On Mon, Jan 19, 2009 at 7:06 PM, Craig McQueen <mcqueen-c@xxxxxxxxxxxxxxxx> wrote: > Eric Covener wrote: > > On Mon, Dec 22, 2008 at 10:21 PM, Craig McQueen > <mcqueen-c@xxxxxxxxxxxxxxxx> wrote: > > > I'm trying to do LDAP authorisation with an Active Directory server, and the > "Base DN" has Japanese characters in it. This should be no problem, but I > can't get it to work. > > The Base DN is something like: > OU=裾野,OU=管理,DC=edsrd00,DC=local > The corresponding LDAP URL is something like: > AuthLDAPURL > "ldap://server:389/OU=\e8\a3\be\e9\87\8e,OU=\e7\ae\a1\e7\90\86,DC=edsrd00,DC=local?sAMAccountName?sub?(objectClass=*)" > NONE > > I think it has the Japanese characters specified in proper RFC 2255 format. > So I think there is a problem in the LDAP authentication module in properly > sending the queries with UTF-8 content in the base DN. The error.log file > says "[ldap_search_ext_s() for user failed][No Such Object]" which seems to > indicate that the LDAP server isn't getting a valid base DN. > > Any insights on this? > > > packet trace would tell you what was put in the wire compared to a > working command-line search. > > > I finally got a chance to check this out with Wireshark. I found that the > Apache server is just putting the URI on the wire as given, backslashes and > numbers and all. So I guess it's not parsing the backslash codes as RFC 2255 > specifies. > > Does this mean I should submit a bug report? The RFC URL-escapes everything, have you tried that syntax? APR seems to know something about that. -- Eric Covener covener@xxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|