On 12/1/06 7:51, Peter Walsham <[EMAIL PROTECTED]> wrote: > > > As far as I can see, a bind where you set 'noauth'=>1 doesn't tell you > whether a user exists with a correct password (testing with Active > Directory). > > The following always returns "Success" regardless of the DN, but the bind > can't be used for searching.
It returns whatever the server told it, though it would be interesting to know what the actual LDAP result code was. Call $message->code() instead of $message->is_error(). What's different about the protocol sent from this bit of perl, and the ldapsearch you posted yesterday: --- ldapsearch -h 'localhost' -x -w '' -D 'cn=Joe,ou=London,o=axomic' -s base -b 'cn=Joe,ou=London,o=axomic' Active Directory by default denies anonymous or noauth logins, but the above command works, so: --- With Net::LDAP you can call $ldap-debug(12); before the bind and $ldap->debug(0); after checking the return code if you want a protocol trace of the bind message and bind result. I dare say you could find some options on ldapsearch to give similar sorts of information... Cheers, Chris
