Главная » Языки программирования

No such object ldap php

Содержание
  1. ldap_errno
  2. Список параметров
  3. Возвращаемые значения
  4. Список изменений
  5. Примеры
  6. Смотрите также
  7. User Contributed Notes 2 notes
  8. php ldap search: no such object
  9. Solution 2
  10. see also
  11. Solution 3
  12. Update
  13. Problem 1
  14. Problem 2
  15. Original Post shown below:

ldap_errno

Возвращает стандартизированный код ошибки, возвращённый последней командой LDAP. Это число может быть преобразовано в текстовое сообщение об ошибке, используя ldap_err2str() .

Список параметров

Возвращаемые значения

Возвращает код ошибки LDAP последней команды для этой ссылки.

Список изменений

Примеры

Если вы не снизите достаточно уровень предупреждений в php.ini , или префикс ваших LDAP-команд не будет с символом @ для подавления вывода предупреждений, генерируемые ошибки будут также отображаться в вашем HTML выводе.

Пример #1 Генерирование и фиксация ошибки

// Этот пример содержит ошибку, которую мы поймаем
$ld = ldap_connect ( «localhost» );
$bind = ldap_bind ( $ld );
// синтаксическая ошибка в выражении фильтра (errno 87),
// должно быть «objectclass=*» для того, чтобы это работало.
$res = @ ldap_search ( $ld , «o=Myorg, c=DE» , «objectclass» );
if (! $res ) echo «LDAP-Errno: » . ldap_errno ( $ld ) . «
\n» ;
echo «LDAP-Error: » . ldap_error ( $ld ) . «
\n» ;
die( «Argh!
\n» );
>
$info = ldap_get_entries ( $ld , $res );
echo $info [ «count» ] . » подходящих записей.
\n» ;
?>

Смотрите также

  • ldap_err2str() — Преобразовать код ошибки LDAP в строковое сообщение об ошибке
  • ldap_error() — Возвратить сообщение об ошибке LDAP последней команды

User Contributed Notes 2 notes

Couple of good error codes to get started. If you want to detect failure of ldap_add due to the record already existing, ldap_error == 0x44. This means, you can do something like:

$r = ldap_add($ds, $dn, $info);
if (!$r) <
if (ldap_errno($ds) == 0x44) <
// Do something about it
> else <
// A real failure
>
>

Читайте также:  Python getting script path

Similarly, on ldap_delete, you will get a 0x20 value (No Such Object) if you try to delete something that isn’t there.

LDAP_SUCCESS 0x00
LDAP_OPERATIONS_ERROR 0x01
LDAP_PROTOCOL_ERROR 0x02
LDAP_TIMELIMIT_EXCEEDED 0x03
LDAP_SIZELIMIT_EXCEEDED 0x04
LDAP_COMPARE_FALSE 0x05
LDAP_COMPARE_TRUE 0x06
LDAP_AUTH_METHOD_NOT_SUPPORTED 0x07
LDAP_STRONG_AUTH_REQUIRED 0x08
// Not used in LDAPv3
LDAP_PARTIAL_RESULTS 0x09

// Next 5 new in LDAPv3
LDAP_REFERRAL 0x0a
LDAP_ADMINLIMIT_EXCEEDED 0x0b
LDAP_UNAVAILABLE_CRITICAL_EXTENSION 0x0c
LDAP_CONFIDENTIALITY_REQUIRED 0x0d
LDAP_SASL_BIND_INPROGRESS 0x0e

LDAP_NO_SUCH_ATTRIBUTE 0x10
LDAP_UNDEFINED_TYPE 0x11
LDAP_INAPPROPRIATE_MATCHING 0x12
LDAP_CONSTRAINT_VIOLATION 0x13
LDAP_TYPE_OR_VALUE_EXISTS 0x14
LDAP_INVALID_SYNTAX 0x15

LDAP_NO_SUCH_OBJECT 0x20 /* 32 */
LDAP_ALIAS_PROBLEM 0x21
LDAP_INVALID_DN_SYNTAX 0x22
// Next two not used in LDAPv3
LDAP_IS_LEAF 0x23
LDAP_ALIAS_DEREF_PROBLEM 0x24

LDAP_INAPPROPRIATE_AUTH 0x30 /* 48 */
LDAP_INVALID_CREDENTIALS 0x31 /* 49 */
LDAP_INSUFFICIENT_ACCESS 0x32
LDAP_BUSY 0x33
LDAP_UNAVAILABLE 0x34
LDAP_UNWILLING_TO_PERFORM 0x35
LDAP_LOOP_DETECT 0x36

LDAP_SORT_CONTROL_MISSING 0x3C /* 60 */
LDAP_INDEX_RANGE_ERROR 0x3D /* 61 */

LDAP_NAMING_VIOLATION 0x40
LDAP_OBJECT_CLASS_VIOLATION 0x41
LDAP_NOT_ALLOWED_ON_NONLEAF 0x42
LDAP_NOT_ALLOWED_ON_RDN 0x43
LDAP_ALREADY_EXISTS 0x44 /* 68 */
LDAP_NO_OBJECT_CLASS_MODS 0x45
LDAP_RESULTS_TOO_LARGE 0x46
// Next two for LDAPv3
LDAP_AFFECTS_MULTIPLE_DSAS 0x47
LDAP_OTHER 0x50

// Used by some APIs
LDAP_SERVER_DOWN 0x51
LDAP_LOCAL_ERROR 0x52
LDAP_ENCODING_ERROR 0x53
LDAP_DECODING_ERROR 0x54
LDAP_TIMEOUT 0x55
LDAP_AUTH_UNKNOWN 0x56
LDAP_FILTER_ERROR 0x57 /* 87 */
LDAP_USER_CANCELLED 0x58
LDAP_PARAM_ERROR 0x59
LDAP_NO_MEMORY 0x5a

// Preliminary LDAPv3 codes
LDAP_CONNECT_ERROR 0x5b
LDAP_NOT_SUPPORTED 0x5c
LDAP_CONTROL_NOT_FOUND 0x5d
LDAP_NO_RESULTS_RETURNED 0x5e
LDAP_MORE_RESULTS_TO_RETURN 0x5f
LDAP_CLIENT_LOOP 0x60
LDAP_REFERRAL_LIMIT_EXCEEDED 0x61

  • Функции LDAP
    • ldap_​8859_​to_​t61
    • ldap_​add_​ext
    • ldap_​add
    • ldap_​bind_​ext
    • ldap_​bind
    • ldap_​close
    • ldap_​compare
    • ldap_​connect
    • ldap_​count_​entries
    • ldap_​count_​references
    • ldap_​delete_​ext
    • ldap_​delete
    • ldap_​dn2ufn
    • ldap_​err2str
    • ldap_​errno
    • ldap_​error
    • ldap_​escape
    • ldap_​exop_​passwd
    • ldap_​exop_​refresh
    • ldap_​exop_​whoami
    • ldap_​exop
    • ldap_​explode_​dn
    • ldap_​first_​attribute
    • ldap_​first_​entry
    • ldap_​first_​reference
    • ldap_​free_​result
    • ldap_​get_​attributes
    • ldap_​get_​dn
    • ldap_​get_​entries
    • ldap_​get_​option
    • ldap_​get_​values_​len
    • ldap_​get_​values
    • ldap_​list
    • ldap_​mod_​add_​ext
    • ldap_​mod_​add
    • ldap_​mod_​del_​ext
    • ldap_​mod_​del
    • ldap_​mod_​replace_​ext
    • ldap_​mod_​replace
    • ldap_​modify_​batch
    • ldap_​modify
    • ldap_​next_​attribute
    • ldap_​next_​entry
    • ldap_​next_​reference
    • ldap_​parse_​exop
    • ldap_​parse_​reference
    • ldap_​parse_​result
    • ldap_​read
    • ldap_​rename_​ext
    • ldap_​rename
    • ldap_​sasl_​bind
    • ldap_​search
    • ldap_​set_​option
    • ldap_​set_​rebind_​proc
    • ldap_​sort
    • ldap_​start_​tls
    • ldap_​t61_​to_​8859
    • ldap_​unbind
    • ldap_​control_​paged_​result_​response
    • ldap_​control_​paged_​result

    Источник

    php ldap search: no such object

    Except the unnecessary filter component CN=*, as already noted by Terry Gardner, your filter seems to be correct. As such, I suspect that there are other possible problems you have with your code:

    1. The username format you are using is incorrect. Try binding with [email protected] or ENERGIA\login .
    2. The container «OU=users, OU=nej, DC=energia, DC=sise» does not exist. Try your search in the whole domain — «DC=energia, DC=sise» and see if you are getting any results.
    3. Use ldap v3 protocol in Active Directory whenever possible. This should be set before you bind:
      ldap_set_option( $ds, LDAP_OPT_PROTOCOL_VERSION, 3 );
    4. I recommend that you also turn off referrals handling for ldap v3 as it causes some strange behaviour for AD sometimes:
      ldap_set_option( $ds, LDAP_OPT_REFERRALS, 0 );

    When performing a search operation like this, the «No such object» error usually refers to the fact that the base DN does not exist. If there were no users to match your filter, the server would return an empty resultset.

    Solution 2

    The base object «OU=users, OU=nej, DC=energia, DC=sise» specified does not exist. The base object is the point at which the search begins — only entries at or below the base objects would be returned in the search result except in the case of a one-level search, in which case the base object is not returned.

    Before writing code, use a known good tool like ldapsearch to determine if the desired request parameters are correct:

    ldapsearch -h energia.sise -p port-number \ -D [email protected] -w password \ -b ou=users,ou=nej,dc=energia,dc=sise -s sub \ '(&)' 1.1

    If the above displays the error indicating the base object does not exist, then locate the correct base object and try again.

    As a side note, unrelated to the problem of the base object not existing, the filter component cn=* is not necessary, and will result in an increased search time because cn=* is a present filter, meaning entries that contain a cn attribute will match the search criteria. Unless I am mistaken, the cn attribute is required by the User objectClass, so using a & filter with both objectClass=User and cn=* does nothing but cause the server to spend more time on the search.

    see also

    Solution 3

    Update

    UPDATE: Using the LDAP Browser Free edition (Check it out here) was good because you can simply browse through the LDAP server, it helps you understand if you can bind anonymous etc. etc. But the biggest benefit was to get the DN (copy and paste). After that I was able to read the data.

    I had the following issues and that’s how I resolved:

    Problem 1

    • Problem 1: Can’t bind even though I could connect anonymously through the LDAP Browser Software
    • Solution: added the following lines before the bind as suggested above:
    ldap_set_option( $ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3 ); ldap_set_option( $ldapconn, LDAP_OPT_REFERRALS, 0 );

    Problem 2

    • Problem 2: Can’t Search.
    • Solution: Open the LDAP browser. Check connectivity to make sure you can connect to the LDAP server. Browse an example record. Right click and goto Properties and copy the DN and replace it in the code and that’s it!

    Original Post shown below:

    I can’t seem to search and I am using LDAP Browser 4.5 Free edition to make sure everything is working.

    function ldap_anon_connect($ein) < $ldaphost = "ldap://link_to_ldap.com"; //create a connection to ldap server $ldapconn = ldap_connect($ldaphost) or die("Couldn't connect to " .$ldaphost); if ($ldapconn) < ldap_set_option( $ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3 ); ldap_set_option( $ldapconn, LDAP_OPT_REFERRALS, 0 ); $ldapbind = ldap_bind($ldapconn); if ($ldapbind) < // if binds, look some stuff up $info = ldap_annon_get_profile($ein, $ldapconn); return $info; >else < echo "Invalid EIN. Please Try again"; die(); >> > function ldap_annon_get_profile($ein, $ldapconn)

    I have double checked my DN this is the right string as I can lookup the stuff at LDAP Browser.

    Источник

Оцените статью
© 2024 Программирование