On Dec 4, 2009, at 9:03 PM, Brian Corbin wrote:
> Awesome, thank you for the advice, Matt! I've pretty much got it
> working. I just moved all that stuff out of environment.rb and into
> it's own initializer. I somehow missed the comment in there that
> reads: Application configuration should go into files in config/
> initializers
> # -- all .rb files in that directory are automatically loaded.
>
> (Apologies in advance for the formatting)
>
> In the user model I have:
> def self.authenticate(login, password)
>
> if SimpleLdapAuthenticator.valid?(login, password)
> u = find(:first, :conditions => ["#...@login_attribute} = ?",
> login +
> "@domain.com"])
> if u.nil?
> u = User.new
> u.email_address = login + "@domain.com"
> #u.name = # Hmmmmm!
> end
>
> if u.respond_to?(:last_login_at) || u.respond_to?
> (:login_count)
> u.last_login_at = Time.now if u.respond_to?
> (:last_login_at)
> u.login_count = (u.login_count.to_i + 1) if u.respond_to?
> (:login_count)
Note that you shouldn't need the respond_to? calls here either - does
your user model support :last_login_at / :login_count or not? The
original is very generic, but there's no need to keep it that way in a
real app.
> Now I'm trying to figure out how to get the user's name out of Active
> Directory so I can stick it in their user model record. I was
> thinking I'd reuse SimpleLdapAuthenticator.connection to do a search,
> but that's not working for me.
>
> The search/query parameters I'm using work in the mmc snap-in, ADSI
> Edit, so I know that's good.
> I'm in a script/console now:
>
> . >> conn = SimpleLdapAuthenticator.connection
> . >> conn.bound?
> . => false
> . >> conn.bind("[email protected]","password")
> . => <LDAP::Conn:0xb74e8a9c>
> . >> conn.search("DC=mydomain,DC=com",LDAP::LDAP_SCOPE_SUBTREE,"(&
> (objectCategory=user)(userPrincipalName=bcorbin))")
> . LDAP::ResultError: Operations error
> . from (irb):3:in `search'
> . from (irb):3
> . >> conn.perror('')
> . : Operations error (1)
> . additional info: 00000000: LdapErr: DSID-0C090627, comment:
> In order to perform this operation a successful bind must be
> completed . on the connection., data 0, vece
>
What a delightfully non-informative error message! An AD-specific one,
with absolutely no documentation on MS's own site...
Google seems to think it's caused by the bind not taking - apparently
the call can fail without throwing an exception. You may want to try
checking the status and/or calling perror to see what it tells you.
--Matt Jones
--
You received this message because you are subscribed to the Google Groups "Hobo
Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/hobousers?hl=en.
