The Penrose Project

• Overview
  • News
  • FAQ
  • Features
  • Licenses
  • Download
  • Demo
• Documentation
  • Quick Start
  • Version 1.2 (in development)
    • Complete
    • Server User Guide
    • Studio User Guide
    • Developer Guide
    • Embedding Penrose
    • Javadoc
  • Version 1.1 (stable)
    • Complete
    • Server User Guide
    • Studio User Guide
    • Developer Guide
    • Embedding Penrose
    • Javadoc
  • Use Cases
  • Community Wiki
• Developer
  • Nightly Builds
  • Code Repository
  • Road Map
  • Change Log
  • Project Management
• Support
  • WebChat
  • Forum & List
  • Bug/Feature Tracker
  • Team
  • Contact

Wrong Search Base

If a search request is missing the -b option for specifying the search base, then, by default, Penrose is searching the LDAP server's root DSE instead of Penrose's virtual LDAP tree.

  
    ldapsearch -h localhost -p 10389 "cn=John Doe" cn

Searching the root DSE requires you to specify "-s base" for base scope, otherwise it's rejected by the underlying LDAP library.

The correct search request should be:

  
    ldapsearch -h localhost -p 10389 -b "dc=Example,dc=com" "(cn=John Doe)" cn