'Re: Bind() question for users in different OU's'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       perl-ldap-dev
Subject:    Re: Bind() question for users in different OU's
From:       "Padraig Ryan" <ryan.padraig () itsligo ! ie>
Date:       2002-01-18 15:41:03
[Download RAW message or body]

Thanks Micheal & Chris,

Chris, the code snippit works I just have to allow Anonymous access on the
AD. This is achieved by setting the security on all objects to allow the
ANONYMOUS LOGON user the read right.

my $ldap = Net::LDAP->new('scarden.campus.itsligo.ie');

my $res = $ldap->search(base => 'dc=campus,dc=itsligo,dc=ie',
                        scope=> 'subtree',
                        filter => '(cn=pryan)',
                        );

if ($res->code) {
    die "Search problem";
}

if ($res->count != 1) {
    die "Indeterminate user";
}

my $dn = $res->entry(0)->dn;

print "<br><br><br>=======================>login is $dn";

if ($res->code) {
    die "Login unsuccessful";
}


Thanks.

Padraig.
----------------------------------------------------------------
Padraig Ryan
IT Manager
Institute of Technology, Sligo
Ireland

P +353(0)71.55365
F +353(0)71.60475
M +353(0)87.2334062
E ryan.padraig@itsligo.ie
W http://www.itsligo.ie/staff/pryan
----- Original Message -----
From: "Chris Ridd" <chris.ridd@messagingdirect.com>
To: "Padraig Ryan" <ryan.padraig@itsligo.ie>; "perl-ldap-dev"
<perl-ldap-dev@lists.sourceforge.net>
Sent: Friday, January 18, 2002 10:27 AM
Subject: Re: Bind() question for users in different OU's


> Padraig Ryan <ryan.padraig@itsligo.ie> wrote:
> > Hi,
> >
> > We're using MS AD to authenticate users for some of our web based apps
> > using bind() where we get the user to enter their UID and Password on a
> > web form and then perl uses this info coupled with the search base info
> > from a config file to actually do the bind and authenticate the user.
> >
> > Q. Is it possible to bind without knowing the particular ou that a user
> > belongs to ?
> >
> > For example we have one ou for staff and another for students yet we
won;t
> > know whether it's a staff member or a student logging in and so in our
> > Perl we have to do 2 binds, one for each ou to actually authenticate.
> > This slows up the whole process.
> >
> > Any help appreciated. Thanks.
>
> The usual procedure is for the app to connect to the directory, do a
single
> subtree search for the user (ie from some highish point in the directory),
> and then do the bind.
>
> Cheers,
>
> Chris


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic