On Friday 10 October 2003 15:43, Edward Brookhouse wrote:
> I am attempting to use Net::LDAP to authenticate requests to MS Active
> Directory, and at first glance to below code works fine. We find however
> that if you specify a valid username in any container with ANY non-blank
> password you get authenticated. A username that does not exist or using
> a blank password will not authenticate though. Anyone see anything in
> this code that would cause the Perl module for LDAP to NOT return an
> error code when authentication fails. Or is it my directory which is
> allowing a bind with an incorrect password???
Neither the one nor the other. It's your code
Instead of
> my $result=$ldap->bind("CN=$name",$LDAPSearchBase,password=>$password)
> || return "Can't bind:".$result->error;
do this:
my $result=$ldap->bind("CN=$name",$LDAPSearchBase,password=>$password);
return "Can't bind:".$result->error if $result->code;
bind() always returns a message object.
See man Net::LDAP for details
Peter
--
Peter Marschall
eMail: [EMAIL PROTECTED]
