Summary: | ASTERISK-13088: ldap searchs fails on openldap when you use an additional filter | ||
Reporter: | snaker (snaker) | Labels: | |
Date Opened: | 2008-11-18 15:00:49.000-0600 | Date Closed: | 2011-06-07 14:02:36 |
Priority: | Major | Regression? | No |
Status: | Closed/Complete | Components: | Resources/res_config_ldap |
Versions: | Frequency of Occurrence | ||
Related Issues: | |||
Environment: | Attachments: | ( 0) res_ldap.conf | |
Description: | When you use an additional filter by object class in ldap the request is malformded and you cant obtain a result If you try register without filter it is successfully ****** ADDITIONAL INFORMATION ****** files for example: res_ldap.conf [sip] name = uid amaflags = AstAccountAMAFlags callgroup = AstAccountCallGroup callerid = AstAccountCallerID canreinvite = AstAccountCanReinvite context = AstAccountContext dtmfmode = AstAccountDTMFMode fromuser = AstAccountFromUser fromdomain = AstAccountFromDomain fullcontact = AstAccountFullContact fullcontact = gecos host = AstAccountHost insecure = AstAccountInsecure mailbox = AstAccountMailbox md5secret = AstAccountRealmedPassword nat = AstAccountNAT deny = AstAccountDeny permit = AstAccountPermit pickupgroup = AstAccountPickupGroup port = AstAccountPort qualify = AstAccountQualify restrictcid = AstAccountRestrictCID rtptimeout = AstAccountRTPTimeout rtpholdtimeout = AstAccountRTPHoldTimeout type = AstAccountType disallow = AstAccountDisallowedCodec allow = AstAccountAllowedCodec MusicOnHold = AstAccountMusicOnHold regseconds = AstAccountExpirationTimestamp regcontext = AstAccountRegistrationContext regexten = AstAccountRegistrationExten CanCallForward = AstAccountCanCallForward additionalFilter=(objectClass=AstSIPUser) extconfig.conf [settings] sipusers => ldap,"dc=example,dc=net",sip sippeers => ldap,"dc=example,dc=net",sip slapd.log when you try register Nov 18 21:57:42 xxx slapd[18586]: conn=10 op=1 SRCH base="dc=example,dc=net" scope=2 deref=0 filter="(&(?objectClass=AstSIPUser)(uid=user)(AstAccountHost=dynamic))" Nov 18 21:57:42 xxx slapd[18586]: conn=10 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=value does not conform to assertion syntax Nov 18 21:57:42 xxx slapd[18586]: conn=10 op=2 SRCH base="dc=example,dc=net" scope=2 deref=0 filter="(&(?objectClass=AstSIPUser)(uid=user))" Nov 18 21:57:42 xxx slapd[18586]: conn=10 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text=value does not conform to assertion syntax Nov 18 21:57:42 xxx slapd[18586]: conn=10 op=3 SRCH base="dc=example,dc=net" scope=2 deref=0 filter="(&(?objectClass=AstSIPUser)(uid=user)(AstAccountHost=dynamic))" Nov 18 21:57:42 xxx slapd[18586]: conn=10 op=3 SEARCH RESULT tag=101 err=0 nentries=0 text=value does not conform to assertion syntax Nov 18 21:57:42 xxx slapd[18586]: conn=10 op=4 SRCH base="dc=example,dc=net" scope=2 deref=0 filter="(&(?objectClass=AstSIPUser)(uid=user))" Nov 18 21:57:42 xxx slapd[18586]: conn=10 op=4 SEARCH RESULT tag=101 err=0 nentries=0 text=value does not conform to assertion syntax | ||
Comments: | By: Sean Bright (seanbright) 2008-11-18 19:47:11.000-0600 ... (?objectClass ... Where is the ? coming from? Can you attach your entire res_ldap.conf with only passwords masked? By: snaker (snaker) 2008-11-19 03:48:11.000-0600 I attached my res_ldap.conf By: Leif Madsen (lmadsen) 2009-02-09 13:17:32.000-0600 I have changed the status back to Acknowledged as the reporter provided information asked for. I have also changed the severity to Major from Block as this isn't blocking a release. Thanks! By: Leif Madsen (lmadsen) 2009-05-20 07:52:41 Just pinging this issue as it hasn't been updated in a while. By: Gavin Henry (suretec) 2009-05-20 09:46:40 The ? means OpenLDAP doesn't under the filter, i.e. you haven't loaded the Asterisk schema in slapd. Sorry, should have noticed this before. Did you load asterisk.schema By: Gavin Henry (suretec) 2009-05-20 18:23:40 This isn't a bug as we don't have a AstSIPUser objectclass in our asterisk.schema. Closing this issue. Please use the schema file included with Asterisk. By: Leif Madsen (lmadsen) 2009-05-21 09:55:53 Closed per suretec. |