itnifl
asked on
NET::LDAPS error: failed Transport endpoint is not connected at /usr/lib/cgi-bin/createUser.cgi line 26
I am displaying here only the piece of the code that matters. The parameters are posted to the script from a form in a html file. The error is as stated: failed Transport endpoint is not connected at /usr/lib/cgi-bin/createUse r.cgi line 26
The script is running on a Debian server. I guess I don't need to join the computer to the domain to use the script?
The script is running on a Debian server. I guess I don't need to join the computer to the domain to use the script?
#! /usr/bin/perl
use warnings;
use CGI::Pretty qw(:all);
use strict;
use CGI::Carp::Fatals;
use Net::LDAP;
use Net::LDAPS;
#print "Content-type: text/html\n\n";
my $cgi=new CGI;
print header();
print start_html("User Account Creation");
if (param('pass_1') eq param('pass_2')) {
my $firstName=param('first_name');
my $lastName=param('last_name');
my $loginName=param('login_name');
my $password=param('password');
my $mail=param('mail');
my $adminLogin=param('adminLogin');
my $adminPass=param('adminPass');
my $mesg;
my $ldap = Net::LDAPS->new('172.16.0.2', port => '389') or die("failed $!");
print "Failed connecting" if(!$ldap);
$mesg = $ldap->bind(dn => 'cn=$adminLogin,ou=Users,ou=FreeDev-Users,dc=freedev,dc=local', password => '$adminPass') or die("failed $!; ".$mesg->error);
my $result = $ldap->add( 'cn=$loginName,ou=Users,ou=FreeDev-Users,dc=freedev,dc=local',attr => [ 'cn' => '$loginName', 'sn' => $firstName, 'mail' => $mail, 'objectclass' => ['top', 'person','organizationalPerson','inetOrgPerson' ]]);
$result->code && warn "failed to add entry: ", $result->error;
$mesg = $ldap->unbind;
#! /usr/bin/perl
use warnings;
use CGI::Pretty qw(:all);
use strict;
use CGI::Carp::Fatals;
use Net::LDAP;
use Net::LDAPS;
#print "Content-type: text/html\n\n";
my $cgi=new CGI;
print header();
print start_html("User Account Creation");
if (param('pass_1') eq param('pass_2')) {
my $firstName=param('first_name');
my $lastName=param('last_name');
my $loginName=param('login_name');
my $password=param('pass_1');
my $mail=param('mail');
my $adminLogin=param('adminLogin');
my $adminPass=param('adminPass');
my $mesg;
my $ldap = Net::LDAPS->new('172.16.0.2', port => '389') or die("failed $!");
print "Failed connecting" if(!$ldap);
$mesg = $ldap->bind(dn => 'cn=$adminLogin,ou=Users,ou=Company-Users,dc=company,dc=local', password => '$adminPass') or die("failed $!; ".$mesg->error);
my $result = $ldap->add( 'cn=$loginName,ou=Users,ou=Company-Users,dc=company,dc=local',attr => [ 'cn' => '$loginName', 'sn' => $firstName, 'mail' => $mail, 'objectclass' => ['top', 'person','organizationalPerson','inetOrgPerson' ]]);
$result->code && warn "failed to add entry: ", $result->error;
$mesg = $ldap->unbind;
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The essential strings for connecting and binding that are not working are now:
my $mesg;
my $ldap = Net::LDAP->new('172.16.0.2', port => '389') or die("failed $!");
print "Failed connecting" if(!$ldap);
$mesg = $ldap->bind('cn=$adminLogin,ou=Users,ou=FreeDev-Users,o=freedev,c=local', password => '$adminPass') or die("failed $!; ".$mesg->error);
my $result = $ldap->add('cn=$loginName,ou=Users,ou=FreeDev-Users,o=freedev,c=local', attr => [ 'cn' => '$loginName', 'sn' => $firstName, 'mail' => $mail, 'objectclass' => ['top', 'person','organizationalPerson','inetOrgPerson' ]]);
$result->code && warn "failed to add entry: ", $result->error;
$mesg = $ldap->unbind;
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Error:
[Thu Apr 08 11:06:37 2010] [error] [client 192.168.10.4] [Thu Apr 8 11:06:37 2010] createUser.cgi: failed to add entry: 00002081: NameErr: DSID-03050BF0, problem 2003 (BAD_ATT_SYNTAX), data 0, best match of:, referer: http://192.168.10.100/IntranettWeb/adm/admintools.html
[Thu Apr 08 11:06:37 2010] [error] [client 192.168.10.4] [Thu Apr 8 11:06:37 2010] createUser.cgi: \t'CN=atlhol,OU=Users,OU=C ompany-Use rs,DC=comp any,DC=loc al'
And in the browser window, this error:
Return code: 34 Message: LDAP_INVALID_DN_SYNTAX :The request contained an invalid DN MessageID: 2 DN: not known
I outputted the DN to the html file with ' and ' wrapped around:
'CN=atlhol,OU=Users,OU=Fre eDev-Users ,DC=freede v,DC=local '
Looks ok.
The code:
[Thu Apr 08 11:06:37 2010] [error] [client 192.168.10.4] [Thu Apr 8 11:06:37 2010] createUser.cgi: failed to add entry: 00002081: NameErr: DSID-03050BF0, problem 2003 (BAD_ATT_SYNTAX), data 0, best match of:, referer: http://192.168.10.100/IntranettWeb/adm/admintools.html
[Thu Apr 08 11:06:37 2010] [error] [client 192.168.10.4] [Thu Apr 8 11:06:37 2010] createUser.cgi: \t'CN=atlhol,OU=Users,OU=C
And in the browser window, this error:
Return code: 34 Message: LDAP_INVALID_DN_SYNTAX :The request contained an invalid DN MessageID: 2 DN: not known
I outputted the DN to the html file with ' and ' wrapped around:
'CN=atlhol,OU=Users,OU=Fre
Looks ok.
The code:
my ($bind, $mesg);
my $base = "OU=Users,OU=Company-Users,DC=company,DC=local";
my $ldap = Net::LDAP->new("172.16.0.2", version => 3, port => 389) or die("failed $!");
print "Failed connecting" if(!$ldap);
$bind = $ldap->bind("CN=$adminLogin,OU=Users,OU=Company-Users,DC=company,DC=local", password => "$adminPass") or die("failed $!; ".$bind->error);
if ( $bind->code ) {
LDAPerror( "Bind: ", $bind );
}
my $DN = "CN=$loginName,".$base;
my $displayName = $firstName." ".$lastName;
my $result = $ldap->add($DN, attr => [ 'cn' => '$loginName', 'sn' => $firstName, 'mail' => $mail, 'displayName' => $displayName, 'givenName' => $displayName,'objectclass' => ["top", "person","organizationalPerson","user" ]]);
if ( $result->code ) {
LDAPerror( "Bind: ", $result );
}
$result->code && warn "failed to add entry: ", $result->error;
$mesg = $ldap->unbind;
sub LDAPerror {
my $unknown = "not known";
my ( $from, $mesg ) = @_;
print "Return code: ", $mesg->code;
print "\tMessage: ", $mesg->error_name;
print " :", $mesg->error_text;
print "MessageID: ", $mesg->mesg_id;
my $dn = $mesg->dn;
if ( !$dn ) { $dn = $unknown; }
print "\tDN: ", $dn;
}
I am not sure where the information is coming from but the result code "BAD_ATT_SYNTAX"
implies there is an invalid value being passed for one of the attribute values.
Unfortunately, which one is not known. (Based on the next error, I would guess the CN)
The "LDAP_INVALID_DN_SYNTAX" implies that the value you are using for the DN you are setting is invalid.
Looks like there maybe an issue as the DN is showing as:
\t'CN=atlhol,OU=Users,OU=C ompany-Use rs,DC=comp any,DC=loc al'
Note the \t' appears to be included within the DN.
Also this line:
my $DN = "CN=$loginName,".$base;
does not look correct.
Should it not be more like:
my $DN = "CN=".$loginName.",".$base ;
-jim
implies there is an invalid value being passed for one of the attribute values.
Unfortunately, which one is not known. (Based on the next error, I would guess the CN)
The "LDAP_INVALID_DN_SYNTAX" implies that the value you are using for the DN you are setting is invalid.
Looks like there maybe an issue as the DN is showing as:
\t'CN=atlhol,OU=Users,OU=C
Note the \t' appears to be included within the DN.
Also this line:
my $DN = "CN=$loginName,".$base;
does not look correct.
Should it not be more like:
my $DN = "CN=".$loginName.",".$base
-jim
ASKER
I printed out only the first two characters of $DN, it seems as if it is CN, no \t there.
I also tried to use:
my $DN = "CN=".$loginName.",".$base ;
Seems like it works the same as:
my $DN = "CN=$loginName,".$base;
The looks of the string, error message and results are the same.
I guessed you were right that there was something wrong with the attributes. So I set the creation of the user object up with the sub from the example code given(http://ldapwiki.willeke.com/wiki/Perl%20Add%20User%20Sample), and also added the attribute array for use with the AddAdUser sub. Offcourse I added the proper line to use the code. The code ended up as below, very similar to the example. It works, so I guess it was the attributes or the attribute list that was wrong.
I also tried to use:
my $DN = "CN=".$loginName.",".$base
Seems like it works the same as:
my $DN = "CN=$loginName,".$base;
The looks of the string, error message and results are the same.
I guessed you were right that there was something wrong with the attributes. So I set the creation of the user object up with the sub from the example code given(http://ldapwiki.willeke.com/wiki/Perl%20Add%20User%20Sample), and also added the attribute array for use with the AddAdUser sub. Offcourse I added the proper line to use the code. The code ended up as below, very similar to the example. It works, so I guess it was the attributes or the attribute list that was wrong.
my @Attrs = (
"accountexpires", "badpasswordtime",
"badpwdcount", "cn",
"displayname", "distinguishedname",
"givenname", "instancetype",
"lastlogoff", "lastlogon",
"lastlogontimestamp", "logoncount",
"memberof", "name",
" objectcategory", "objectclass"
);
my ($bind, $mesg);
my $base = "OU=Users,OU=Company-Users,DC=company,DC=local";
my $ldap = Net::LDAP->new("172.16.0.2", version => 3, port => 389) or die("failed $!");
print "Failed connecting" if(!$ldap);
$bind = $ldap->bind("CN=$adminLogin,OU=Users,OU=Company-Users,DC=company,DC=local", password => "$adminPass") or die("failed $!; ".$bind->error);
if ( $bind->code ) {
LDAPerror( "Bind: ", $bind );
}
my $DN = "CN=".$loginName.",".$base;
my $displayName = $firstName." ".$lastName;
my $currentCN = $loginName;
#my $result = $ldap->add($DN, attr => [ 'cn' => '$loginName', 'sn' => "User", 'mail' => $mail, 'displayName' => $displayName, 'givenName' => $displayName,'objectclass' => ["top", "person","organizationalPerson","user" ]]);
my $result = addAdUser( $ldap, $DN, $currentCN, "User", "User.$currentCN", $currentCN );
if ( $result->code ) {
LDAPerror( "Bind: ", $result );
}
$result->code && warn "failed to add entry: ", $result->error;
$mesg = $ldap->unbind;
ASKER
Thanks!
ASKER
But I can't seem to bind. The generated html completes without errors on the page, but in the error log of Apache I can see:
[Thu Apr 08 10:10:17 2010] [error] [client 192.168.10.4] [Thu Apr 8 10:10:17 2010] createUser.cgi: failed to add entry: 000004DC: LdapErr: DSID-0C090BD0, comment: In o
rder to perform this operation a successful bind must be completed on the connection., data 0, v1771
Offcourse, there is no object created in AD either.