Hello List,
Many thanks to all for the replies. By interrogating the code value I am able
to have my program do what is needed.
I have used the code value in searches, adds, updates and simply forgot /
overlooked that I could check it on the bind.
This further proves the benefits of open source and the community!
Thanks Again,
jim
Chris Ridd wrote:
On 26/4/06 10:32, Jim Summers <[EMAIL PROTECTED]> wrote:
Hello list,
I have stumbled onto a problem with some code I am writing. I was doing a
bind to my ldap and using the dn and password option. Which initially I
always entered the correct password and thought it was ok. I did one today
and put in the wrong password, but the bind went ahead and worked and the
searches that followed using that descriptor.
Is there a way to force the bind to fail if the dn / password combo is not
correct?
How are you testing for failure? The following only really tests for
problems in the bind operation itself and is thus not going to be useful:
$ldap->bind( 'cn=foo,o=bar', password => 'secret' ) or die;
The following is correct, as it checks what the server returns:
$mesg = $ldap->bind( 'cn=foo,o=bar', password => 'secret' );
die if $mesg->code;
Could there be some anonymous access going on that I am not aware of?
It is likely that your server's changing the connection's authentication
level to anonymous after the failed bind. I can't remember if the RFCs
require this behaviour or not, off-hand. If you've got access to the server
logs though, they ought to give you the answer!
Cheers,
Chris
--
Jim Summers
School of Computer Science-University of Oklahoma
-------------------------------------------------
