Menu
▾
▴
perl-ldap-dev
You can subscribe to this list here.
| 2000 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(200) |
Jun
(129) |
Jul
(184) |
Aug
(204) |
Sep
(106) |
Oct
(79) |
Nov
(72) |
Dec
(54) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2001 |
Jan
(83) |
Feb
(123) |
Mar
(84) |
Apr
(184) |
May
(106) |
Jun
(111) |
Jul
(104) |
Aug
(91) |
Sep
(59) |
Oct
(99) |
Nov
(100) |
Dec
(37) |
| 2002 |
Jan
(148) |
Feb
(88) |
Mar
(85) |
Apr
(151) |
May
(80) |
Jun
(110) |
Jul
(85) |
Aug
(43) |
Sep
(64) |
Oct
(89) |
Nov
(59) |
Dec
(42) |
| 2003 |
Jan
(129) |
Feb
(104) |
Mar
(162) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Murugan K G <mur...@ya...> - 2002-07-06 08:28:17
|
Hi
Thanks for your help in advance.
I want to know , whether i am doing something
wrong in my code or any other problem.
please refer the following response value
responseValue ::=
SEQUENCE of SEQUENCE {
name OCTET STRING
SEQUENCE of ATTRIBUTES
}
where
ATTRIBUTES:: OCTET STRING
But when i am decoding the above response value , i
had given like this.
.............
$asn->prepare(q<
name OCTET STRING,
attributeList SEQUENCE OF OCTET STRING
>);
my $res=$asn->decode($response->response);
But i am always getting $res as undefined value as a
result.
But the server is returning the correct result. Is it
a problem in the decoding module or something. But
other than this response structure, i am getting all
the values properly without any problem like SEQUENCE
OF OCTET STRING,SEQUENCE OF INTEGER. etc
Any HELP.
Regards
K.Murugan
__________________________________________________
Do You Yahoo!?
Sign up for SBC Yahoo! Dial - First Month Free
http://sbc.yahoo.com
|
|
From: Graham B. <gb...@po...> - 2002-07-04 13:47:03
|
Your filter looks wrong. You are passing
filter => ($matchAttr==$name)
The filter needs to be a string, not the result of an expressions. Perl
will compare $matchAttr to $name, and as they dont compare it will
be passing the string '' What you probably want is
filter => "($matchAttr=$name)"
Graham.
On Thu, Jul 04, 2002 at 08:28:14AM -0400, Chris Ronstadt wrote:
> ok then from what I can gather its not my dn thats causing me problems its
> either my search or my error checking...how exactly does this program handle
> errors? error codes like jcl on the mainfraime? functions like java??
>
> #check for search error
> if ($error = $results->code()){
> die "Critical LDAP search failed:$matchAttr=$name";
> }
>
> unless($results->count()== 0) {
> die"User entry not found for:$name";
> }
>
> because everybody tells me to do it something like the above but if it can
> assign something to $error will it not come back true? I don't understand
> that at all
>
> >From: Bob...@kp...
> >To: not...@ho...
> >CC: per...@li...
> >Subject: Re: get_dn
> >Date: Tue, 2 Jul 2002 11:50:28 -0700
> >
> >I have added a couple of <<<Comments<<< to the code
> >
> >
> >B
> >
> >Chris Ronstadt wrote:
> >
> >
> > >> ok, I am still having problems with the get_dn here is the relevant
> >code:
> >
> > >> my $ldap = Net::LDAP -> new($ldapServer, port =>
> >$ldapPort,
> > >> debug=>1) or die
> > >> "LDAP
> >Server Connection Failed :$error";
> > >>#Annonymous Query to LDAP baseed on DN
> > >>my $results = $ldap->search(
> > >> base =>
> >$baseDN,
> > >> scope
> >=> "sub",
> > >> filter
> >=> ($matchAttr==$name),
> > >> attrs
> >=> $attrs
> > >> );
> > >># request all available attributes
> > >>my @Attrs = ();
> > >>
> > >>#check for search error
> > >> if ($error == $results->code()){
> > >> die "Critical LDAP search
> >failed:$error,$results->filter(0)";
> > >> }
> > >>
> > >> if ($results->count()) { <<< count() is the number
> > >> die"User entry not found for filter:&results->filter"; <<< of
> >entries returned. This
> > >> } <<< should read something like
> > << if ($results -> count() == 0)....
> > >>
> > >>#get DN
> > >> $ent = $results -> shift_entry(); <<< You get here only
> >when the
> > >> $dn = $ent -> dn(); #line 39 <<< Search found
> >nothing to return.
> > <<< ergo shift_entry() returns undef.
> > >>
> > >>
> >
> >What I think you want at "#get dn" is:
> >
> > while (my $ent = $results -> shift_entry() ) {
> > print($ent -> dn(), "\n");
> > }
> >
> >Or something similar.
> >
> >
> >B
>
>
>
>
> _________________________________________________________________
> Chat with friends online, try MSN Messenger: http://messenger.msn.com
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Caffeinated soap. No kidding.
> http://thinkgeek.com/sf
|
|
From: Chris R. <not...@ho...> - 2002-07-04 12:28:33
|
ok then from what I can gather its not my dn thats causing me problems its
either my search or my error checking...how exactly does this program handle
errors? error codes like jcl on the mainfraime? functions like java??
#check for search error
if ($error = $results->code()){
die "Critical LDAP search failed:$matchAttr=$name";
}
unless($results->count()== 0) {
die"User entry not found for:$name";
}
because everybody tells me to do it something like the above but if it can
assign something to $error will it not come back true? I don't understand
that at all
>From: Bob...@kp...
>To: not...@ho...
>CC: per...@li...
>Subject: Re: get_dn
>Date: Tue, 2 Jul 2002 11:50:28 -0700
>
>I have added a couple of <<<Comments<<< to the code
>
>
>B
>
>Chris Ronstadt wrote:
>
>
> >> ok, I am still having problems with the get_dn here is the relevant
>code:
>
> >> my $ldap = Net::LDAP -> new($ldapServer, port =>
>$ldapPort,
> >> debug=>1) or die
> >> "LDAP
>Server Connection Failed :$error";
> >>#Annonymous Query to LDAP baseed on DN
> >>my $results = $ldap->search(
> >> base =>
>$baseDN,
> >> scope
>=> "sub",
> >> filter
>=> ($matchAttr==$name),
> >> attrs
>=> $attrs
> >> );
> >># request all available attributes
> >>my @Attrs = ();
> >>
> >>#check for search error
> >> if ($error == $results->code()){
> >> die "Critical LDAP search
>failed:$error,$results->filter(0)";
> >> }
> >>
> >> if ($results->count()) { <<< count() is the number
> >> die"User entry not found for filter:&results->filter"; <<< of
>entries returned. This
> >> } <<< should read something like
> << if ($results -> count() == 0)....
> >>
> >>#get DN
> >> $ent = $results -> shift_entry(); <<< You get here only
>when the
> >> $dn = $ent -> dn(); #line 39 <<< Search found
>nothing to return.
> <<< ergo shift_entry() returns undef.
> >>
> >>
>
>What I think you want at "#get dn" is:
>
> while (my $ent = $results -> shift_entry() ) {
> print($ent -> dn(), "\n");
> }
>
>Or something similar.
>
>
>B
_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com
|
|
From: Peter M. <pet...@ma...> - 2002-07-02 20:39:41
|
Hi
On Tuesday 02 July 2002 20:22, you wrote:
> #check for search error
> if ($error =3D=3D $results->code()){
> =09 =09 die "Critical LDAP search failed:$error,$results->filter(0)";
> =09=09 }
here, you compare the result code with the variable error,
and if they match, you bail out. Is this intended ? I doubt it.
May be =3D instead of =3D=3D would serve better
> =09 if ($results->count()) {
> die"User entry not found for filter:&results->filter";
> }
The condition here is fulfilled if you have atleast one entry.
It should be reversed !
> #get DN
> =09 $ent =3D $results -> shift_entry();
> =09 $dn =3D $ent -> dn(); #line 39
dn() has to fail here, because you only arrive here in case of errors.
Yours
Peter
--=20
Peter Marschall | eMail: pet...@ma...
Scheffelstra=DFe 15 | pet...@is...
97072 W=FCrzburg | Tel: 0931/14721
PGP: D7 FF 20 FE E6 6B 31 74 D1 10 88 E0 3C FE 28 35
|
|
From: Peter M. <pet...@ma...> - 2002-07-02 20:28:11
|
Hi, I checked actual release and the beta for the upcoming 0.26 * 0.251 does not contain a function for spltting DNs * 0.25_03 contains ldap_explode_dn() In a mail from today or yesterday, Graham wrote that he wanted to bring out 0.26 very soon. If you can't wait: http://www.geocrawler.com/mail/msg.php3?msg_id=3D7495300&list=3D3482 Yours Peter On Tuesday 02 July 2002 18:23, you wrote: > Hi, > > When I delete an entry in LDAP, rather than completely deleting the > entry, I move the entry to a "deleted" tree. > > I use the following code: > my $newrdn =3D $retailer->dn; > =09 $newrdn =3D~ s/([^,]+),.*/$1/; > =09 $newrdn =3D "$newrdn-" . time; > =09 $mesg =3D $ldap->moddn( $retailer->dn, > =09=09=09=09 newrdn =3D> $newrdn, > =09=09=09=09 newsuperior =3D> $LDAP_DELETED, > =09=09=09=09 ); > > First, my regular expression is certainly a bit too much simple. > ( $newrdn =3D~ s/([^,]+),.*/$1/; ) > Can someone give a reasonable regexp to retrieve the rdn of a dn ? > > Perhaps, an "rdn" function should be available in NET::LDAP to > retrieve the rdn like we retrieve the dn. > > Regards, > Jerome. > > > > _______________________________________________________________________= ____ >___ ifrance.com, l'email gratuit le plus complet de l'Internet ! > vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP... > http://www.ifrance.com/_reloc/email.emailif > > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf --=20 Peter Marschall | eMail: pet...@ma... Scheffelstra=DFe 15 | pet...@is... 97072 W=FCrzburg | Tel: 0931/14721 PGP: D7 FF 20 FE E6 6B 31 74 D1 10 88 E0 3C FE 28 35 |
|
From: <Bob...@kp...> - 2002-07-02 19:18:02
|
I have added a couple of <<<Comments<<< to the code
B
Chris Ronstadt wrote:
>> ok, I am still having problems with the get_dn here is the relevant
code:
>> my $ldap = Net::LDAP -> new($ldapServer, port =>
$ldapPort,
>> debug=>1) or die
>> "LDAP
Server Connection Failed :$error";
>>#Annonymous Query to LDAP baseed on DN
>>my $results = $ldap->search(
>> base =>
$baseDN,
>> scope
=> "sub",
>> filter
=> ($matchAttr==$name),
>> attrs
=> $attrs
>> );
>># request all available attributes
>>my @Attrs = ();
>>
>>#check for search error
>> if ($error == $results->code()){
>> die "Critical LDAP search
failed:$error,$results->filter(0)";
>> }
>>
>> if ($results->count()) { <<< count() is the number
>> die"User entry not found for filter:&results->filter"; <<< of
entries returned. This
>> } <<< should read something like
<< if ($results -> count() == 0)....
>>
>>#get DN
>> $ent = $results -> shift_entry(); <<< You get here only
when the
>> $dn = $ent -> dn(); #line 39 <<< Search found
nothing to return.
<<< ergo shift_entry() returns undef.
>>
>>
What I think you want at "#get dn" is:
while (my $ent = $results -> shift_entry() ) {
print($ent -> dn(), "\n");
}
Or something similar.
B |
|
From: Chris R. <not...@ho...> - 2002-07-02 18:22:39
|
ok, I am still having problems with the get_dn here is the relevant code:
my $ldap = Net::LDAP -> new($ldapServer, port => $ldapPort,
debug=>1) or die
"LDAP Server Connection Failed :$error";
#Annonymous Query to LDAP baseed on DN
my $results = $ldap->search(
base => $baseDN,
scope => "sub",
filter => ($matchAttr==$name),
attrs => $attrs
);
# request all available attributes
my @Attrs = ();
#check for search error
if ($error == $results->code()){
die "Critical LDAP search failed:$error,$results->filter(0)";
}
if ($results->count()) {
die"User entry not found for filter:&results->filter";
}
#get DN
$ent = $results -> shift_entry();
$dn = $ent -> dn(); #line 39
#bind user
$mesg =$ldap->bind(dn=>$dn, password=>$password);
and the error messege I get is: Can't call method "dn" on an undefined value
at ldapauth.pl line 39.
>From: Bob Goolsby <go...@at...>
>To: Chris Ronstadt <not...@ho...>
>Subject: Re: get_dn
>Date: Fri, 28 Jun 2002 16:56:37 -0700
>
>bind() gives you a connection to the Directory, not an individual entry.
>You need to go through a successful search use the Entry(s) returned to
>get the DN.
>As in:
>
> $ldap = Net::LDAP->new()
> $conn = $ldap -> bind();
> $msg = $conn -> search(filter => "cn=bob goolsby");
> $ent = $msg -> shift_entry();
> print("The DN is ", $ent -> dn(), "\n");
>
>(Error checking has been omitted to reduce the line cound. The above
>was coded but not tested....)
>
>B
>
>Chris Ronstadt wrote:
> >
> > Ok, I got that solved thank you, but now I need to run a get_dn to bind
> > properly?
> >
> > $dn = $result->get_dn;
> >
> > is that the proper line? and where exactly do I put this line? I keep
> > getting told: can't call method on undefined line
> >
> > _________________________________________________________________
> > MSN Photos is the easiest way to share and print your photos:
> > http://photos.msn.com/support/worldwide.aspx
> >
> > -------------------------------------------------------
> > This sf.net email is sponsored by:ThinkGeek
> > Caffeinated soap. No kidding.
> > http://thinkgeek.com/sf
>
>--
>Bob Goolsby
>go...@at...
>
>The only thing with more energy than a puppy with a bone is a puppy with
>*two* bones.
_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com
|
|
From: Jerome h. <jb...@if...> - 2002-07-02 16:24:33
|
Hi, When I delete an entry in LDAP, rather than completely deleting the entry, I move the entry to a "deleted" tree. I use the following code: my $newrdn = $retailer->dn; $newrdn =~ s/([^,]+),.*/$1/; $newrdn = "$newrdn-" . time; $mesg = $ldap->moddn( $retailer->dn, newrdn => $newrdn, newsuperior => $LDAP_DELETED, ); First, my regular expression is certainly a bit too much simple. ( $newrdn =~ s/([^,]+),.*/$1/; ) Can someone give a reasonable regexp to retrieve the rdn of a dn ? Perhaps, an "rdn" function should be available in NET::LDAP to retrieve the rdn like we retrieve the dn. Regards, Jerome. ______________________________________________________________________________ ifrance.com, l'email gratuit le plus complet de l'Internet ! vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP... http://www.ifrance.com/_reloc/email.emailif |
|
From: Gerald (J. C. <je...@sa...> - 2002-07-02 14:34:24
|
On Mon, 1 Jul 2002, Graham Barr wrote: > > I'm assuming that the SASL code in perl-ldap > > will go away eventually and Authen-SASL-X.XX > > will be the defacto standard for LDAP SASL support. > > Can anyone wager a guess when this might happen? > > Yes and soon. Authen::SASL has been removed from the perl-ldap > distribution in the beta releases I have done recently. Nobody has > reported big issues with the last beta release, so I will be doing > a 0.26 release as soon as I catch up from being on vacation. Ahh...well enjoy your vacation. :-) Simon, Are there any plans to update the perl-cyrus-sasl code for the new interface? I would be glad to volunteer to help out if you need it. cheers, jerry --------------------------------------------------------------------- Hewlett-Packard http://www.hp.com SAMBA Team http://www.samba.org -- http://www.plainjoe.org "Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN 0-672-32269-2 --"I never saved anything for the swim back." Ethan Hawk in Gattaca-- |
|
From: Mark W. <ma...@mj...> - 2002-07-01 18:04:28
|
I wrote an article on this a while back. http://www.newarchitectmag.com/documents/s=5087/new1013637309/ While it was for IPlanet 4, it should still be true for IPlanet 5 unless you're using the new role objects. Mark ----- Original Message ----- From: mcharki youssef To: per...@li... Sent: Monday, July 01, 2002 4:01 AM Subject: memberof attribute Hi all, this is pretty urgent, so i would be really grateful if someone could help me...I am using iPlant directory server 5.1 on windows 2000 and I definitely need to be able to know what groups a user is memberof...I have been looking for a way to do this and I haven't found any for memberOf doesn't seem to be an attribute in iPlanet...is there any way or script to be able to be able to tell what groups a user is member of?...thanks a lot guys... ------------------------------------------------------------------------------ Send and receive Hotmail on your mobile device: Click Here ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf |
|
From: Graham B. <gb...@po...> - 2002-07-01 17:22:17
|
On Mon, Jul 01, 2002 at 01:20:11PM -0400, Matt Selsky wrote: > > You mean use the OLD krb4 authentication. To do that all that needs > > to be done is to add those fields as > > > > krbv41 [1] OCTET STRING, > > krbv42 [2] OCTET STRING, > > > > You can then use krb41password and krb42password arguments to the bind > > method. > > I changed ASN.pm as you suggested and then used this code to bind: > > $ldap->bind( 'user=selsky, o=Columbia University, c=US', > krbv42 => 1 ); You did not read me mail. Try krb42password, but I doubt that the value of 1 is correct. > And I get the error message: > > No AUTH supplied > > According to the rfc, you need to pass the return of krb_mk_req(). How > do I get that? Do I need to write XS code to call that function and > then pass that value back? I have no idea how you would get that. Maybe there is a krb4 module on CPAN that could help. Graham. |
|
From: Matt S. <se...@co...> - 2002-07-01 17:20:19
|
> You mean use the OLD krb4 authentication. To do that all that needs
> to be done is to add those fields as
>
> krbv41 [1] OCTET STRING,
> krbv42 [2] OCTET STRING,
>
> You can then use krb41password and krb42password arguments to the bind
> method.
I changed ASN.pm as you suggested and then used this code to bind:
$ldap->bind( 'user=selsky, o=Columbia University, c=US',
krbv42 => 1 );
And I get the error message:
No AUTH supplied
According to the rfc, you need to pass the return of krb_mk_req(). How
do I get that? Do I need to write XS code to call that function and
then pass that value back?
|
|
From: Graham B. <gb...@po...> - 2002-07-01 17:10:09
|
On Mon, Jul 01, 2002 at 12:44:51PM -0400, Matt Selsky wrote:
> The patch to Net::LDAP::ASN should add the kerberos ASN1.
>
> @@ -165,7 +165,8 @@
>
> AuthenticationChoice ::= CHOICE {
> simple [0] OCTET STRING,
> - -- 1 and 2 reserved
> + krbv42LDAP [1] OCTET STRING,
> + krbv42DSA [2] OCTET STRING,
> sasl [3] SaslCredentials }
>
> SaslCredentials ::= SEQUENCE {
>
> What else would need to be added to the package to allow you to do
> kerberized auth? Btw, I got the ASN1 values from RFC 1777[1].
You mean use the OLD krb4 authentication. To do that all that needs
to be done is to add those fields as
krbv41 [1] OCTET STRING,
krbv42 [2] OCTET STRING,
You can then use krb41password and krb42password arguments to the bind
method.
Graham.
|
|
From: Matt S. <se...@co...> - 2002-07-01 16:44:54
|
The patch to Net::LDAP::ASN should add the kerberos ASN1.
@@ -165,7 +165,8 @@
AuthenticationChoice ::= CHOICE {
simple [0] OCTET STRING,
- -- 1 and 2 reserved
+ krbv42LDAP [1] OCTET STRING,
+ krbv42DSA [2] OCTET STRING,
sasl [3] SaslCredentials }
SaslCredentials ::= SEQUENCE {
What else would need to be added to the package to allow you to do
kerberized auth? Btw, I got the ASN1 values from RFC 1777[1].
[1] ftp://ftp.isi.edu/in-notes/rfc1777.txt
|
|
From: Graham B. <gb...@po...> - 2002-07-01 10:43:38
|
You are really asking the wrong list for namespace issues. You should contact mo...@pe.... But adding new top-level is normally frowed upon. I would suggest you use Net::LDAP::Shell as a top level and place all your other code in Net::LDAP::Shell::* Graham. On Sat, Jun 29, 2002 at 12:34:30PM -0500, Luke A. Kanies wrote: > Hi all, > > I'm currently working on an LDAP CLI shell, just something which will > basically let me walk an ldap tree using 'cd' and 'ls', and couple other > basic commands, although also hopefully with the ability to edit single > entries. > > I've actually already got the basic functionality done--I can connect to > the database, cd around, do listings on branch nodes, that kind of thing. > > I have a couple of questions as to etiquette, though: It doesn't really > seem to make sense to put this under Net::LDAP, even though it obviously > relies quite heavily on Net::LDAP. I notice that there are no packages > under just plain "LDAP", so I was thinking of using that namespace. > > If I had an LDAP.pm package at all, it would merely be a few simple, > useful routines; most of the real work would be done in subpackages. > At this point, I have: > LDAP > A couple of useful routines, but I don't really need this. > LDAP::Shell > The package for the interactive shell itself. > LDAP::CLI > For the CLI auth routines (it caches the username, so you don't have to > keep entering it, like you do with ldapsearch and the like). > LDAP::Connect > Some routines making host connections easier. Specifically there is a > routine for connecting to the first live host from a list. > LDAP::Config > A place to store a list of ldap servers and their basic > configurations. Information I am storing so far is: server list, dn > (usually null and overridden), password (usually null and overridden), > description, objectclass to search for by default (usually inetOrgPerson > or posixAccount), attributes required to create one of those > objectclasses, and attributes to return by default from that objectlass. > This is used heavily by the other packages, so you can just type something > like "ldapsh" and be connected to the default server as your default user, > with default ssl/nossl settings. > LDAP::Desc > A simple package for storing descriptions of LDAP attributes. This is > useful for prompting people for information, either on the CLI or on a web > page; instead of prompting for 'uid', you can prompt for 'Login ID' or > whatever. > > So my main question is, does anyone have a problem with me using this > namespace, or is there already a better namespace to put this under? I > can't seem to find an appropriate one, but that doesn't mean it's not > there. > > And if someone has already done any or all of this, I would love to hear > about it. I'm not planning on devoting a ton of time to this, but it's > something I've wanted for a long time, and I've got enough of a foundation > of routines that it's not taking me much extra work (I already had > everything except the LDAP::Shell package done, but that's the package I > think people would be the most interested in). > > Lastly, I have a few coding questions: > > I am planning on autoloading each command from something like > LDAP::Shell::Commands, so that I don't take the hit of compiling > everything at once. This also makes it easy for anyone to add new > commands to the shell. I'm also planning on providing the ability to set > some kind of search path, so that the package will search other > directories for commands to load. Does that sound like an extensible, > sensible solution, or does someone else have some amazingly obvious or > great solution for me? > > Also, because I want the commands available in this shell to resemble Unix > commands, I am using Getopt::Long to parse their options. It appears that > Getopt::Long will only look at @ARGV, so I am setting @ARGV = @_ before I > call the routines. Is that retarded, and is there a better way to do it? > > I'm mainly writing this for myself, because I'm tired of dealing with GUI > apps, and it just isn't that hard, but I figure if I do it, I might as > well make it available. The reason I want to make it available with this > many packages is that it relies on a number of packages I've written over > the years, and they've finally gotten to the point where I really can't do > much without them. > > Anyway, I'd love to hear feedback. And BTW Graham, thanks ever so much > for Net::LDAP! > > Luke Kanies > > -- > The Number 1 Sign You Have Nothing to Do at Work... > The 4th Division of Paperclips has overrun the Pushpin Infantry > and General White-Out has called for a new skirmish. > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > No, I will not fix your computer. > http://thinkgeek.com/sf |
|
From: Graham B. <gb...@po...> - 2002-07-01 10:39:26
|
If you look in $result->error you will see a description. And ldap_error_name()
from Net::LDAP::Util shows code 50 is LDAP_INSUFFICIENT_ACCESS. So perhaps
you are not bound as a user with permissions to change that particular dn
Graham.
On Sat, Jun 29, 2002 at 06:03:25PM +0530, Prayank Chandorkar wrote:
> Hi all,
> I tried to find a solution in the archives but cudnt unfortunately find one.
> The problem is as follows:
> I want to modify an attribute value(mail) for an entry,
> The scriptlet is as follows :
>
> $dn='uid=abc, ou=orgn,o=net';
> $result=$ldap->modify( $dn, replace => { mail => 'ab...@or...' } );
>
> when I do result->code..i get a return value of 50 but the change doesnot
> take effect.
>
> Please let me the know the way.
>
> regs
>
> Prayank Chandorkar
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> No, I will not fix your computer.
> http://thinkgeek.com/sf
|
|
From: Graham B. <gb...@po...> - 2002-07-01 10:35:19
|
On Thu, Jun 27, 2002 at 03:09:49AM -0500, Gerald (Jerry) Carter wrote: > I'm assuming that the SASL code in perl-ldap > will go away eventually and Authen-SASL-X.XX > will be the defacto standard for LDAP SASL support. > Can anyone wager a guess when this might happen? Yes and soon. Authen::SASL has been removed from the perl-ldap distribution in the beta releases I have done recently. Nobody has reported big issues with the last beta release, so I will be doing a 0.26 release as soon as I catch up from being on vacation. Graham. |
|
From: Edgington, J. <je...@um...> - 2002-07-01 10:27:56
|
This is part of a perl module that we wrote... if you're interested in
the whole thing, let me know.
# Begin-Doc
# Name: _MakeUnicode
# Type: method
# Description: simple ascii to unicode/2bytechar conversion
# Syntax: $unicode =3D $ads->_MakeUnicode($string);
# Access: internal
# End-Doc
sub _MakeUnicode
{
my $self =3D shift;
my ($string, $plainstring, $chr);
$string =3D shift;
# print "string $string\n";
$plainstring =3D "\"$string\"";=09
#---
# simple string=3D>unicode conversion
#
my @tmp =3D ();
foreach $chr ( split('', $plainstring) )
{
push(@tmp, $chr);
push(@tmp, chr(0));
}
$unistring =3D join("",@tmp);
#
#---
return $unistring;
print "$unistring\n";
}
# Name: SetPassword
# Type: method
# Description: Resets the ADS Password for a userid
# Syntax: $setpw =3D $ex->SetPassword(
# userid =3D> "miner",
# password =3D> "engineer");
# Returns: undef is successful otherwise the error
# End-Doc
sub SetPassword
{
my $self =3D shift;
my (%info) =3D @_;
my ($userid,$password,$upn,$dn,$res);
$userid =3D $info{userid} || return "need a userid\n";
$password =3D $info{password} || return "need new password\n";
$dn =3D $self->_GetDN($userid);
if ( ! $dn )
{
$self->debug && print "userid not found\n";
$ErrorMsg =3D "Userid '$userid' not found. Password not
set.\n";
return $ErrorMsg;
}
$self->debug && print "dn is $dn\n";
$self->debug && print "userid is $userid\n";
$self->debug && print "password is $password\n";
#---
# simple string=3D>unicode conversion
#---
$pw =3D $self->_MakeUnicode($password);=09
$res =3D $self->{ldap}->modify
(=09
dn =3D> $dn,
changes =3D> [
replace =3D> [=20
"unicodePwd" =3D> $pw,
]
]
);
if ($res->code)
{
$ErrorMsg =3D "password set failed: " . $res->error;
return $ErrorMsg;
}
return undef;
}
-----Original Message-----
From: Graham Barr [mailto:gb...@po...]=20
Sent: Monday, July 01, 2002 4:17 AM
To: LDAP Mailing List
Cc: Emilio Recio
Subject: [Fwd] ADS Password Change
----- Forwarded message from Emilio Recio <elm...@je...>
-----
Date: Thu, 27 Jun 2002 14:44:20 -0400
To: gb...@po...
From: Emilio Recio <elm...@je...>
Subject: ADS Password Change
We are trying to change the ADS password via Net::LDAPS and we keep=20
getting that constraint error, even after using the 'encoding' scheme=20
you recommended (after binding using Net::LDAPS as administrator):
my $tmpVar =3D pack "v*", unpack "C*", qq("secret");
$ldap-modify ("cn=3DJhonny =
Blaze,cn=3DUsers,dc=3Dsw,dc=3Djefferson,dc=3Dedu",
changes =3D> [ delete =3D> [ 'unicodePwd' =3D> [] ],
add =3D> [ 'unicodePwd' =3D> $tmpVar ] ] );
Can you shed some light on this situation? I would greatly appreciate
it.
-Elmo
----- End forwarded message -----
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
|
|
From: Graham B. <gb...@po...> - 2002-07-01 09:21:00
|
----- Forwarded message from T J Hart <tj...@us...> ----- Date: Thu, 27 Jun 2002 19:20:03 -0600 To: "gb...@po..." <gb...@po...> From: "T J Hart" <tj...@us...> Subject: help I have an attribute that has a value of an dn like this uniqueName = 'cn=bob,cn=person,dc=com' How do create a search filter to see if there is an entry like this? TJ Hart ----- End forwarded message ----- |
|
From: Graham B. <gb...@po...> - 2002-07-01 09:20:23
|
----- Forwarded message from Emilio Recio <elm...@je...> -----
Date: Thu, 27 Jun 2002 14:44:20 -0400
To: gb...@po...
From: Emilio Recio <elm...@je...>
Subject: ADS Password Change
We are trying to change the ADS password via Net::LDAPS and we keep
getting that constraint error, even after using the 'encoding' scheme
you recommended (after binding using Net::LDAPS as administrator):
my $tmpVar = pack "v*", unpack "C*", qq("secret");
$ldap-modify ("cn=Jhonny Blaze,cn=Users,dc=sw,dc=jefferson,dc=edu",
changes => [ delete => [ 'unicodePwd' => [] ],
add => [ 'unicodePwd' => $tmpVar ] ] );
Can you shed some light on this situation? I would greatly appreciate it.
-Elmo
----- End forwarded message -----
|
|
From: mcharki y. <mc...@ho...> - 2002-07-01 09:01:31
|
<html><div style='background-color:'><DIV></DIV> <DIV></DIV>Hi all, this is pretty urgent, so i would be really grateful if someone could help me...I am using iPlant directory server 5.1 on windows 2000 and I definitely need to be able to know what groups a user is memberof...I have been looking for a way to do this and I haven't found any for memberOf doesn't seem to be an attribute in iPlanet...is there any way or script to be able to be able to tell what groups a user is member of?...thanks a lot guys...<BR></div><br clear=all><hr>Send and receive Hotmail on your mobile device: <a href='http://g.msn.com/1HM1ENUS/c152??PI=44364'>Click Here</a><br></html> |
|
From: Luke A. K. <lu...@ma...> - 2002-06-30 01:31:22
|
If anyone is interested, I've stuck an exploratory version of my ldapsh tool on my website: http://pixie.madstop.com/ldapsh/ldapsh.tgz No, there really isn't any documentation for it yet, but there is an example script. To set it up, either modify the ldapsh script to point to the location for the modules, or install them in your perl install. Then modify LDAP/Config.pm and put your server's configuration in there. The only items you really have to modify are 'servers' and 'base', I think, although modifying the 'ssl' (either 'require', 'prefer', or 'none') should also have an affect. I would very much like to hear if anyone would like to use this, or thinks it would be worthwhile to pursue it. Oh, and there's no license with it, but it's under the GPL. Luke Kanies -- A person's maturity consists in having found again the seriousness one had as a child, at play. --Friedrich Nietzsche |
|
From: Luke A. K. <lu...@ma...> - 2002-06-29 17:34:33
|
Hi all, I'm currently working on an LDAP CLI shell, just something which will basically let me walk an ldap tree using 'cd' and 'ls', and couple other basic commands, although also hopefully with the ability to edit single entries. I've actually already got the basic functionality done--I can connect to the database, cd around, do listings on branch nodes, that kind of thing. I have a couple of questions as to etiquette, though: It doesn't really seem to make sense to put this under Net::LDAP, even though it obviously relies quite heavily on Net::LDAP. I notice that there are no packages under just plain "LDAP", so I was thinking of using that namespace. If I had an LDAP.pm package at all, it would merely be a few simple, useful routines; most of the real work would be done in subpackages. At this point, I have: LDAP A couple of useful routines, but I don't really need this. LDAP::Shell The package for the interactive shell itself. LDAP::CLI For the CLI auth routines (it caches the username, so you don't have to keep entering it, like you do with ldapsearch and the like). LDAP::Connect Some routines making host connections easier. Specifically there is a routine for connecting to the first live host from a list. LDAP::Config A place to store a list of ldap servers and their basic configurations. Information I am storing so far is: server list, dn (usually null and overridden), password (usually null and overridden), description, objectclass to search for by default (usually inetOrgPerson or posixAccount), attributes required to create one of those objectclasses, and attributes to return by default from that objectlass. This is used heavily by the other packages, so you can just type something like "ldapsh" and be connected to the default server as your default user, with default ssl/nossl settings. LDAP::Desc A simple package for storing descriptions of LDAP attributes. This is useful for prompting people for information, either on the CLI or on a web page; instead of prompting for 'uid', you can prompt for 'Login ID' or whatever. So my main question is, does anyone have a problem with me using this namespace, or is there already a better namespace to put this under? I can't seem to find an appropriate one, but that doesn't mean it's not there. And if someone has already done any or all of this, I would love to hear about it. I'm not planning on devoting a ton of time to this, but it's something I've wanted for a long time, and I've got enough of a foundation of routines that it's not taking me much extra work (I already had everything except the LDAP::Shell package done, but that's the package I think people would be the most interested in). Lastly, I have a few coding questions: I am planning on autoloading each command from something like LDAP::Shell::Commands, so that I don't take the hit of compiling everything at once. This also makes it easy for anyone to add new commands to the shell. I'm also planning on providing the ability to set some kind of search path, so that the package will search other directories for commands to load. Does that sound like an extensible, sensible solution, or does someone else have some amazingly obvious or great solution for me? Also, because I want the commands available in this shell to resemble Unix commands, I am using Getopt::Long to parse their options. It appears that Getopt::Long will only look at @ARGV, so I am setting @ARGV = @_ before I call the routines. Is that retarded, and is there a better way to do it? I'm mainly writing this for myself, because I'm tired of dealing with GUI apps, and it just isn't that hard, but I figure if I do it, I might as well make it available. The reason I want to make it available with this many packages is that it relies on a number of packages I've written over the years, and they've finally gotten to the point where I really can't do much without them. Anyway, I'd love to hear feedback. And BTW Graham, thanks ever so much for Net::LDAP! Luke Kanies -- The Number 1 Sign You Have Nothing to Do at Work... The 4th Division of Paperclips has overrun the Pushpin Infantry and General White-Out has called for a new skirmish. |
|
From: Roland S. <ma...@r2...> - 2002-06-29 16:56:55
|
Hallo,
On Samstag, 29. Juni 2002 16:51, Jim Harle wrote:
> sub numerically { $a <=> $b; }
> @sortedbynumber = sort numerically 53,29,11,32,7;
Sorry I wan't specific enough. I knew how to sort numerically in perl. But I
wanted to use Net::LDAP::Control::Sort to let Ldap sort for me. Because
otherwise I first have to get all data to find the largest.
regards
Roland Schulz
> On Thu, 27 Jun 2002, Roland Schulz wrote:
> > Hey,
> >
> > how can I sort by the numerical value (e.g. by uid) instead of by the
> > string. So I want 1000 to be greater than 200.
> >
> > Please CC to me since I'm not on the list. Thanx for you help.
> >
> > regards
> > Roland Schulz
> >
> >
> >
> > -------------------------------------------------------
> > This sf.net email is sponsored by:ThinkGeek
> > Caffeinated soap. No kidding.
> > http://thinkgeek.com/sf
|
|
From: Jim H. <ha...@us...> - 2002-06-29 14:48:28
|
From the Camel:
sub numerically { $a <=> $b; }
@sortedbynumber = sort numerically 53,29,11,32,7;
--Jim Harle
On Thu, 27 Jun 2002, Roland Schulz wrote:
> Hey,
>
> how can I sort by the numerical value (e.g. by uid) instead of by the string.
> So I want 1000 to be greater than 200.
>
> Please CC to me since I'm not on the list. Thanx for you help.
>
> regards
> Roland Schulz
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Caffeinated soap. No kidding.
> http://thinkgeek.com/sf
>
|
7902 messages has been excluded from this view by a project administrator.
