On Aug 27, 5:49 pm, [EMAIL PROTECTED] (Rick Edwards) wrote:
> Hi All;
>
> Sorry - having a brain-fart kinda day, so I'm appealing for some help....
>
> Solaris 8, iPlanet DS 5.2
>
> I want to do a search of all users who have the "service-indr" flag set to
> "true" and return only their dn and hashed password. Sounds fishy I know,
> but I need to interface between systems and the powers-that-be don't want
> to spend the money to do it properly :-(
>
> Anyway, here's what I have:
>
> $ldap = Net::LDAP->new('myserver') or die "$@";
>
> $mesg = $ldap->bind('cn=directory manager' ,password => 'mypass');
>
> $mesg = $ldap->search(
> base => "ou=customers,o=wam",
> filter => "(service-indr=true)",
> attrs => "(dn,userpassword)"
> );
>
> So at this point I'm assuming that I'm being returned only the
> userpassword attribute, but I don't think that's the case. I've stolen
> some code from the FAQ page and it seems that rather than just the
> userpassword attribute I'm being returned the entire record:
>
> my $max = $mesg->count;
>
> for( my $index = 0 ; $index < $max ; $index++)
> {
> my $entry = $mesg->entry($index);
> my $dn = $entry->dn; # Obtain DN of this entry
>
> @attrs = $entry->attributes; # Obtain attributes for this entry.
> foreach my $var (@attrs)
> {
> #get a list of values for a given attribute
> $attr = $entry->get_value( $var, asref => 1 );
> if ( defined($attr) )
> {
> foreach my $value ( @$attr )
> print "$dn : $value\n" if ($var =~ /userpassword/i); # Print
> the DN and userpassword
> }
> }
> }
> }
>
> I guess my question is how do I return only the DN and userpassword of the
> record, and how do I access them?
>
> TIA
> Rick
>
> NOTICE: This confidential e-mail message is only for the intended
> recipient(s). If you are not the intended recipient, be advised that
> disclosing, copying, distributing, or any other use of this message, is
> strictly prohibited. In such case, please destroy this message and notify
> the sender.
The solution given should work just fine on Sun Directory Server 5.2.
Note that the password returned will be not only hashed, but will
contain the encryption algorithm in { } in front of the hash.
Only ask for userPassword in the attrs array, and use the following
method while going through the results to pull the DNs:
$dn = $entry->dn;
Cheers!
