Hi all,
is it possible to use Net::LDAP with SASL mechanism GSSAPI on a Windows
XP machine?
I tried the example from the Authen::SASL::Perl::GSSAPI man page. It
works
perfectly on a Linux machine, but fails on Windows.
---< schnipp schnapp >--
#!/
Hi,
[...]
> LDAP is hierarchical.
uhm, ok.
What I meant was the fact, that I can't get the result of an LDAP query
into a hierarchical structure without writing some code.
[...]
> Please explain what your real problem is, and why you think that
> stuffing everything into a nested hash is a solu
Hi,
[...]
> >
> > I hope you get the idea, which is to turn a flat LDAP structure into
> > a tree hierachy.
> I'm confused as to why you'd think that the LDAP structure is
> flat and that putting it into a hash would change that? :}
perhaps my english is not good enough to explain what I want to
Hi *,
is there a preferred method to get a complete AD (LDAP) structure into
a hash of hashes or some other more complex perl structure?
The result should look similar to this example:
$VAR1 = {
'CN=Connections,CN=...' => {
'CN=UMS Connector,CN=Connections,CN=...' => {
'adminDisplayN
Hi,
[...]
> > Perl version is 5.8.5, Net::LDAP version is 0.3301.
> >
> > Because everthing works perfectly on my Windows machine
> with Perl 5.8.8
> > I suspect there might be some module in 5.8.5, which causes
> the problem
> > - but which module? Any hint?
>
> Check your versions of Net::SS
Hi,
probably I'm doing something wrong, but I am not able to connect to an
LDAPS server more than one time in a script on a Linux machine.
The first connect succeeds as expected, after having done some work I
disconnect from the server ($oLDAP->disconnect and/or $oLDAP->unbind)
and undef( $oLDAP )
Hi,
> Hi everyone
>
> I seem to recall reading somewhere it is not necessary to use
> a complete
> DN when binding to AD - does anyone know if this is the case
that's true - it works perfectly by using the saMAccountName only.
> (Yes - I'm
> having difficulty getting this to work :))
>
> T
Hi,
>> good to know, but nevertheless it misses all the attributes of
>> aux classes assigned to a class. Right?
> Correct, but formally the attributes are only allowed after you
> add the aux class. So the trick would be to ask for all aux
> classes of your class using the ditcontentrule query
Hi,
> Looking at the source code of schema.pm
>
>
> my $sup = $elem->{sup} or next;
> push @oc, @$sup;
>
>
> it already walks the superclasses.
>
> So to get all possible attributes for a class, just ask for
> all "must"
> and "may" attributes for a class.
good to know, but nevertheless i
Hi,
> From: Chris Ridd [mailto:[EMAIL PROTECTED]
[...]
> > and auxiliary classes? Do I really have to query the class,
> then query for
> > the next superior class, then query for the attributes of
> this class and so
> > on?
>
> Yes.
8-(
[...]
> It should return all of the *allowed* auxilia
Hi *,
what is the best/preferred method for retrieving *all* possible attributes
for an object including all the attributes of both of it's classes superior
and auxiliary classes? Do I really have to query the class, then query for
the next superior class, then query for the attributes of this cla
Hi *,
I am in really big trouble at the moment: All of my Net::LDAP scripts
all of a sudden stopped working, when started on Windows and querying
Exchange 5.5 servers 8-<
Exactly the same scripts work perfectly as before when started on Linux
and querying Exchange 5.5. They also work as expected,
Hi,
digging deeper shows that $need in this line is sometimes bigger
than length( $clearbuf ):
...
substr($$buf, $offset, $need) = substr($clearbuf, 0, $need);
$ref->{readbuf} = substr($clearbuf, $need);
...
substr outside of string at .../Security.pm line 67, line 576.
length clearbuf: 65
Hi again,
same for Authen-SASL-Cyrus 0.13-server besides the difference in line
numbers:
substr outside of string at /usr/lib/perl5/site_perl/5.8.5/
x86_64-linux-thread-multi/Authen/SASL/Cyrus/Security.pm
line 67, line 576
Bye.
Michael.
Hi *,
I get an error message
substr outside of string at /usr/lib/perl5/vendor_perl/5.8.5/
x86_64-linux-thread-multi/Authen/SASL/Cyrus/Security.pm line 82,
line 576
in $oLDAP->schema() when using SASL method "GSSAPI" for binding to an
AD DC. Using a bind method without SASL works without gi
Hi,
one more question regarding Authen::SASL::(Perl|Cyrus):
Is it possible to use Authen::SASL::Cyrus with GSSAPI first and - if
that one fails - use Authen::SASL:Perl DIGEST-MD5 next?
The reason for this is, that Authen::SASL::Cyrus DIGEST-MD5 doesn't work
on some of our older Linux boxes, while
[...]
> I changed 0.33_01 to 0.3301 and it worked as expected.
sorry, my fingers were too fast in this case :)
I forgot to say thank you!
>
> >
> > Graham.
> >
>
Bye.
Michael.
Hi,
> On Mon, September 12, 2005 4:09 am, Hirmke Michael wrote:
>
> > Error message is:
> >
> > No SASL mechanism found
> > at /usr/lib/perl5/site_perl/5.8.1/Authen/SASL.pm line 73
>
> Ah, try the attached patch to LDAP.pm
>
> you should get a fail
[...]
>
> Or do I have to do something besides that?
> If not: It didn't help - Authen::SASL still dies at line 73.
oops - just found out, that it is *not* the new constructor which is
dying, but the following LDAP bind. Sorry about the confusion 8-<
Can I do anything to avoid *this* - besides u
Hi,
[...]
> > Then I'm completely clueless, though 8-<
>
> Likewise, because that is the only reason eval {} would not catch
> a die.
>
> Did you try adding local($SIG{__DIE__}) inside the eval. Maybe some
> other module is setting $SIG{__DIE__} ?
just like that?
$oSASL = eval {
Hi,
[...]
> > No I haven't, but there is one in Authen::SASL - this can't cause
> > the problem, can it?
>
> The only one I see is a local($SIG{__DIE__}) into import,
> which would
> not affect ->new
ic.
Then I'm completely clueless, though 8-<
>
> Graham.
>
Bye.
Michael.
Hi,
[...]
> > still results in
> >
> > No SASL mechanism found
> > at c:/Programme/Perl/site/lib/Authen/SASL.pm line 73
>
> Do you have a $SIG{__DIE__} handler installed ??
>
> If you don't, then ignore me :-)
ignored :)
No I haven't, but there is one in Authen::SASL - this can't cause
the pro
Hi,
[...]
thx for your answer, but:
>
> The eval should have caught the die. However I would personally
> have placed the assignment outside the eval
>
> $oSASL = eval { Authen::SASL->new(
> mechanism => "GSSAPI",
> callback => {
>
Hi,
[...]
>
> Wow 150.000 !!!
> May I ask for the company/institution you create this installation ?
look at my email address :)
It is the German Labour Office (Bundesagentur fuer Arbeit).
[...]
> >
> > No SASL mechanism found
> > at /usr/lib/perl5/site_perl/5.8.1/Authen/SASL.pm line 73
[...]
Hi,
[...]
> > 1. Is there any way to find out in a Perl script, what SASL
> mechanisms
> >are supported in my installation?
>
> What do you mean exactly by "my installation" ?
my scripts have to run on about 150.000 computers. Normally they should
have the same software and same versions in
Hi again,
[...]
> 3. It seems, that $sals->mechanism does not return the actual choosen
>mechanism - instead it returns the list I gave the constructor.
>Is this a known bug or am I doing something wrong?
>I tried Authen-SASL-2.09 with Authen-SASL-Cyrus-0.12 and
>Authen-SASL-Cyrus-
Hi *,
this seems to be my weekend of unanswered questions :)
I have a few questions regarding Authen::SASL:
1. Is there any way to find out in a Perl script, what SASL mechanisms
are supported in my installation?
2. If not - how can I avoid, that Authen::SASL->new dies, if it is
called
wit
Hi *,
> > Hi *,
> >
> > another question - this time regarding the use of Net:LDAP
> on a Windows
> > machine.
> > When running on a Windows XP workstation, which is member
> of a Windows
> > 2003
> > domain, is there any way to use the "integrated security",
> i.e. bind to
> > a
> > DC withou
Hi *,
another question - this time regarding the use of Net:LDAP on a Windows
machine.
When running on a Windows XP workstation, which is member of a Windows
2003
domain, is there any way to use the "integrated security", i.e. bind to
a
DC without using any credentials besides the ones of the logg
Hi,
[...]
>
> Yes. Or use the constant LDAP_EXTENSION_WHO_AM_I from
> Net::LDAP::Constant
>
>$ldap->root_dse->supported_extension( LDAP_EXTENSION_WHO_AM_I );
thx a lot!
>
> Graham.
>
>
>
Bye.
Michael.
Hi *,
the who_am_i method from Net::LDAP::Extension::WhoAmI doesn't
return any information. Instead I get
error: 2: 203D: LdapErr: DSID-0C090C7D,
comment: Unknown extended request OID, data 0, vece
Server is a Windows 2003 SP1 DC.
Is this a problem with the server not being able to fulfil th
Hi,
[...]
> Microsoft discusses this issue in the following article. They have a
> code example in C
>
> http://msdn.microsoft.com/library/default.asp?url=/library/en-
> us/ldap/ld
> ap/searching_using_range_retrieval.asp
>
> This peculiar behavior is explained in an EXPIRED RFC DRAFT.
> This
Hi,
> Hello,
>
thx for your answer, but AFAIK this is the correct solution for
a different problem ;)
I don't have the problem to get too many hits! The problem is,
that a multivalue attribut within *one* hit has too many values.
To my understanding, paging won't help me in this case.
Btw. - I
Hi *,
using Net:LDAP 0.31 I wrote a script to retrieve Active Directory data.
Especially I am interested in getting a list of members for all our
groups.
Problem is, a few of these groups have more than 3000 members. If I try
to get the member attribute for one of them, the following attribute nam
Hi *,
using the code snippet below against an Actice Directory GC with Exchange
2003 installed, I get an authentication error: "The wrong password was
supplied or the SASL credentials could not be processed".
With a higher debug level I get:
30 84 00 00 00 BE 02 01 03 61 84 00 00 00 B5 0A 0..
Hi,
what am I doing wrong here?
When trying to add a new entry in an OpenLDAP directory using
more than one objectclass, I always get an error.
Example:
...
$hLDAP{ "objectClass" } = [ "person", "inetorgPerson" ];
...
$ret_val = $oLDAP->add(
dn => $sDN,
attr => [ %hLDAP ],
);
...
gives:
LD
> -Original Message-
> From: Norbert Klasen
> [mailto:[EMAIL PROTECTED]
> Sent: Friday, December 12, 2003 2:50 PM
> To: _BA-Zentralamt-Maildienste; [EMAIL PROTECTED]
> Subject: Re: range-upper/range-lower
>
[...]
> These fields are not included in the attributeTypes (rfc
> 22552) attrib
Hi,
[...]
> Everything looks OK, except for the missing stuff. Are you certain the
> server's actually returning the missing stuff?
uhm, sorry, perhaps I asked the wrong question 8-(
I'm quite sure, that the actual answer does *not* include the missing
stuff.
The better question might be: In whic
Hi,
thx for your answer.
[...]
> However that shouldn't affect the parsing. Have you got an
> example of the
> raw AD attribute value? What does the returned schema hash
> look like? It is
I used Data::Dumper to inspect the resulting hash - see below.
> clearly valid since you're able to look
39 matches
Mail list logo
