web2ldap - FAQ

Frequently Asked Questions
<Download> <News> <Demo> <Related>
<Commercial> <Feedback> <FAQ>
<Features> <Installing> <Configuration> <Compability> <Security> <Changes> <Files> <Roadmap>

SyntaxError: ...

You are probably running a Python version prior to 2.0. See required software before starting web2ldap.

ImportError: No module named ldap

The python-ldap module was not found. Install all required software before starting web2ldap.

I want to refer to the web2ldap gateway from a web page. Is there a way to get a persistent URL?

Yes, you can use any RFC2255-compliant LDAP URL with web2ldap's command ldapurl. The safest way is to use the URL-encoded scheme.
Example: http://sites.inka.de:8002/web2ldap/ldapurl?ldap://ldap.openldap.org/dc=openldap,dc=org

I would like to integrate web2ldap in my Netscape address book. Is there a way to do that?

Yes, you can configure Netscape in the preferences file (preferences.js or prefs.js) to use a pre-configured URL for pointing to a web gateway (here web2ldap with command ldapurl). See "Customizing LDAP Settings For Communicator 4.5".
Note: The example in Netscape's document is somewhat misleading. I try to provide a better one.
Watch out for your LDAP configuration. Something like:
user_pref("ldap_2.servers.Michaels.serverName", "localhost");
user_pref("ldap_2.servers.Michaels.searchBase", "o=Michaels");
and add something like
user_pref("ldap_2.servers.Michaels.customDisplayUrl", "http://localhost/web2ldap-fcgi/web2ldap.py/ldapurl?ldap://localhost/%s");
Note that the prefix "ldap_2.servers.Michaels" here is only valid in my local configuration example which was automatically generated by the Netscape browser. The prefix in your preferences file will be different.

I would like to add multi-valued attributes but the input form just provides one input field for a certain attribute type.

You can use the LDIF input field for adding extra values. Next time you edit the entry for modifying it all the values are displayed each in a separate input field. Note that the LDIF input field does not accept NON-ASCII data.

I would like to upload a photo, a certificate or other binary attribute data. Is that possible?

Uploading binary attribute data is currently only possible via LDIF when adding or modifying an entry. You have to convert your binary data with a LDIF tool first and cut&paste its output into the LDIF input field or provide a URL in the LDIF line (see global configuration parameter web2ldapcnf.misc.ldif_url_schemes).

I would like to delete a photo, a certificate or other binary attribute data. Is that possible?

Yes, it is possible since version 0.10.0. An addtional [Delete] link is shown for binary attributes. Note that in case of multi-valued attributes all attribute values are deleted. You cannot delete a single chosen attribute value.

I want to avoid displaying the raw DNs in the search result table. How to do that?

There are several possibilities:

I have embedded HTML code with hyperlinks into some of the LDAP entries. When I display the entry with Netscape the hyperlinks work just fine but with web2ldap the HTML code is displayed instead of displaying the hyperlink.

This behaviour of escaping HTML entity characters is implemented for security reasons. It prevents execution of bad Javascript code a malicious user might have added (see CERT advisory 2000-02).

Plain URLs in attributes are converted automatically to hyperlinks. To be conform with LDAP standard you should use the attribute type labeledURI. Netscape also displays labeledURI as labeled hyperlink.

I would like to setup some automatically filled fields. E.g. automatically set the cn (common name) attribute with the concatenation of values of the attributes givenName and sn (surname).

This is currently not possible.

I would like to define a "select" item for certain input fields.

This is currently not possible and probably a task for your own home-grown LDAP client.

How to customize the HTML output to use different colors, different font size, etc.?

Customization of layout can be done by defining a CSS file (cascaded style sheet). Almost all important HTML elements have own id or class attributes which can be used to define their appearance. Have a look at the example CSS files shipped with the source distribution package.

I have started web2ldap in stand-alone mode. It runs and accessing it from localhost works but I cannot access it over my network. What is wrong?

For security reasons web2ldap does not bind to every interface in your system as default like other network demons. You have to explicitly bind to a specific network interface by using command line option -l.

web2ldap -l my.public.ether.addr:port

You can enable binding to all interfaces by

web2ldap -l

I try to run web2ldap but it quits during startup and throws an exception in the module DNS.

There are some errors in the DNS module, e.g. improper parsing of /etc/resolv.conf. A fast work-around is to delete the directory pylib/DNS/ if you are not using SRV RR's in your DNS to automatically locate LDAP servers based on dc-style DNs. This is likely the case if you do not understand what I am saying here. ;-)
The complete solution is to install a recent version of PyDNS which has many bugs fixed. Note that the module DNS was just shipped with web2ldap because a specially patched version was needed for SRV RR lookups. This patch is now part of PyDNS.

Is it possible to run web2ldap under Windows?

The required python-ldap version is currently not available on Windows platform. One option is to run the whole stuff under cygwin (see a short explanation in the python-ldap mailing list archive).

web2ldap crashs a lot of with segmentation faults.

This is not a web2ldap issue. Please check how your Python interpreter was compiled. It has to be build with configure --without-pymalloc. You probably have to rebuild all C extension modules involved afterwards.

web2ldap does not work properly with SSL (based on M2Crypto) in stand-alone mode. HTTP headers seem to be truncated.

This is not a web2ldap issue. Please check how your Python interpreter was compiled. It has to be build with configure --without-pymalloc. You probably have to rebuild all C extension modules involved afterwards.

NameError: global name 'threading' is not defined

Your Python interpreter seems to have thread support disabled. You can solve that by building Python with configure --with-threads.

Page last modified: Saturday, 23-Feb-2002 16:34:07 CET, © by Michael Ströder <michael@stroeder.com>