RE: [Fwd] checkauth problem

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

I'm slowly catching on.

Since I will know the userid and the password and the domain for the person
I am looking for, there is no sense in searching.  Just try to bind as that
user.. RIGHT?

So if:

Userid = USERJO
password = welcome
Domain = MYTEST

then,

use Net::LDAP;
$ldap->bind();
$mesg = $ldap->bind("cn=USERJO,cn=MYTEST","welcome");

Should work??  I Get an Error 48 with the above...

- Alex

-----Original Message-----
From: pau...@cp... [mailto:pau...@cp...]
Sent: Monday, September 16, 2002 1:13 PM
To: DeMarco, Alex; LDAP Mailing List
Subject: RE: [Fwd] checkauth problem

Error 32 is no such object. (Assuming Exchange 5.5 as your ldap server)
You don't need to search for the DN of the entry you want to bind as. Just
bind directly with cn=samAccountName,cn=Domain.

>When I do I get an LDAP Error 32, where can I get a list of what the errors
>mean?

For LDAPv3, see RFC 2251 

>-- Original Message --
>From: "DeMarco, Alex" <DEM...@sy...>
>Subject: RE: [Fwd] checkauth problem
>To: "'pau...@cp...'" <pau...@cp...>,
> LDAP Mailing List <per...@li...>
>Date: Mon, 16 Sep 2002 12:59:28 -0400
>
>
>So I should use this:
>
>my $base = "cn=demarcao,cn=SUNY";
>?
>
>When I do I get an LDAP Error 32, where can I get a list of what the errors
>mean?
>
>Thanks for the help..
>
>- Alex
>
>-----Original Message-----
>From: pau...@cp... [mailto:pau...@cp...]
>Sent: Monday, September 16, 2002 11:56 AM
>To: LDAP Mailing List
>Cc: DeMarco, Alex
>Subject: RE: [Fwd] checkauth problem
>
>
>When binding to Exchange, you don't use the Exchange DN. Instead use a
DN
>based on the userid and the domain of the form cn=<userid>,cn=<domain>,
>e.g.
>
>cn=Administrator,cn=TESTDOM
>
>The password is the domain password.
>
>>-- Original Message --
>>From: Graham Barr <gb...@po...>
>>To: LDAP Mailing List <per...@li...>
>>Cc: "DeMarco, Alex" <DEM...@sy...>
>>Subject: [Fwd] checkauth problem
>>Date: Mon, 16 Sep 2002 13:23:43 +0100
>>
>>
>>----- Forwarded message from "DeMarco, Alex" <DEM...@sy...>
>-----
>>
>>Date: Mon, 16 Sep 2002 08:21:47 -0400
>>To: "'gb...@po...'" <gb...@po...>
>>From: "DeMarco, Alex" <DEM...@sy...>
>>Subject: checkauth problem
>>
>>Hello, I'm using the script below but cannot get it to work right.
>>It appears to run fine but I keep getting bad userid or password.
>>
>>I'm trying to authenticate against an Exchange 5.5 server that is running
>>ldap.
>>I've tried my plain userid and domain\userid without any luck. Am I
missing
>>something? Any hints would be appreciated.
>>
>>thanks!
>>
>>- Alex
>>
>>
>>
>>#!/usr/local/bin/perl
>>#
>># Contributed by Mark Wilcox <mew...@un...>
>>
>>use Net::LDAP;
>>#checkauth.pl
>>#get id and password from command line
>>#return if authenticated or not
>>my $id = shift;
>>my $password = shift;
>>
>>print "id is $id\n";
>>die ("usage checkauth.pl uid password.") unless (($id) && ($password));
>>
>>my $host = "141.254.1.24";
>>my $base = "o=SUNY";
>>my $ldap = new Net::LDAP($host);
>>
>>$ldap->bind();
>>
>>my @attrs = ["uid"];
>>
>>my $mesg = $ldap->search(
>>             base => $base,
>>             filter => "uid=$id",
>>             attrs => @attrs
>>             );
>>   
>>print "LDAP error is ",$mesg->code(),"\n" if $mesg->code();
>>
>>
>>#if we don't trap a bad id, authentication will give false positive
>>#because LDAP server will revert to anonymous authentication
>>die ("bad id\n") unless $mesg->count(); 
>>
>>die("more than 1 entry matches uid\n") if $mesg->count > 1;
>>#get a complete dn from search return
>>my $entry = $mesg->entry(0); # CAUTION: assumes only one value returned
>>my $dn = $entry->dn;
>>
>>#now rebind and then do search again
>>$mesg = $ldap->bind($dn, password=>$password);
>>
>>
>>die ("bad id or password \n") if $mesg->code() ;
>>print "$id OK\n";
>>$ldap->unbind();
>>
>>print "done\n";
>>
>>----- End forwarded message -----
>>
>>
>>-------------------------------------------------------
>>This sf.net email is sponsored by:ThinkGeek
>>Welcome to geek heaven.
>>http://thinkgeek.com/sf
>
>---------------------------------------------------------------------------
-
>J. Paul Connolly
>Consulting Architect
>Critical Path
>42-47, Lower Mount St.,
>Dublin 2, 
>Ireland 
>+353-87-238-1327 (Mobile)
>+353-1-241-5152 (Direct)
>+353-1-241-5170 (Fax)
>pau...@cp...
>www.cp.net 
>
>Critical Path
>A global leader in Internet communications
>---------------------------------------------------------------------------
-
>

----------------------------------------------------------------------------
J. Paul Connolly
Consulting Architect
Critical Path
42-47, Lower Mount St.,
Dublin 2, 
Ireland 
+353-87-238-1327 (Mobile)
+353-1-241-5152 (Direct)
+353-1-241-5170 (Fax)
pau...@cp...
www.cp.net 

Critical Path
A global leader in Internet communications
----------------------------------------------------------------------------