Graham Barr <[email protected]> writes:
> On Jan 18, 2009, at 8:37 AM, Dieter Kluenter wrote:
>
>
>>
>> OK, this is my complete script,
>>
>> ,----[ searchList.pl ]
>
>>
>> | $msg = $ldap->bind(sasl => $sasl);
>> | $msg->code && $msg->error_text;
>
> Again, you are not checking the bind call for any failure
I checked it on the server side, and no bind operation was
inititated.
There must be something fundamental wrong with my scripts, but I don't
see the forest.
I tried starttls and EXTERNAL mechanism
,----[ start_tls ]
| my $ldap = Net::LDAP->new("$host",
| async => 1,
| version => 3,
| debug => 8
| ) or die "$@";
|
| my $msg = $ldap->start_tls(
| verifiy => 'require',
| clientcert => $tls_cert,
| clientkey => $tls_key,
| cafile => $tls_cacert
| );
| $msg->code && die $msg->error;
|
| my $sasl = Authen::SASL->new(
| mechanism => 'EXTERNAL',
| callback => {user => '' }
| ) or die "$@";
|
| $msg = $ldap->bind(sasl => $sasl);
`----
I tried EXTERNAL mechanism over ldapi
,----[ external over ldapi ]
| my $host = 'ldapi://%2Fvar%2Frun%2Fslapd%2Fldapi';
| my $ldap = Net::LDAP->new("$host",
| async => 1,
| version => 3,
| debug => 4
| ) or die "$@";
|
| my $sasl = Authen::SASL->new(
| mechanism => 'EXTERNAL',
| callback => {user => '' }
| ) or die "$@";
|
| my $msg = $ldap->bind(sasl => $sasl);
`----
I solved my problem in the end using Net::LDAPapi, that did what it
should do,
,----[ LDAPapi ]
| $ld = new Net::LDAPapi(
| -uri=>"$url");
|
| $ld->sasl_parms(
| -mech=> "$mech",
| -flag=>LDAP_SASL_QUIET);
|
| $ld->bind_s("$sasl_name","$passwd",LDAP_AUTH_SASL);
`----
-Dieter
--
Dieter Klünter | Systemberatung
http://www.dpunkt.de/buecher/2104.html
sip: +49.180.1555.7770535
GPG Key ID:8EF7B6C6
53°08'09,95"N
10°08'02,42"E
