title: Searching DSML link: https://onemoretech.wordpress.com/2009/04/16/searching-dsml/ author: lembobro description: post_id: 337 created: 2009/04/16 19:08:01 created_gmt: 2009/04/16 19:08:01 comment_status: open post_name: searching-dsml status: publish post_type: post

Searching DSML

Here is a first attempt at some code that will search an LDAP directory through it’s DSML interface (as before, using a version 5.2 Sun Java Systems Directory Server configured with its built-in DSML listener):

#! /usr/bin/perl
# Search for entry in the directory server.
use Net::DSML;
use Net::DSML::Filter;
$dirHost = "ldap.example.com";
$dsmlPort = "11000";
$filter = Net::DSML::Filter->new();
$attribute = "sn";
$value = "LEMBO";
$base = "dc=example,dc=com";
@attributes = qw(cn uid givenname sn title mail telephonenumber objectclass);
if ( !($filter->subString( { type =>"initial",
                             attribute => $attribute,
                             value => $value } ) ) ) {
    print $filter->error(), "n";
    exit;
}
$dsml = Net::DSML->new({ debug => 0,
                         url => "http://$dirHost:$dsmlPort/dsml" });
$dsml->setScope({scope => "wholeSubtree"});
if ( !( $dsml->search( { sfilter => $filter->getFilter(),
                         base => $base,
                         attributes => @attributes,
						 } ) ) ) {
    print $dsml->error, "n";
    exit;
}
if ( !$dsml->send() ) {
    print $dsml->error, "n";
    exit;
}
$content = $dsml->content();
print $content, "n";
__END__;

`

Once again, I’ve copied and pasted the example given in the Net::DSML documentation, cleaned up syntax errors and finally done some customization so it actually works. For example, by default Net::DSML will only search one level down the directory tree (referred in the doc as ’singleLevel’). In LDAP parlance this is known as the “scope” of a search. From examining the module code I learned that the scope can be set to a subtree search (a/k/a ’sub’ or level ‘2′) by declaring:

$dsml->setScope({scope => "wholeSubtree"});

Because my test directory at work is a multi-leveled directory admin’s nightmare, I set the scope to subtree so I can search down through all the levels of the tree. Another thing I did was to explicitly list the attributes to be returned in the @attributes array. You might be asking right now, “but how do you search on all attributes, without explicitly listing them?” Good question. By using the universal wildcard symbol, the asterisk (’*'). Just declare the array thusly:

@attributes = qw( * );

Keep in mind that the above code doesn’t authenticate you to the directory server, so only attributes that can be seen by a user binding anonymously can be retrieved.

Copyright 2004-2019 Phil Lembo