I need to use a read-only unique identifier field for ldap objects. My research has taken me to "objectGUID". However, if I take a query result set and turn right back around to use the objectGUID values for my filter values, I only get hits on about 90% of the original objects. From my tests so far, it appears to be the same objects missing each time.
I should be able to grab the value and turn right back around and query for it, right? Does anyone have any insight as to what's going on?my $users=$ldap_session->search( base=>$CONF{ldapuserbase}, filter=>$filter, attrs=> ['distinguishedName','sAMAccountName', +'homeDirectory','displayName','objectSid','objectGUID'] ) or die "err +or searching tree:$@\n"; my @entries = $users->sorted('displayName'); print "done.\nFound ".(scalar @entries)." entries.\n"; my $notfound=0; foreach my $e (@entries){ my $guid=$e->get_value('objectGUID'); my $name=$e->get_value('displayName'); my $thisuser=$ldap_session->search( base=>$CONF{ldapuserbase}, filter=>"(objectGUID=$guid)", attrs=> ['distinguishedName','sAMAccountName', +'homeDirectory','displayName','objectSid','objectGUID'] ) or die "err +or searching tree:$@\n"; my @user=$thisuser->sorted('displayName'); if(@user){ #do nothing }else{ print "can't find $name\n"; ++$notfound; } } print "not found=$notfound\n"; $ldap_session->unbind;
ETA: I converted the "not found" objectGUID values to a readable hex string and displayed the values. All the objects have the value of "4" at the start of the 3rd subset. aka, XXXXXXXX-XXXX-4XXX-XXXX-XXXXXXXXXXXX
Coincidence????
In reply to NET::LDAP and objectGUID by ksublondie
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |