[prev in list] [next in list] [prev in thread] [next in thread]
List: perl-ldap-dev
Subject: Re: Bind() question for users in different OU's
From: "Padraig Ryan" <ryan.padraig () itsligo ! ie>
Date: 2002-01-18 15:41:03
[Download RAW message or body]
Thanks Micheal & Chris,
Chris, the code snippit works I just have to allow Anonymous access on the
AD. This is achieved by setting the security on all objects to allow the
ANONYMOUS LOGON user the read right.
my $ldap = Net::LDAP->new('scarden.campus.itsligo.ie');
my $res = $ldap->search(base => 'dc=campus,dc=itsligo,dc=ie',
scope=> 'subtree',
filter => '(cn=pryan)',
);
if ($res->code) {
die "Search problem";
}
if ($res->count != 1) {
die "Indeterminate user";
}
my $dn = $res->entry(0)->dn;
print "<br><br><br>=======================>login is $dn";
if ($res->code) {
die "Login unsuccessful";
}
Thanks.
Padraig.
----------------------------------------------------------------
Padraig Ryan
IT Manager
Institute of Technology, Sligo
Ireland
P +353(0)71.55365
F +353(0)71.60475
M +353(0)87.2334062
E ryan.padraig@itsligo.ie
W http://www.itsligo.ie/staff/pryan
----- Original Message -----
From: "Chris Ridd" <chris.ridd@messagingdirect.com>
To: "Padraig Ryan" <ryan.padraig@itsligo.ie>; "perl-ldap-dev"
<perl-ldap-dev@lists.sourceforge.net>
Sent: Friday, January 18, 2002 10:27 AM
Subject: Re: Bind() question for users in different OU's
> Padraig Ryan <ryan.padraig@itsligo.ie> wrote:
> > Hi,
> >
> > We're using MS AD to authenticate users for some of our web based apps
> > using bind() where we get the user to enter their UID and Password on a
> > web form and then perl uses this info coupled with the search base info
> > from a config file to actually do the bind and authenticate the user.
> >
> > Q. Is it possible to bind without knowing the particular ou that a user
> > belongs to ?
> >
> > For example we have one ou for staff and another for students yet we
won;t
> > know whether it's a staff member or a student logging in and so in our
> > Perl we have to do 2 binds, one for each ou to actually authenticate.
> > This slows up the whole process.
> >
> > Any help appreciated. Thanks.
>
> The usual procedure is for the app to connect to the directory, do a
single
> subtree search for the user (ie from some highish point in the directory),
> and then do the bind.
>
> Cheers,
>
> Chris
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic