Re: Net::LDAP, PHP, NDS and Inconsistencies

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Chris,
 I've been successfull reading attributes from User objects in NDS
using both PerLDAP and Net::LDAP. The main thing is that your NetWare
server won't talk to you unless you're using SSL ( or you've overridden
the security settings on the server which is a really bad idea). If you
export youself a certificate (exact instructions escape me at the
moment) and use Net::LDAPS, and authenticate as a user who has rights to
do so, you should be able to read (or write)  just about anything from
NDS.
Paul

--
Paul Lieberman                                     li...@so...
Systems Engineer                                 541-552-6962
Computing Services Center
Southern Oregon University
Ashland, OR

>>> "Chris Russell" <C.G.Russell@Bradford.ac.uk> 07/22/02 08:51AM >>>
Hi Folks,

I'm trying to use Net::LDAP to evaluate a zenWorkstationGroup object so
that
I can extract the list of Workstation objects that are members of this
group. My ultimate intention with this is to produce both a web page
and a
command line tool that will enable me to re-image an entire room of
workstations by setting the relavent flag in the workstation objects.
I'm an
intermediate Perl user and a bit of a noob with PHP and LDAP. I've
used
Net::LDAP to extract e-mail address information from LDIF files before
but
that's about it.

I'm having trouble getting consistent results from the three different
tools
I'm using, Perl, PHP and Softerra LDAP Browser.  With the browser I can
see
the following attributes in the object:

	* equivalentToMe=(an array of workstation names)
	* objectClass=['zenWorkstationGroup', 'top', 'groupOfNames']
	* member=(an array of workstation names)
	* cn=CC0141

The quick hack PHP script I cobbled together also returned these
attributes.
My problem comes with Perl, which seems like it's just making it up
and
trying to palm me off with the results. These are the attributes it
returns:

	* guid
	* objectclass
	* revision

Apart from objectlass, I cannot see any of these other attributes in
any
other LDAP tool. More importantly, I cannot get at the 'member'
attribute
which is the one I really need.

The code I'm using is listed below, with the PHP code added below that.
As
you can see with the Net::LDAP code I'm using the hash reference method
on
the results, I've also tried returning the results as an array of
Net::LDAP::Entry objects and I get the same.

Help! I don't really know where to turn here, I've searched the
Net::LDAP
mailing lists through Google but couldn't come up with anything
relavent. I
found a reference in the newsgroup novell.devsup.perl to missing
attributes
but it was over a year old and the advice was to make sure some
dot-release
of NDS 7 was installed. We're currently on 8.5.12a.

I'd be very grateful if anyone could offer some advice or spin me round
and
point me ion the right direction.

Thanks in advance,
Chris Russell

Computer Centre,
University of Bradford.

## Code listing

# SNIP connection details

my $Result = $ldap->search (
                base => $BASE,
                scope => $SEARCH_SCOPE,
                filter => '(objectclass=zenWorkstationGroup)',
                attrs =>  ['*']
);

# Do something with errors
if ($Result->code ) {
    LDAPerror("Searching",$Result);
}

print STDERR "\nSearch returned " . $Result->count . " results\n\n";
my $Entries = $Result->as_struct;

foreach $entry (sort keys %{$Entries}) {
    print "DN: " . $entry . "\n";
    foreach $subentry (sort keys %{$Entries->{$entry}}) {
        print $subentry . "\n";
    }
    print "\n";
}

$ldap->unbind;

sub LDAPerror {
    my ($from,$mesg) = @_;

    print STDERR "\n";
    print STDERR "Return code: ",$mesg->code . "\n";
    print STDERR "Message: ", ldap_error_name($mesg->code);
    print STDERR " : ",        ldap_error_text($mesg->code);
    print STDERR "MessageID: ",$mesg->mesg_id . "\n";
    print STDERR "DN: ",$mesg->dn;
    print STDERR "\n";
}

## PHP Code

    //Perform Search
    $results_ident = ldap_search($link_indent,
$LDAP_ROOT_DN[$SERVER_ID],
$ldap_query);

    $entry = ldap_first_entry($link_indent, $results_ident);

    echo "<h1>";
    echo ldap_get_dn($link_indent, $entry);
    echo "</h1>";

    foreach (ldap_get_attributes($link_indent, $entry) as $attr) {
        echo $attr;
        echo "<br>";
    }

-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf