Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris
 
PerlMonks  

Re: how to handle comparison of binary type attributes in LDAP

by idsfa (Vicar)
on Feb 21, 2007 at 03:00 UTC ( #601252=note: print w/ replies, xml ) Need Help??


in reply to how to handle comparison of binary type attributes in LDAP

This sounds very much like an XY Problem. What are you actually trying to accomplish? Which said, I'm game to try and answer the question you asked ...

The allowed content of an LDAP (v3) attribute is defined in the LDAP Schema. You can use Net::LDAP::Schema to retrieve this from the server.

Unfortunately, this may or may not help you, as there are several "kinds" of binary data which can exist even in the Standard Types, let alone any custom extensions which you may have. For example, the RFC mentions the Audio, Binary, JEPG and Octet String syntaxes. You could probably implement a lookup table to specify which comparison method should be used, based upon the OID of the syntax for each attribute's value. This would be the route to take if you are (for example) trying to compare two different LDAP directories.

If, OTOH, you are trying to find partially matching entries in a single LDAP, you might be able to make the server do the work and just use a filter to pull out entries which match your desired attribute/value pairs. Since you don't seem to be to rigorous about comparing the binary values, this may be "good enough".

my $filter = "(&"; foreach my $attr (keys %lookingfor) { $filter .= "($attr=\" . escape_filter_value($lookingfor{$attr}) . "\")"; } $filter .= ")"; $ldap = Net::LDAP->new($server); $mesg = $ldap->bind; $mesg = $ldap->search( base => $base, filter => $filter ); $mesg->code && die $mesg->error; foreach $entry ($mesg->entries) { $entry->dump; } $mesg = $ldap->unbind;

The intelligent reader will judge for himself. Without examining the facts fully and fairly, there is no way of knowing whether vox populi is really vox dei, or merely vox asinorum. — Cyrus H. Gordon


Comment on Re: how to handle comparison of binary type attributes in LDAP
Select or Download Code
Re^2: how to handle comparison of binary type attributes in LDAP
by perlknight (Pilgrim) on Feb 21, 2007 at 03:17 UTC
    It's comparing LDAP entries from two servers. It could be a comparison between Primary and secondary or two LDAP server in different environment, e.g: DEV,QA,PROD. I got this written already, but as I analyze the result I noticed the Binary type is throwing me off track when I do a comparison. Hence I thought I could avoid by just doing length equality comparison on the value. BTW, what is an XY problem?

      (Read the link in my earlier post for several good explanations of the XY problem)

      Comparing the length only doesn't help if , for example, your binary data is a set of bit flags ... the value is important, too. I'd recommend MIME::Base64 encoding each value before comparing (neatly sidestepping the question of whether or not the original was binary).


      The intelligent reader will judge for himself. Without examining the facts fully and fairly, there is no way of knowing whether vox populi is really vox dei, or merely vox asinorum. — Cyrus H. Gordon

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://601252]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (6)
As of 2014-12-28 09:03 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (179 votes), past polls