Beefy Boxes and Bandwidth Generously Provided by pair Networks
Come for the quick hacks, stay for the epiphanies.

Re: Need help on Net::LDAP

by mr_mischief (Monsignor)
on Apr 30, 2008 at 15:39 UTC ( #683702=note: print w/replies, xml ) Need Help??

in reply to Need help on Net::LDAP

This is really more LDAP-specific than Perl-specific, but it's a bit of both as it has to do with how you're attempting to use the API provided by the module.

The compare method of Net::LDAP requires the distinguished name of the entry you're trying to compare against. You're comparing against your $base (is it still "dc=example,dc=com" (your LDAP base) at this point?) instead of the particular distinguished name you want "uid=srinivas,ou=People,dc=example,dc=com". There's no such attribute "uid" in entry "dc=example,dc=com", in case that's where you're looking.

What you probably mean to do is to do a search of entries for "uid=srinivas,ou=People,dc=example,dc=com" and then compare your hashed password to the hashed password there (and possibly also check the uid attribute as a sanity check).

BTW, you didn't just post an actual MD5 hashed Unix system account password to a public forum, did you? If so, you might want to change the password on that account and any others you have that use the same password. It takes some time to run a brute-force crack against MD5, but lots of people have nothing better to do than to put a cluster of four systems at work on it while they go about other things.

Replies are listed 'Best First'.
Re^2: Need help on Net::LDAP
by MidLifeXis (Monsignor) on Apr 30, 2008 at 17:48 UTC

    No, s/he posted a base-64 encoded unix crypted (yeah, I know it is redundant, but that is the LDAP spec) password. So it would not take as much time.

    Update: I may be wrong on this - it appears the data I was using may not be entirely reliable. However, the encouragement below still stands.

    srinivas_rocks, I would also encourage you to change the password on the displayed account.


      What do you mean by redundant?

      Walking the road to enlightenment... I found a penguin and a camel on the way.....
      Fancy a Just ask!!!

        A crypted password, in the traditional unix sense, should be 13 characters long, and already in a base-64ish representation. It appeared to me, after reading a couple of incomplete sites documenting how this works in LDAP, is that since the password field is binary, it is always base64 encoded. This can be read as base64 encoding a string that is already base64 encoded.

        I have since questioned the data I based my conclusion on, and all I can say at this point is... "I don't know" :)


Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://683702]
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others rifling through the Monastery: (3)
As of 2023-12-09 05:19 GMT
Find Nodes?
    Voting Booth?
    What's your preferred 'use VERSION' for new CPAN modules in 2023?

    Results (37 votes). Check out past polls.