#!/usr/bin/perl use strict; use Net::LDAPS; use Data::Dumper; my $ldu ='ldapquery'; my $ldp ='nottherealpassword'; my $unamein = 'johnson'; my $attr = ['objectGUID', 'sAMAccountName', 'employeeNumber', 'mail']; my $ldaps = Net::LDAPS->new("ldaps://host.domain") or return "FAIL LDAP ERROR $0"; my $searchBase = "DC=host,DC=domain"; # Bind as AD user my $mesg1 = $ldaps->bind("$ldu\@host.domain", password=>$ldp); $mesg1->code && die "Authentication failed: " . $mesg1->error . "\n"; my $searchFilter = "(sAMAccountName=$unamein)"; $mesg1 = $ldaps->search ( # perform a search base => $searchBase, filter => $searchFilter, attrs => $attr ); $mesg1->code; print Dumper $mesg1; my $binguid= $mesg1->entry(0)->get_value('objectGUID'); $searchFilter = "(objectGUID=$binguid)"; $mesg1 = $ldaps->search ( # perform a search base => $searchBase, filter => $searchFilter, attrs => $attr ); $mesg1->code; print Dumper $mesg1; exit; #### LDAP query filter on sAMAccountName: ----------------------------------------------------- $VAR1 = bless( { 'reference' => [ 'ldaps://host.domain/CN=Configuration,DC=Host,DC.Domain' ], 'errorMessage' => '', 'raw' => undef, 'parent' => bless( { 'net_ldap_scheme' => 'ldaps', 'net_ldap_refcnt' => 1, 'net_ldap_debug' => 0, 'net_ldap_host' => 'host.domain', 'net_ldap_rawsocket' => bless( \*Symbol::GEN2, 'IO::Socket::SSL' ), 'net_ldap_resp' => {}, 'net_ldap_uri' => 'ldaps://host.domain', 'net_ldap_socket' => $VAR1->{'parent'}{'net_ldap_rawsocket'}, 'net_ldap_async' => 0, 'net_ldap_mesg' => {}, 'net_ldap_port' => 636, 'net_ldap_version' => 3 }, 'Net::LDAPS' ), 'mesgid' => 6, 'ctrl_hash' => undef, 'entries' => [ bless( { 'asn' => { 'attributes' => [ { 'vals' => [ '06007454' ], 'type' => 'employeeNumber' }, { 'type' => 'objectGUID', 'vals' => [ 'T,.\\@?Ǔi2#FI' ] }, { 'type' => 'sAMAccountName', 'vals' => [ 'johnson' ] }, { 'vals' => [ 'johnson@host.domain' ], 'type' => 'mail' } ], 'objectName' => 'CN=johnson,OU=ITStaff,OU=UA,OU=PharmAccounts,DC=Host,DC.Domain' }, 'changetype' => 'modify', 'changes' => [] }, 'Net::LDAP::Entry' ) ], 'controls' => undef, 'resultCode' => 0, 'matchedDN' => '', 'callback' => undef }, 'Net::LDAP::Search' ); LDAP query filter on objectGUID from previous query: ----------------------------------------------------- $VAR1 = bless( { 'entries' => [ bless( { 'changes' => [], 'changetype' => 'modify', 'asn' => { 'objectName' => 'CN=johnson,OU=ITStaff,DC=Host,DC.Domain', 'attributes' => [ { 'type' => 'employeeNumber', 'vals' => [ '06007454' ] }, { 'vals' => [ 'T,.\\@?Ǔi2#FI' ], 'type' => 'objectGUID' }, { 'vals' => [ 'johnson' ], 'type' => 'sAMAccountName' }, { 'type' => 'mail', 'vals' => [ 'johnson@host.domain' ] } ] } }, 'Net::LDAP::Entry' ) ], 'controls' => undef, 'matchedDN' => '', 'callback' => undef, 'resultCode' => 0, 'reference' => [ 'ldaps://host.domain/CN=Configuration,DC=Host,DC.Domain' ], 'parent' => bless( { 'net_ldap_scheme' => 'ldaps', 'net_ldap_refcnt' => 1, 'net_ldap_debug' => 0, 'net_ldap_host' => 'host.domain', 'net_ldap_rawsocket' => bless( \*Symbol::GEN2, 'IO::Socket::SSL' ), 'net_ldap_resp' => {}, 'net_ldap_uri' => 'ldaps://host.domain', 'net_ldap_socket' => $VAR1->{'parent'}{'net_ldap_rawsocket'}, 'net_ldap_async' => 0, 'net_ldap_mesg' => {}, 'net_ldap_port' => 636, 'net_ldap_version' => 3 }, 'Net::LDAPS' ), 'raw' => undef, 'errorMessage' => '', 'mesgid' => 7, 'ctrl_hash' => undef }, 'Net::LDAP::Search' ); #### LDAP query filter on objectGUID from previous query: ----------------------------------------------------- $VAR1 = bless( { 'parent' => bless( { 'net_ldap_resp' => {}, 'net_ldap_host' => 'host.domain', 'net_ldap_version' => 3, 'net_ldap_rawsocket' => bless( \*Symbol::GEN2, 'IO::Socket::SSL' ), 'net_ldap_scheme' => 'ldaps', 'net_ldap_socket' => $VAR1->{'parent'}{'net_ldap_rawsocket'}, 'net_ldap_refcnt' => 1, 'net_ldap_debug' => 0, 'net_ldap_uri' => 'host.domain', 'net_ldap_async' => 0, 'net_ldap_port' => 636, 'net_ldap_mesg' => {} }, 'Net::LDAPS' ), 'errorMessage' => 'Bad filter', 'resultCode' => 89, 'mesgid' => 7, 'raw' => undef, 'callback' => undef }, 'Net::LDAP::Search'