develooper Front page | perl.ldap | Postings from June 2015

How to bind to AD?

Thread Next
From:
David Lee Lambert
Date:
June 13, 2015 00:17
Subject:
How to bind to AD?
Message ID:
E1Z3AHr-0001AG-9G@scatha
I know this question has been asked before, but maybe the 
answers were in response to differnt details...

I'm trying to write a script that compares data in an Oracle
database with Active Directory.  So, it seems like I should be
able to use DBD::Oracle and Net::LDAP, but I can't seem to get
bind() to work.

I've reduced my non-working code to the following...

#! perl -w

use Net::LDAP;
my $ad = Net::LDAP->new('ad.**org**.com', debug => 2)
  or die "Couldn't connect to AD: $@, $!";
$ad->bind('**tried lots of stuff**', password => '**password**')
  or die "Couldn't bind: $@, $!";
  
my $results = $ad->search( 
       filter => '(&(objectClass=user)(sAMAccountName=**userid**))');
die $results->error if $results->code;
my $count = $results->count;
print $count;

Whatever I do, I get an error like this...

000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this operation a
successful bind must be completed on the connection., data 0, v1db1  at searchde
mo_1.pl line 13, <DATA> line 755.

So, my first question is, why does the bind() not return an error
if it didn't succeed for the purposes of a successful operation?

Second, how do I figure out what to use as the first argument
to bind()? I built a small C# program that looks up my LDAP 
record and prints it out, and I can see that my CN has a comma
in it (it's in the form "Last, First M"), and I'm below two
OUs and three DCs (DC=ad,DC=**org**,DC=com)... do I have to write
that whole path as the bind DN?

Thanks if anyone can help,

--
DLL

Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About