Beefy Boxes and Bandwidth Generously Provided by pair Networks
No such thing as a small change

Re^2: LDAP authentication from domain username

by glenn (Scribe)
on Mar 03, 2014 at 14:11 UTC ( #1076780=note: print w/replies, xml ) Need Help??

in reply to Re: LDAP authentication from domain username
in thread LDAP authentication from domain username -working

Thank you, that helped. However I still need to get just the one authenticated user and it's groups. Can you tell me/show me how to take\\glennt or and access the information about the single user? matches the sam account name field.
  • Comment on Re^2: LDAP authentication from domain username

Replies are listed 'Best First'.
Re^3: LDAP authentication from domain username
by NetWallah (Canon) on Mar 07, 2014 at 04:47 UTC
    More rusty old code dug up from the code graveyard:
    #This logs in to LDAP and generates a CSV file with each members displ +ay name and then a list of their groups. use strict; use Net::LDAP; use Net::LDAP::Control::Paged; use Net::LDAP::Constant ( "LDAP_CONTROL_PAGED" ); my $ldap = Net::LDAP->new('') or die "Could not c +onnect to Domain controller $@"; # params for Net::LDAP::new # bind to a directory with dn and password my $mesg = $ldap->bind( 'ldapreadonlyuserid', password => 'LDAPReadonlyPassword' ); die $mesg->error if $mesg->code; # How many LDAP query results to grab for each paged round # Set to under 1000 for Active Directory my $page = Net::LDAP::Control::Paged->new( size => 100 ); my $fields = ['displayName','memberOf','useraccountcontrol']; my $strFilter = "(&(objectclass=user)(objectcategory=person)" # A + User # . "(!useraccountcontrol:1.2.840.113556.1.4.803:=2)" # + NOT Disabled . "(useraccountcontrol:dn:1.2.840.113556.1.4.803:=2)" +#The 1.2.840.113556.1.4.803 is a logical AND. . ")"; my $result = $ldap->search ( base => "dc=MyDomainName,dc=com", filter => $strFilter, attrs => $fields, control => [ $page ], ); die $result->error if $result->code; for my $item ( $result->entries) { next unless defined $item->get_value("displayName"); my $user; $user->{groups} = [ ref ( $item->get_value('memberOf') ) ? @{$item->get_value('memberOf')} : ($item->get_value('memberOf')) ]; $user->{groups} = [ map { /CN=(.+?),/ ; $1 } @{$user->{groups}} ]; print '"',$item->get_value("displayName"),'",'; print join(",", map { '"' . $_ . '"' } sort @{$user->{groups}} +),"\n"; } # Get cookie from paged control my($resp) = $mesg->control( LDAP_CONTROL_PAGED ) or print "-- No mo +re data (1) --\n"; ## last; my $cookie = $resp->cookie or print "-- No more data (2) --\n"; # Sh +ould do LAST here.. # Set cookie in paged control $page->cookie($cookie);

            What is the sound of Perl? Is it not the sound of a wall that people have stopped banging their heads against?
                  -Larry Wall, 1992

      Thank you, I got it working here it is for reference. It is in part broken up the way it is to allow an option to bypass the authentication.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://1076780]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others avoiding work at the Monastery: (5)
As of 2022-01-18 17:34 GMT
Find Nodes?
    Voting Booth?
    In 2022, my preferred method to securely store passwords is:

    Results (53 votes). Check out past polls.