Using Perl With Net::LDAP - How Do I Search An Active Directory Record For Strings.

Using Perl With The Net::LDAP Module I am querying an entire directory to make-up a list of users and tossing the information into a database. (I'm fine with authentication, I get each record fine, and can search a single entry item but...

I look at each AD entry (See my example code below)

In each entry I search for certain strings.

What is _not_ happening during my search - if there is more than one item for the same object the search result returns false.

I trust that I have provided enough information and code.
(While not a total new-bee with Perl, I am still learning, go easy on me, please?)

$What_To_Check = 'Someone's Name';

my $scope = "subtree";
my $filter = "(&(objectclass=user)(objectcategory=user)(sAMAccountName=".$What_To_Check."))";
my $ldap = Net::LDAP->new($dc) or die $@;
my $rc = $ldap->bind( $user, password => $passwd);

my $search = $ldap->search (
         base => $base,
       scope => $scope,
         filter => $filter

foreach my $entry ($search->entries) {
     $Technician = $entry->get_value('memberof');

if ($Technician =~ /Admins/) {
           $My_Flag = True;
           print "\nHey, I Found An Admin\n";


I want to search the entry "memberOf" for string 'Admins', but it is only sees the first line and returns "False"  - what am I doing wrong?

(Am Example from an "Entry Dump")

   lotsStuff : Plenty Here On This Side Too
mOreStuff : Plenty More Here As Well
 memberOf: CN=Newport-RSRC,OU=Users,OU=Newport,OU=NHCNE,DC=med,DC=nads,DC=navy,DC=mil
                       CN=NHCNE - OWA Users,OU=NHCNE,DC=med,DC=nads,DC=navy,DC=mil
                       CN=Newport Admins,OU=Users,OU=Newport,OU=NHCNE,DC=med,DC=nads,DC=navy,DC=mil
                       CN=NHCNE - OU ADMIN,OU=NHCNE,DC=med,DC=nads,DC=navy,DC=mil
                       CN=Newport User Admins,OU=Users,OU=Newport,OU=NHCNE,DC=med,DC=nads,DC=navy,DC=mil
 andMore : More Junk Here.

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

In the documentation, it indicates that the server may enforce a maximum number of returned results.. are you sure that's not the case here?

sizelimit => N
    A sizelimit that restricts the maximum number of entries to be
    returned as a result of the search. A value of 0, and the
    default, means that no restriction is requested. Servers may   <----
    enforce a maximum number of entries to return.                   <----

Also, despite it indicating a default of 0, did you try specifically setting the sizelimit attribute to a higher number?
billfinkriAuthor Commented:
Thanks kindly for such a quick response.

I'm not certain that my question was understood clearly enough.

If you look at the example of the 'entry dump' - you'll see 5(+) rows returned for 'memberOf'.

It is that entry that I am merely searching through, (see the code "$Technician = ...")

My search is not seeing (in my example AD Entry Dump)  the 2nd, 3rd ... through Xth line of 'memberOf' - it only returns 'true/false' as a result of the 1st line in in the 'memberOf' entry.

If I understand YOU correctly - if there were such a restriction, I wouldn't get that 'entry-dump' with that many lines of 'memberOf' displaying, correct?

the memberOf attribute is multivalued, you need to tell Net::LDAP you want all of its values assigning it to an array,
you might modigy it like:

foreach my $entry ($search->entries) {
    my @memberof = $entry->get_value('memberof');

  for $Technician (@memberof){
    if ($Technician =~ /Admins/) {
          $My_Flag = True;
          print "\nHey, I Found An Admin\n";

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
billfinkriAuthor Commented:

You must have some sort of serious way of transmitting your thoughts / brainwaves through the air.

I swear - just as I heard my Email notification that I had "New Email" (that being YOUR response and BEFORE reading it) I was thinking to myself ... "I wonder, what would happen if I tried assigning it to an array?!!


It's works flawlessly - and thank you!
you're welcome
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.