Rich Megginson wrote:
>
> Kent Perrier wrote:
>
> > On 12/19/2001 11:11 AM, Jim McCullars wrote:
> >
> > > [EMAIL PROTECTED] wrote:
> > >
> > > : my $changeentry = $changeconn->search($baseDN, "sub", "($userDN)");
> > >
> > > This line is the problem. "($userDN)" is not a valid search filter, so
> > > there is no result for $changeentry in the next line. If you have unique
> > > UIDs, pick out the UID from the DN and replace your search filter with
> > > "(uid=$uid)" or something like that.
> > >
> > > HTH...
> >
> > No, this doesn't help :(
>
> But did you try it? The previous poster was correct.
Yes I did.
>
> > If you look at my origional post, the error is not in the bind
> > operation. The error occures when I attempt to update the userPassword
> > attribute with the new password.
>
> The error occurs when you try to "dereference" a "null" pointer. In this case,
>$changeentry is null, so you get an error doing
> $changeentry->{userPassword}
> Even if that succeeds, you will get an error with the conn->update operation because
>all of the other required fields of
> changeentry will be null as well.
Here is the output of my code:
[~/jd]$ ./ldapchange jt950001 win98 a
username = jt950001
Password = win98
new password = a
Define anonymous connection.
Starting search
Search done
LDAPServer is seawolf
LDAPPort is 389
userDN is uid=jt950001,ou=people, o=jdnet
Can't use string ("") as a HASH ref while "strict refs" in use at
./ldapchange line 62.
Password is win98[~/jd]$
and here is the code:
[~/jd]$ cat ldapchange
#!/usr/local/bin/perl
use warnings;
use strict;
use Mozilla::LDAP::Conn;
my $username = $ARGV[0];
my $currentUserPassword = $ARGV[1];
my $newpassword = $ARGV[2];
print "username = $username \n";
print "Password = $currentUserPassword \n";
print "new password = $newpassword\n";
my $baseDN = "o=jdnet";
my $AdminbindDN = "cn=admin,o=jdnet";
my $AdminbindDNpassword = "password";
my $LDAPServer = "seawolf";
my $LDAPPort = "389";
#first, do an anonymous bind to find the user's DN
print "Define anonymous connection.\n";
my $kent = new Mozilla::LDAP::Conn($LDAPServer,
$LDAPPort);
print "Starting search\n";
my $entry = $kent->search($baseDN, "sub", "(cn=$username)") or die
"Cannot search directory: $!";
print "Search done\n";
my $userDN = "";
if ((! $entry)) {
die "User not found: $!";
} else {
while ($entry) {
my $currentuserDN = $entry->{dn};
#print "currenentuserDN is $currentuserDN\n";
my @dn = split(/,/,$currentuserDN);
#print "dn[1] is $dn[1]\n";
# if ($dn[1] =~ /Citrix/) {
# } else {
# $userDN = $currentuserDN;
# print "userDN is set.\n";
# }
if ($dn[1] !~ /Citrix/) {
$userDN = lc($currentuserDN);
}
$entry = $kent->nextEntry();
}
}
$kent->close;
#print "UserDN = $userDN\n";
die "No userDN" unless ($userDN);
print "LDAPServer is $LDAPServer
LDAPPort is $LDAPPort
userDN is $userDN
Password is $currentUserPassword";
my $changeconn = new Mozilla::LDAP::Conn($LDAPServer,
$LDAPPort,
$userDN,
$currentUserPassword);
die "Cannot bind: $!" unless($changeconn);
my $changeentry = $changeconn->search("$baseDN", "sub", "$userDN");
$changeentry->{userPassword} = [ "$newpassword" ];
die "Cannot update password" unless($changeconn->update($changeentry));
print "Password updated\n";
$changeconn->close;
[~/jd]$
Any more clues?
Kent
--
I would like to electrocute everyone who uses the word 'fair' in
connection with income tax policies.
-- William F. Buckley
