-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
for what it's worth, I've taken to doing most of my ldap work in perl using the Net::LDAP module. I find it useful to not have to parse output or error messages myself, for instance. Instead, I can check condition codes. - -- Pat James Melin wrote: > Greetings list folk, > > I'm trying to figure out a good methodology to trap errors returned by > ldapsearch so they can be interpreted and acted upon. We are primarily > concerned with password expires in x days type messages so the Java > programmers can develop a facility to allow people to change their passwords > from > an application. > > Take this example ldapsearch: > > ldapsearch -v -x -h $targ_IP -D > racfid=$1,profiletype=user,ou=racf,o=co.hennepin.mn,c=us -W -b > racfid=$1,profiletype=user,ou=racf,o=co.hennepin.mn,c=us > > where $targ_IP is the IP address of the LDAP server and $1 is the ID passed > via command line args > > Considering what might get returned if LDAP indicates the password is going > to expire in 12 days, what would be the best way to capture it? I can > direct stderr to a file, but I'd rather capture that output in variables and > if it's a nonzero return code read those vars rather than interrogating a > file. > > The problem is, ldapsearch appears to write non-error messages to stderr also > > When I re-direct std err in an error situation I get: (invalid ID used here) > > ldap_initialize( ldap://{LDAP IP address}) > ldap_bind: Invalid credentials (49) > additional info: R000104 The password is not correct or the user id > is not completely defined (missing password or uid). > > and when I re-direct using valid credentials, pw: > > ldap_initialize( ldap://{LDAP IP address}) > filter: (objectclass=*) > requesting: ALL > > so I get more than I need regardless. > > Again I can think of a few ways that might work, but I'd love to hear from > the collective wisdom of the list on this > > Much thanks, > > -J > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFgLCeNObCqA8uBswRArgOAJ9vy5ETYRzV5EW43akf3JguiAApAwCgn/Fi m9ibgRoUATarvIO8klRF/Gs= =nAqV -----END PGP SIGNATURE----- ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
