Re: specifying value on entry->delete()

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

the delete() function is for deleting entire entries, not attribute 
values.

If you want to delete attribute values you must use the modify 
function.

I think it's like:
$ldap->modify($dn,delete => {attribute = value});

normally a password mod is in the form of a replace:
$ldap->modify($dn,replace => {password_attribute = value});

Mark
On 19 Mar 01, at 17:56, Danny Howard wrote:

> Net::LDAP folk!
> 
> I am trying to see if I can set Active Directory passwords via LDAP. 
> Of course, Microsoft do it their own way, but they document it at
> http://support.microsoft.com/support/kb/articles/Q269/1/90.ASP
> 
> It boils down to, you delete your old unicodePwd attribute, including
> your old password as a BER encoded string.  Then you add a new
> unicodePwd attribute, with the new password as a BER encoded string.
> 
> Cute.
> 
> But not for me:
> 
> [...]
> my $entry = Net::LDAP::Entry->new();
> 
> my $opass_ber = new Convert::BER;
> my $npass_ber = new Convert::BER;
> 
> $opass_ber->encode(STRING=>"\"$opass\"",);
> $npass_ber->encode(STRING=>"\"$npass\"",);
> 
> $entry->dn("cn=$user,$ldap_base");
> $entry->delete('unicodePwd' => $opass);
> $entry->add('unicodePwd' => $npass);
> my $return = $entry->update( $conn );
> 
> if( $return->done ) { die "return: " . $return->error . "\n"; }
> 
> 1-17:51 dannyman@noneedto ~> bin/adpasswd bobo zzzzzzzz bo69
> Can't use string ("zzzzzzzz") as an ARRAY ref while "strict refs" in
> use at /usr/local/lib/perl5/site_perl/5.005/Net/LDAP/Entry.pm line
> 179.
> 
> I'm not understanding quite how LDAP works at such a low level, my
> GUESS is that the delete() function of Net::LDAP::Entry does not
> support passing a value.
> 
> Comparing the delete() and add() subroutines in Entry.pm, it looks
> like the delete() function looks much like add() except that it adds a
> few checks ... what these checks are, I do not grok, but the evil line
> is the last in this paragraph:
> 
>     if (defined($val) and (!ref($val) or @$val)) {
>       my %values;
>       @values{@$val} = ();
> 
> My curiosity is that, is there a simple way to tell delete() to
> support specifying the value of the attribute to delete, and is this
> what I really want? :)
> 
> Thanks,
> -danny
> 
> 
> 

Mark Wilcox
ma...@mj...
Got LDAP?