Just a quick update: I was able to get this working with the ruby-net- ldap library. I should have some time this week to make a recipe post on the cookbook.
Brian On Dec 4, 6:50 pm, Matt Jones <[email protected]> wrote: > On Dec 4, 2009, at 9:03 PM, Brian Corbin wrote: > > > > > Awesome, thank you for the advice, Matt! I've pretty much got it > > working. I just moved all that stuff out of environment.rb and into > > it's own initializer. I somehow missed the comment in there that > > reads: Application configuration should go into files in config/ > > initializers > > # -- all .rb files in that directory are automatically loaded. > > > (Apologies in advance for the formatting) > > > In the user model I have: > > def self.authenticate(login, password) > > > if SimpleLdapAuthenticator.valid?(login, password) > > u = find(:first, :conditions => ["#...@login_attribute} = ?", > > login + > > "@domain.com"]) > > if u.nil? > > u = User.new > > u.email_address = login + "@domain.com" > > #u.name = # Hmmmmm! > > end > > > if u.respond_to?(:last_login_at) || u.respond_to? > > (:login_count) > > u.last_login_at = Time.now if u.respond_to? > > (:last_login_at) > > u.login_count = (u.login_count.to_i + 1) if u.respond_to? > > (:login_count) > > Note that you shouldn't need the respond_to? calls here either - does > your user model support :last_login_at / :login_count or not? The > original is very generic, but there's no need to keep it that way in a > real app. > > > > > Now I'm trying to figure out how to get the user's name out of Active > > Directory so I can stick it in their user model record. I was > > thinking I'd reuse SimpleLdapAuthenticator.connection to do a search, > > but that's not working for me. > > > The search/query parameters I'm using work in the mmc snap-in, ADSI > > Edit, so I know that's good. > > I'm in a script/console now: > > > . >> conn = SimpleLdapAuthenticator.connection > > . >> conn.bound? > > . => false > > . >> conn.bind("[email protected]","password") > > . => <LDAP::Conn:0xb74e8a9c> > > . >> conn.search("DC=mydomain,DC=com",LDAP::LDAP_SCOPE_SUBTREE,"(& > > (objectCategory=user)(userPrincipalName=bcorbin))") > > . LDAP::ResultError: Operations error > > . from (irb):3:in `search' > > . from (irb):3 > > . >> conn.perror('') > > . : Operations error (1) > > . additional info: 00000000: LdapErr: DSID-0C090627, comment: > > In order to perform this operation a successful bind must be > > completed . on the connection., data 0, vece > > What a delightfully non-informative error message! An AD-specific one, > with absolutely no documentation on MS's own site... > > Google seems to think it's caused by the bind not taking - apparently > the call can fail without throwing an exception. You may want to try > checking the status and/or calling perror to see what it tells you. > > --Matt Jones -- You received this message because you are subscribed to the Google Groups "Hobo Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/hobousers?hl=en.
