how to handle comparison of binary type attributes in LDAP

perlknight has asked for the wisdom of the Perl Monks concerning the following question:

Replies are listed 'Best First'.
Re: how to handle comparison of binary type attributes in LDAP by idsfa (Vicar) on Feb 21, 2007 at 03:00 UTC
This sounds very much like an XY Problem. What are you actually trying to accomplish? Which said, I'm game to try and answer the question you asked ... The allowed content of an LDAP (v3) attribute is defined in the LDAP Schema. You can use Net::LDAP::Schema to retrieve this from the server. Unfortunately, this may or may not help you, as there are several "kinds" of binary data which can exist even in the Standard Types, let alone any custom extensions which you may have. For example, the RFC mentions the `Audio`, `Binary`, `JEPG` and `Octet String` syntaxes. You could probably implement a lookup table to specify which comparison method should be used, based upon the OID of the syntax for each attribute's value. This would be the route to take if you are (for example) trying to compare two different LDAP directories. If, OTOH, you are trying to find partially matching entries in a single LDAP, you might be able to make the server do the work and just use a filter to pull out entries which match your desired attribute/value pairs. Since you don't seem to be to rigorous about comparing the binary values, this may be "good enough". `my $filter = "(&"; foreach my $attr (keys %lookingfor) { $filter .= "($attr=\" . escape_filter_value($lookingfor{$attr}) . "\")"; } $filter .= ")"; $ldap = Net::LDAP->new($server); $mesg = $ldap->bind; $mesg = $ldap->search( base => $base, filter => $filter ); $mesg->code && die $mesg->error; foreach $entry ($mesg->entries) { $entry->dump; } $mesg = $ldap->unbind;` [download] The intelligent reader will judge for himself. Without examining the facts fully and fairly, there is no way of knowing whether vox populi is really vox dei, or merely vox asinorum. — Cyrus H. Gordon	[reply] [d/l] [select]
Re^2: how to handle comparison of binary type attributes in LDAP by perlknight (Pilgrim) on Feb 21, 2007 at 03:17 UTC
It's comparing LDAP entries from two servers. It could be a comparison between Primary and secondary or two LDAP server in different environment, e.g: DEV,QA,PROD. I got this written already, but as I analyze the result I noticed the Binary type is throwing me off track when I do a comparison. Hence I thought I could avoid by just doing length equality comparison on the value. BTW, what is an XY problem?	[reply]
Re^3: how to handle comparison of binary type attributes in LDAP by idsfa (Vicar) on Feb 21, 2007 at 03:56 UTC
(Read the link in my earlier post for several good explanations of the XY problem) Comparing the length only doesn't help if , for example, your binary data is a set of bit flags ... the value is important, too. I'd recommend MIME::Base64 encoding each value before comparing (neatly sidestepping the question of whether or not the original was binary). The intelligent reader will judge for himself. Without examining the facts fully and fairly, there is no way of knowing whether vox populi is really vox dei, or merely vox asinorum. — Cyrus H. Gordon	[reply]
Re: how to handle comparison of binary type attributes in LDAP by greatshots (Pilgrim) on Feb 21, 2007 at 03:05 UTC
look_@_this	[reply]


Think about Loose Coupling
	PerlMonks