Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask
 
PerlMonks  

Re^7: Net::LDAP help with distinguished name

by Sinistral (Prior)
on Feb 04, 2012 at 20:35 UTC ( #951845=note: print w/ replies, xml ) Need Help??


in reply to Re^6: Net::LDAP help with distinguished name
in thread Net::LDAP help with distinguished name

Whenever I'm stuck with figuring out proper LDAP usage, I revert to testing with LDAP Browser Editor Despite. Based on your code looking for sAMAccountname, plus the fact you call your variable 'ad', I'm guessing you're hitting an Active Directory server. I know that LBE will be able to hit it (it works with ours) and you can triple check your filters.

For one thing, you need parens around the filter: (dn=CN=JUSER,OU=ACCT,DC=MYCOMPANY,DC=COM). I always use dn, but distinguishedname might also be valid. Use the sAMAccountname filter to view your entry in LBE and verify that you are actually using the distinguished name of the person


Comment on Re^7: Net::LDAP help with distinguished name
Re^8: Net::LDAP help with distinguished name
by Discreet Entity (Initiate) on Feb 04, 2012 at 23:27 UTC
    Resolved!

    There were two issues. First, I had to use distinguishedname= rather than dn=a. Apparently Active Directory is picky about the filter though oddly you can use dn when specifying get_value. Secondly, the sample distinguishednames I tested had parens in them which must be escaped. Net::LDAP doesn't handle that for you.

    I added this bit:

    sub cleanLDAPString { my $tempstr = shift; $tempstr =~ s/\\/\\5c/; $tempstr =~ s/\(/\\28/; $tempstr =~ s/\)/\\29/; $tempstr =~ s/&/\\26/; $tempstr =~ s/\|/\\7c/; $tempstr =~ s/>/\\3e/; $tempstr =~ s/</\\3c/; $tempstr =~ s/\~/\\7e/; $tempstr =~ s/\*/\\2a/; return $tempstr; }

    and called it before I constructed the filter. Worked just fine. Thank you very much for the feedback. It helped lead me to the solution.

    :)

    And nuts to those that think minimalist responses and snide comments are in any way helpful to the people who come here. If you don't have anything helpful to contribute then don't post. And for the record, posting greps to the doc that I already specified I'd read and that didn't have any relevant examples is just effing arrogant and lazy.

      The idiom of that function is

      { my %subs = ( '\\' => q/\\5c/, '(' => q/\\28/, ')' => q/\\29/, '&' => q/\\26/, '|' => q/\\7c/, '>' => q/\\3e/, '<' => q/\\3c/, '~' => q/\\7e/, '*' => q/\\2a/, ); my $subs_re = join '|', map quotemeta, key %subs; sub cleanLDAPString { my $tempstr = shift; $tempstr =~ s/($subs_re)/$subs{$1}/g; return $tempstr; } }

      But it already exists http://search.cpan.org/grep?cpanid=MARSCHAP&release=perl-ldap-0.44&string=escape&i=1&n=1&C=0 in Net::LDAP::Util

      escape_filter_value ( VALUES )
      unescape_filter_value ( VALUES )
      escape_dn_value ( VALUES )
      unescape_dn_value ( VALUES )

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://951845]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others avoiding work at the Monastery: (10)
As of 2014-09-18 19:49 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (123 votes), past polls