directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <>
Subject Re: Custom LDAP partition and root/baseless searches
Date Thu, 19 May 2011 11:46:32 GMT
On Thu, May 19, 2011 at 5:01 PM, Matt Doran <> wrote:
> On 19/05/11 7:22 PM, Kiran Ayyagari wrote:
>> On Thu, May 19, 2011 at 2:11 PM, Emmanuel Lecharny<>
>>  wrote:
>>> On 5/19/11 10:17 AM, Matt Doran wrote:
>>>> Hi there,
>>>> I'm using a *very* basic custom LDAP partition in Apache DS (it's an
>>>> older
>>>> version 1.5.5, because at the time of writing this was the best version
>>>> to
>>>> get a custom LDAP partition working).
>>>> We are using this embedded in our product to mimic a "real" LDAP server
>>>> for a very specific purpose (mainly around authentication and a very
>>>> basic
>>>> user attribute lookup).
>>>> One of the services that is interacting with us now is performing a root
>>>> search (I'm not sure if that's the right term).   But basically they are
>>>> now
>>>> doing a search without providing an search base DN (i.e. the search base
>>>> is
>>>> empty "").  See the attached image for a part of the wireshark dump for
>>>> this
>>>> search.
>>>> The problem we're having is that when we receive this search, the
>>>> "search()" method of our custom LDAP partition is not being called.  I
>>>> haven't been able to find the answer in your docs (probably because I
>>>> don't
>>>> know the terminology to search for :)
>>>> So I'm wondering how we can hook into these baseless searches?   Is
>>>> there
>>>> a way to set-up the partition so we will be passed these search
>>>> requests?
>>>> Is there a way to "plug-in" to handle these searches and modify them or
>>>> direct them in some way to our custom partition.
>>> 'Root' searches are supposed to work well. The way it works is that it
>>> looks
>>> into all the naming contexts present in the RootDSE entry. I guess that
>>> you
>>> have such a naming context present, otherwise you would not be able to do
>>> any search in your specific partition.
>>> It may be a bug in 1.5.5. I suggest you quickly do a test with the latest
>>> version (1.5.7) to see if the problem still exists (we fixed a large
>>> number
>>> of bugs between 1.5.5. and 1.5.7). If the proble still exists, then it's
>>> most certainly a bug and deserves a JIRA.
>> this was fixed in 1.5.7, and if you migrate to 1.5.7 then it will work.
> Many thanks for your quick responses!!
> When I originally developed this, 1.5.6 was the most recent version.  I
> tried creating an LDAPPartition on this version but had a number of problems
> (all the samples showed how to implement this for 1.5.5 and there were some
> large API changes under the covers).  So I stuck with 1.5.5.
> The following article also seems to still talk about 1.5.5.  -
> Are their samples of how to implement a custom partition in 1.5.7?    I'd
AFAIR there aren't any design changes except some code refactoring to
make new partition implementations easy
check this
> love to be able to do a quick verification that the root search is fixed
> before doing a full port.
try this commnd (an empty dn hints to perform a root(DSE) search)
ldapsearch -H ldap://localhost:10389 -x -D "uid=admin,ou=system" -W -b
"" -s one -a always -z 1000 "(objectClass=*)" "*"

> Thanks again,
> Matt

Kiran Ayyagari

View raw message