Re: Ldap search not succeding in a single attempt

< ^ > P N |<>|^_>< --- | ~ ...Help
------art_127225_12575061.1187354325108
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

On 8/17/07, rahulc1982 / gmail.com <rahulc1982 / gmail.com> wrote:
>
> Hi,
> I am writing a code for user authentication from ldapserver in ruby.
> For that first i am doing  an anonymous search on bluepages
>     ldap_con  et::LDAP.new
>     ldap_con.host  X.Y.com'
>     ldap_con.port  89
>     treebase  ouocom"
>     user_filter  et::LDAP::Filter.eq("notesShortName",username)
>     dn  tring.new
>     @res  dap_con.search( :base treebase, :filter >     user_filter) do |entry|
>     dn  ntry.dn
>
> then getting "dn" and after that doing authentication with passwd and
> dn.
>
>     unless dn.empty?
>     ldap_con.auth dn,password
>     if ldap_con.bind
>       login_succeeded  rue
> But I am getting strange results. Some times the ldap search was
> successful some times not. Then i tried with putting the ldap search
> in a for loop and tried also to get the return code so I found like
>
> #<OpenStruct codeP, messagensufficient Access Rights">
> #<OpenStruct codeP, messagensufficient Access Rights">
> #<OpenStruct code messageuccess">
>
> I dont know why it is happening for same search( same parameters)
>
> Can you help me in this( why the search is not successful in first
> iteration) ?
> I also wants to tell you few Things
> 1- First of all i was testing(doing anonymous ldap search) with
> A.Y.com and there was no problem with
>    this server at all or i can say 100% results i got if  intranetid/
> passwd were correct.
> 2- I tried on command line ( "cmd" on windows ) with this
>    ldapsearch -h A.Y.com -b ocom emailaddress / B.Y.com
>    ldapsearch -h X.Y.com -b ocom emailaddress bc / B.Y.com
> both were giving me 100 % results.
> 3- Then with the help of a ldap person in pune i tried with a ldap
> server here and there also i did not got any problem.
>
> Problem is there only with bluepages and how it can possible that for
> anonymous search it gives
> #<OpenStruct codeP, messagensufficient Access Rights">
> #<OpenStruct codeP, messagensufficient Access Rights">
> #<OpenStruct code messageuccess">
>
> Previously i was  suspecting timeout but from the above lines it is
> clear that it is access permission related issue.
> Please help me in resolving this issue.
>
> One thing i forgot that the problem is only with ldapsearch, if we get
> correct "dn" there is no issues i faced in
> authentication means 100 % successful.
>
> Is it possible if i can see the logs on bluepages, that what is
> happening with my anonymous search on bluepages.
>
> Or do you have any idea about it?
>
>
>

For one thing, you can try using Net::LDAP#bind_as, which will do the dn
lookup and the password binding in one step.

For another, you can try using an actual user account when you do the dn
lookup.

But as fas as the anonymous access working sometimes and not other times,
that's hard to understand. I assume that bluepages uses either TDS or some
version of Lotus Notes. I know that Net::LDAP works well on both. What
happens if you use the IP address of the server rather than the domain name,
X.Y.com? Perhaps your DNS has multiple entries, or you are in front of a
hardware load balancer that is distributing the traffic to more than one
actual LDAP server.

------art_127225_12575061.1187354325108--