On 27/8/07 22:49, "Rick Edwards" <[EMAIL PROTECTED]> wrote:
> Hi All;
>
> Sorry - having a brain-fart kinda day, so I'm appealing for some help....
>
> Solaris 8, iPlanet DS 5.2
>
> I want to do a search of all users who have the "service-indr" flag set to
> "true" and return only their dn and hashed password. Sounds fishy I know,
> but I need to interface between systems and the powers-that-be don't want
> to spend the money to do it properly :-(
>
> Anyway, here's what I have:
>
> $ldap = Net::LDAP->new('myserver') or die "$@";
>
> $mesg = $ldap->bind('cn=directory manager' ,password => 'mypass');
>
> $mesg = $ldap->search(
> base => "ou=customers,o=wam",
> filter => "(service-indr=true)",
> attrs => "(dn,userpassword)"
Try:
attrs => [ "dn", "userPassword" ]
The argument should be a reference to a perl array of attribute
descriptions.
In fact since "dn" is not an attribute present in entries using normal LDAP
schema, there's no point asking for it. In fact, because you'll actually get
back all attributes that are *subtypes* of dn, this could be an expensive
operation.
Typically any search result will also contain the matching result's DN which
you can access using the $entry->dn() method. In fact the rest of your
script's doing this already.
So I would just change the search to request:
attrs => [ "userPassword" ]
NB I don't know how well the iPlanet server implements the LDAP standards,
so 'caveat lector' applies :-)
Cheers,
Chris
