From: DeMarco, A. <DEM...@sy...> - 2002-09-17 11:42:13
|
I got it working! Yahoo.... Thanks to all - Alex -----Original Message----- From: pau...@cp... [mailto:pau...@cp...] Sent: Tuesday, September 17, 2002 4:03 AM To: DeMarco, Alex; LDAP Mailing List Subject: RE: [Fwd] checkauth problem Try: my $mesg = $ldap->bind("cn=demarcao,cn=suny", password => "password"); See perldoc Net::LDAP for full details. >-- Original Message -- >From: "DeMarco, Alex" <DEM...@sy...> >Subject: RE: [Fwd] checkauth problem >To: "'pau...@cp...'" <pau...@cp...>, > LDAP Mailing List <per...@li...> >Date: Mon, 16 Sep 2002 14:49:59 -0400 > > >A little more work and I get this message : > - inappropriateAuthentication: the server requires the client > which had attempted to bind anonymously or without supplying > credentials to provide some form of credentials, > >doing this: my $mesg = $ldap->bind("cn=demarcao,cn=suny","password"); >what am I missing? > >- Alex > >-----Original Message----- >From: pau...@cp... [mailto:pau...@cp...] >Sent: Monday, September 16, 2002 1:13 PM >To: DeMarco, Alex; LDAP Mailing List >Subject: RE: [Fwd] checkauth problem > > >Error 32 is no such object. (Assuming Exchange 5.5 as your ldap server) >You don't need to search for the DN of the entry you want to bind as. Just >bind directly with cn=samAccountName,cn=Domain. > >>When I do I get an LDAP Error 32, where can I get a list of what the errors >>mean? > >For LDAPv3, see RFC 2251 > >>-- Original Message -- >>From: "DeMarco, Alex" <DEM...@sy...> >>Subject: RE: [Fwd] checkauth problem >>To: "'pau...@cp...'" <pau...@cp...>, >> LDAP Mailing List <per...@li...> >>Date: Mon, 16 Sep 2002 12:59:28 -0400 >> >> >>So I should use this: >> >>my $base = "cn=demarcao,cn=SUNY"; >>? >> >>When I do I get an LDAP Error 32, where can I get a list of what the errors >>mean? >> >>Thanks for the help.. >> >>- Alex >> >>-----Original Message----- >>From: pau...@cp... [mailto:pau...@cp...] >>Sent: Monday, September 16, 2002 11:56 AM >>To: LDAP Mailing List >>Cc: DeMarco, Alex >>Subject: RE: [Fwd] checkauth problem >> >> >>When binding to Exchange, you don't use the Exchange DN. Instead use a >DN >>based on the userid and the domain of the form cn=<userid>,cn=<domain>, >>e.g. >> >>cn=Administrator,cn=TESTDOM >> >>The password is the domain password. >> >>>-- Original Message -- >>>From: Graham Barr <gb...@po...> >>>To: LDAP Mailing List <per...@li...> >>>Cc: "DeMarco, Alex" <DEM...@sy...> >>>Subject: [Fwd] checkauth problem >>>Date: Mon, 16 Sep 2002 13:23:43 +0100 >>> >>> >>>----- Forwarded message from "DeMarco, Alex" <DEM...@sy...> >>----- >>> >>>Date: Mon, 16 Sep 2002 08:21:47 -0400 >>>To: "'gb...@po...'" <gb...@po...> >>>From: "DeMarco, Alex" <DEM...@sy...> >>>Subject: checkauth problem >>> >>>Hello, I'm using the script below but cannot get it to work right. >>>It appears to run fine but I keep getting bad userid or password. >>> >>>I'm trying to authenticate against an Exchange 5.5 server that is running >>>ldap. >>>I've tried my plain userid and domain\userid without any luck. Am I >missing >>>something? Any hints would be appreciated. >>> >>>thanks! >>> >>>- Alex >>> >>> >>> >>>#!/usr/local/bin/perl >>># >>># Contributed by Mark Wilcox <mew...@un...> >>> >>>use Net::LDAP; >>>#checkauth.pl >>>#get id and password from command line >>>#return if authenticated or not >>>my $id = shift; >>>my $password = shift; >>> >>>print "id is $id\n"; >>>die ("usage checkauth.pl uid password.") unless (($id) && ($password)); >>> >>>my $host = "141.254.1.24"; >>>my $base = "o=SUNY"; >>>my $ldap = new Net::LDAP($host); >>> >>>$ldap->bind(); >>> >>>my @attrs = ["uid"]; >>> >>>my $mesg = $ldap->search( >>> base => $base, >>> filter => "uid=$id", >>> attrs => @attrs >>> ); >>> >>>print "LDAP error is ",$mesg->code(),"\n" if $mesg->code(); >>> >>> >>>#if we don't trap a bad id, authentication will give false positive >>>#because LDAP server will revert to anonymous authentication >>>die ("bad id\n") unless $mesg->count(); >>> >>>die("more than 1 entry matches uid\n") if $mesg->count > 1; >>>#get a complete dn from search return >>>my $entry = $mesg->entry(0); # CAUTION: assumes only one value returned >>>my $dn = $entry->dn; >>> >>>#now rebind and then do search again >>>$mesg = $ldap->bind($dn, password=>$password); >>> >>> >>>die ("bad id or password \n") if $mesg->code() ; >>>print "$id OK\n"; >>>$ldap->unbind(); >>> >>>print "done\n"; >>> >>>----- End forwarded message ----- >>> >>> >>>------------------------------------------------------- >>>This sf.net email is sponsored by:ThinkGeek >>>Welcome to geek heaven. >>>http://thinkgeek.com/sf >> >>-------------------------------------------------------------------------- - >- >>J. Paul Connolly >>Consulting Architect >>Critical Path >>42-47, Lower Mount St., >>Dublin 2, >>Ireland >>+353-87-238-1327 (Mobile) >>+353-1-241-5152 (Direct) >>+353-1-241-5170 (Fax) >>pau...@cp... >>www.cp.net >> >>Critical Path >>A global leader in Internet communications >>-------------------------------------------------------------------------- - >- >> > >--------------------------------------------------------------------------- - >J. Paul Connolly >Consulting Architect >Critical Path >42-47, Lower Mount St., >Dublin 2, >Ireland >+353-87-238-1327 (Mobile) >+353-1-241-5152 (Direct) >+353-1-241-5170 (Fax) >pau...@cp... >www.cp.net > >Critical Path >A global leader in Internet communications >--------------------------------------------------------------------------- - > ---------------------------------------------------------------------------- J. Paul Connolly Consulting Architect Critical Path 42-47, Lower Mount St., Dublin 2, Ireland +353-87-238-1327 (Mobile) +353-1-241-5152 (Direct) +353-1-241-5170 (Fax) pau...@cp... www.cp.net Critical Path A global leader in Internet communications ---------------------------------------------------------------------------- |