From: Paul L. <li...@so...> - 2002-07-22 20:47:06
|
Chris, I've been successfull reading attributes from User objects in NDS using both PerLDAP and Net::LDAP. The main thing is that your NetWare server won't talk to you unless you're using SSL ( or you've overridden the security settings on the server which is a really bad idea). If you export youself a certificate (exact instructions escape me at the moment) and use Net::LDAPS, and authenticate as a user who has rights to do so, you should be able to read (or write) just about anything from NDS. Paul -- Paul Lieberman li...@so... Systems Engineer 541-552-6962 Computing Services Center Southern Oregon University Ashland, OR >>> "Chris Russell" <C.G.Russell@Bradford.ac.uk> 07/22/02 08:51AM >>> Hi Folks, I'm trying to use Net::LDAP to evaluate a zenWorkstationGroup object so that I can extract the list of Workstation objects that are members of this group. My ultimate intention with this is to produce both a web page and a command line tool that will enable me to re-image an entire room of workstations by setting the relavent flag in the workstation objects. I'm an intermediate Perl user and a bit of a noob with PHP and LDAP. I've used Net::LDAP to extract e-mail address information from LDIF files before but that's about it. I'm having trouble getting consistent results from the three different tools I'm using, Perl, PHP and Softerra LDAP Browser. With the browser I can see the following attributes in the object: * equivalentToMe=(an array of workstation names) * objectClass=['zenWorkstationGroup', 'top', 'groupOfNames'] * member=(an array of workstation names) * cn=CC0141 The quick hack PHP script I cobbled together also returned these attributes. My problem comes with Perl, which seems like it's just making it up and trying to palm me off with the results. These are the attributes it returns: * guid * objectclass * revision Apart from objectlass, I cannot see any of these other attributes in any other LDAP tool. More importantly, I cannot get at the 'member' attribute which is the one I really need. The code I'm using is listed below, with the PHP code added below that. As you can see with the Net::LDAP code I'm using the hash reference method on the results, I've also tried returning the results as an array of Net::LDAP::Entry objects and I get the same. Help! I don't really know where to turn here, I've searched the Net::LDAP mailing lists through Google but couldn't come up with anything relavent. I found a reference in the newsgroup novell.devsup.perl to missing attributes but it was over a year old and the advice was to make sure some dot-release of NDS 7 was installed. We're currently on 8.5.12a. I'd be very grateful if anyone could offer some advice or spin me round and point me ion the right direction. Thanks in advance, Chris Russell Computer Centre, University of Bradford. ## Code listing # SNIP connection details my $Result = $ldap->search ( base => $BASE, scope => $SEARCH_SCOPE, filter => '(objectclass=zenWorkstationGroup)', attrs => ['*'] ); # Do something with errors if ($Result->code ) { LDAPerror("Searching",$Result); } print STDERR "\nSearch returned " . $Result->count . " results\n\n"; my $Entries = $Result->as_struct; foreach $entry (sort keys %{$Entries}) { print "DN: " . $entry . "\n"; foreach $subentry (sort keys %{$Entries->{$entry}}) { print $subentry . "\n"; } print "\n"; } $ldap->unbind; sub LDAPerror { my ($from,$mesg) = @_; print STDERR "\n"; print STDERR "Return code: ",$mesg->code . "\n"; print STDERR "Message: ", ldap_error_name($mesg->code); print STDERR " : ", ldap_error_text($mesg->code); print STDERR "MessageID: ",$mesg->mesg_id . "\n"; print STDERR "DN: ",$mesg->dn; print STDERR "\n"; } ## PHP Code //Perform Search $results_ident = ldap_search($link_indent, $LDAP_ROOT_DN[$SERVER_ID], $ldap_query); $entry = ldap_first_entry($link_indent, $results_ident); echo "<h1>"; echo ldap_get_dn($link_indent, $entry); echo "</h1>"; foreach (ldap_get_attributes($link_indent, $entry) as $attr) { echo $attr; echo "<br>"; } ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf |