From: Graham B. <gb...@po...> - 2002-09-13 14:32:42
|
Well the pod says =item LDAP_INVALID_CREDENTIALS The wrong password was supplied or the SASL credentials could not be processed Are you sure tha password you have is right ? Graham. On Fri, Sep 13, 2002 at 10:17:04AM -0400, DeMarco, Alex wrote: > OK some progress, now I get an Invalid Credentials error message.... > > I'm sending a DN and a password, what else could I be missing? > > - ALex > > -----Original Message----- > From: Graham Barr [mailto:gb...@po...] > Sent: Friday, September 13, 2002 9:39 AM > To: DeMarco, Alex > Cc: 'Chris Ridd'; 'per...@li...' > Subject: Re: NET:LDAP Authentication > > > On Fri, Sep 13, 2002 at 09:20:44AM -0400, DeMarco, Alex wrote: > > I'll know the userid, password and the DN. > > I've never worked with PERL or LDAP before, been thrown in to help a > user... > > arrgh > > > > Basically I need to validate a users password via their LDAP server. I've > > tried the code below without any success. Is there a place I can go where > > there are more examples than what is on sourceforge? > > Any help is greatly apprecaited. > > - Alex > > > > > > #!/usr/local/bin/perl > > > > > > use Net::LDAP qw(:all); > > use Net::LDAP::Util qw(ldap_error_name > > ldap_error_text) ; # use for Error handling > > > > $ldap = Net::LDAP->new("myldapserver.com") or die "$@"; > > $passwd="mypassword"; > > $userid="demarcao"; > > $mesg = $ldap->bind(anonymous => 1, version => 3); > > > > $mesg = $ldap->search(base => "dc=sysadmin,dc=suny", > > scope => subtree, > > filter => "(userid=$userid)", > > attrs => [ 'userid' ]); # Don't need complete entries back > > If ($mesg->count == 1) { > > $ldap->bind($mesg->entry(0), > > You need to assign the result to $mesg or your print below will show the > result of the search > > Graham. > > > password => "mypassword", > > version => 3); > > } > > > > print "Bind failed: ", $mesg->error, "\n"; > > > > > > > > $ldap->unbind; > > > > > > > > -----Original Message----- > > From: Chris Ridd [mailto:chr...@me...] > > Sent: Friday, September 13, 2002 3:52 AM > > To: DeMarco, Alex; 'per...@li...' > > Subject: Re: NET:LDAP Authentication > > > > > > On 13/9/02 2:16 am, DeMarco, Alex <DEM...@sy...> wrote: > > > > > Hello, > > > > > > I'm trying to run this on a Win2k machie running ActiveStates perl. > > > > > > With the following code: > > > > > > $ldap = Net::LDAP->new("mymachine.com") or die "$@"; > > > $userToAuthenticate="testuserid"; > > > $passwd="password"; > > > $mesg = $ldap->bind("$userToAuthenticate", > > > password => "$passwd", > > > version => 3 ); # use for changes/edits > > > if ( $mesg->code ) { > > > # Handle error codes here > > > } > > > $ldap->unbind; > > > > > > No matter what I do I get no error message of any kind if I print the > > $mesg > > > I get some sort of HASHmessage. All I want to do is authenticate > someone > > > against a local ldap server.. If anyone can shed some light on this I > > would > > > appreciate it. > > > > Your first problem (it's a common one!) is that your $userToAuthenticate > is > > required by LDAP to be a DN. The string "testuserid" is not a DN. > > > > If all you've got is some kind of userid then the usual procedure is to do > > an anonymous bind, search for that userid using some filter, and if it > > matches one entry do the real bind using the DN of the matching entry. > > > > (Pseudo-code) > > > > Bind(anonymous => 1, version => 3); > > Search(base => "dc=mycompany,dc=com", > > scope => subtree, > > filter => "(userid=$userid)", > > attrs => [ 'userid' ]); # Don't need complete entries back > > If ($mesg->count == 1) { > > Bind($mesg->entry(0), > > password => "secret", > > version => 3); > > } > > > > Adjust to suit where your entries live (below <dc=mycompany,dc=com> in my > > pseudo-code) and which attribute contains the userid (userid in my > > pseudo-code). Add error checking :-) > > > > Your next problem is that $mesg is an object so you can't simply print > > $mesg. You have to call methods on it instead, like $mesg->error, and > > because perl doesn't interpolate method calls inside strings (sigh), you > > need to do this: > > > > print "Bind failed: ", $mesg->error, "\n"; > > > > > thanks! > > > > > > - Alex > > > > > > > Cheers, > > > > Chris |