On 7 Jul 2010, at 22:47, rfran...@comcast.net wrote:
> my $HOST = "1";
> my $ADMIN = "cn=me,DC=corp";
> my $PWD = "0";
> my $BASEDN = "DC=corp";
>
> my $ldap = Net::LDAP->new("$HOST", port=>389) or die "$@";
> my $dn = $ldap->bind("$ADMIN", password=>"$PWD");
> my $mgrdn = $ldap->bind("$ADMIN", password=>"$PWD");
This bit of code looks a bit confused.
An LDAP connection ($ldap in this case) by definition has a single user
associated with it at any time (an actual user, or an anonymous user). So the
"my $dn = $ldap->bind" line is quite superfluous, as it is immediately followed
by another bind.
Next, the return value of $ldap->bind() is not a DN, so assigning it to a
variable with "dn" in the name is confusing. It actually returns an
Net::LDAP::Message object, which you need to inspect to see if the bind
succeeded. (Checking the code() value should suffice.)
I'd rename the other objects you get back from $ldap->search() etc as well, as
they're not DNs.
None of the above suggestions will make your script work (well, checking the
bind return might), but they might help clarify in your mind what's going on.
I haven't closely followed the logic of the rest of your script through, except
that I don't see where you're actually doing anything with the data from PERSON
or MGR.
Cheers,
Chris
