walkingthecow has asked for the wisdom of the Perl Monks concerning the following question:

Hey all, I have an AD server that does not allow people to bind anonymously. I am trying to bind to the server using principal credentials (i.e., user@domain, password) just for searching. I can do it with LDAP browser, anyone know how to do it with Net::LDAP?

This is what I have (does not work): my $mesg = $ldap->bind(principal=>'bob@domain', password=>"$password"); I can do this using full DN, but multiple users use this script, so using full DN is much more complicated than just username, since many people do not know their full DN.

UPDATE:
Thank you for the help! I figured it out, just figured I'd share how I had done it...

my $mesg = $ldap->bind("$username\@domain", password=>"$password");

[download]

Replies are listed 'Best First'.
Re: Net::LDAP and principal
by MidLifeXis (Monsignor) on Feb 04, 2009 at 22:34 UTC

    One thing that I notice from yours that is different from ours, is that (principal=>$foo, ...) is just ($foo, ...).

    One way I have seen it done is to have an application id that allows searches. Bind with this ID, look up the principal (if it is not a standard format), and rebind with the users credentials and password.

    Alternatively, if the principal credentials are in a standard format, then just stuff the data into that format and send it in.

    --MidLifeXis

[reply]
[d/l]
[select]

Back to Seekers of Perl Wisdom