Am Thu, 17 Feb 2011 11:10:46 -0600
schrieb Robert Threet <[email protected]>:
> I have a working Net::LDAP::Entry program for adding users so I
> decided to gut it to create a userPassword changer.
>
> I keep getting "Error changing password: no objectClass attribute".
>
> I cannot find examples doing simple one-at-a-time adds like this.
> All I can find are examples using arrays and hashes and cannot seem to
> translate it to this. Any tips?
>
> sub resetMacAcct($newuid,$pw,$newpw){
> $time = localtime time;
> $theirIP = $q->remote_addr();
> # create mac account
> $macldapsvr = "XXX.XXX.XXX.XXX";
> $macADMdn = "uid=admin,cn=people,dc=lib-mac,dc=local";
> $macadmpwd ="XXXXXXXX";
> $macBind = Net::LDAP->new($macldapsvr,
> port => 389,
> debug => 0,
> timeout => 60,
> version => 3
> ) or die "Couldn't connect to Mac LDAP server: $@";
> my $conn = $macBind->bind(dn => $macADMdn,
> password => $macadmpwd);
> if ($conn->code){
> die 'Cannot bind:' . $conn->error . "\n";}
>
> my $macEntry = Net::LDAP::Entry->new;
> $newdn="uid=" . $username . ",cn=people,dc=lib-mac,dc=local";
> $macEntry->dn($newdn);
> # added sha1 hashing
> $salt=XX;
> $ctx = Digest::SHA1->new;
> $ctx->add($newpw);
> $ctx->add($salt);
> $newMacpw = '{SSHA}' . encode_base64($ctx->digest .
> $salt ,''); $macEntry->replace(userPassword => $newMacpw);
> my $add = $macBind->add($macEntry);
> die "Error changing password: " . $add->error()."\n" if
> $add->code();
> print LOG "$time;$cn;$theirIP;$username\n";
> $macBind->unbind();
> }
create the entry first and modify the password by means of password
modify extended operation, perldoc Net::LDAP::Extension::SetPassword
-Dieter
--
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:DA147B05
53°37'09,95"N
10°08'02,42"E
