php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #7228 Problems when using the ldap_add() function
Submitted: 2000-10-15 18:37 UTC Modified: 2000-10-29 00:17 UTC
From: christoffer dot leitet at thewhitebird dot com Assigned:
Status: Closed Package: LDAP related
PHP Version: 4.0.2 OS: Linux 2.2.16 (slackware)
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: christoffer dot leitet at thewhitebird dot com
New email:
PHP Version: OS:

 

 [2000-10-15 18:37 UTC] christoffer dot leitet at thewhitebird dot com
This script is copypasted (and modifyed for my system) from the manual, and reproduces the error on my system..

<?php
$ds=ldap_connect("iplanet.server.com");  // assuming the LDAP server is on this host

if ($ds) {
    // bind with appropriate dn to give update access
    $r=ldap_bind($ds,"cn=Directory Manager", "secret");

    // prepare data
    $info["cn"]="John Jones";
    $info["sn"]="Jones";
    $info["mail"]="jonj@here.and.now";
    $info["objectclass"]="person";

    // add data to directory
    $r=ldap_add($ds, "cn=John Jones, o=whitebird", $info);

    ldap_close($ds);
} else {
    echo "Unable to connect to LDAP server"; 
}
?>

This script generates the error somewhat like: Warning: LDAP: add operation could not be completed. in /home/leitet/public_html/Beta1/functions/func.inc.php on line 17

When I use a ldap_modify() call, it works, and the designated attribute I want to change is changed. But when I first use the function for updating the directory using ldap_modify() and then use the ldap_add() function, both fails giving: LDAP: modify operation could not be completed and LDAP: add operation could not be completed.

I have a "out of the box" php.ini. Have compiled LDAP support into php by using openldap, and connects to a Netscape Directory Server in order to try to update it..

The mentioned fuctions follows:

// Update number of entries
function update_number_of_entries($ds,$ldap_default_path)
{
  $data1 = "nsnumdomains";
  $aa="(objectClass=*)";
  $sr=ldap_read($ds, $ldap_default_path, $aa);
  $entry = ldap_first_entry($ds, $sr);
  $value = ldap_get_values($ds, $entry, $data1);
  $value[0]++;
  $data[nsnumdomains] = $value[0];
  ldap_modify($ds,$ldap_default_path,$data);
}

function insert_domain($ds,$domain,$ldap_default_path,$nrusers,$nrgroups)
{
  // making the domain
  $ldap_path = "o=$domain, $ldap_default_path";
  $data["objectclass"][0] = "top";
  $data["objectclass"][1] = "organization";
  $data["objectclass"][2] = "nsmanageddomain";
  $data["nsnumusers"] = "0";
  $data["nsnumdepts"] = "0";
  $data["owner"] = "cn=Domain Administrators, o=$domain, $ldap_default_path";
  $data["aci"][0] = "(targetattr=\"*\")(targetfilter=(objectclass=nsManagedDept))(version 3.0; acl \"Dept domain administration\"; allow (all) groupdn = \"ldap:///cn=Domain Administrators, o=$domain, $ldap_default_path\";)";
  $data["aci"][1] = "(targetattr=\"*\")(targetfilter=(objectclass=nsManagedDomain))(version 3.0; acl \"Domain help desk access\"; allow (read,search) groupdn = \"ldap:///cn=Help Desk Administrators, o=$domain, $ldap_default_path\";)";
  $data["aci"][2] = "(targetattr=\"*\")(targetfilter=(objectclass=nsManagedDomain))(version 3.0; acl \"Domain access by Dept. Administrator\"; allow (read,search) groupdn = \"ldap:///cn=Dept Administrators, o=$domain, $ldap_default_path\";)";
  $data["aci"][3] = "(targetattr=\"nsNumUsers\")(targetfilter=(objectclass=nsManagedDomain))(version 3.0; acl \"write nsNumUsers by Dept. Administrator\"; allow (write) group dn = \"ldap:///cn=Dept Administrators, o=$domain, $ldap_default_path\";)";
  $data["nsmaxdepts"] = "$nrgroups";
  $data["o"] = "$domain";
  $data["nsmaxusers"] = "$nrusers";
  $data["nsdefaultmaxdeptsize"] = "10";
  ldap_add($ds,$ldap_path,$data);
  echo "Making the domain on $ldap_path";
}

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2000-10-16 06:09 UTC] christoffer dot leitet at thewhitebird dot com
I received this answer:
Please try adding this line after ldap_add() function:

echo ldap_error($ds);

You'll get the real reason why it doesn't work..
And please close the bug report after that. =)
(IF the error is what I suspect it to be..you can not add entries with same DN)

--Jani

I'm sorry I didn't leave this info for you, I totally forgot it.. It says: Insufficient access.
But how can it be insufficent access, when I'm editing the directory as the Directory Manager (aka. superuser), and manage to update an entry, but when trying to make an entry I get insufficent access, and even when i first try to update, then insert, then I get insufficent access for both of them..
 [2000-10-16 06:42 UTC] sniper@php.net
I get 'Insufficent access' only when the ldap_bind() doesn't succeed.
Please try adding that 'echo ldap_error($ds);' line right after your 
bind line. 

And if possible, please provide the shortest but complete reproducive
script. I assume you were talking about your own scripts NOT the one
copypasted from the manual?

--Jani
 [2000-10-29 00:17 UTC] sniper@php.net
No feedback.
 [2010-11-05 08:26 UTC] ezana_axum at yahoo dot com
$info=array( "count"=>1, array(
                              
                            "givenname"   => array("count"=>1,"abebe"),
                            "sn"          => array("count"=>1,"khsay"),
                            "cn"          => array("count"=>1,"abebe khsay")),
                            "dn"=>"cn=abebe khsay,ou=People,dc=ezana"
             );

ldap_add($ldapconn,"cn=abebe khsay, ou=people,dc=ezana", $info);
Warning: ldap_add() [function.ldap-add]: Unknown attribute in the data in /home/abrham/ldap/ldap_con.php on line 74
 [2010-11-05 08:40 UTC] ezana_axum at yahoo dot com
$info=array( "count"=>1, array(
                              
                            "givenname"   => array("count"=>1,"abrham"),
                            "sn"          => array("count"=>1,"yetila"),
                            "cn"          => array("count"=>1,"abrham yetila")),
                            "dn"=>"cn=abrham yetilay,ou=People,dc=ezana"
             );

ldap_add($ldapconn,"cn=abrham yetila, ou=people,dc=ezana", $info);
Warning: ldap_add() [function.ldap-add]: Unknown attribute in the data in /home/abrham/ldap/ldap_con.php on line 74
but search works
 
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Tue Dec 06 11:05:52 2022 UTC