Menu
▾
▴
perl-ldap-dev
|
From: Edgington, J. <je...@um...> - 2001-04-02 19:59:39
|
Good point :)
This is the error I am getting back.
failed: Net::LDAP::Modify=HASH(0x8490370)->error at password.pl line 38.
-----Original Message-----
From: Graham Barr [mailto:gb...@po...]
Sent: Monday, April 02, 2001 2:58 PM
To: Edgington, Jeffrey
Cc: per...@li...
Subject: Re: Changing password via Net::LDAPS and Perl
It would probably help others help you if you could tell us how
it is failing to do what you expect.
Graham.
On Mon, Apr 02, 2001 at 02:48:14PM -0500, Edgington, Jeffrey wrote:
> Ok... I'm hoping someone has already done this and can tell me what I have
> wrong... I want to reset passwords via Net::LDAPS (LDAP over SSL) but
having
> little luck with it.
>
> Below is the code as it stands now.... thanks for any help you can give
me.
>
>
> #!/umr/testbin/perl
>
> $| =1;
>
> use Convert::BER;
> use Net::LDAPS;
>
> $ldaps = new Net::LDAPS('srvtst01.cc.umr.edu',
> port=> '636');
>
>
> $UserPass="94ranger";
> $UserID="Administrator";
> $ADSserver='srvtst01.cc.umr.edu';
> $DomainDN=" dc=test, dc=umr, dc=edu";
> $UserDN="cn=$UserID, cn=users, " . $DomainDN;
>
> $ldaps = Net::LDAPS->new($ADSserver) || die "failed: $@";
>
> $mesg = $ldaps->bind( dn =>"$UserDN", password => "$UserPass" );
> $mesg->code && die "bind failed: $mesg->error";
>
> $tempDN = "cn=Test2 Edg, cn=Users, " . $DomainDN;
>
>
> $pwd = new Convert::BER;
>
> $pwd->encode(
> STRING=>"hello",
> ) or die;
>
> $mesg = $ldaps->modify(dn => $tempDN,
> changes => [
> replace => [ unicodePwd => "$pwd"]
> ]
> );
>
> $mesg->code && die "failed: $mesg->error";
>
>
>
>
>
>
>
>
>
|
|
From: Edgington, J. <je...@um...> - 2001-04-02 20:12:01
|
Ok.. that produced the following error...
pulsar(18)>perl password.pl
failed: 53 00002077: SvcErr: DSID-031D0A84, problem 5003 (WILL_NOT_PERFORM),
data 0 at password.pl line 38.
-----Original Message-----
From: Graham Barr [mailto:gb...@po...]
Sent: Monday, April 02, 2001 3:08 PM
To: Edgington, Jeffrey
Cc: per...@li...
Subject: Re: Changing password via Net::LDAPS and Perl
Well first off you cannot call a mthod from inside a string. Change the
last line to
$mesg->code && die "failed: ", $mesg->code," ",$mesg->error;
may be more helpful.
Graham.
On Mon, Apr 02, 2001 at 02:59:35PM -0500, Edgington, Jeffrey wrote:
> Good point :)
>
> This is the error I am getting back.
>
> failed: Net::LDAP::Modify=HASH(0x8490370)->error at password.pl line 38.
>
>
>
>
> -----Original Message-----
> From: Graham Barr [mailto:gb...@po...]
> Sent: Monday, April 02, 2001 2:58 PM
> To: Edgington, Jeffrey
> Cc: per...@li...
> Subject: Re: Changing password via Net::LDAPS and Perl
>
>
> It would probably help others help you if you could tell us how
> it is failing to do what you expect.
>
> Graham.
>
> On Mon, Apr 02, 2001 at 02:48:14PM -0500, Edgington, Jeffrey wrote:
> > Ok... I'm hoping someone has already done this and can tell me what I
have
> > wrong... I want to reset passwords via Net::LDAPS (LDAP over SSL) but
> having
> > little luck with it.
> >
> > Below is the code as it stands now.... thanks for any help you can give
> me.
> >
> >
> > #!/umr/testbin/perl
> >
> > $| =1;
> >
> > use Convert::BER;
> > use Net::LDAPS;
> >
> > $ldaps = new Net::LDAPS('srvtst01.cc.umr.edu',
> > port=> '636');
> >
> >
> > $UserPass="94ranger";
> > $UserID="Administrator";
> > $ADSserver='srvtst01.cc.umr.edu';
> > $DomainDN=" dc=test, dc=umr, dc=edu";
> > $UserDN="cn=$UserID, cn=users, " . $DomainDN;
> >
> > $ldaps = Net::LDAPS->new($ADSserver) || die "failed: $@";
> >
> > $mesg = $ldaps->bind( dn =>"$UserDN", password => "$UserPass" );
> > $mesg->code && die "bind failed: $mesg->error";
> >
> > $tempDN = "cn=Test2 Edg, cn=Users, " . $DomainDN;
> >
> >
> > $pwd = new Convert::BER;
> >
> > $pwd->encode(
> > STRING=>"hello",
> > ) or die;
> >
> > $mesg = $ldaps->modify(dn => $tempDN,
> > changes => [
> > replace => [ unicodePwd => "$pwd"]
> > ]
> > );
> >
> > $mesg->code && die "failed: $mesg->error";
> >
> >
> >
> >
> >
> >
> >
> >
> >
>
|
|
From: Chris R. <chr...@me...> - 2001-04-04 17:22:00
|
"Edgington, Jeffrey" <je...@um...> wrote:
> Ok.. that produced the following error...
>
> pulsar(18)>perl password.pl
> failed: 53 00002077: SvcErr: DSID-031D0A84, problem 5003
> (WILL_NOT_PERFORM), data 0 at password.pl line 38.
The result code 53 means 'unwilling to perform', which is a general kind of
way for the server to pout and refuse to do what you wanted.
I think your problem is that you're passing the actual BER object
(interpolated into a string) to the LDAP server, instead of the encoded
value. You need to get at the encoded value using $pwd->buffer.
$pwd = new Convert::BER;
$pwd->encode(
STRING=>"hello",
) or die;
[...]
replace => [ unicodePwd => "$pwd"]
You should replace the replace :-) with this:
replace => [ unicodePwd => $pwd->buffer ]
Cheers,
Chris
|
|
From: Christoph N. <en...@ap...> - 2001-11-19 19:39:55
|
I know this is from a very old post, but I don't see if this problem was ever solved. Now I'm running into the same problem with Active Directory. I'm using the $pwd->buffer value too. - Christoph On Wed, 4 Apr 2001, Chris Ridd wrote: > "Edgington, Jeffrey" <je...@um...> wrote: > > Ok.. that produced the following error... > > > > pulsar(18)>perl password.pl > > failed: 53 00002077: SvcErr: DSID-031D0A84, problem 5003 > > (WILL_NOT_PERFORM), data 0 at password.pl line 38. > > The result code 53 means 'unwilling to perform', which is a general kind of > way for the server to pout and refuse to do what you wanted. > > I think your problem is that you're passing the actual BER object > (interpolated into a string) to the LDAP server, instead of the encoded > value. You need to get at the encoded value using $pwd->buffer. > > $pwd = new Convert::BER; > $pwd->encode( > STRING=>"hello", > ) or die; > [...] > replace => [ unicodePwd => "$pwd"] > > You should replace the replace :-) with this: > > replace => [ unicodePwd => $pwd->buffer ] > > Cheers, > > Chris > > |
|
From: Christopher A B. <ca...@tc...> - 2001-11-19 19:55:26
|
As Christoph Neumann once put it so eloquently:
> I know this is from a very old post, but I don't see if this problem was
> ever solved. Now I'm running into the same problem with Active Directory.
Here's what I use to update the AD password:
# done; now, if there's still a unicodePwd, then UTF-16(?) it
# and base64 encode it and make sure it gets sent that way.
my $opw = $entry->get_value('unicodePwd');
if (defined $opw) {
my $upw = pack "v*", unpack "C*", qq("$opw");
&change_changes($entry, 'replace', 'unicodePwd', $upw);
}
&change_changes is a hack to actually change a previous "replace"
operation in an Entry object, rather than adding a second "replace"
operation (else the original one will fail with WILL_NOT_PERFORM).
%% Christopher A. Bongaarts %% ca...@tc... %%
%% Internet Services %% http://umn.edu/~cab %%
%% University of Minnesota %% +1 (612) 625-1809 %%
|
|
From: Christoph N. <en...@ap...> - 2001-11-19 21:10:30
|
I think I may have found part of the source of my troubles...I believe
start_tls is failing. Has anyone else have trouble with start_tls and
Active Directory?
--- Code -------------
$ldaps = Net::LDAP->new($ad_server, version => 3, debug => 3)
|| die "failed: $@";
$mesg = $ldaps->start_tls();
if ( $mesg-> code() ) {
die "LDAP Error: ", $mesg->error, "\n";
}
--- Output -----------
Net::LDAP=HASH(0x845b730) sending:
30 1D 02 01 01 77 18 80 16 31 2E 33 2E 36 2E 31 0....w...1.3.6.1
2E 34 2E 31 2E 31 34 36 36 2E 32 30 30 33 37 __ .4.1.1466.20037
Net::LDAP=HASH(0x845b730) received:
30 84 00 00 00 16 02 01 01 78 84 00 00 00 0D 30 0........x.....0
84 00 00 00 07 0A 01 02 04 00 04 00 __ __ __ __ ............
LDAP Error: decode error 30<=>0a at /usr/lib/perl5/site_perl/5.005/Convert/ASN1/_decode.pm line 112.
----------------------
On Mon, 19 Nov 2001, Christopher A Bongaarts wrote:
> As Christoph Neumann once put it so eloquently:
>
> > I know this is from a very old post, but I don't see if this problem was
> > ever solved. Now I'm running into the same problem with Active Directory.
>
> Here's what I use to update the AD password:
>
> # done; now, if there's still a unicodePwd, then UTF-16(?) it
> # and base64 encode it and make sure it gets sent that way.
> my $opw = $entry->get_value('unicodePwd');
> if (defined $opw) {
> my $upw = pack "v*", unpack "C*", qq("$opw");
> &change_changes($entry, 'replace', 'unicodePwd', $upw);
> }
>
>
> &change_changes is a hack to actually change a previous "replace"
> operation in an Entry object, rather than adding a second "replace"
> operation (else the original one will fail with WILL_NOT_PERFORM).
>
> %% Christopher A. Bongaarts %% ca...@tc... %%
> %% Internet Services %% http://umn.edu/~cab %%
> %% University of Minnesota %% +1 (612) 625-1809 %%
>
>
|
|
From: Christopher A B. <ca...@tc...> - 2001-11-19 21:13:28
|
As Christoph Neumann once put it so eloquently: > I think I may have found part of the source of my troubles...I believe > start_tls is failing. Has anyone else have trouble with start_tls and > Active Directory? We tried once or twice with STARTTLS, and couldn't make it work. So we just used plain old LDAP over SSL (port 636). %% Christopher A. Bongaarts %% ca...@tc... %% %% Internet Services %% http://umn.edu/~cab %% %% University of Minnesota %% +1 (612) 625-1809 %% |
|
From: Christoph N. <en...@ap...> - 2001-11-19 21:26:59
|
Ah ha...apparently SSL support is not enabled for our Active Directory server. The "decoding error" confused me. I figured I would get a "connection closed" or something like that if SSL is not running. A "telnet w2k 636" confirmed my suspicions - Christoph On Mon, 19 Nov 2001, Christopher A Bongaarts wrote: > As Christoph Neumann once put it so eloquently: > > > I think I may have found part of the source of my troubles...I believe > > start_tls is failing. Has anyone else have trouble with start_tls and > > Active Directory? > > We tried once or twice with STARTTLS, and couldn't make it work. So > we just used plain old LDAP over SSL (port 636). > > %% Christopher A. Bongaarts %% ca...@tc... %% > %% Internet Services %% http://umn.edu/~cab %% > %% University of Minnesota %% +1 (612) 625-1809 %% > > |
|
From: Edgington, J. <je...@um...> - 2001-11-20 00:18:53
|
I have this working and would be glad to share what I have... I'll send it to whomever is interested. jeff e. -----Original Message----- From: Christoph Neumann Sent: Mon 11/19/2001 1:39 PM To: Chris Ridd Cc: per...@li...; Edgington, Jeff Subject: RE: Changing password via Net::LDAPS and Perl I know this is from a very old post, but I don't see if this problem was ever solved. Now I'm running into the same problem with Active Directory. I'm using the $pwd->buffer value too. - Christoph On Wed, 4 Apr 2001, Chris Ridd wrote: > "Edgington, Jeffrey" <je...@um...> wrote: > > Ok.. that produced the following error... > > > > pulsar(18)>perl password.pl > > failed: 53 00002077: SvcErr: DSID-031D0A84, problem 5003 > > (WILL_NOT_PERFORM), data 0 at password.pl line 38. > > The result code 53 means 'unwilling to perform', which is a general kind of > way for the server to pout and refuse to do what you wanted. > > I think your problem is that you're passing the actual BER object > (interpolated into a string) to the LDAP server, instead of the encoded > value. You need to get at the encoded value using $pwd->buffer. > > $pwd = new Convert::BER; > $pwd->encode( > STRING=>"hello", > ) or die; > [...] > replace => [ unicodePwd => "$pwd"] > > You should replace the replace :-) with this: > > replace => [ unicodePwd => $pwd->buffer ] > > Cheers, > > Chris > > |
|
From: Graham B. <gb...@po...> - 2001-04-02 20:08:38
|
Well first off you cannot call a mthod from inside a string. Change the
last line to
$mesg->code && die "failed: ", $mesg->code," ",$mesg->error;
may be more helpful.
Graham.
On Mon, Apr 02, 2001 at 02:59:35PM -0500, Edgington, Jeffrey wrote:
> Good point :)
>
> This is the error I am getting back.
>
> failed: Net::LDAP::Modify=HASH(0x8490370)->error at password.pl line 38.
>
>
>
>
> -----Original Message-----
> From: Graham Barr [mailto:gb...@po...]
> Sent: Monday, April 02, 2001 2:58 PM
> To: Edgington, Jeffrey
> Cc: per...@li...
> Subject: Re: Changing password via Net::LDAPS and Perl
>
>
> It would probably help others help you if you could tell us how
> it is failing to do what you expect.
>
> Graham.
>
> On Mon, Apr 02, 2001 at 02:48:14PM -0500, Edgington, Jeffrey wrote:
> > Ok... I'm hoping someone has already done this and can tell me what I have
> > wrong... I want to reset passwords via Net::LDAPS (LDAP over SSL) but
> having
> > little luck with it.
> >
> > Below is the code as it stands now.... thanks for any help you can give
> me.
> >
> >
> > #!/umr/testbin/perl
> >
> > $| =1;
> >
> > use Convert::BER;
> > use Net::LDAPS;
> >
> > $ldaps = new Net::LDAPS('srvtst01.cc.umr.edu',
> > port=> '636');
> >
> >
> > $UserPass="94ranger";
> > $UserID="Administrator";
> > $ADSserver='srvtst01.cc.umr.edu';
> > $DomainDN=" dc=test, dc=umr, dc=edu";
> > $UserDN="cn=$UserID, cn=users, " . $DomainDN;
> >
> > $ldaps = Net::LDAPS->new($ADSserver) || die "failed: $@";
> >
> > $mesg = $ldaps->bind( dn =>"$UserDN", password => "$UserPass" );
> > $mesg->code && die "bind failed: $mesg->error";
> >
> > $tempDN = "cn=Test2 Edg, cn=Users, " . $DomainDN;
> >
> >
> > $pwd = new Convert::BER;
> >
> > $pwd->encode(
> > STRING=>"hello",
> > ) or die;
> >
> > $mesg = $ldaps->modify(dn => $tempDN,
> > changes => [
> > replace => [ unicodePwd => "$pwd"]
> > ]
> > );
> >
> > $mesg->code && die "failed: $mesg->error";
> >
> >
> >
> >
> >
> >
> >
> >
> >
>
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X