RE: [Fwd] checkauth problem

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

When binding to Exchange, you don't use the Exchange DN. Instead use a DN=

based on the userid and the domain of the form cn=3D<userid>,cn=3D<domain=
>,
e.g.

cn=3DAdministrator,cn=3DTESTDOM

The password is the domain password.

>-- Original Message --
>From: Graham Barr <gb...@po...>
>To: LDAP Mailing List <per...@li...>
>Cc: "DeMarco, Alex" <DEM...@sy...>
>Subject: [Fwd] checkauth problem
>Date: Mon, 16 Sep 2002 13:23:43 +0100
>
>
>----- Forwarded message from "DeMarco, Alex" <DEM...@sy...>
-----
>
>Date: Mon, 16 Sep 2002 08:21:47 -0400
>To: "'gb...@po...'" <gb...@po...>
>From: "DeMarco, Alex" <DEM...@sy...>
>Subject: checkauth problem
>
>Hello, I'm using the script below but cannot get it to work right.
>It appears to run fine but I keep getting bad userid or password.
>
>I'm trying to authenticate against an Exchange 5.5 server that is runnin=
g
>ldap.
>I've tried my plain userid and domain\userid without any luck. Am I miss=
ing
>something? Any hints would be appreciated.
>
>thanks!
>
>- Alex
>
>
>
>#!/usr/local/bin/perl
>#
># Contributed by Mark Wilcox <mew...@un...>
>
>use Net::LDAP;
>#checkauth.pl
>#get id and password from command line
>#return if authenticated or not
>my $id =3D shift;
>my $password =3D shift;
>
>print "id is $id\n";
>die ("usage checkauth.pl uid password.") unless (($id) && ($password));
>
>my $host =3D "141.254.1.24";
>my $base =3D "o=3DSUNY";
>my $ldap =3D new Net::LDAP($host);
>
>$ldap->bind();
>
>my @attrs =3D ["uid"];
>
>my $mesg =3D $ldap->search(
>             base =3D> $base,
>             filter =3D> "uid=3D$id",
>             attrs =3D> @attrs
>             );
>   
>print "LDAP error is ",$mesg->code(),"\n" if $mesg->code();
>
>
>#if we don't trap a bad id, authentication will give false positive
>#because LDAP server will revert to anonymous authentication
>die ("bad id\n") unless $mesg->count(); 
>
>die("more than 1 entry matches uid\n") if $mesg->count > 1;
>#get a complete dn from search return
>my $entry =3D $mesg->entry(0); # CAUTION: assumes only one value returne=
d
>my $dn =3D $entry->dn;
>
>#now rebind and then do search again
>$mesg =3D $ldap->bind($dn, password=3D>$password);
>
>
>die ("bad id or password \n") if $mesg->code() ;
>print "$id OK\n";
>$ldap->unbind();
>
>print "done\n";
>
>----- End forwarded message -----
>
>
>-------------------------------------------------------
>This sf.net email is sponsored by:ThinkGeek
>Welcome to geek heaven.
>http://thinkgeek.com/sf

-------------------------------------------------------------------------=
---
J. Paul Connolly
Consulting Architect
Critical Path
42-47, Lower Mount St.,
Dublin 2, 
Ireland 
+353-87-238-1327 (Mobile)
+353-1-241-5152 (Direct)
+353-1-241-5170 (Fax)
pau...@cp...
www.cp.net 

Critical Path
A global leader in Internet communications
-------------------------------------------------------------------------=
---