Menu
▾
▴
Re: [Fwd] checkauth problem
|
From: Graham B. <gb...@po...> - 2002-09-16 17:26:22
|
On Mon, Sep 16, 2002 at 12:59:28PM -0400, DeMarco, Alex wrote:
> So I should use this:
>
> my $base = "cn=demarcao,cn=SUNY";
> ?
>
> When I do I get an LDAP Error 32, where can I get a list of what the errors
> mean?
$ perl -MNet::LDAP::Util=ldap_error_text -le 'print ldap_error_text(32)'
The server cannot find an object specified in the request
$ perl -MNet::LDAP::Util=ldap_error_desc -le 'print ldap_error_desc(32)'
No such object
The scond can be got via $mesg->error where $mesg is returned from the method
Graham.
>
> Thanks for the help..
>
> - Alex
>
> -----Original Message-----
> From: pau...@cp... [mailto:pau...@cp...]
> Sent: Monday, September 16, 2002 11:56 AM
> To: LDAP Mailing List
> Cc: DeMarco, Alex
> Subject: RE: [Fwd] checkauth problem
>
>
> When binding to Exchange, you don't use the Exchange DN. Instead use a DN
> based on the userid and the domain of the form cn=<userid>,cn=<domain>,
> e.g.
>
> cn=Administrator,cn=TESTDOM
>
> The password is the domain password.
>
> >-- Original Message --
> >From: Graham Barr <gb...@po...>
> >To: LDAP Mailing List <per...@li...>
> >Cc: "DeMarco, Alex" <DEM...@sy...>
> >Subject: [Fwd] checkauth problem
> >Date: Mon, 16 Sep 2002 13:23:43 +0100
> >
> >
> >----- Forwarded message from "DeMarco, Alex" <DEM...@sy...>
> -----
> >
> >Date: Mon, 16 Sep 2002 08:21:47 -0400
> >To: "'gb...@po...'" <gb...@po...>
> >From: "DeMarco, Alex" <DEM...@sy...>
> >Subject: checkauth problem
> >
> >Hello, I'm using the script below but cannot get it to work right.
> >It appears to run fine but I keep getting bad userid or password.
> >
> >I'm trying to authenticate against an Exchange 5.5 server that is running
> >ldap.
> >I've tried my plain userid and domain\userid without any luck. Am I missing
> >something? Any hints would be appreciated.
> >
> >thanks!
> >
> >- Alex
> >
> >
> >
> >#!/usr/local/bin/perl
> >#
> ># Contributed by Mark Wilcox <mew...@un...>
> >
> >use Net::LDAP;
> >#checkauth.pl
> >#get id and password from command line
> >#return if authenticated or not
> >my $id = shift;
> >my $password = shift;
> >
> >print "id is $id\n";
> >die ("usage checkauth.pl uid password.") unless (($id) && ($password));
> >
> >my $host = "141.254.1.24";
> >my $base = "o=SUNY";
> >my $ldap = new Net::LDAP($host);
> >
> >$ldap->bind();
> >
> >my @attrs = ["uid"];
> >
> >my $mesg = $ldap->search(
> > base => $base,
> > filter => "uid=$id",
> > attrs => @attrs
> > );
> >
> >print "LDAP error is ",$mesg->code(),"\n" if $mesg->code();
> >
> >
> >#if we don't trap a bad id, authentication will give false positive
> >#because LDAP server will revert to anonymous authentication
> >die ("bad id\n") unless $mesg->count();
> >
> >die("more than 1 entry matches uid\n") if $mesg->count > 1;
> >#get a complete dn from search return
> >my $entry = $mesg->entry(0); # CAUTION: assumes only one value returned
> >my $dn = $entry->dn;
> >
> >#now rebind and then do search again
> >$mesg = $ldap->bind($dn, password=>$password);
> >
> >
> >die ("bad id or password \n") if $mesg->code() ;
> >print "$id OK\n";
> >$ldap->unbind();
> >
> >print "done\n";
> >
> >----- End forwarded message -----
> >
> >
> >-------------------------------------------------------
> >This sf.net email is sponsored by:ThinkGeek
> >Welcome to geek heaven.
> >http://thinkgeek.com/sf
>
> ----------------------------------------------------------------------------
> J. Paul Connolly
> Consulting Architect
> Critical Path
> 42-47, Lower Mount St.,
> Dublin 2,
> Ireland
> +353-87-238-1327 (Mobile)
> +353-1-241-5152 (Direct)
> +353-1-241-5170 (Fax)
> pau...@cp...
> www.cp.net
>
> Critical Path
> A global leader in Internet communications
> ----------------------------------------------------------------------------
>
|
