First of all, thanks for your comments!

I can see where you're coming from , however rewriting this to use Net::LDAP::Simple , feels more like I'm shuffling the args to different methods rather than simplifying the code. I think search paramaters belong with search methods, not in the constructor.

The greatest benefits of this approach come when you are performing many operations on array of entries over the same connection. I'm not sure what to put on an example, since the concept of simplicity is different from person to person, but I'll try anyway.

Compare this two snippets: you are doing similar searches on the same attributes but with different search strings, then adding an objectclass to each entry and storing the entries back again.

use strict ;
use warnings ;

use Net::LDAP::Simple ;

eval {
my $ldap = Net::LDAP::Simple->new(host => 'x.it',
  bindDN => 'cn=admin,ou=People,dc=x,dc=it',
  bindpw => 'secret',
  base => 'ou=People,dc=x,dc=it',
  searchattrs => [qw(cn uid loginname)]) ;
} ;

die "Can't connect: $@" unless defined $ldap ;

my @users ;

# I won't preload all entries in production code,
# in fact this is just an example :-)
foreach my $user (qw(pinco pallino caro bellino)) {
  my $res = $ldap->simplesearch($user) ;
  die $ldap->error unless defined $res ;
  push @users,@$res ;
}

my $update = $ldap->rewrite(map($_->add(objectclass => 'posixAccount')
+)) ;

unless (@$update == @users) {
  my $entry = pop @$update ;
  warn "Cannot modify ".$entry->dn.", giving up!" ;
}
[download]

with this:

use strict ;
use warnings ;

use Net::LDAP ;

sub makefilter {
  return qq/(|(uid~=$_[0])(|(cn~=$_[0])(loginname~=$_[0])))/
}

my $ldap = Net::LDAP->new('x.it') ;
{
  my $msg = $ldap->bind('cn=admin,ou=People,dc=x,dc=it',
                        password => 'secret') ;
  die "Cannot bind: ".$msg->error if $msg->is_error ;
}

my $base = 'ou=People,dc=x,dc=it' ;

my @users ;

# I won't preload all entries in production code,
# in fact this is just an example :-)
foreach my $user (qw(pinco pallino caro bellino)) {
  my $filter = makefilter($user) ;
  my $msg = $ldap->search(base => $base,
                          filter => $filter) ;
  die $msg->error if $msg->is_error ;
  push @users,$ldap->entries ;
}

foreach my $entry (@users) {
  my $msg = $ldap->modify($entry,
                add => { objectclass => 'posixAccount' }) ;
  if ($msg->is_error) {
    warn "Cannot modify ".$entry->dn.", giving up!" ;
    last ;
  }
}
[download]

In the Net::LDAP::Simple code you don't need to define a makefilter sub, the module takes care of it; you don't need to check $msg->is_error at every call: you get an array reference or undef for every method that works on entries; you don't need to iterate over an array of @entries: the module takes care of it. Some application do exactly that, and those applications are the target of the module... er, class.

Again, thanks for your feedback!

Ciao!
--bronto

The very nature of Perl to be like natural language--inconsistant and full of dwim and special cases--makes it impossible to know it all without simply memorizing the documentation (which is not complete or totally correct anyway).
--John M. Dlugosz