I have a working Net::LDAP::Entry program for adding users so I decided
to gut it to create a userPassword changer.
I keep getting "Error changing password: no objectClass attribute".
I cannot find examples doing simple one-at-a-time adds like this. All I
can find are examples using arrays and hashes and cannot seem to
translate it to this. Any tips?
sub resetMacAcct($newuid,$pw,$newpw){
$time = localtime time;
$theirIP = $q->remote_addr();
# create mac account
$macldapsvr = "XXX.XXX.XXX.XXX";
$macADMdn = "uid=admin,cn=people,dc=lib-mac,dc=local";
$macadmpwd ="XXXXXXXX";
$macBind = Net::LDAP->new($macldapsvr,
port => 389,
debug => 0,
timeout => 60,
version => 3
) or die "Couldn't connect to Mac LDAP server: $@";
my $conn = $macBind->bind(dn => $macADMdn,
password => $macadmpwd);
if ($conn->code){
die 'Cannot bind:' . $conn->error . "\n";}
my $macEntry = Net::LDAP::Entry->new;
$newdn="uid=" . $username . ",cn=people,dc=lib-mac,dc=local";
$macEntry->dn($newdn);
# added sha1 hashing
$salt=XX;
$ctx = Digest::SHA1->new;
$ctx->add($newpw);
$ctx->add($salt);
$newMacpw = '{SSHA}' . encode_base64($ctx->digest . $salt ,'');
$macEntry->replace(userPassword => $newMacpw);
my $add = $macBind->add($macEntry);
die "Error changing password: " . $add->error()."\n" if
$add->code();
print LOG "$time;$cn;$theirIP;$username\n";
$macBind->unbind();
}
--
Robert Threet
Systems Manager
USI Computer Center
(812) 465-1082
Confidentiality Statement: This email message, including any
attachments, is for the sole use of the intended recipient(s) and may
contain confidential and privileged information.
