specifying value on entry->delete()

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Net::LDAP folk!

I am trying to see if I can set Active Directory passwords via LDAP.  Of
course, Microsoft do it their own way, but they document it at
http://support.microsoft.com/support/kb/articles/Q269/1/90.ASP

It boils down to, you delete your old unicodePwd attribute, including your old
password as a BER encoded string.  Then you add a new unicodePwd attribute,
with the new password as a BER encoded string.

Cute.

But not for me:

[...]
my $entry = Net::LDAP::Entry->new();

my $opass_ber = new Convert::BER;
my $npass_ber = new Convert::BER;

$opass_ber->encode(STRING=>"\"$opass\"",);
$npass_ber->encode(STRING=>"\"$npass\"",);

$entry->dn("cn=$user,$ldap_base");
$entry->delete('unicodePwd' => $opass);
$entry->add('unicodePwd' => $npass);
my $return = $entry->update( $conn );

if( $return->done ) { die "return: " . $return->error . "\n"; }

1-17:51 dannyman@noneedto ~> bin/adpasswd bobo zzzzzzzz bo69
Can't use string ("zzzzzzzz") as an ARRAY ref while "strict refs" in use at /usr/local/lib/perl5/site_perl/5.005/Net/LDAP/Entry.pm line 179.

I'm not understanding quite how LDAP works at such a low level, my GUESS
is that the delete() function of Net::LDAP::Entry does not support
passing a value.

Comparing the delete() and add() subroutines in Entry.pm, it looks like
the delete() function looks much like add() except that it adds a few
checks ... what these checks are, I do not grok, but the evil line is
the last in this paragraph:

    if (defined($val) and (!ref($val) or @$val)) {
      my %values;
      @values{@$val} = ();

My curiosity is that, is there a simple way to tell delete() to support
specifying the value of the attribute to delete, and is this what I
really want? :)

Thanks,
-danny