Begin forwarded message:
From: "Megan Kielman" <[EMAIL PROTECTED]>
Date: December 11, 2006 5:41:02 PM CST
Subject: Net::LDAP search
Message-Id:
<[EMAIL PROTECTED]>
Graham,
I hope it is ok that I am emailing you. Anyway, I am searching for
groups in AD and writing the contents of the "member" attribute to a
file. I have found there are cases when some groups are not returning
the members, but when I look in AD, the group does in fact have
members.
One thing that is common amongst these groups is that when viewing
them via ADUC, the members all have gray hair which according to MS
means that the group contains more then 500 members.
here is a sample of my code:
my $ldap = Net::LDAPS->new($addr) or die "$@";
my $login = $ldap->bind($user, password=> $pass);
my @srcargs1 = (
base => $path,
scope => "sub",
filter => "(sAMAccountName=
$group)",
attrs => ['member', 'name',
'description', 'managedBy', 'createTimeStamp', 'modifyTimeStamp'],
control => [ $page ],
);
$search = $ldap->search(@srcargs1);
foreach $entry ($search->entries) {
@members = $entry->get_value("member");
unless (scalar(@members)) {
&getempty($entry);
$count++;
}else{
print "$group is not empty\n";
}
}
