I
>> introduced with the fix for https://issues.kolab.org/issue3499. I'll
>> try to provide a patch for that today. Please add yourself in nosy
>> there. Would be great if you could provide feedback if that works.
>>
>> Cheers,
>>
>> Gunnar
>>
>> Quoting ComCept Soliva <soliva at comcept.ch>:
>>
>>> Hi Gunnar
>>>
>>> Sorry was in holidays for a fiew days :-)
>>>
>>> I tried to include your suggested stuff "var_dump($base);" in the Code
> of:
>>>
>>> /opt/kolab/var/kolab/php/admin/include/ldap.class.php on line 204
>>>
>>> But as a pity without success....I'm not so familar with php :-( can you
>>> please advice how you would include it.
>>>
>>> Regarding your suggstion what the symptomes are if this error occurs
>>> following:
>>>
>>> The error occures "ONLY" if a user is added or modified within the
> manager
>>> interface. It happens also if a Distribution List ist added or modified.
>> For
>>> the manager itself which add's or modifies the users or distribution
list
>> on
>>> the manager interface nothing occured meanining I added over 20 domains
>> with
>>> 50 email address's and aliases but I never was kicked out or saw a blank
>>> white page or a error from php or whatever. I'm using kolab since years
>> and
>>> this never occoured but I have to say what I did this time was to add a
>>> Domain Maintainer which I never used before...could this be the reason?
> If
>> I
>>> looked in as the Domain Maintainer and added a user I had some kick outs
>> and
>>> blank white pages? I have a strange feeling about this function but that
>> we
>>> have no misunderstandig at all as Kolab Manager I had never blank pages
> or
>>> uncontrolled kicke outs.
>>>
>>> If you could advice where to add the code etc. I can follow up on
> this....
>>>
>>> PS: One more thing which you are probably interessted....I did in
rc.conf
>>> template a modification....this means in the past for config the entry
in
>>> this file was:
>>>
>>> openldap_url="ldap:// ldaps://"
>>>
>>> This was working fine without any problems...in the newewst version the
>>> entry is:
>>>
>>> openldap_url="ldap://@@@bind_addr@@@/ ldaps://@@@bind_addr@@@/"
>>>
>>> This was given errors and a lot of problems because the real entry in
the
>>> /kolab/etc/rc.conf was looking:
>>>
>>> openldap_url="ldap://0.0.0.0/ ldaps://0.0.0.0/"
>>>
>>> This does not work and I changed to 127.0.0.1 or back to the old style.
>> Both
>>> is working fine:
>>>
>>> openldap_url="ldap:// ldaps://"
>>>
>>> I do not think so that this has something to do with the issue which we
>> are
>>> discussion here even I do not understand the
>> "openldap_url="ldap://0.0.0.0/
>>> ldaps://0.0.0.0/". Looks for me funny and not usable. My opinion is that
>> the
>>> bind_addr did not work as expected because I'm using Kolab in a Solaris
>> Zone
>>> and the localhost as the 127.0.0.1 is handled in some circumstances in
>>> another way.....this only for your information. I documented the overall
>>> stuff on the Wiki:
>>>
>>> https://wiki.kolab.org/index.php/Solaris
>>>
>>>
>>> Kind regards
>>>
>>> Andrea
>>>
>>> Mail: soliva at comcept.ch
>>>
>>> -----Ursprüngliche Nachricht-----
>>> Von: Gunnar Wrobel [mailto:wrobel at pardus.de] Im Auftrag von
>>> kolab-devel-bounces at kolab.org
>>> Gesendet: Donnerstag, 11. Februar 2010 22:10
>>> An: kolab-devel at kolab.org
>>> Betreff: [Kolab-devel] Search: Invalid DN syntax function.ldap-search
>>>
>>> Hi Andrea,
>>>
>>> Quoting ComCept Soliva <soliva at comcept.ch>:
>>>
>>>> Hi
>>>>
>>>> It is from my point of view clear the search function but even I see
the
>>>> lines I can not identify what is false and why?:
>>>>
>>>> syntax in /opt/kolab/var/kolab/php/admin/include/ldap.class.php on line
>>> 204
>>>>
>>>>
>>>> 201 function search( $base, $filter, $attrs = false ) {
>>>> 202 $this->freeSearchResult();
>>>> 203 if( $attrs ) {
>>>> 204 $this->search_result = ldap_search(
$this->connection,
>>>> $base, $filter, $attrs );
>>>> 205 } else {
>>>> 206 $this->search_result = ldap_search(
$this->connection,
>>>> $base, $filter );
>>>> 207 }
>>>> 208 return $this->search_result;
>>>> 209 }
>>>
>>> The error sounds as if $base contains an invalid value. You could add
>>> a "var_dump($base);" in the code to display the value.
>>>
>>> Both log entries you mentioned are just warnings though. The code
>>> won't stop on a warning. And the code of the web admin is not exactly
>>> clean when it comes to notices and warnings. Quite the contrary. So
>>> what you see might not be a real problem.
>>>
>>> But I did not quite understand what kind of problems you saw in the
>>> actual frontend. Did you see any specific errors that were displayed?
>>> Or did the web admin just show you a blank page (the PHP white screen
>>> of death)?
>>>
>>> Cheers,
>>>
>>> Gunnar
>>>
>>>>
>>>>
>>>> is not a valid ldap result resource in
>>>> /opt/kolab/var/kolab/php/admin/include/ldap.class.php on line 424
>>>>
>>>> 411 // Count the number of occurences of an email address
>>>> 412 // in users' mail and alias attributes and in dist. lists.
>>>> 413 // This can be used to check for uniqueness etc.
>>>> 414 function countMail( $base, $mail , $excludedn=false ) {
>>>> 415 // First count users
>>>> 416 $filter = '(|(|(mail='.$this->escape($mail).')
>>>> 417 (alias='.$this->escape($mail).')
>>>> 418 )
>>>> 419 (uid='.$this->escape($mail).')
>>>> 420 )';
>>>> 421 $res = $this->search( $this->dn_escape($base), $filter,
>>>> array( 'dn' ) );
>>>> 422 $count = 0;
>>>> 423
>>>> 424 $entries = ldap_get_entries( $this->connection, $res );
>>>> 425 if( $excludedn ) {
>>>> 426 for ( $i = 0; $i < count( $entries ); $i++ ) {
>>>> 427 if( is_null( $entries[$i] ) ) continue;
>>>> 428 if(
>>> KolabLDAP::unescape_dn_value($entries[$i]['dn'])
>>>> == KolabLDAP::unescape_dn_value($excludedn) ) continue;
>>>> 429 debug("found ".$entries[$i]['dn'] );
>>>> 430 $count++;
>>>> 431 }
>>>> 432 } else $count += $entries['count'];
>>>>
>>>>
>>>> Kind regards
>>>>
>>>> Andrea Soliva
>>>>
>>>> Mail: soliva at comcept.ch
>>>> -----Ursprüngliche Nachricht-----
>>>> Von: Bernhard Reiter [mailto:bernhard at intevation.de] Im Auftrag von
>>>> kolab-devel-bounces at kolab.org
>>>> Gesendet: Montag, 25. Januar 2010 14:37
>>>> An: kolab-devel at kolab.org
>>>> Betreff: Re: [Kolab-devel] Search: Invalid DN syntax
> function.ldap-search
>>>>
>>>> Am Sonntag, 24. Januar 2010 11:31:48 schrieb ComCept Soliva:
>>>>> [23-Jan-2010 14:59:36] PHP Warning: ldap_search() [<a
>>>>> href='function.ldap-search'>function.ldap-search</a>]: Search: Invalid
>> DN
>>>>> syntax in /opt/kolab/var/kolab/php/admin/include/ldap.class.php on
line
>>>> 204
>>>>> [23-Jan-2010 14:59:36] PHP Warning: ldap_get_entries(): supplied
>>> argument
>>>>> is not a valid ldap result resource in
>>>>> /opt/kolab/var/kolab/php/admin/include/ldap.class.php on line 424
>>>>>
>>>>> Is this already recognized? Is it not known....I tried to figure out
>> what
>>>>> is wrong but actually I could not?!
>>>>>
>>>>> Any suggestion?
>>>>
>>>> My suggestion is to check the given line 204 and see which argument
>>>> is used there (maybe add a statement to print it out).
>>>>
>>>>> By the way is there a documentation about Master/Slave configuration
>>>>> meaning how this works etc. I could not find anything. Any hints would
>> be
>>>>> appriciated.
>>>>
>>>> I think the documentation is in the architecture documents.
>>>> The idea is pretty simple: Replicate the directory server on the slave
>>>> (for which there is a bootstrap) have all read access on the slave
>>> accounts
>>>> go
>>>> to the slave LDAP server and all write access (only by webadmin) to the
>>>> master.
>>>>
>>>> Bernhard
>>>>
>>>> --
>>>> Managing Director - Owner: www.intevation.net (Free Software
>>> Company)
>>>> Germany Coordinator: fsfeurope.org. Coordinator:
>> www.Kolab-Konsortium.com.
>>>> Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
>>>> Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
>>>>
>>>> _______________________________________________
>>>> Kolab-devel mailing list
>>>> Kolab-devel at kolab.org
>>>> https://kolab.org/mailman/listinfo/kolab-devel
>>>>
>>>
>>>
>>>
>>> --
>>> ____ http://www.pardus.de _________________ http://gunnarwrobel.de _
>>>
>>> E-mail : p at rdus.de Dr. Gunnar Wrobel
>>> Tel. : +49 700 6245 0000 Bundesstrasse 29
>>> Fax : +49 721 1513 52322 D-20146 Hamburg
>>> --------------------------------------------------------------------
>>> >> Mail at ease - Rent a kolab groupware server at p at rdus <<
>>> --------------------------------------------------------------------
>>>
>>>
>>> _______________________________________________
>>> Kolab-devel mailing list
>>> Kolab-devel at kolab.org
>>> https://kolab.org/mailman/listinfo/kolab-devel
>>>
>>> _______________________________________________
>>> Kolab-devel mailing list
>>> Kolab-devel at kolab.org
>>> https://kolab.org/mailman/listinfo/kolab-devel
>>>
>>
>>
>>
>> --
>> ______ http://kdab.com _______________ http://kolab-konsortium.com _
>>
>> p at rdus Kolab work is funded in part by KDAB and the Kolab Konsortium
>>
>> ____ http://www.pardus.de _________________ http://gunnarwrobel.de _
>> E-mail : p at rdus.de Dr. Gunnar Wrobel
>> Tel. : +49 700 6245 0000 Bundesstrasse 29
>> Fax : +49 721 1513 52322 D-20146 Hamburg
>> --------------------------------------------------------------------
>> >> Mail at ease - Rent a kolab groupware server at p at rdus <<
>> --------------------------------------------------------------------
>>
>> _______________________________________________
>> Kolab-devel mailing list
>> Kolab-devel at kolab.org
>> https://kolab.org/mailman/listinfo/kolab-devel
>>
>
>
>
> --
> ______ http://kdab.com _______________ http://kolab-konsortium.com _
>
> p at rdus Kolab work is funded in part by KDAB and the Kolab Konsortium
>
> ____ http://www.pardus.de _________________ http://gunnarwrobel.de _
> E-mail : p at rdus.de Dr. Gunnar Wrobel
> Tel. : +49 700 6245 0000 Bundesstrasse 29
> Fax : +49 721 1513 52322 D-20146 Hamburg
> --------------------------------------------------------------------
> >> Mail at ease - Rent a kolab groupware server at p at rdus <<
> --------------------------------------------------------------------
>
> _______________________________________________
> Kolab-devel mailing list
> Kolab-devel at kolab.org
> https://kolab.org/mailman/listinfo/kolab-devel
>
--
____ http://www.pardus.de _________________ http://gunnarwrobel.de _
E-mail : p at rdus.de Dr. Gunnar Wrobel
Tel. : +49 700 6245 0000 Bundesstrasse 29
Fax : +49 721 1513 52322 D-20146 Hamburg
--------------------------------------------------------------------
>> Mail at ease - Rent a kolab groupware server at p at rdus <<
--------------------------------------------------------------------
_______________________________________________
Kolab-devel mailing list
Kolab-devel at kolab.org
https://kolab.org/mailman/listinfo/kolab-devel
More information about the devel
mailing list