RE: [Fwd] checkauth problem

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

So I should use this:

my $base = "cn=demarcao,cn=SUNY";
?

When I do I get an LDAP Error 32, where can I get a list of what the errors
mean?

Thanks for the help..

- Alex

-----Original Message-----
From: pau...@cp... [mailto:pau...@cp...]
Sent: Monday, September 16, 2002 11:56 AM
To: LDAP Mailing List
Cc: DeMarco, Alex
Subject: RE: [Fwd] checkauth problem

When binding to Exchange, you don't use the Exchange DN. Instead use a DN
based on the userid and the domain of the form cn=<userid>,cn=<domain>,
e.g.

cn=Administrator,cn=TESTDOM

The password is the domain password.

>-- Original Message --
>From: Graham Barr <gb...@po...>
>To: LDAP Mailing List <per...@li...>
>Cc: "DeMarco, Alex" <DEM...@sy...>
>Subject: [Fwd] checkauth problem
>Date: Mon, 16 Sep 2002 13:23:43 +0100
>
>
>----- Forwarded message from "DeMarco, Alex" <DEM...@sy...>
-----
>
>Date: Mon, 16 Sep 2002 08:21:47 -0400
>To: "'gb...@po...'" <gb...@po...>
>From: "DeMarco, Alex" <DEM...@sy...>
>Subject: checkauth problem
>
>Hello, I'm using the script below but cannot get it to work right.
>It appears to run fine but I keep getting bad userid or password.
>
>I'm trying to authenticate against an Exchange 5.5 server that is running
>ldap.
>I've tried my plain userid and domain\userid without any luck. Am I missing
>something? Any hints would be appreciated.
>
>thanks!
>
>- Alex
>
>
>
>#!/usr/local/bin/perl
>#
># Contributed by Mark Wilcox <mew...@un...>
>
>use Net::LDAP;
>#checkauth.pl
>#get id and password from command line
>#return if authenticated or not
>my $id = shift;
>my $password = shift;
>
>print "id is $id\n";
>die ("usage checkauth.pl uid password.") unless (($id) && ($password));
>
>my $host = "141.254.1.24";
>my $base = "o=SUNY";
>my $ldap = new Net::LDAP($host);
>
>$ldap->bind();
>
>my @attrs = ["uid"];
>
>my $mesg = $ldap->search(
>             base => $base,
>             filter => "uid=$id",
>             attrs => @attrs
>             );
>   
>print "LDAP error is ",$mesg->code(),"\n" if $mesg->code();
>
>
>#if we don't trap a bad id, authentication will give false positive
>#because LDAP server will revert to anonymous authentication
>die ("bad id\n") unless $mesg->count(); 
>
>die("more than 1 entry matches uid\n") if $mesg->count > 1;
>#get a complete dn from search return
>my $entry = $mesg->entry(0); # CAUTION: assumes only one value returned
>my $dn = $entry->dn;
>
>#now rebind and then do search again
>$mesg = $ldap->bind($dn, password=>$password);
>
>
>die ("bad id or password \n") if $mesg->code() ;
>print "$id OK\n";
>$ldap->unbind();
>
>print "done\n";
>
>----- End forwarded message -----
>
>
>-------------------------------------------------------
>This sf.net email is sponsored by:ThinkGeek
>Welcome to geek heaven.
>http://thinkgeek.com/sf

----------------------------------------------------------------------------
J. Paul Connolly
Consulting Architect
Critical Path
42-47, Lower Mount St.,
Dublin 2, 
Ireland 
+353-87-238-1327 (Mobile)
+353-1-241-5152 (Direct)
+353-1-241-5170 (Fax)
pau...@cp...
www.cp.net 

Critical Path
A global leader in Internet communications
----------------------------------------------------------------------------