RE: [Fwd] checkauth problem

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

I got it working! Yahoo....  Thanks to all

- Alex

-----Original Message-----
From: pau...@cp... [mailto:pau...@cp...]
Sent: Tuesday, September 17, 2002 4:03 AM
To: DeMarco, Alex; LDAP Mailing List
Subject: RE: [Fwd] checkauth problem

Try:

my $mesg = $ldap->bind("cn=demarcao,cn=suny", password => "password");

See perldoc Net::LDAP for full details.

>-- Original Message --
>From: "DeMarco, Alex" <DEM...@sy...>
>Subject: RE: [Fwd] checkauth problem
>To: "'pau...@cp...'" <pau...@cp...>,
> LDAP Mailing List <per...@li...>
>Date: Mon, 16 Sep 2002 14:49:59 -0400
>
>
>A little more work and I get this message : 
>  - inappropriateAuthentication: the server requires the client
>     which had attempted to bind anonymously or without supplying
>     credentials to provide some form of credentials,
>
>doing this: my $mesg = $ldap->bind("cn=demarcao,cn=suny","password");
>what am I missing?
>
>- Alex
>
>-----Original Message-----
>From: pau...@cp... [mailto:pau...@cp...]
>Sent: Monday, September 16, 2002 1:13 PM
>To: DeMarco, Alex; LDAP Mailing List
>Subject: RE: [Fwd] checkauth problem
>
>
>Error 32 is no such object. (Assuming Exchange 5.5 as your ldap server)
>You don't need to search for the DN of the entry you want to bind as. Just
>bind directly with cn=samAccountName,cn=Domain.
>
>>When I do I get an LDAP Error 32, where can I get a list of what the
errors
>>mean?
>
>For LDAPv3, see RFC 2251 
>
>>-- Original Message --
>>From: "DeMarco, Alex" <DEM...@sy...>
>>Subject: RE: [Fwd] checkauth problem
>>To: "'pau...@cp...'" <pau...@cp...>,
>> LDAP Mailing List <per...@li...>
>>Date: Mon, 16 Sep 2002 12:59:28 -0400
>>
>>
>>So I should use this:
>>
>>my $base = "cn=demarcao,cn=SUNY";
>>?
>>
>>When I do I get an LDAP Error 32, where can I get a list of what the
errors
>>mean?
>>
>>Thanks for the help..
>>
>>- Alex
>>
>>-----Original Message-----
>>From: pau...@cp... [mailto:pau...@cp...]
>>Sent: Monday, September 16, 2002 11:56 AM
>>To: LDAP Mailing List
>>Cc: DeMarco, Alex
>>Subject: RE: [Fwd] checkauth problem
>>
>>
>>When binding to Exchange, you don't use the Exchange DN. Instead use a
>DN
>>based on the userid and the domain of the form cn=<userid>,cn=<domain>,
>>e.g.
>>
>>cn=Administrator,cn=TESTDOM
>>
>>The password is the domain password.
>>
>>>-- Original Message --
>>>From: Graham Barr <gb...@po...>
>>>To: LDAP Mailing List <per...@li...>
>>>Cc: "DeMarco, Alex" <DEM...@sy...>
>>>Subject: [Fwd] checkauth problem
>>>Date: Mon, 16 Sep 2002 13:23:43 +0100
>>>
>>>
>>>----- Forwarded message from "DeMarco, Alex" <DEM...@sy...>
>>-----
>>>
>>>Date: Mon, 16 Sep 2002 08:21:47 -0400
>>>To: "'gb...@po...'" <gb...@po...>
>>>From: "DeMarco, Alex" <DEM...@sy...>
>>>Subject: checkauth problem
>>>
>>>Hello, I'm using the script below but cannot get it to work right.
>>>It appears to run fine but I keep getting bad userid or password.
>>>
>>>I'm trying to authenticate against an Exchange 5.5 server that is running
>>>ldap.
>>>I've tried my plain userid and domain\userid without any luck. Am I
>missing
>>>something? Any hints would be appreciated.
>>>
>>>thanks!
>>>
>>>- Alex
>>>
>>>
>>>
>>>#!/usr/local/bin/perl
>>>#
>>># Contributed by Mark Wilcox <mew...@un...>
>>>
>>>use Net::LDAP;
>>>#checkauth.pl
>>>#get id and password from command line
>>>#return if authenticated or not
>>>my $id = shift;
>>>my $password = shift;
>>>
>>>print "id is $id\n";
>>>die ("usage checkauth.pl uid password.") unless (($id) && ($password));
>>>
>>>my $host = "141.254.1.24";
>>>my $base = "o=SUNY";
>>>my $ldap = new Net::LDAP($host);
>>>
>>>$ldap->bind();
>>>
>>>my @attrs = ["uid"];
>>>
>>>my $mesg = $ldap->search(
>>>             base => $base,
>>>             filter => "uid=$id",
>>>             attrs => @attrs
>>>             );
>>>   
>>>print "LDAP error is ",$mesg->code(),"\n" if $mesg->code();
>>>
>>>
>>>#if we don't trap a bad id, authentication will give false positive
>>>#because LDAP server will revert to anonymous authentication
>>>die ("bad id\n") unless $mesg->count(); 
>>>
>>>die("more than 1 entry matches uid\n") if $mesg->count > 1;
>>>#get a complete dn from search return
>>>my $entry = $mesg->entry(0); # CAUTION: assumes only one value returned
>>>my $dn = $entry->dn;
>>>
>>>#now rebind and then do search again
>>>$mesg = $ldap->bind($dn, password=>$password);
>>>
>>>
>>>die ("bad id or password \n") if $mesg->code() ;
>>>print "$id OK\n";
>>>$ldap->unbind();
>>>
>>>print "done\n";
>>>
>>>----- End forwarded message -----
>>>
>>>
>>>-------------------------------------------------------
>>>This sf.net email is sponsored by:ThinkGeek
>>>Welcome to geek heaven.
>>>http://thinkgeek.com/sf
>>
>>--------------------------------------------------------------------------
-
>-
>>J. Paul Connolly
>>Consulting Architect
>>Critical Path
>>42-47, Lower Mount St.,
>>Dublin 2, 
>>Ireland 
>>+353-87-238-1327 (Mobile)
>>+353-1-241-5152 (Direct)
>>+353-1-241-5170 (Fax)
>>pau...@cp...
>>www.cp.net 
>>
>>Critical Path
>>A global leader in Internet communications
>>--------------------------------------------------------------------------
-
>-
>>
>
>---------------------------------------------------------------------------
-
>J. Paul Connolly
>Consulting Architect
>Critical Path
>42-47, Lower Mount St.,
>Dublin 2, 
>Ireland 
>+353-87-238-1327 (Mobile)
>+353-1-241-5152 (Direct)
>+353-1-241-5170 (Fax)
>pau...@cp...
>www.cp.net 
>
>Critical Path
>A global leader in Internet communications
>---------------------------------------------------------------------------
-
>

----------------------------------------------------------------------------
J. Paul Connolly
Consulting Architect
Critical Path
42-47, Lower Mount St.,
Dublin 2, 
Ireland 
+353-87-238-1327 (Mobile)
+353-1-241-5152 (Direct)
+353-1-241-5170 (Fax)
pau...@cp...
www.cp.net 

Critical Path
A global leader in Internet communications
----------------------------------------------------------------------------