From daniel at pfile.net Mon Apr 2 17:17:46 2007 From: daniel at pfile.net (Daniel Pfile) Date: Mon, 02 Apr 2007 16:17:46 -0500 Subject: [Ruby-activeldap-discuss] PATCH: Fedora directory server schemas Message-ID: <461172FA.6040003@pfile.net> I sent in this patch a while ago. The project got set to the side for a while, I'm working on it again now and noticed it's not in ruby-activeldap. Index: lib/active_ldap/schema.rb =================================================================== --- lib/active_ldap/schema.rb (revision 151) +++ lib/active_ldap/schema.rb (working copy) @@ -46,7 +46,7 @@ return ids[id] if ids.has_key?(id) while schema = @entries[group].shift - next unless /\A\s*$\s*([\d\.]+)\s*(.*)\s*$\s*\z/ =~ schema + next unless /\A\s*$\s*([\d\.]+|[\w]+-oid)\s*(.*)\s*$\s*\z/ =~ schema schema_id = $1 rest = $2 next if ids.has_key?(schema_id) You also asked for a copy of our schema, but or modifications are mostly proprietary, and I don't think management would like me shipping off a copy to everybody. I don't mind taking a dump of the schema and pulling our custom objects from it, as you'll still be able to see what the fedora objects look like (named with -oid instead of numbers). I tried the patch that was supplied (adjusting lines as needed) and it didn't work: Index: lib/active_ldap/adaptor/ldap.rb =================================================================== --- lib/active_ldap/adaptor/ldap.rb (revision 97) +++ lib/active_ldap/adaptor/ldap.rb (working copy) @@ -87,6 +87,7 @@ result = @connection.search2(base, LDAP::LDAP_SCOPE_BASE, '(objectClass=subschema)', attrs, false, sec, usec).first + p result Schema.new(result) end # rescue I'm sure it's because the code has changed enough that it's not calling that anymore... but I didn't dig too far. FYI, you can get fedora directory for free at http://directory.fedora.redhat.com if you want to run some tests against it. Thanks again for the great software, -- Daniel From kou at cozmixng.org Mon Apr 2 21:18:12 2007 From: kou at cozmixng.org (Kouhei Sutou) Date: Tue, 3 Apr 2007 10:18:12 +0900 Subject: [Ruby-activeldap-discuss] PATCH: Fedora directory server schemas In-Reply-To: <461172FA.6040003@pfile.net> References: <461172FA.6040003@pfile.net> Message-ID: Hi Daniel, 2007/4/3, Daniel Pfile : > I sent in this patch a while ago. The project got set to the side for a > while, I'm working on it again now and noticed it's not in ruby-activeldap. I was waiting your replay. Because I don't want to add new code to repository until I can't a test for the code. Your patch will work well, but I may destroy the function what you write without a test for the code. It's the reason why I want you to send us (or me directory) your schema. I think a user will not want to write a test even if the user can write a patch. So, I'll write a test for a patch to feel free to send a path. If you send us a patch with test code and I can pass the test, I'll commit your patch. (test/test_schema.rb will help you.) > You also asked for a copy of our schema, but or modifications are mostly > proprietary, and I don't think management would like me shipping off a > copy to everybody. Yes. You're right. > I tried > the patch that was supplied (adjusting lines as needed) and it didn't work: > I'm sure it's because the code has changed enough that it's not calling that anymore... but I didn't dig too far. Uhm... The patch works for me now. > FYI, you can get fedora directory for free at http://directory.fedora.redhat.com if you want to run some tests against it. Ah, OK. I'll try but I will not be able to commit your patch because I didn't setup fedora directory. I must to spend a few or many times to learn that. Thanks for your patch. We will be able to support fedora directory. Regards, -- kou From christoph.lipp at gmail.com Tue Apr 3 08:16:02 2007 From: christoph.lipp at gmail.com (Christoph Lipp) Date: Tue, 3 Apr 2007 14:16:02 +0200 Subject: [Ruby-activeldap-discuss] ActiveLdap::Base.search, :base parameter? Message-ID: <907f43920704030516j1b79392exde30e96d1c13678b@mail.gmail.com> Hi there, I just read the documentation and found a :base parameter for the ActiveLdap::Base.search method. But I get an error if I use it (something like not a valid parameter). It would be very useful to have this parameter back (and not only in search, in find too...). Because in my ldap application we can search all employees in a specific location. All of these employees are actually underneath the location folder in the ldap directory, so :base would be the dn of the location. Regards, Christoph -------------- next part -------------- An HTML attachment was scrubbed... URL: http://rubyforge.org/pipermail/ruby-activeldap-discuss/attachments/20070403/141a13c7/attachment.html From kou at cozmixng.org Tue Apr 3 09:26:37 2007 From: kou at cozmixng.org (Kouhei Sutou) Date: Tue, 3 Apr 2007 22:26:37 +0900 Subject: [Ruby-activeldap-discuss] ActiveLdap::Base.search, :base parameter? In-Reply-To: <907f43920704030516j1b79392exde30e96d1c13678b@mail.gmail.com> References: <907f43920704030516j1b79392exde30e96d1c13678b@mail.gmail.com> Message-ID: Hi, 2007/4/3, Christoph Lipp : > I just read the documentation and found a :base parameter for the > ActiveLdap::Base.search method. But I get an error if I use it (something > like not a valid parameter). > It would be very useful to have this parameter back (and not only in search, > in find too...). Because in my ldap application we can search all employees > in a specific location. All of these employees are actually underneath the > location folder in the ldap directory, so :base would be the dn of the > location. Could you show us how to write your code with sample data? Thanks, -- kou From daniel at pfile.net Tue Apr 3 15:57:32 2007 From: daniel at pfile.net (Daniel Pfile) Date: Tue, 03 Apr 2007 14:57:32 -0500 Subject: [Ruby-activeldap-discuss] PATCH: Fedora directory server schemas In-Reply-To: References: <461172FA.6040003@pfile.net> Message-ID: <4612B1AC.2090601@pfile.net> Kouhei Sutou wrote: > It's the reason why I want you to send us (or me directory) your > schema. I think a user will not want to write a test even if the user > can write a patch. So, I'll write a test for a patch to feel free to send > a path. If you send us a patch with test code and I can pass the test, > I'll commit your patch. (test/test_schema.rb will help you.) > Fair enough, I've attached a test, I think I'm testing it right. I'm a bit confused on how you differentiate between objectClasses and attributeTypes in the tests... >> You also asked for a copy of our schema, but or modifications are mostly >> proprietary, and I don't think management would like me shipping off a >> copy to everybody. >> > > Yes. You're right. > I took two of our custom object classes (since I'm familiar with them) renamed their prefix to my, and included them in the test. They're just like some of the custom objectClasses fedora directory uses for some of it's internals. > > Uhm... The patch works for me now. > User error on my part. I'm still rather new to ruby and had my load path wrong. >> FYI, you can get fedora directory for free at http://directory.fedora.redhat.com if you want to run some tests against it. >> > > Ah, OK. I'll try but I will not be able to commit your patch because > I didn't setup fedora directory. I must to spend a few or many times > to learn that. > I just meant if you wanted to try the directory out. It looks like the tests don't hit the directory anyway, so there's not really a need. -- Daniel -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: text-oid.diff Url: http://rubyforge.org/pipermail/ruby-activeldap-discuss/attachments/20070403/c1aa09f2/attachment-0001.pl From kou at cozmixng.org Wed Apr 4 02:05:22 2007 From: kou at cozmixng.org (Kouhei Sutou) Date: Wed, 4 Apr 2007 15:05:22 +0900 Subject: [Ruby-activeldap-discuss] PATCH: Fedora directory server schemas In-Reply-To: <4612B1AC.2090601@pfile.net> References: <461172FA.6040003@pfile.net> <4612B1AC.2090601@pfile.net> Message-ID: Hi, 2007/4/4, Daniel Pfile : > Fair enough, I've attached a test, I think I'm testing it right. I'm a > bit confused on how you differentiate between objectClasses and > attributeTypes in the tests... Thanks. I've commited your patch with a small modification. By the way, I looked RFC 4512 4.1.2. Attribute Types. Thie section says that: AttributeTypeDescription = LPAREN WSP numericoid ; object identifier [ SP "NAME" SP qdescrs ] ; short names (descriptors) ... And numericoid is define as: numericoid = number 1*( DOT number ) in 1.4. Common ABNF Productions. Does Fedora-DS adapt to LDAP specification...? Anyway, I've commited your patch. Thanks! Regards, -- kou From kou at cozmixng.org Wed Apr 4 03:15:47 2007 From: kou at cozmixng.org (Kouhei Sutou) Date: Wed, 4 Apr 2007 16:15:47 +0900 Subject: [Ruby-activeldap-discuss] ActiveLdap::Base.search, :base parameter? In-Reply-To: <907f43920704030516j1b79392exde30e96d1c13678b@mail.gmail.com> References: <907f43920704030516j1b79392exde30e96d1c13678b@mail.gmail.com> Message-ID: Hi, 2007/4/3, Christoph Lipp : > I just read the documentation and found a :base parameter for the > ActiveLdap::Base.search method. But I get an error if I use it (something > like not a valid parameter). > It would be very useful to have this parameter back (and not only in search, > in find too...). Because in my ldap application we can search all employees > in a specific location. All of these employees are actually underneath the > location folder in the ldap directory, so :base would be the dn of the > location. You can use :prefix option for this propose. Thanks, -- kou From kerneld at comcast.net Tue Apr 10 12:33:26 2007 From: kerneld at comcast.net (Mohamed Hussein) Date: Tue, 10 Apr 2007 09:33:26 -0700 Subject: [Ruby-activeldap-discuss] activldap with rails beyond Users Message-ID: <1176222806.6692.20.camel@localhost> Hi, I have 3 questions for the list and I appreciate all good feedback: 1-where do I get the latest trunk? 2-is activeldap in active development or is it sunsetting soon? 3-If I want to use activeldap with rails beyond the common Users authentication usage, are there any documents? has anyone done it before? is it gonna be major pain?does migrate and database.yaml recognize ldap as a valid db adapter? Thanks in advance for your time -- Mohamed Hussein http://www.unixgarage.com From christoph.lipp at gmail.com Tue Apr 10 13:12:30 2007 From: christoph.lipp at gmail.com (Christoph Lipp) Date: Tue, 10 Apr 2007 19:12:30 +0200 Subject: [Ruby-activeldap-discuss] activldap with rails beyond Users In-Reply-To: <1176222806.6692.20.camel@localhost> References: <1176222806.6692.20.camel@localhost> Message-ID: <4E6F0259-88B5-45E2-97F1-9026390B5F02@gmail.com> Hi Mohamed Am 10.04.2007 um 18:33 schrieb Mohamed Hussein: > 1-where do I get the latest trunk? Usually I check it out from here: http://code.google.com/p/ruby- activeldap/source > 2-is activeldap in active development or is it sunsetting soon? Well, at least I always get a reply (thanks to kou) and it looks like it's active. > 3-If I want to use activeldap with rails beyond the common Users > authentication usage, are there any documents? That's exactly what I'm currently doing at the office. I write an application (in Rails) for managing our employees (the casual CRUD functions..). It will be used also for CRUD mailing lists. For me, the current active_ldap.rb file (trunk/lib/active_ldap.rb) was enough to start. > has anyone done it > before? I'm on it. > is it gonna be major pain? It's no pain at all. There's an effort at the beginning, it's a good idea to think about the models and check out the has_many, belongs_to functions. The documentation in active_ldap.rb isn't always up-to- date (that's perhaps little pain) so it's a good idea to generate the rdoc from the latest source and study it. > does migrate and database.yaml > recognize ldap as a valid db adapter? You can use a config/ldap.yml file and define settings for the different environments (connection settings). But it's not a database adapter where you can execute migrations on it. > > Thanks in advance for your time > No problem! - Christoph From kerneld at comcast.net Tue Apr 10 13:31:10 2007 From: kerneld at comcast.net (Mohamed Hussein) Date: Tue, 10 Apr 2007 10:31:10 -0700 Subject: [Ruby-activeldap-discuss] activldap with rails beyond Users In-Reply-To: <4E6F0259-88B5-45E2-97F1-9026390B5F02@gmail.com> References: <1176222806.6692.20.camel@localhost> <4E6F0259-88B5-45E2-97F1-9026390B5F02@gmail.com> Message-ID: <1176226270.6692.40.camel@localhost> Hi Chris, This sounds very encouraging! I will check out the latest source and start tinkering. Thanks again for your time On Tue, 2007-04-10 at 19:12 +0200, Christoph Lipp wrote: > Hi Mohamed > > Am 10.04.2007 um 18:33 schrieb Mohamed Hussein: > > > 1-where do I get the latest trunk? > > Usually I check it out from here: http://code.google.com/p/ruby- > activeldap/source > > > 2-is activeldap in active development or is it sunsetting soon? > > Well, at least I always get a reply (thanks to kou) and it looks like > it's active. > > > 3-If I want to use activeldap with rails beyond the common Users > > authentication usage, are there any documents? > > That's exactly what I'm currently doing at the office. I write an > application (in Rails) for managing our employees (the casual CRUD > functions..). > It will be used also for CRUD mailing lists. For me, the current > active_ldap.rb file (trunk/lib/active_ldap.rb) was enough to start. > > > has anyone done it > > before? > > I'm on it. > > > is it gonna be major pain? > > It's no pain at all. There's an effort at the beginning, it's a good > idea to think about the models and check out the has_many, belongs_to > functions. The documentation in active_ldap.rb isn't always up-to- > date (that's perhaps little pain) so it's a good idea to generate the > rdoc from the latest source and study it. > > > does migrate and database.yaml > > recognize ldap as a valid db adapter? > > You can use a config/ldap.yml file and define settings for the > different environments (connection settings). But it's not a database > adapter where you can execute migrations on it. > > > > > Thanks in advance for your time > > > > No problem! > > - Christoph > > > _______________________________________________ > Ruby-activeldap-discuss mailing list > Ruby-activeldap-discuss at rubyforge.org > http://rubyforge.org/mailman/listinfo/ruby-activeldap-discuss -- Mohamed Hussein http://www.unixgarage.com From hughes.james at gmail.com Tue Apr 24 15:01:25 2007 From: hughes.james at gmail.com (James Hughes) Date: Tue, 24 Apr 2007 12:01:25 -0700 Subject: [Ruby-activeldap-discuss] Case sensitivity and doubled base Message-ID: <765a2c230704241201md43905cme6e47f40513b2d1c@mail.gmail.com> Hi I'm trying to track down a problem where the base portion of a dn is doubled: "ou=some_org,ou=users,dc=noosphere,ou=Users,dc=noosphere" The above should read: "ou=some_org,ou=Users,dc=noosphere" I haven't been able to track down where this is happening at all, except to note that of the five ou's in my directory, two of them are stored as "ou=,ou=users,dc=noosphere" whereas the rest are stored with "ou=Users" (note the change in case). And, you guessed it, the ones with the doubled base's are the ones with the lower-case "users" portion. As mentioned, I'm still trying to track where this corruption is happening, but I thought I'd bring it up early in case someone can see immediately what's going on. I'm running off the latest svn revision. I'm getting these results on find() calls to the ou model. thanks James From hughes.james at gmail.com Tue Apr 24 19:33:11 2007 From: hughes.james at gmail.com (James Hughes) Date: Tue, 24 Apr 2007 16:33:11 -0700 Subject: [Ruby-activeldap-discuss] Case sensitivity and doubled base In-Reply-To: <765a2c230704241201md43905cme6e47f40513b2d1c@mail.gmail.com> References: <765a2c230704241201md43905cme6e47f40513b2d1c@mail.gmail.com> Message-ID: <765a2c230704241633r1e509fdbl81ee7133f4a8517c@mail.gmail.com> After going down a very deep rabbit hole with this, I think I have narrowed the problem to the dn() method in base.rb. This method calls base() and then uses that value to construct the dn. I have a bunch of logging in these methods that shows that when the dn is doubled, base() does return the expected value (ou=some_org,ou=Users,dc=noosphere); but it is somehow corrupted in midair so that by the time it gets assigned to the local variable _base, it has become "ou=some_org,ou=users,dc=noosphere,ou=some_org,ou=Users,dc=noosphere". The user that this happens with has her dn stored in the directory with "ou=users". (note: not "Users"). Other tools (gq, phpldapadmin) don't have any problem with this case mismatch. This does not happen when the user is stored with "ou=Users". For reference, here is the code for the two methods with my logging added, and the outputs noted alongside: def base _base = base_inheritable _base = configuration[:base] if _base.nil? and configuration _base ||= base_inheritable(true) ret = [prefix, _base].find_all do |component| component and !component.empty? end.join(",") ####### Logging output: logger.debug {"RETURN from base: #{ret}"} # prints: ou=some_org,ou=Users,dc=noosphere ret end def dn dn_value = id if dn_value.nil? raise DistinguishedNameNotSetError.new, "#{dn_attribute} value of #{self} doesn't set" end _base = base _base = nil if _base.empty? ####### Logging output: logger.debug {"IN DN: #{_base}"} # prints: ou=some_org,ou=users,dc=noosphere,ou=some_org,ou=Users,dc=noosphere ["#{dn_attribute}=#{dn_value}", _base].compact.join(",") end The outputs noted above are right next to each other in the log. This is highly mystifying. James On 4/24/07, James Hughes wrote: > Hi > > I'm trying to track down a problem where the base portion of a dn is doubled: > > "ou=some_org,ou=users,dc=noosphere,ou=Users,dc=noosphere" > > The above should read: > > "ou=some_org,ou=Users,dc=noosphere" > > I haven't been able to track down where this is happening at all, > except to note that of the five ou's in my directory, two of them are > stored as "ou=,ou=users,dc=noosphere" whereas the rest are > stored with "ou=Users" (note the change in case). And, you guessed it, > the ones with the doubled base's are the ones with the lower-case > "users" portion. > > As mentioned, I'm still trying to track where this corruption is > happening, but I thought I'd bring it up early in case someone can see > immediately what's going on. > > I'm running off the latest svn revision. > > I'm getting these results on find() calls to the ou model. > > thanks > > James > From kou at cozmixng.org Tue Apr 24 21:05:47 2007 From: kou at cozmixng.org (Kouhei Sutou) Date: Wed, 25 Apr 2007 10:05:47 +0900 Subject: [Ruby-activeldap-discuss] Case sensitivity and doubled base In-Reply-To: <765a2c230704241201md43905cme6e47f40513b2d1c@mail.gmail.com> References: <765a2c230704241201md43905cme6e47f40513b2d1c@mail.gmail.com> Message-ID: Hi, 2007/4/25, James Hughes : > I'm trying to track down a problem where the base portion of a dn is doubled: > > "ou=some_org,ou=users,dc=noosphere,ou=Users,dc=noosphere" > > The above should read: > > "ou=some_org,ou=Users,dc=noosphere" I think the problem has been fixed in trunk. Thanks, -- kou From hughes.james at gmail.com Wed Apr 25 13:03:48 2007 From: hughes.james at gmail.com (James Hughes) Date: Wed, 25 Apr 2007 10:03:48 -0700 Subject: [Ruby-activeldap-discuss] Case sensitivity and doubled base In-Reply-To: References: <765a2c230704241201md43905cme6e47f40513b2d1c@mail.gmail.com> Message-ID: <765a2c230704251003u3666d604td0f0bc7cf8cd1e77@mail.gmail.com> On 4/24/07, Kouhei Sutou wrote: > Hi, > > 2007/4/25, James Hughes : > > I'm trying to track down a problem where the base portion of a dn is doubled: > > > > "ou=some_org,ou=users,dc=noosphere,ou=Users,dc=noosphere" > > > > The above should read: > > > > "ou=some_org,ou=Users,dc=noosphere" > > I think the problem has been fixed in trunk. I am already running off the latest trunk. So the problem is still there. I've been digging some more, and I think the problem is somewhere in the DistinguishedName#parse method; it is returning the rdns for a user as "uid=somebody,ou=some_org,ou=users,dc=noosphere" for the entries that have "user" in lowercase. This is in turn being prepended to a base of "ou=some_org,ou=Users,dc=noosphere" which results in the corrupted dn I've mentioned in previous emails. The entries that ar stored with uppercase "ou=Users" are returned from parse() with an rdns of "uid=somebody" which when prepended to the base result in the correct dn being returned. As part of my thrashing about trying to fix this, I tried making all of the regexes in parse() case-insensitive, but that had no effect. Kouhei, I really would like to get to the bottom of this without having to drop and recreate my ldap directory (note that I can't just do a bulk modify on the contents, since from the point of view of LDAP, there is nothing to modify). So please let me know what I can do to help with this. Thanks, James From jacob.wilkins at gmail.com Wed Apr 25 16:18:22 2007 From: jacob.wilkins at gmail.com (Jacob Wilkins) Date: Wed, 25 Apr 2007 16:18:22 -0400 Subject: [Ruby-activeldap-discuss] unknown objectClass to LDAP server: inetOrgPerson Message-ID: <1f0c1cdf0704251318n1fd3f244j8cfae3812f1c7852@mail.gmail.com> Howdy, I'm trying to run ActiveLdap against Novell eDirectory 8.7, and I've been getting the following error: /usr/lib/ruby/gems/1.8/gems/ruby-activeldap-0.8.1/lib/active_ldap/object_class.rb:57:in `assert_valid_object_class_value': unknown objectClass to LDAP server: inetOrgPerson, organizationalPerson (ActiveLdap::ObjectClassError) from /usr/lib/ruby/gems/1.8/gems/ruby-activeldap-0.8.1/lib/active_ldap/object_class.rb:33:in `assert_object_classes' On this code: class User < ActiveLdap::Base ldap_mapping :dn_attribute => 'cn',:classes => ['Top','posixAccount'], :scope => :sub, :prefix => 'ou=US' end u = User.find(:all,"jwilkins") I think the problem is in the regex in parse_attributes in schema.rb. We haven't made any schema changes, we are running the stock Novell stuff, and I'll attach it to this message. Any help would be appreciated, and I'll be glad to provide more info. Thanks, Jacob -------------- next part -------------- A non-text attachment was scrubbed... Name: schema.txt.gz Type: application/x-gzip Size: 31708 bytes Desc: not available Url : http://rubyforge.org/pipermail/ruby-activeldap-discuss/attachments/20070425/ee0b7e7d/attachment-0001.gz From kou at cozmixng.org Wed Apr 25 21:24:08 2007 From: kou at cozmixng.org (Kouhei Sutou) Date: Thu, 26 Apr 2007 10:24:08 +0900 Subject: [Ruby-activeldap-discuss] Case sensitivity and doubled base In-Reply-To: <765a2c230704251003u3666d604td0f0bc7cf8cd1e77@mail.gmail.com> References: <765a2c230704241201md43905cme6e47f40513b2d1c@mail.gmail.com> <765a2c230704251003u3666d604td0f0bc7cf8cd1e77@mail.gmail.com> Message-ID: Hi, 2007/4/26, James Hughes : > > 2007/4/25, James Hughes : > > > I'm trying to track down a problem where the base portion of a dn is doubled: > > > > > > "ou=some_org,ou=users,dc=noosphere,ou=Users,dc=noosphere" > > > > > > The above should read: > > > > > > "ou=some_org,ou=Users,dc=noosphere" > > > > I think the problem has been fixed in trunk. > > I am already running off the latest trunk. So the problem is still > there. Uhm... Could you show us your :ldap_mapping? Do you specify :dn_attribute => "ou" option for "ou=some_org,..." class? Thanks, -- kou From kou at cozmixng.org Wed Apr 25 22:54:44 2007 From: kou at cozmixng.org (Kouhei Sutou) Date: Thu, 26 Apr 2007 11:54:44 +0900 Subject: [Ruby-activeldap-discuss] unknown objectClass to LDAP server: inetOrgPerson In-Reply-To: <1f0c1cdf0704251318n1fd3f244j8cfae3812f1c7852@mail.gmail.com> References: <1f0c1cdf0704251318n1fd3f244j8cfae3812f1c7852@mail.gmail.com> Message-ID: Hi, 2007/4/26, Jacob Wilkins : > I'm trying to run ActiveLdap against Novell eDirectory 8.7, and I've > been getting the following error: > > /usr/lib/ruby/gems/1.8/gems/ruby-activeldap-0.8.1/lib/active_ldap/object_class.rb:57:in > `assert_valid_object_class_value': unknown objectClass to LDAP server: > inetOrgPerson, organizationalPerson (ActiveLdap::ObjectClassError) > from /usr/lib/ruby/gems/1.8/gems/ruby-activeldap-0.8.1/lib/active_ldap/object_class.rb:33:in > `assert_object_classes' Could you show us full backtrace? > u = User.find(:all,"jwilkins") Could you show us the entry as LDIF? It will be retrieved by ldapsearch or other LDAP client. > I think the problem is in the regex in parse_attributes in schema.rb. I improved schema.rb a bit in trunk. Could you try trunk? Thanks, -- kou From hughes.james at gmail.com Thu Apr 26 16:02:44 2007 From: hughes.james at gmail.com (James Hughes) Date: Thu, 26 Apr 2007 13:02:44 -0700 Subject: [Ruby-activeldap-discuss] Case sensitivity and doubled base In-Reply-To: References: <765a2c230704241201md43905cme6e47f40513b2d1c@mail.gmail.com> <765a2c230704251003u3666d604td0f0bc7cf8cd1e77@mail.gmail.com> Message-ID: <765a2c230704261302v6b0f24f8hf62775d99808354d@mail.gmail.com> On 4/25/07, Kouhei Sutou wrote: > Hi, > > 2007/4/26, James Hughes : > > > > 2007/4/25, James Hughes : > > > > I'm trying to track down a problem where the base portion of a dn is doubled: > > > > > > > > "ou=some_org,ou=users,dc=noosphere,ou=Users,dc=noosphere" > > > > > > > > The above should read: > > > > > > > > "ou=some_org,ou=Users,dc=noosphere" > > > > > > I think the problem has been fixed in trunk. > > > > I am already running off the latest trunk. So the problem is still > > there. > > Uhm... Could you show us your :ldap_mapping? Do you specify > :dn_attribute => "ou" option for "ou=some_org,..." class? No. I may have misled in my initial mails; these are classes for representing user entries in the directory, so the dn_attribute is 'uid'. Each class is created dynamically based on OrganizationalUnit's that are found in the directory at runtime: # Dynamically create user classes for all ou's in the directory org_units = User.find :all, :scope => :one org_units.each do |org_unit| klass = Object.const_set(org_unit.ou.capitalize, Class.new(OrgUser)) klass.instance_eval do ldap_mapping(:dn_attribute => 'uid', :prefix => "ou=#{org_unit.ou},ou=Users", :classes => ['top', 'person','inetOrgPerson', 'posixAccount', 'sambaSamAccount']) end end The User class' ldap_mapping looks like this: ldap_mapping(:dn_attribute => 'ou',:prefix => 'ou=Users') So the 'User.find :all' above finds all the ou's under the ou=Users level, creates a new class for each of them with a dynamic prefix, and then each of those classes maps instances to users found at, for instance,"uid=somebody,ou=some_org,ou=Users". This worked quite well until it ran up against the production schema, which has the aforementioned case discrepencies amongst the user entries. Hope this makes sense. James James From kou at cozmixng.org Thu Apr 26 20:31:43 2007 From: kou at cozmixng.org (Kouhei Sutou) Date: Fri, 27 Apr 2007 09:31:43 +0900 Subject: [Ruby-activeldap-discuss] unknown objectClass to LDAP server: inetOrgPerson In-Reply-To: <1f0c1cdf0704261126n4983cd98m5ca2f51a783bfff@mail.gmail.com> References: <1f0c1cdf0704251318n1fd3f244j8cfae3812f1c7852@mail.gmail.com> <1f0c1cdf0704261126n4983cd98m5ca2f51a783bfff@mail.gmail.com> Message-ID: Hi, # I hope that you send your mail to ML. 2007/4/27, Jacob Wilkins : > On 4/25/07, Kouhei Sutou wrote: > > > > > I improved schema.rb a bit in trunk. Could you try trunk? > > > > Good news: The problem I was having is fixed in trunk. :) > Bad news: I had a different problem. Could you show us codes that reproduces the problem and backtraces for the problem? I want to write a test for the problem. > Good news: I found a solution. It seems to work, though I admit that I > don't know enough to tell if it is a good solution. Here is the patch: Thanks! I'll apply your patch after I could write a test for the problem. > Index: schema.rb > =================================================================== > --- schema.rb (revision 156) > +++ schema.rb (working copy) > @@ -35,7 +35,7 @@ > DESCRIPTION_RE = "[a-zA-Z][a-zA-Z\\d\\-]*" > OID_RE = "(?:#{NUMERIC_OID_RE}|#{DESCRIPTION_RE}-oid)" > def attributes(group, id_or_name) > - return {} if group.empty? or id_or_name.empty? > + return {} if !group or group.empty? or !id_or_name or id_or_name.empty > > unless @entries.has_key?(group) > raise ArgumentError, "Unknown schema group: #{group}" > > Thanks, > > jrw > Thanks, -- kou From kou at cozmixng.org Thu Apr 26 21:52:26 2007 From: kou at cozmixng.org (Kouhei Sutou) Date: Fri, 27 Apr 2007 10:52:26 +0900 Subject: [Ruby-activeldap-discuss] Case sensitivity and doubled base In-Reply-To: <765a2c230704261302v6b0f24f8hf62775d99808354d@mail.gmail.com> References: <765a2c230704241201md43905cme6e47f40513b2d1c@mail.gmail.com> <765a2c230704251003u3666d604td0f0bc7cf8cd1e77@mail.gmail.com> <765a2c230704261302v6b0f24f8hf62775d99808354d@mail.gmail.com> Message-ID: Hi, 2007/4/27, James Hughes : > On 4/25/07, Kouhei Sutou wrote: > > Hi, > > > > 2007/4/26, James Hughes : > > > > > > 2007/4/25, James Hughes : > > > > > I'm trying to track down a problem where the base portion of a dn is doubled: > > > > > > > > > > "ou=some_org,ou=users,dc=noosphere,ou=Users,dc=noosphere" > > > > > > > > > > The above should read: > > > > > > > > > > "ou=some_org,ou=Users,dc=noosphere" > > > > > > > > I think the problem has been fixed in trunk. > > > > > > I am already running off the latest trunk. So the problem is still > > > there. > > > > Uhm... Could you show us your :ldap_mapping? Do you specify > > :dn_attribute => "ou" option for "ou=some_org,..." class? > > No. I may have misled in my initial mails; these are classes for > representing user entries in the directory, so the dn_attribute is > 'uid'. Each class is created dynamically based on OrganizationalUnit's > that are found in the directory at runtime: > > # Dynamically create user classes for all ou's in the directory > org_units = User.find :all, :scope => :one > org_units.each do |org_unit| > klass = Object.const_set(org_unit.ou.capitalize, Class.new(OrgUser)) > klass.instance_eval do > ldap_mapping(:dn_attribute => 'uid', > :prefix => "ou=#{org_unit.ou},ou=Users", > :classes => ['top', 'person','inetOrgPerson', > 'posixAccount', 'sambaSamAccount']) > end > end > > The User class' ldap_mapping looks like this: > > ldap_mapping(:dn_attribute => 'ou',:prefix => 'ou=Users') > > So the 'User.find :all' above finds all the ou's under the ou=Users > level, creates a new class for each of them with a dynamic prefix, and > then each of those classes maps instances to users found at, for > instance,"uid=somebody,ou=some_org,ou=Users". > > This worked quite well until it ran up against the production schema, > which has the aforementioned case discrepencies amongst the user > entries. OK. I can reproduce this. I fixed in trunk. Could you try again? Thanks, -- kou From hughes.james at gmail.com Fri Apr 27 15:43:30 2007 From: hughes.james at gmail.com (James Hughes) Date: Fri, 27 Apr 2007 12:43:30 -0700 Subject: [Ruby-activeldap-discuss] Case sensitivity and doubled base In-Reply-To: References: <765a2c230704241201md43905cme6e47f40513b2d1c@mail.gmail.com> <765a2c230704251003u3666d604td0f0bc7cf8cd1e77@mail.gmail.com> <765a2c230704261302v6b0f24f8hf62775d99808354d@mail.gmail.com> Message-ID: <765a2c230704271243g1f65f283t41eb56117b62c8b3@mail.gmail.com> On 4/26/07, Kouhei Sutou wrote: > Hi, > > 2007/4/27, James Hughes : > > On 4/25/07, Kouhei Sutou wrote: > > > Hi, > > > > > > 2007/4/26, James Hughes : > > > > > > > > 2007/4/25, James Hughes : > > > > > > I'm trying to track down a problem where the base portion of a dn is doubled: > > > > > > > > > > > > "ou=some_org,ou=users,dc=noosphere,ou=Users,dc=noosphere" > > > > > > > > > > > > The above should read: > > > > > > > > > > > > "ou=some_org,ou=Users,dc=noosphere" > > > > > > > > > > I think the problem has been fixed in trunk. > > > > > > > > I am already running off the latest trunk. So the problem is still > > > > there. > > > > > > Uhm... Could you show us your :ldap_mapping? Do you specify > > > :dn_attribute => "ou" option for "ou=some_org,..." class? > > > > No. I may have misled in my initial mails; these are classes for > > representing user entries in the directory, so the dn_attribute is > > 'uid'. Each class is created dynamically based on OrganizationalUnit's > > that are found in the directory at runtime: > > > > # Dynamically create user classes for all ou's in the directory > > org_units = User.find :all, :scope => :one > > org_units.each do |org_unit| > > klass = Object.const_set(org_unit.ou.capitalize, Class.new(OrgUser)) > > klass.instance_eval do > > ldap_mapping(:dn_attribute => 'uid', > > :prefix => "ou=#{org_unit.ou},ou=Users", > > :classes => ['top', 'person','inetOrgPerson', > > 'posixAccount', 'sambaSamAccount']) > > end > > end > > > > The User class' ldap_mapping looks like this: > > > > ldap_mapping(:dn_attribute => 'ou',:prefix => 'ou=Users') > > > > So the 'User.find :all' above finds all the ou's under the ou=Users > > level, creates a new class for each of them with a dynamic prefix, and > > then each of those classes maps instances to users found at, for > > instance,"uid=somebody,ou=some_org,ou=Users". > > > > This worked quite well until it ran up against the production schema, > > which has the aforementioned case discrepencies amongst the user > > entries. > > OK. I can reproduce this. > I fixed in trunk. Could you try again? Awesome, this fix is working great. Thanks for the quick response Kouhei. James