n the original script I posted:
my
$query_string=$guid[3].$guid[2].$guid[1].$guid[0]."-".$guid[5].$guid[4]."-".$guid[7].$guid[6]."-".$guid[8].$guid[9]."-".$guid[10].$guid[11].$guid[12].$guid[13].$guid[14].$guid[15];
I had left out the hyphen between 8-
quot;(objectGUID=".$query_string.")\n";
/tmp/guidsearch.pl
(objectGUID=C2DC29E8-C93C-49FD-A2E2221D07CF1E7F)
Regards,
Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
may also find this script I wrote for contextCSN monitoring of interest:
<https://github.com/Zimbra/zm-ldap-utilities/blob/develop/src/libexec/zmreplchk>
Regards,
Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
If you download and install the RHEL8 beta the package for Net::LDAP has
been removed. If you are a RH user and this would be problematic, I
encourage commenting on
<https://bugzilla.redhat.com/show_bug.cgi?id=1663063>
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corpo
After 7 years, there is a new release of Net::LDAPapi for consumption,
fixing a host of issues.
Many thanks to Phillip O'Donnell for his work to make this possible.
--Quanah
--
Quanah Gibson-Mount
Platform Architect
Zimbra, Inc.
Zimbra :: the leader in open s
userPassword during LDAP Add,
Modify,
or other LDAP operations. This setting is only allowed in
the
frontend entry.
--Quanah
--
Quanah Gibson-Mount
Server Architect
Zimbra, Inc.
Zimbra :: the leader in open source messaging and collaboration
--On Thursday, October 09, 2014 11:41 AM -0400 Brian Gaber
wrote:
I have upgraded to Apache 2.4.10 and have added this directive to
httpd.conf
LDAPRetries 3
What in the world does this have to do with the Perl LDAP module?
--Quanah
--
Quanah Gibson-Mount
Server Architect
Zimbra
in:
Oct 1 14:14:28 zre-ldap004 slapd[18687]: conn=5835 op=1 SRCH base=""
scope=2 deref=2 filter="(objectClass=*)"
But certainly, Net::LDAP won't search unless you specify both a base and a
filter.
--Quanah
--
Quanah Gibson-Mount
Architect - Server
Zimbra Software, LLC
Zimbra :: the leader in open source messaging and collaboration
:
SN=Aéroport and SN=AÉROPORT would be different in string comparison, but
according to the schema still represent the same RDN.
lc()?
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra :: the leader in open source
s".
I put a patch on to allow reading of controls for non-change entries by
specifying controls_always_legal => 1 on the Net::LDAP::LDIF->new() call.
Sounds to me like your dump utility is creating LDIF that violates
<http://tools.ietf.org/html/rfc2849>
--Quanah
--
Quanah
at is *very* specific to the LDAP protocol.
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra :: the leader in open source messaging and collaboration
--On Friday, March 29, 2013 7:14 PM +0100 Peter Marschall
wrote:
Hi Quanah,
On Friday, 29. March 2013, Quanah Gibson-Mount wrote:
Do you have plans to add the linux TCP keepalive bits I noted in a future
release?
I am very much in doubt about the Linux specific TCP keepalive bits.
I&#
e and UNIX's time
* Net::LDAP::Extra::eDirectory: extensions for use with Novell eDirectory
Hi Peter,
Do you have plans to add the linux TCP keepalive bits I noted in a future
release?
Thanks,
Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of V
k well... There used to be a C
based SASL API that linked to cyrus-sasl for Perl that worked great. But
the pure perl SASL implementation had too many issues for me in addition to
being slow as molasses.
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Divis
--On Saturday, January 26, 2013 6:53 PM +0100 Peter Marschall
wrote:
Hi Peter,
I filed <https://rt.cpan.org/Ticket/Display.html?id=83039> with patch. It
significantly improves keepalive on Linux.
Thanks,
Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra,
Just to note, the "Download" link on the top right hand side of the page
has been pointing to the wrong release for a while. It still points to
0.49.
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimb
--On Saturday, January 26, 2013 6:53 PM +0100 Peter Marschall
wrote:
Hi list,
I just released perl-ldap 0.53 to CPAN.
* RT#77716: LDAP.pm: new option keepalive for new()
Thank you, thank you, thank you. :)
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A
--On Friday, January 25, 2013 1:04 PM -0800 Quanah Gibson-Mount
wrote:
--On Friday, January 25, 2013 12:53 PM -0800 Quanah Gibson-Mount
wrote:
The changes in inet6 handling somewhere between Net::LDAP 0.44 and
Net::LDAP 0.52 breaks Amavis' ability to talk to LDAP.
The probl
--On Friday, January 25, 2013 12:53 PM -0800 Quanah Gibson-Mount
wrote:
The changes in inet6 handling somewhere between Net::LDAP 0.44 and
Net::LDAP 0.52 breaks Amavis' ability to talk to LDAP.
The problem is specifically this bit:
my $domain = $arg->{inet4} ? AF_INET : ($arg
ect to host ldap://zqa-398.eng.vmware.com:389
This worked fine in perl 0.44. I would note the system is only listening
to IPv4. It appears that with perl-ldap 0.52, if it cannot talk to the
server on IPv6, it will *not* fall back to IPv4, whereas with perl 0.44, it
would.
--Quanah
--
Qu
--On Thursday, September 20, 2012 9:34 AM +0200 Peter Marschall
wrote:
Hi,
On Wednesday, 19. September 2012, Quanah Gibson-Mount wrote:
In playing with Net::LDAP::Util it became apparent that it is not
compliant with RFC4514, but instead complies with the older RFC2253.
Specifically where
use.
An example DN that it does not handle correctly:
dn: zimbraSignatureName=Signature #1,uid=xyz,ou=people,dc=example,dc=com
The above is not legal with RFC2253, but it is legal with RFC4514.
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of V
=> "ou=offers,dc=du,dc=ae",
filter=>"(&(contractCode=$values[0])(OfferID=$values[2]))",
);
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra :: the leader in open source messaging and collaboration
-ldap/ .
The changes included are listed at the end of this email.
Thanks Peter!
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra :: the leader in open source messaging and collaboration
On Feb 22, 2012, at 5:22 PM, Nick Urbanik wrote:
> Dear Quanah,
>
> On 22/02/12 16:56 -0800, Quanah Gibson-Mount wrote:
>> --On Thursday, February 23, 2012 11:48 AM +1100 Nick Urbanik
>> wrote:
>>> idletimeout 300
>>
>> This means that yo
persistent connections to persist, this may not be the wisest
of settings.
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra :: the leader in open source messaging and collaboration
? Do you have a limit set on how long a
connection can be idle set in your LDAP configuration?
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra :: the leader in open source messaging and collaboration
ne over SSL, as does changing the connection to not
use SSL (but not an option) or truncating the entry.
Are you using the latest perl-ldap (0.44)?
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra :: the leader
s this the same as <https://rt.cpan.org/Public/Bug/Display.html?id=70795>?
Will there be a new release of perl-ldap soon? It seems the current
release has some major issues when used with other updated modules, and it
is causing a bit of pain.
Thanks,
Quanah
--
Quanah Gibson-Mount
Sr. Member o
worked with no issue. So this does work well as a
workaround.
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra :: the leader in open source messaging and collaboration
--On Thursday, March 03, 2011 12:35 PM -0600 Graham Barr
wrote:
On Mar 3, 2011, at 12:03 , Quanah Gibson-Mount wrote:
--On Wednesday, March 02, 2011 9:56 PM -0600 Graham Barr
wrote:
After a bit of debugging, the root problem is Perl's implementation of
inet_aton. I've filed
issue. So I do think it
would be great if it gets fixed at the Perl core level as well. ;)
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra :: the leader in open source messaging and collaboration
--On Tuesday, March 01, 2011 2:01 PM -0800 Quanah Gibson-Mount
wrote:
--On Tuesday, March 01, 2011 1:46 PM -0800 Quanah Gibson-Mount
wrote:
If I move the 10.11.12.13 address prior to all of the IPv6 pieces, it
works fine. Other IPv4 tools work without issue. So if you see weird
behavior
--On Tuesday, March 01, 2011 1:46 PM -0800 Quanah Gibson-Mount
wrote:
If I move the 10.11.12.13 address prior to all of the IPv6 pieces, it
works fine. Other IPv4 tools work without issue. So if you see weird
behavior out of Net::LDAP on IPv6 enabled systems even if you are only
dealing
it works
fine. Other IPv4 tools work without issue. So if you see weird behavior
out of Net::LDAP on IPv6 enabled systems even if you are only dealing with
IPv4, this may be the cause.
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division
--On Tuesday, February 16, 2010 8:02 PM -0600 Peter Karman
wrote:
Quanah Gibson-Mount wrote on 2/16/10 11:58 AM:
--On Monday, February 15, 2010 2:21 PM -0600 Christopher Bongaarts
wrote:
Graham Barr wrote:
On Feb 10, 2010, at 9:35 AM, Christopher Bongaarts wrote:
Graham Barr wrote
Net::LDAP, I will have
to peg it at whatever is the last release that works with 5.8 which is
fine, since I have no known issues with it at this point. But there's
probably someone who'll not like the change. ;)
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--On November 16, 2009 8:09:44 PM + Markus Moeller
wrote:
"Quanah Gibson-Mount" wrote in message
news:13eb6539f13316bc67e85...@[192.168.1.199]...
--On Sunday, November 15, 2009 10:36 PM + Markus Moeller
wrote:
It might be an AD setting (enforcing SSL). But does it
the SSL SSF.
An option would be definitely the best.
Agreed.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra :: the leader in open source messaging and collaboration
d LDIF
#
As such, I would suggest your patch as is be rejected. An option to
disable the SASL SSF should be supported though.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra :: the leader in open source messaging and collaboration
--On Monday, September 14, 2009 8:44 AM -0700 Quanah Gibson-Mount
wrote:
--On Monday, September 14, 2009 9:01 AM -0500 Graham Barr
wrote:
On Sep 4, 2009, at 2:40 PM, Quanah Gibson-Mount wrote:
Just curious... I see no commits to git since 10/2008. I sent a
private email a while back
--On Monday, September 14, 2009 9:01 AM -0500 Graham Barr
wrote:
On Sep 4, 2009, at 2:40 PM, Quanah Gibson-Mount wrote:
Just curious... I see no commits to git since 10/2008. I sent a
private email a while back about a nasty issue with Net::LDAP::LDIF
when used with UTF8 characters.
No it
--On Saturday, September 05, 2009 6:48 PM +0100 Chris Ridd
wrote:
On 4 Sep 2009, at 20:40, Quanah Gibson-Mount wrote:
Just curious... I see no commits to git since 10/2008. I sent a
private email a while back about a nasty issue with Net::LDAP::LDIF
when used with UTF8 characters.
Are
Just curious... I see no commits to git since 10/2008. I sent a private
email a while back about a nasty issue with Net::LDAP::LDIF when used with
UTF8 characters.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra :: the leader in open
--On Wednesday, July 01, 2009 8:17 PM +0200 Dieter Kluenter
wrote:
Hi Quanah;
Quanah Gibson-Mount writes:
--On Wednesday, July 01, 2009 7:58 PM +0200 Dieter Kluenter
wrote:
Hi,
is there anybody on this list who could prepare a paper on 'triggering
events on RFC 4533 enabled direct
n2009/call-for-papers.shtml
http://www.symas.com/ldapcon2009/
Stanford University has done something like this with Net::LDAPapi, you
might contact them and see if they want to present on what they've done.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engin
.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra :: the leader in open source messaging and collaboration
debug => 8
| ) or die "$@";
Have you tried not using async operations first? I found with async I had
to put in sleep's between the new, bind, and search operations.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--On Sunday, December 14, 2008 3:21 PM +0100 Dieter Kluenter
wrote:
Quanah Gibson-Mount writes:
define the path to socket as ldap URL, if this doesn't work, check the
socket permissions, it has to be 777.
Yeah, I already got this working on the other thread I sent with my
subsc
I'm trying to make an ldapi:/// connection using Net::LDAP, and it doesn't
seem to work right.
First, I verified that my ldapi connection works just fine using the
command line tools:
[zim...@freelancer tmp]$ ldapsearch -x -H ldapi:///
# extended LDIF
#
# LDAPv3
# base <> (default) with scope
--On Friday, December 12, 2008 1:27 PM -0600 Graham Barr
wrote:
On Dec 12, 2008, at 1:15 PM, Quanah Gibson-Mount wrote:
I'm trying to make an ldapi:/// connection using Net::LDAP, and it
doesn't seem to work right.
Net::LDAP is going to default to connect to /var/run/ldapi if t
Line 70 is:
my $ldap = Net::LDAP->new("ldapi:///") or die "$@";
Based on the documentation, I also tried
my $ldap = Net::LDAP->new("ldapi://") or die "$@";
But neither works. Is this a known issue with Net::LDAP?
--Quanah
-
--On Wednesday, November 26, 2008 12:43 PM -0800 Quanah Gibson-Mount
<[EMAIL PROTECTED]> wrote:
$ldap=Net::LDAP->new("$ldap_url");
Should be checking that $ldap is defined here to avoid the error ;)
Blah, I see what you mean, it's because I quote ldap_url. ;)
--Q
--On Wednesday, November 26, 2008 2:30 PM -0600 Christopher A Bongaarts
<[EMAIL PROTECTED]> wrote:
In the immortal words of Quanah Gibson-Mount:
According to the Net::LDAP documentation:
new ( HOST, OPTIONS )
HOST may also be a reference to an array of hosts, host-port pairs or
URIs
=smtpd_access_policy
[EMAIL PROTECTED]
LDAP URL is ldap://freelancer.lab.zimbra.com:389
action=reject 5.1.1 Mailbox unavailable
So, is Net::LDAP broken, the documentation wrong, or am I missing something?
Thanks,
Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra :: the leader in open source messaging and collaboration
ng RDN is to be deleted.
"passwd" should be "passed"
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra :: the leader in open source messaging and collaboration
ensive since it uses
the OpenLDAP C API rather than doing everything purely in Perl. I vary my
use of Net::LDAP and Net::LDAPapi depending on the needs of a given project.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra :: the leader in open
u,
dc=edu" ,
) or warn "$! \n";
print $mesg , $mesg->error;
Moving entry locations in a tree is generally a modrdn operation, not a
moddn op.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra :: the leader in open source messaging and collaboration
--On Saturday, April 05, 2008 8:31 PM +0100 Chris Ridd <[EMAIL PROTECTED]>
wrote:
On 5 Apr 2008, at 19:15, Quanah Gibson-Mount wrote:
--On Friday, April 04, 2008 6:07 PM -0500 Graham Barr
<[EMAIL PROTECTED]> wrote:
Begin forwarded message:
Transaction: Ticket created by [EMA
of OpenLDAP is RFC compliant.
See Uwe's ITS at <http://www.openldap.org/its/index.cgi/?findid=5456> and
the follow up.
It looks like this is due to a bug in Net::LDAP::LDIF.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra :: the leader in open source messaging and collaboration
y want to direct this question to
the [EMAIL PROTECTED] list rather than the list dedicated to the Perl LDAP
module.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra :: the leader in open source messaging and collaboration
n at all in LDAP... You could create two
separate *connections* and have one do write, and one do reads...
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra :: the leader in open source messaging and collaboration
$a ,
$entry->get_value("uidNumber") ,
$entry->get_value("gidNumber") ,
$entry->get_value("gecos") ,
$entry->get_value("homeDirectory") ,
$ent
u to use OpenLDAP.
In answer to your question, you can try OpenLDAP with the back-sql database
type. Make sure you are using the most recent (2.3.37+) release.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra :: the leader in open source m
ting into my new job. ;)
Regards,
Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra :: the leader in open source messaging and collaboration
of ACLs.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra :: the leader in open source messaging and collaboration
-wording the error
message?
Thanks
Error code: "19"
Error message: "Attribute Uniqueness Constraint Violation"
Sounds like the server is using a uniqueness constraint on the values of an
attribute. See the man page on slapo-unique if you are using OpenLDAP.
--Quanah
--
ubt
that'd be generally allowed.
You may want to follow up with the correct list.
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
t this point. I'd suggest getting
2.3.31 and re-trying there. I'll note that persistent searches work just
fine for me with OpenLDAP, on all the releases I've run, although I've not
used a control for them -- I simply keep the connection open.
--Quanah
--
Quanah Gibson
--On Monday, December 18, 2006 1:06 PM -0800 Quanah Gibson-Mount
<[EMAIL PROTECTED]> wrote:
I thought I'd note this, as others may find it interesting.
Stanford University has a white pages service at
<http://stanford.who.stanford.edu>.
<http://stanfordwho.st
CPAN (although it is over a year old now). Just some food for thought on
the difference between using C Api's and doing everything directly in perl.
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http:
ord is MIME base64 encoded. Simply decode it.
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
.
I doubt it is an openldap issue, since people use OpenLDAP with all of
these password schemes without issue.
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
ding.
I don't understand why you think that value is wrong. Because it isn't, it
is correct. The *entire string* is *supposed to be* base64 encoded. I see
nothing wrong with the value you've presented...
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
you
to do that. It'll happen automatically when added to the LDAP server.
Basically, you are base64 encoding the word "foo", then then sticking {MD5}
in front of that. Then the LDAP server is base 64 encoding that string
value.
Just remove the
my $digest = md5_base64(&quo
et_password(user=>$dn, newpasswd => "{MD5}$digest");
In the server the new password "{MD5}$digest" is a big base64 string.
I'am not including the rest of the MD5 or bind stuff, but it's Ok.
It is supposed to be base64 encoded, what is the problem here?
--Quana
check the NDS log to see if the filter being logged is the filter
you specified in your script?
If you use this filter with ldapsearch, does it work?
Stanford used a Netscape DS for many years, and it sadly was prone to
silent DB corruption that had all sorts of interesting results.
--Quanah
ot;,
critical=>0,
value=>$pdu
);
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
--On Tuesday, August 29, 2006 4:00 PM -0700 Quanah Gibson-Mount
<[EMAIL PROTECTED]> wrote:
Now of course, I'm getting decoding error messages from the server.
sigh.
This seems to be because the Net::LDAP::Control is not storing the value
for "value" correctly. It s
--On Tuesday, August 29, 2006 3:29 PM -0700 Quanah Gibson-Mount
<[EMAIL PROTECTED]> wrote:
--On Tuesday, August 29, 2006 3:18 PM -0700 Quanah Gibson-Mount
<[EMAIL PROTECTED]> wrote:
--On Tuesday, August 29, 2006 3:16 PM -0700 Quanah Gibson-Mount
<[EMAIL PROTECTED]>
--On Tuesday, August 29, 2006 3:18 PM -0700 Quanah Gibson-Mount
<[EMAIL PROTECTED]> wrote:
--On Tuesday, August 29, 2006 3:16 PM -0700 Quanah Gibson-Mount
<[EMAIL PROTECTED]> wrote:
Hi,
I'm trying to make Net::LDAP use a specific control while executing a
search. Howe
--On Tuesday, August 29, 2006 3:16 PM -0700 Quanah Gibson-Mount
<[EMAIL PROTECTED]> wrote:
Hi,
I'm trying to make Net::LDAP use a specific control while executing a
search. However, if I add the control part to the search parameter, it
actually executes a search on the server.
scope=>"sub",
filter=>"uid=quanah",attrs=>"ou",control=>['type' =>
'1.3.6.1.4.1.4203.666.5.14', 'value'=>TRUE ]);
$status = $ldap->unbind();
If I remove the control bit, the search executes just fine...
Thoughts?
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
hts" to
attributes so that the return order is guaranteed when the server is
queried.
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
mechanism => "GSSAPI",
callback => {
}
);
my $conn = $saslClient->client_new("host", "$remote_ip",
"$local_ip;$local_port", "$remote_ip;$port");
sendreply($conn->client_start(),\*S,0);
while ($conn->need_step) {
sendreply($conn->client_step(&getreply(\*S) ), \*S );
}
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
rb5-config
host: Undefined variable
blah blah.
Of course, just using the shell built-in does work:
which krb5-config
/usr/pubsw/bin/krb5-config
So I'd recommend defaulting to the shell builtin.
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
ount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
I am not sure what is going on here.
Any ideas or suggestions?
Does your server have the sambasamaccount objectclass loaded?
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application S
using simple authentication with DN and empty password
2) Active Directory is accepting simple authentication with DN and empty
password
I'd say (2), since I bet (1) would result in an error when applied to a
different LDAP server.
As for the rest of it, welcome to the can of worms opene
ased on the LDAP protocol.
So I think it would be much easier in your script to simply make the
connection anonymous if the user supplies an empty password, since that is
the end result.
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG
equivalent at all :(
I'm attaching a diff of my changes, which now works fine for me..
Generally the standard is to use "diff -u" not just "diff", as the default
output is pretty useless to use to apply as a patch.
--Quanah
--
Quanah Gibson-Mount
Principal Software Devel
way to encrypt the connection.
There is TLS over port 389, for example, and also some SASL mechanisms do
the encryption themselves (like SASL/GSSAPI for example).
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanfo
attern and other web app could be used
longside.
No need to write an interface program for that, Stanford already wrote an
opensource solution that uses SASL/GSSAPI with Apache to access an LDAP V3
server for authorization.
<http://webauth.stanford.edu>
--Quanah
--
Quanah Gibson-Mo
updating to a current 2.2 release (say 2.2.30?) or
moving to OpenLDAP 2.3, since OpenLDAP 2.2 is at end of life right now.
What database backend are you using in OpenLDAP? back-bdb, back-ldbm, ?
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford Unive
h the current Authen::SASL::Cyrus is on
systems with multiple interfaces when doing a persistent search, the
filehandle gets lost. And I'm not entirely sure that is
Authen::SASL::Cyrus or a bug in Net::LDAP (I need to test that via an
anonymous bind).
What problems have you had?
--Quanah
-
if ($result->code) {
print "code: ", $result->code;
print " msg: ", $result->error_name;
print " : ", $result->error_text;
print " msgID : ", $result->mesg_id;
print "\tDN : ", $result->dn;
up everyone's time with this, thanks to Graham for
the one hint, hopefully this thread will help someone else along the line.
This was actually just recently discussed.
You could, I would think, use perl itself to clean up the \r\n fairly
easily. ;)
$line =~ s/\r\n//;
for example, rather
il I get to the $ldap->add method. From
that I get various versions of the following:
objectclass: value #0 invalid per syntax at ldap.cgi
This looks like an error from the LDAP server saying that the objectclass
used for that entry is unknown to the server, and thus invalid.
--Quanah
--
Quanah
GSSAPI module for SASL using MIT Kerberos
ii libnet-ldap-pe 0.3202-3 A Client interface to LDAP servers
ii perl 5.8.4-8Larry Wall's Practical Extraction and
Report
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford Univ
gt;search(async=>1,filter=>"(uid=quanah)",base=>"dc=stanford,dc=edu");
@entries = $mesg->entries;
foreach $entry (@entries) {
$entry->dump;
}
[snip lots of output, then]
Net::LDAP=HASH(0x8289a10) received:
30 0C 02 01 04 65 07 0A 01 00 04 00
t goes on top of Net::LDAP and Authen::SASL?
<http://www.stanford.edu/services/directory/clients/perl.html>
I use it to make SASL/GSSAPI connections to our OpenLDAP servers all the
time...
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
1 - 100 of 134 matches
Mail list logo
