thr3ads.net - samba - [Samba] ldbsearch and controls [Oct 2014]

If this information is useful, please help other people find it:
Share via:

Harry Jede

2014-Oct-18 13:39 UTC

[Samba] ldbsearch and controls

Hello,

i wish to get search answers without referrals

this works with openldaps ldapsearch:

# ldapsearch -LLLb dc=ad,dc=schule,dc=lan -E '1.2.840.113556.1.4.1339'
cn=user1 dn
SASL/GSSAPI authentication started
SASL username: administrator at AD.SCHULE.LAN
SASL SSF: 56
SASL data security layer installed.
dn: CN=user1,CN=Users,DC=ad,DC=schule,DC=lan


however, ldbsearch needs the control name, but which one?

all names I have found in ldb.h failed:

# ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan --controls=domain_scope
cn=user1 dn
parsing controls failed: Invalid control name: 'domain_scope'

# ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan --controls=DOMAIN_SCOPE
cn=user1 dn
parsing controls failed: Invalid control name: 'DOMAIN_SCOPE'

ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan
--controls=LDB_SEARCH_OPTION_DOMAIN_SCOPE cn=user1 dn
parsing controls failed: Invalid control name:
'LDB_SEARCH_OPTION_DOMAIN_SCOPE'

-- 

Regard
	Harry Jede

Harry Jede

2014-Oct-18 18:42 UTC

head link

[Samba] SOLVED or bug found? Re: ldbsearch and controls

On 20:17:53 wrote Harry Jede:> Hello,
> 
> i wish to get search answers without referrals
> 
> this works with openldaps ldapsearch:
> 
> # ldapsearch -LLLb dc=ad,dc=schule,dc=lan -E
> '1.2.840.113556.1.4.1339' cn=user1 dn SASL/GSSAPI authentication
> started
> SASL username: administrator at AD.SCHULE.LAN
> SASL SSF: 56
> SASL data security layer installed.
> dn: CN=user1,CN=Users,DC=ad,DC=schule,DC=lan
> 
> 
> however, ldbsearch needs the control name, but which one?
> 
> all names I have found in ldb.h failed:
> 
> # ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan
> --controls=domain_scope cn=user1 dn parsing controls failed: Invalid
> control name: 'domain_scope'
> 
> # ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan
> --controls=DOMAIN_SCOPE cn=user1 dn parsing controls failed: Invalid
> control name: 'DOMAIN_SCOPE'
> 
> ldbsearch -H ldap://dc0 -b dc=ad,dc=schule,dc=lan
> --controls=LDB_SEARCH_OPTION_DOMAIN_SCOPE cn=user1 dn parsing
> controls failed: Invalid control name:
> 'LDB_SEARCH_OPTION_DOMAIN_SCOPE'
The control name is search_options. 

This hint comes from ldbsearch:
 syntax: crit(b):search_options(n)
   note: b = boolean, n = number

However,
crit is not honored, one may use 0 or 1
search_options, 0 (the default) turns referrals on, 1-15 turns referrals 
off, >16 produces an error

So, a working example is:
# ldbsearch -H sam.ldb --controls "search_options:0:1" cn=user1 dn
# record 1
dn: CN=user1,CN=Users,DC=ad,DC=schule,DC=lan

# returned 1 records
# 1 entries
# 0 referrals


Next try, was to get rid of the other annoying #lines. so I played with 
the -v option. No change. But if one use +v ...

I will stop here. grep is my friend :-)

-- 

Regards
	Harry Jede

Possibly Parallel Threads

Search for more apparently analagous threads

samba - Oct 2014 - ldbsearch and controls

[Samba] ldbsearch and controls

[Samba] SOLVED or bug found? Re: ldbsearch and controls

Possibly Parallel Threads