directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Willeke <...@willeke.com>
Subject Re: Querying Apache DS via .NET C# DirectorySearcher
Date Wed, 23 Feb 2011 12:23:57 GMT
Check out:
http://msdn.microsoft.com/en-us/library/system.directoryservices.protocols.ldapconnection.aspx
You might try something like:

NetworkCredential oCred = new NetworkCredential( strLdapUserId,
strLdapPassword );
LdapConnection oLdapConnection = new LdapConnection(
        new LdapDirectoryIdentifier( strLdapServer, true, false ), oCred );

oLdapConnection.AuthType = AuthType.Basic;
oLdapConnection.SessionOptions.ProtocolVersion = 3;
oLdapConnection.Bind();

If the "bind" works, then you should be good.
No Search is performed.

-jim
Jim Willeke


On Wed, Feb 23, 2011 at 6:41 AM, Laporte Sylvain (GIE)
<slaporte@mutua-services.fr> wrote:
>
> Thank you,
>
>        In deed, our developper is new to querying LDAP with C# and did not manage
to set the BaseDN to anything else than root. C# and Directory Services classes seem to be
quite weird on this side.
>        Anyway, he tried modifying the scope to base object only and did not get this
exception.
>
>        The purpose of the non sense query is that, in this case, we only need to
validate the bind step so we don’t care about searching the whole tree or retreiving some
results.
>        But we are aware that we are likely to face the problem again in the furture,
when we'll actually have to retreive some information... Then our dev will have to get through
this BaseDN thing.
>
> Thank you all for your help.
>
> KR,
>
> -----Message d'origine-----
> De : Emmanuel Lecharny [mailto:elecharny@gmail.com]
> Envoyé : mercredi 23 février 2011 10:29
> À : users@directory.apache.org
> Objet : Re: Querying Apache DS via .NET C# DirectorySearcher
>
> On 2/23/11 9:49 AM, Laporte Sylvain (GIE) wrote:
> > Hi,
> >
> > Thanks for your reply.
> > We are using v1.5.7 with Java 1.6 update 23
> >
> > When talking about "an old issue related to sub level searching on RootDSE", do
you think that restricting the search on the OU or at least on the domain could help solve
the problem?
> Just try starting on another naming context than RootDSE. Your baseDN is empty, searching
from 'dc=myDomain,dc=myTLD' could work.
>
> Also, searching the whole tree with a size limit set to 1 and a filter set to (ObjectClass=*)
does not make a lot of sense, but this is another story...
> > Thanks
> >
> >
> >
> > -----Message d'origine-----
> > De : ayyagarikiran@gmail.com [mailto:ayyagarikiran@gmail.com] De la part de Kiran
Ayyagari
> > Envoyé : mardi 22 février 2011 21:13
> > À : users@directory.apache.org
> > Objet : Re: Querying Apache DS via .NET C# DirectorySearcher
> >
> > hi Laporte,
> >
> >    Which version you are using? I guess you are encountering an old issue related
to sub level searching on RootDSE, a fix for this issue
> >    was committed to the trunk quite sometime back, may be you can test your program
against the server built from trunk sources.
> >
> > On Tue, Feb 22, 2011 at 9:22 PM, Laporte Sylvain (GIE)<slaporte@mutua-services.fr>
 wrote:
> >> Hi all,
> >>
> >>
> >>
> >> We've just implemented Apache Directory Server on one of our Windows
> >> 2008 Servers.
> >>
> >> Some of our developpers have to create a C# web service that query
> >> this new ApacheDS directory using the DirectorySearcher class.
> >>
> >>
> >>
> >> When he comes to query the LDAP directory, he gets a strange message
> >> on his side:<  A network peripheral is not functionning>
> >>
> >> Switching the logs to DEBUG, I can see that the bind performs well,
> >> but the search throws a java exception when ADS is handling the request :
> >>
> >>
> >>
> >> [15:55:49] DEBUG
> >> [org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
> >> ]
> >> - OTHER: failed for     SearchRequest
> >>
> >>                   baseDn : ''
> >>
> >>         filter : '(2.5.4.0=*:[3232])'
> >>
> >>         scope : whole subtree
> >>
> >>         typesOnly : false
> >>
> >>         Size Limit : 1
> >>
> >>         Time Limit : no limit
> >>
> >>         Deref Aliases : never Deref Aliases
> >>
> >>         attributes : 'objectclass', 'cn'
> >>
> >> : -1
> >>
> >> java.lang.ArrayIndexOutOfBoundsException: -1
> >>
> >>
> >>
> >> ADS adds a<  : -1>  at the end of the request although the original
> >> search request seems to be well received :
> >>
> >>
> >>
> >> [15:55:49] DEBUG
> >> [org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
> >> ]
> >> - Handling single reply request:     SearchRequest
> >>
> >>         baseDn : ''
> >>
> >>         filter : '(objectClass=*)'
> >>
> >>         scope : whole subtree
> >>
> >>         typesOnly : false
> >>
> >>         Size Limit : 1
> >>
> >>         Time Limit : no limit
> >>
> >>         Deref Aliases : never Deref Aliases
> >>
> >>         attributes : 'objectclass', 'cn'
> >>
> >>
> >>
> >> The transaction is although very simple :
> >>
> >>
> >>
> >> //Declares the Directory entry object
> >>
> >> DirectoryEntry Ldap = new DirectoryEntry(_ldapserver, _bindDN,
> >> _password, AuthenticationTypes.None);
> >>
> >> try
> >>
> >> {
> >>
> >> //Declares the search object
> >>
> >> DirectorySearcher search = new DirectorySearcher(Ldap);
> >>
> >> // Adds a filter
> >>
> >> search.Filter = "(objectClass=*)";  // version APACHE
> >>
> >>       //Defines the attributes to retrieve
> >>
> >> search.PropertiesToLoad.Add("objectClass");
> >>
> >> search.PropertiesToLoad.Add("cn");
> >>
> >>             //Performs the search
> >>
> >> SearchResult result = search.FindOne();
> >>
> >> }
> >>
> >>
> >>
> >> Can anybody help? I cannot understand where does this ": -1" come from
> >> as it doesn't appear using Apache Directory Studio.
> >>
> >>
> >>
> >> If useful the full query log is following...
> >>
> >>
> >>
> >> Thank you very much,
> >>
> >>
> >>
> >> S. Laporte
> >>
> >> -------------------------------
> >>
> >>
> >>
> >>
> >>
> >> [15:40:39] DEBUG
> >> [org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
> >> ]
> >> - Handling single reply request:     SearchRequest
> >>
> >>         baseDn :
> >> 'cn=myBindUser,ou=myBindOU,ou=anotherOU,dc=myDomain,dc=myTLD'
> >>
> >>         filter : '(objectClass=*)'
> >>
> >>         scope : single level
> >>
> >>         typesOnly : false
> >>
> >>         Size Limit : 1000
> >>
> >>         Time Limit : no limit
> >>
> >>         Deref Aliases : deref Always
> >>
> >>         attributes : 'hassubordinates', 'objectclass'
> >>
> >>
> >>
> >> [15:40:39] DEBUG
> >> [org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
> >> ]
> >> - ManageDsaITControl NOT detected.
> >>
> >> [15:40:39] DEBUG
> >> [org.apache.directory.server.ldap.handlers.SearchHandler] - Entry
> >> cn=myBindUser,ou=myBindOU,ou=anotherOU,dc=myDomain,dc=myTLD is NOT a
> >> referral.
> >>
> >> [15:40:39] DEBUG
> >> [org.apache.directory.server.ldap.handlers.SearchHandler] - Message
> >> received:      SearchRequest
> >>
> >>         baseDn :
> >> 'cn=myBindUser,ou=myBindOU,ou=anotherOU,dc=myDomain,dc=myTLD'
> >>
> >>         filter : '(objectClass=*)'
> >>
> >>         scope : single level
> >>
> >>         typesOnly : false
> >>
> >>         Size Limit : 1000
> >>
> >>         Time Limit : no limit
> >>
> >>         Deref Aliases : deref Always
> >>
> >>         attributes : 'hassubordinates', 'objectclass'
> >>
> >>
> >>
> >> [15:40:39] DEBUG
> >> [org.apache.directory.server.ldap.handlers.SearchHandler] - using
> >> <1000,1000>  for size limit
> >>
> >> [15:55:49] DEBUG
> >> [org.apache.directory.server.ldap.handlers.BindHandler]
> >> - Received:     BindRequest
> >>
> >>         Version : '3'
> >>
> >>         Name :
> >> 'cn=myBindUser,ou=myBindOU,ou=anotherOU,dc=myDomain,dc=myTLD'
> >>
> >>         Simple authentication : 'password/0x3F 0x41 0x66 0x73 0x4B 0x3C
> >> 0x3D 0x6A '
> >>
> >>
> >>
> >> [15:55:49] DEBUG
> >> [org.apache.directory.server.ldap.handlers.BindHandler]
> >> - Returned SUCCESS message:     BindResponse
> >>
> >>         Ldap Result
> >>
> >>             Result code : (SUCCESS) success
> >>
> >>             Matched DN : 'null'
> >>
> >>             Error message : 'null'
> >>
> >> .
> >>
> >> [15:55:49] DEBUG
> >> [org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
> >> ]
> >> - Handling single reply request:     SearchRequest
> >>
> >>         baseDn : ''
> >>
> >>         filter : '(objectClass=*)'
> >>
> >>         scope : base object
> >>
> >>         typesOnly : false
> >>
> >>         Size Limit : no limit
> >>
> >>         Time Limit : no limit
> >>
> >>         Deref Aliases : never Deref Aliases
> >>
> >>         attributes : 'subschemasubentry', 'dsservicename',
> >> 'namingcontexts', 'defaultnamingcontext', 'schemanamingcontext',
> >> 'configurationnamingcontext', 'rootdomainnamingcontext',
> >> 'supportedcontrol', 'supportedldapversion', 'supportedldappolicies',
> >> 'supportedsaslmechanisms', 'dnshostname', 'ldapservicename',
> >> 'servername', 'supportedcapabilities'
> >>
> >>
> >>
> >> [15:55:49] DEBUG
> >> [org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
> >> ]
> >> - ManageDsaITControl NOT detected.
> >>
> >> [15:55:49] DEBUG
> >> [org.apache.directory.server.ldap.handlers.SearchHandler] - Entry  is
> >> NOT a referral.
> >>
> >> [15:55:49] DEBUG
> >> [org.apache.directory.server.ldap.handlers.SearchHandler] - Message
> >> received:      SearchRequest
> >>
> >>         baseDn : ''
> >>
> >>         filter : '(objectClass=*)'
> >>
> >>         scope : base object
> >>
> >>         typesOnly : false
> >>
> >>         Size Limit : no limit
> >>
> >>         Time Limit : no limit
> >>
> >>         Deref Aliases : never Deref Aliases
> >>
> >>         attributes : 'subschemasubentry', 'dsservicename',
> >> 'namingcontexts', 'defaultnamingcontext', 'schemanamingcontext',
> >> 'configurationnamingcontext', 'rootdomainnamingcontext',
> >> 'supportedcontrol', 'supportedldapversion', 'supportedldappolicies',
> >> 'supportedsaslmechanisms', 'dnshostname', 'ldapservicename',
> >> 'servername', 'supportedcapabilities'
> >>
> >>
> >>
> >> [15:55:49] WARN
> >> [org.apache.directory.server.core.interceptor.context.SearchingOperati
> >> on Context] - Requested attribute dsservicename does not exist in the
> >> schema, it will be ignored
> >>
> >> [15:55:49] WARN
> >> [org.apache.directory.server.core.interceptor.context.SearchingOperati
> >> on Context] - Requested attribute defaultnamingcontext does not exist
> >> in the schema, it will be ignored
> >>
> >> [15:55:49] WARN
> >> [org.apache.directory.server.core.interceptor.context.SearchingOperati
> >> on Context] - Requested attribute schemanamingcontext does not exist
> >> in the schema, it will be ignored
> >>
> >> [15:55:49] WARN
> >> [org.apache.directory.server.core.interceptor.context.SearchingOperati
> >> on Context] - Requested attribute configurationnamingcontext does not
> >> exist in the schema, it will be ignored
> >>
> >> [15:55:49] WARN
> >> [org.apache.directory.server.core.interceptor.context.SearchingOperati
> >> on Context] - Requested attribute rootdomainnamingcontext does not
> >> exist in the schema, it will be ignored
> >>
> >> [15:55:49] WARN
> >> [org.apache.directory.server.core.interceptor.context.SearchingOperati
> >> on Context] - Requested attribute supportedldappolicies does not exist
> >> in the schema, it will be ignored
> >>
> >> [15:55:49] WARN
> >> [org.apache.directory.server.core.interceptor.context.SearchingOperati
> >> on Context] - Requested attribute dnshostname does not exist in the
> >> schema, it will be ignored
> >>
> >> [15:55:49] WARN
> >> [org.apache.directory.server.core.interceptor.context.SearchingOperati
> >> on Context] - Requested attribute ldapservicename does not exist in
> >> the schema, it will be ignored
> >>
> >> [15:55:49] WARN
> >> [org.apache.directory.server.core.interceptor.context.SearchingOperati
> >> on Context] - Requested attribute servername does not exist in the
> >> schema, it will be ignored
> >>
> >> [15:55:49] WARN
> >> [org.apache.directory.server.core.interceptor.context.SearchingOperati
> >> on Context] - Requested attribute supportedcapabilities does not exist
> >> in the schema, it will be ignored
> >>
> >> [15:55:49] DEBUG
> >> [org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
> >> ]
> >> - Handling single reply request:     SearchRequest
> >>
> >>         baseDn : ''
> >>
> >>         filter : '(objectClass=*)'
> >>
> >>         scope : whole subtree
> >>
> >>         typesOnly : false
> >>
> >>         Size Limit : 1
> >>
> >>         Time Limit : no limit
> >>
> >>         Deref Aliases : never Deref Aliases
> >>
> >>         attributes : 'objectclass', 'cn'
> >>
> >>
> >>
> >> [15:55:49] DEBUG
> >> [org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
> >> ]
> >> - ManageDsaITControl NOT detected.
> >>
> >> [15:55:49] DEBUG
> >> [org.apache.directory.server.ldap.handlers.SearchHandler] - Entry  is
> >> NOT a referral.
> >>
> >> [15:55:49] DEBUG
> >> [org.apache.directory.server.ldap.handlers.SearchHandler] - Message
> >> received:      SearchRequest
> >>
> >>         baseDn : ''
> >>
> >>         filter : '(objectClass=*)'
> >>
> >>         scope : whole subtree
> >>
> >>         typesOnly : false
> >>
> >>         Size Limit : 1
> >>
> >>         Time Limit : no limit
> >>
> >>         Deref Aliases : never Deref Aliases
> >>
> >>         attributes : 'objectclass', 'cn'
> >>
> >>
> >>
> >> [15:55:49] DEBUG
> >> [org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler
> >> ]
> >> - OTHER: failed for     SearchRequest
> >>
> >>         baseDn : ''
> >>
> >>         filter : '(2.5.4.0=*:[3232])'
> >>
> >>         scope : whole subtree
> >>
> >>         typesOnly : false
> >>
> >>         Size Limit : 1
> >>
> >>         Time Limit : no limit
> >>
> >>         Deref Aliases : never Deref Aliases
> >>
> >>         attributes : 'objectclass', 'cn'
> >>
> >> : -1
> >>
> >> java.lang.ArrayIndexOutOfBoundsException: -1
> >>
> >>                 at java.util.ArrayList.get(Unknown Source)
> >>
> >>                 at
> >> org.apache.directory.server.core.filtering.CursorList.beforeFirst(Curs
> >> or
> >> List.java:170)
> >>
> >>                 at
> >> org.apache.directory.server.ldap.handlers.SearchHandler.doSimpleSearch
> >> (S
> >> earchHandler.java:729)
> >>
> >>                 at
> >> org.apache.directory.server.ldap.handlers.SearchHandler.handleIgnoring
> >> Re
> >> ferrals(SearchHandler.java:978)
> >>
> >>                 at
> >> org.apache.directory.server.ldap.handlers.SearchHandler.handleWithRefe
> >> rr
> >> als(SearchHandler.java:1054)
> >>
> >>                 at
> >> org.apache.directory.server.ldap.handlers.SearchHandler.handleWithRefe
> >> rr
> >> als(SearchHandler.java:78)
> >>
> >>                 at
> >> org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler.
> >> ha
> >> ndle(ReferralAwareRequestHandler.java:94)
> >>
> >>                 at
> >> org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler.
> >> ha
> >> ndle(ReferralAwareRequestHandler.java:57)
> >>
> >>                 at
> >> org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMes
> >> sa
> >> ge(LdapRequestHandler.java:208)
> >>
> >>                 at
> >> org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMes
> >> sa
> >> ge(LdapRequestHandler.java:58)
> >>
> >>                 at
> >> org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(Demuxi
> >> ng
> >> IoHandler.java:232)
> >>
> >>                 at
> >> org.apache.directory.server.ldap.LdapProtocolHandler.messageReceived(L
> >> da
> >> pProtocolHandler.java:193)
> >>
> >>                 at
> >> org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messa
> >> ge
> >> Received(DefaultIoFilterChain.java:713)
> >>
> >>                 at
> >> org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageR
> >> ec
> >> eived(DefaultIoFilterChain.java:434)
> >>
> >>                 at
> >> org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(Defa
> >> ul
> >> tIoFilterChain.java:46)
> >>
> >>                 at
> >> org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.mess
> >> ag
> >> eReceived(DefaultIoFilterChain.java:793)
> >>
> >>                 at
> >> org.apache.mina.core.filterchain.IoFilterEvent.fire(IoFilterEvent.java
> >> :7
> >> 1)
> >>
> >>                 at
> >> org.apache.mina.core.session.IoEvent.run(IoEvent.java:63)
> >>
> >>                 at
> >> org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.run
> >> Ta
> >> sk(UnorderedThreadPoolExecutor.java:480)
> >>
> >>                 at
> >> org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.run
> >> (U
> >> norderedThreadPoolExecutor.java:434)
> >>
> >>                 at java.lang.Thread.run(Unknown Source)
> >>
> >> [15:55:49] DEBUG
> >> [org.apache.directory.server.ldap.LdapProtocolHandler]
> >> - Cleaning the LdapSession :
> >> <2.5.4.3=mybinduser,2.5.4.11=mybinfou,2.5.4.11=anotherou,0.9.2342.1920
> >> 03 00.100.1.25=mydomain,0.9.2342.19200300.100.1.25=mytld,...>  session
> >>
> >> [15:55:49] INFO
> >> [org.apache.directory.server.ldap.handlers.LdapRequestHandler] -
> >> ignoring the message
> >> org.apache.directory.shared.ldap.message.UnbindRequestImpl@374e67ab
> >> received from null session
> >>
> >>
> >
> >
> > --
> > Kiran Ayyagari
> >
>
>
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com
>

Mime
View raw message