Robert,
I have been using Net::LDAP to create accounts one at a time for about a
year now. Based on the error you are seeing, I suspect that you are
forgetting to add the correct objectClass that contains the attribute
you want to store the attribute in.
Searching your code, I don't see you adding any objectClasses. You just
createa DN, and then add the the password to the userPassword attribute.
I don't know what schema(s) you are using, but for my OpenLDAP server, I
would need to add the objectClass 'top', and then the objectClass of
'person', 'organizationalPerson', or 'inetOrgPerson' before I can add
the userPassword attribute. You can find out exactly what you need by
inspecting your own schema.
Here's a sample of my code. I hope it's still readable after it gets
line-wrapped by our mail clients.
$entry = Net::LDAP::Entry->new($dn,
objectClass =>['top',
'posixAccount',
'shadowAccount',
'inetOrgPerson',
'inetLocalMailRecipient',
'eduPerson'
],
uid => $uid,
uidNumber => $uidnumber,
gidNumber => $gidnumber,
cn => $cn,
sn => $sn,
gecos => $gecos,
homeDirectory => $homedir,
loginShell => $loginshell,
mail => $mail,
mailHost => $mailhost,
mailRoutingAddress => $mailroutingaddress
);
--
Prentice
Robert Threet wrote:
> I have a working Net::LDAP::Entry program for adding users so I decided
> to gut it to create a userPassword changer.
>
> I keep getting "Error changing password: no objectClass attribute".
>
> I cannot find examples doing simple one-at-a-time adds like this. All I
> can find are examples using arrays and hashes and cannot seem to
> translate it to this. Any tips?
>
> sub resetMacAcct($newuid,$pw,$newpw){
> $time = localtime time;
> $theirIP = $q->remote_addr();
> # create mac account
> $macldapsvr = "XXX.XXX.XXX.XXX";
> $macADMdn = "uid=admin,cn=people,dc=lib-mac,dc=local";
> $macadmpwd ="XXXXXXXX";
> $macBind = Net::LDAP->new($macldapsvr,
> port => 389,
> debug => 0,
> timeout => 60,
> version => 3
> ) or die "Couldn't connect to Mac LDAP server: $@";
> my $conn = $macBind->bind(dn => $macADMdn,
> password => $macadmpwd);
> if ($conn->code){
> die 'Cannot bind:' . $conn->error . "\n";}
>
> my $macEntry = Net::LDAP::Entry->new;
> $newdn="uid=" . $username . ",cn=people,dc=lib-mac,dc=local";
> $macEntry->dn($newdn);
> # added sha1 hashing
> $salt=XX;
> $ctx = Digest::SHA1->new;
> $ctx->add($newpw);
> $ctx->add($salt);
> $newMacpw = '{SSHA}' . encode_base64($ctx->digest . $salt ,'');
> $macEntry->replace(userPassword => $newMacpw);
> my $add = $macBind->add($macEntry);
> die "Error changing password: " . $add->error()."\n" if
> $add->code();
> print LOG "$time;$cn;$theirIP;$username\n";
> $macBind->unbind();
> }
>
>
>
