net::ldap ->singel valued attributes and multivalued attributes

docsnyder has asked for the wisdom of the Perl Monks concerning the following question:

Hi Folk

As the title suggests, I am trying to figure out whether a given LDAP attribute is single valued or multivalued (I'm using net::ldap).

After doing a search, I am accessing the result via a hash I obtain by $result->as_struct(). Within this hash, attribute values are always an array, i.e. single valued attributes are returned in an array containing a single value.

The problem arises when I am writing a LDAP object back to LDAP. What I want is, that values contained in multivalue attributes get "added" to the existing values. That's why I am calling '$ldap->modify($dn, add => {%attrs})' rather than '$ldap->modify($dn, replace => {%attrs})'. Unfortunately, this results in an error for single value attributes which exist in the target system.

Ok, I could separate single value attributes and multivalue attribues, calling '$ldap->modify($dn, replace => {%attrs})' for single value attributes and '$ldap->modify($dn, add => {%attrs})' for multivalue attributes, but this would require to know, which attribute is single valued and which is multivalued. Is there a way to figure this out?

I would appreciate any hint.

Regards docsnyder

Comment on net::ldap ->singel valued attributes and multivalued attributes

Replies are listed 'Best First'.
Re: net::ldap ->singel valued attributes and multivalued attributes by karlgoethebier (Abbot) on Aug 28, 2020 at 06:19 UTC
What about the examples? ŤThe Crux of the Biscuit is the Apostropheť `perl -MCrypt::CBC -E 'say Crypt::CBC->new(-key=>'kgb',-cipher=>"Blowfish")->decrypt_hex($ENV{KARL});'`Help	[reply] [d/l]
Re: net::ldap ->singel valued attributes and multivalued attributes by jcb (Parson) on Aug 28, 2020 at 01:46 UTC
Even though I am unfamiliar with LDAP, I see that you have not received any useful responses, so I will try to help. Is there a schema somewhere that declares whether an attribute is single-valued or multi-valued-with-one-entry? That would be the easiest solution, but, as I said, I am unfamiliar with LDAP so that may be the "obvious answer" that turns out to be useless. The other option is to simply try something like: (assuming `$ldap->modify` dies when used incorrectly) `unless (eval {$ldap->modify($dn, add => {%attrs});1}) { $ldap->modify($dn, replace => {%attrs}) }` [download] This could get a bit messy if you are trying to update multiple attributes, some of which are multi-valued. Then you will need to wrap the above in a loop and handle each attribute separately.	[reply] [d/l] [select]
Re: net::ldap ->singel valued attributes and multivalued attributes by haukex (Archbishop) on Aug 28, 2020 at 14:01 UTC
Within this hash, attribute values are always an array, i.e. single valued attributes are returned in an array containing a single value. ... this would require to know, which attribute is single valued and which is multivalued. Is there a way to figure this out? I'm not an LDAP expert, but are you referring to attributes like `objectclass` in the following example? Going with that assumption, in this example, the way to check is to de-reference the array reference with `@{...}` (perlreftut and perlref), and use the array in scalar context to get the number of elements it contains, e.g. `if ( @array > 1 ) { print "More than one element in the array.\n" }`. You can walk the data structure as returned by `as_struct`, or, probably better, you can walk the Net::LDAP::Entry objects returned by Net::LDAP::Search. I've shown examples of both in the following. Read more... code (2 kB)	[reply] [d/l] [select]