Hi Peter,
Thanks for the response, but this does not seem to change
anything.
If I define as you suggest, any valid username will still be auth as
long as a non-blank password is used.
-----Original Message-----
From: Peter Marschall [mailto:[EMAIL PROTECTED]
Sent: Saturday, October 11, 2003 9:34 AM
To: Edward Brookhouse; [EMAIL PROTECTED]
Subject: Re: Auth to AD via Net::LDAP
On Friday 10 October 2003 15:43, Edward Brookhouse wrote:
> I am attempting to use Net::LDAP to authenticate requests to MS Active
> Directory, and at first glance to below code works fine. We find
> however that if you specify a valid username in any container with ANY
> non-blank password you get authenticated. A username that does not
> exist or using a blank password will not authenticate though. Anyone
> see anything in this code that would cause the Perl module for LDAP to
> NOT return an error code when authentication fails. Or is it my
> directory which is allowing a bind with an incorrect password???
Neither the one nor the other. It's your code
Instead of
> my
$result=$ldap->bind("CN=$name",$LDAPSearchBase,password=>$password)
> || return "Can't bind:".$result->error;
do this:
my
$result=$ldap->bind("CN=$name",$LDAPSearchBase,password=>$password);
return "Can't bind:".$result->error if $result->code;
bind() always returns a message object.
See man Net::LDAP for details
Peter
--
Peter Marschall
eMail: [EMAIL PROTECTED]
