what is BaseName in LdapTemplate search

[brianbeech]

I'm debugging through the code below to see if I can search two different ou's based on a condition. I was under the assumption that I could specify the BaseName and that would tell where I wanted to search from.

For instance. If I wanted to search: ou=People, o=xxx, dc=xxx,dc=xxxxxx,dc=xxxx,dc=mil - I would pass that into LdapTemplate.search().

If I wanted to search: ou=Places, o=xxx, dc=xxx,dc=xxxxxx,dc=xxxx,dc=mil - I would pass that in.

Anytime I pass anything in other than empty string, I get an error:

Code:

org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - No Such Object]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'ou=People, o=xxx, dc=xxx,dc=xxx,dc=xxx,dc=mil'

I'm specifying the following (note i replaced values with 'x' because it's gov't):

Code:

ApplicationContext ctx = new FileSystemXmlApplicationContext("//myDir/war/src/main/webapp/WEB-INF/lmsExport-config.xml");
        String[] attrs = new String[]{"iplanet-am-user-login-status", "RxxxUsageCd", "createTimestamp", "mail", "xxxxxCd", "suffix", "xxxxssn", "uid", "givenName", "initials", "sn", "personaltitle", "userxxx", "title"};
        String base = "ou=People, o=jrotc, dc=xxx,dc=xxxxxx,dc=xxxx,dc=mil";
        LdapWorker csv = (LdapWorker) ctx.getBean("ldapWorker");
        LdapTemplate ldt = csv.getLdapTemplate();
        List x = new LinkedList();
        try {
            x = ldt.search(base, "uid=z*", SearchControls.ONELEVEL_SCOPE, attrs, new AttributesMapper() {
                public String mapFromAttributes(Attributes attributes) throws NamingException {
                    return (String) attributes.get("mail").get();
                }
            });
        } catch (Exception e) {
            System.out.println("ERROR ERROR ERROR");
        }

Spring Config:

Code:

<bean id="lmsContextSource" class="org.springframework.ldap.core.support.LdapContextSource">
        <property name="url" value="ldap://xxxx.xxx.xxxx.mil:389"/>
        <property name="base" value="ou=people,o=xxx,dc=xxx,dc=xxx,dc=xxx,dc=mil"/>
        <property name="userDn" value="uid=xxx,ou=people,dc=xxx,dc=xxx,dc=xxx,dc=mil"/>
        <property name="password" value="*****"/>
    </bean>

    <bean id="lmsLdapTemplate" class="org.springframework.ldap.core.LdapTemplate">
        <constructor-arg ref="lmsContextSource"/>
    </bean>

Any help would be appreciated.

[brianbeech]

It appears that if you set up your LdapContextSource with a BaseDN property value, the LdapTemplate.search() method is unable to search anywhere but that BaseDN.

Non-Working:

Code:

<bean id="lmsContextSource" class="org.springframework.ldap.core.support.LdapContextSource">
        <property name="url" value="ldap://xxxx.xxx.xxxx.mil:389"/>
        <property name="base" value="ou=people,o=xxx,dc=xxx,dc=xxx,dc=xxx,dc=mil"/>
        <property name="userDn" value="uid=xxx,ou=people,dc=xxx,dc=xxx,dc=xxx,dc=mil"/>
        <property name="password" value="*****"/>
    </bean>

Working:

Code:

<bean id="lmsContextSource" class="org.springframework.ldap.core.support.LdapContextSource">
        <property name="url" value="ldap://xxxx.xxx.xxxx.mil:389"/>
        <property name="userDn" value="uid=xxx,ou=people,dc=xxx,dc=xxx,dc=xxx,dc=mil"/>
        <property name="password" value="*****"/>
    </bean>

Thanks anyway.

[ulsa]

I think you should read through this post, especially the first two paragraphs.

[brianbeech]

Not really what I'm looking for. They're trying to bind to different DN's based on what environment they are in. I'm looking to search different OU's in the same baseDN based on some condition. For instance, if someone is searching for a place, search the OU=places,o=blog,o=brianbeech,o=com
but if they're looking for a person, I want to search in OU=people,,o=blog,o=brianbeech,o=com

I just want to get to a lower level so I don't have to do a sub-tree search, I want to do a one-level search. Thanks anyway.

[mlarchet]

It works just fine for me.
You should try with a relative path, not with the full path, like ou=People or ou=Group.

In this case, your baseDN should be o=xxx,dc=xxx,dc=xxx,dc=xxx,dc=mil (bind happens at one level, and then you are allowed to search at different subcontexts).

[rasky]

You can specify the base name to the search,and that parameter defines where in the tree the search will start. You'll need to realize however that the actual root that will be used for the search will be relative to the base DN configured in the ContextSource. That is, if you configure base DN to "ou=people,o=xxx,dc=xxx,dc=xxx,dc=xxx,dc=mil" in your ContextSource and then use the same parameter as input to your search, the search root will be "ou=people,o=xxx,dc=xxx,dc=xxx,dc=xxx,dc=mil,ou=pe ople,o=xxx,dc=xxx,dc=xxx,dc=xxx,dc=mil".

What you probably want to do is use e.g. "o=xxx,dc=xxx,dc=xxx,dc=xxx,dc=mil" as base in your ContextSource, and then supply "ou=people" as base to the search.

[ulsa]

You'll need to realize however that the actual root that will be used for the search will be relative to the base DN configured in the ContextSource.

That's exactly what I tried to bring to his attention in my rather brief answer.

If you don't specify a base, then you're free to give any path to your LdapTemplate calls. But as soon as you specify a base to your ContextSource, then all LdapTemplate calls must use a path relative to that base.

[brianbeech]

Thanks to all - I hadn't tried a relative path when I was specifying the baseDN in the Context.

I appreciate all the help!