More rusty old code dug up from the code graveyard:
#This logs in to LDAP and generates a CSV file with each members displ
+ay name and then a list of their groups.
use strict;
use Net::LDAP;
use Net::LDAP::Control::Paged;
use Net::LDAP::Constant ( "LDAP_CONTROL_PAGED" );
my $ldap = Net::LDAP->new('domain.controller.com') or die "Could not c
+onnect to Domain controller $@";
# params for Net::LDAP::new
# bind to a directory with dn and password
my $mesg = $ldap->bind( 'ldapreadonlyuserid',
password => 'LDAPReadonlyPassword'
);
die $mesg->error if $mesg->code;
# How many LDAP query results to grab for each paged round
# Set to under 1000 for Active Directory
my $page = Net::LDAP::Control::Paged->new( size => 100 );
my $fields = ['displayName','memberOf','useraccountcontrol'];
my $strFilter = "(&(objectclass=user)(objectcategory=person)" # A
+ User
# . "(!useraccountcontrol:1.2.840.113556.1.4.803:=2)" #
+ NOT Disabled
. "(useraccountcontrol:dn:1.2.840.113556.1.4.803:=2)"
+#The 1.2.840.113556.1.4.803 is a logical AND.
. ")";
my $result = $ldap->search (
base => "dc=MyDomainName,dc=com",
filter => $strFilter,
attrs => $fields,
control => [ $page ],
);
die $result->error if $result->code;
for my $item ( $result->entries) {
next unless defined $item->get_value("displayName");
my $user;
$user->{groups} = [ ref ( $item->get_value('memberOf') ) ?
@{$item->get_value('memberOf')} :
($item->get_value('memberOf'))
];
$user->{groups} = [ map { /CN=(.+?),/ ; $1 } @{$user->{groups}} ];
print '"',$item->get_value("displayName"),'",';
print join(",", map { '"' . $_ . '"' } sort @{$user->{groups}}
+),"\n";
}
# Get cookie from paged control
my($resp) = $mesg->control( LDAP_CONTROL_PAGED ) or print "-- No mo
+re data (1) --\n"; ## last;
my $cookie = $resp->cookie or print "-- No more data (2) --\n"; # Sh
+ould do LAST here..
# Set cookie in paged control
$page->cookie($cookie);
What is the sound of Perl? Is it not the sound of a wall that people have stopped banging their heads against?
-Larry Wall, 1992
|