Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris

Re: Re: RFC: Net::LDAP::Simple

by bronto (Priest)
on Apr 15, 2003 at 12:51 UTC ( #250559=note: print w/replies, xml ) Need Help??

in reply to Re: RFC: Net::LDAP::Simple
in thread RFC: Net::LDAP::Simple

First of all, thanks for your comments!

I can see where you're coming from , however rewriting this to use Net::LDAP::Simple , feels more like I'm shuffling the args to different methods rather than simplifying the code. I think search paramaters belong with search methods, not in the constructor.

The greatest benefits of this approach come when you are performing many operations on array of entries over the same connection. I'm not sure what to put on an example, since the concept of simplicity is different from person to person, but I'll try anyway.

Compare this two snippets: you are doing similar searches on the same attributes but with different search strings, then adding an objectclass to each entry and storing the entries back again.

use strict ; use warnings ; use Net::LDAP::Simple ; eval { my $ldap = Net::LDAP::Simple->new(host => '', bindDN => 'cn=admin,ou=People,dc=x,dc=it', bindpw => 'secret', base => 'ou=People,dc=x,dc=it', searchattrs => [qw(cn uid loginname)]) ; } ; die "Can't connect: $@" unless defined $ldap ; my @users ; # I won't preload all entries in production code, # in fact this is just an example :-) foreach my $user (qw(pinco pallino caro bellino)) { my $res = $ldap->simplesearch($user) ; die $ldap->error unless defined $res ; push @users,@$res ; } my $update = $ldap->rewrite(map($_->add(objectclass => 'posixAccount') +)) ; unless (@$update == @users) { my $entry = pop @$update ; warn "Cannot modify ".$entry->dn.", giving up!" ; }

with this:

use strict ; use warnings ; use Net::LDAP ; sub makefilter { return qq/(|(uid~=$_[0])(|(cn~=$_[0])(loginname~=$_[0])))/ } my $ldap = Net::LDAP->new('') ; { my $msg = $ldap->bind('cn=admin,ou=People,dc=x,dc=it', password => 'secret') ; die "Cannot bind: ".$msg->error if $msg->is_error ; } my $base = 'ou=People,dc=x,dc=it' ; my @users ; # I won't preload all entries in production code, # in fact this is just an example :-) foreach my $user (qw(pinco pallino caro bellino)) { my $filter = makefilter($user) ; my $msg = $ldap->search(base => $base, filter => $filter) ; die $msg->error if $msg->is_error ; push @users,$ldap->entries ; } foreach my $entry (@users) { my $msg = $ldap->modify($entry, add => { objectclass => 'posixAccount' }) ; if ($msg->is_error) { warn "Cannot modify ".$entry->dn.", giving up!" ; last ; } }

In the Net::LDAP::Simple code you don't need to define a makefilter sub, the module takes care of it; you don't need to check $msg->is_error at every call: you get an array reference or undef for every method that works on entries; you don't need to iterate over an array of @entries: the module takes care of it. Some application do exactly that, and those applications are the target of the module... er, class.

Again, thanks for your feedback!


The very nature of Perl to be like natural language--inconsistant and full of dwim and special cases--makes it impossible to know it all without simply memorizing the documentation (which is not complete or totally correct anyway).
--John M. Dlugosz

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://250559]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others exploiting the Monastery: (3)
As of 2022-01-28 05:36 GMT
Find Nodes?
    Voting Booth?
    In 2022, my preferred method to securely store passwords is:

    Results (73 votes). Check out past polls.