Solved

Using Perl With Net::LDAP - How Do I Search An Active Directory Record For Strings.

Posted on 2004-10-29
1,446 Views
Last Modified: 2008-02-01

Using Perl With The Net::LDAP Module I am querying an entire directory to make-up a list of users and tossing the information into a database. (I'm fine with authentication, I get each record fine, and can search a single entry item but...

I look at each AD entry (See my example code below)

In each entry I search for certain strings.

What is _not_ happening during my search - if there is more than one item for the same object the search result returns false.

I trust that I have provided enough information and code.
(While not a total new-bee with Perl, I am still learning, go easy on me, please?)

=================
$What_To_Check = 'Someone's Name';

my $scope = "subtree";
my $filter = "(&(objectclass=user)(objectcategory=user)(sAMAccountName=".$What_To_Check."))";
my $ldap = Net::LDAP->new($dc) or die $@;
my $rc = $ldap->bind( $user, password => $passwd);

my $search = $ldap->search (
         base => $base,
       scope => $scope,
         filter => $filter
                                           );

foreach my $entry ($search->entries) {
     $Technician = $entry->get_value('memberof');
                                                       }

if ($Technician =~ /Admins/) {
           $My_Flag = True;
           print "\nHey, I Found An Admin\n";
                                           }

Naddah!
======================

I want to search the entry "memberOf" for string 'Admins', but it is only sees the first line and returns "False"  - what am I doing wrong?

(Am Example from an "Entry Dump")
============

   lotsStuff : Plenty Here On This Side Too
mOreStuff : Plenty More Here As Well
 memberOf: CN=Newport-RSRC,OU=Users,OU=Newport,OU=NHCNE,DC=med,DC=nads,DC=navy,DC=mil
                       CN=NHCNE - OWA Users,OU=NHCNE,DC=med,DC=nads,DC=navy,DC=mil
                       ...
                       CN=Newport Admins,OU=Users,OU=Newport,OU=NHCNE,DC=med,DC=nads,DC=navy,DC=mil
                       CN=NHCNE - OU ADMIN,OU=NHCNE,DC=med,DC=nads,DC=navy,DC=mil
                       CN=Newport User Admins,OU=Users,OU=Newport,OU=NHCNE,DC=med,DC=nads,DC=navy,DC=mil
 andMore : More Junk Here.

Help????
0
Question by:billfinkri
    5 Comments
     
    LVL 13

    Expert Comment

    by:gripe
    In the documentation, it indicates that the server may enforce a maximum number of returned results.. are you sure that's not the case here?

    sizelimit => N
        A sizelimit that restricts the maximum number of entries to be
        returned as a result of the search. A value of 0, and the
        default, means that no restriction is requested. Servers may   <----
        enforce a maximum number of entries to return.                   <----

    Also, despite it indicating a default of 0, did you try specifically setting the sizelimit attribute to a higher number?
    0
     

    Author Comment

    by:billfinkri
    Thanks kindly for such a quick response.

    I'm not certain that my question was understood clearly enough.

    If you look at the example of the 'entry dump' - you'll see 5(+) rows returned for 'memberOf'.

    It is that entry that I am merely searching through, (see the code "$Technician = ...")

    My search is not seeing (in my example AD Entry Dump)  the 2nd, 3rd ... through Xth line of 'memberOf' - it only returns 'true/false' as a result of the 1st line in in the 'memberOf' entry.

    If I understand YOU correctly - if there were such a restriction, I wouldn't get that 'entry-dump' with that many lines of 'memberOf' displaying, correct?
    0
     
    LVL 7

    Accepted Solution

    by:

    the memberOf attribute is multivalued, you need to tell Net::LDAP you want all of its values assigning it to an array,
    you might modigy it like:

    foreach my $entry ($search->entries) {
        my @memberof = $entry->get_value('memberof');
                                                         

      for $Technician (@memberof){
        if ($Technician =~ /Admins/) {
              $My_Flag = True;
              print "\nHey, I Found An Admin\n";
                                              }
      }
    }
    0
     

    Author Comment

    by:billfinkri
    RugDog,

    You must have some sort of serious way of transmitting your thoughts / brainwaves through the air.

    I swear - just as I heard my Email notification that I had "New Email" (that being YOUR response and BEFORE reading it) I was thinking to myself ... "I wonder, what would happen if I tried assigning it to an array?!!

    Beautiful!

    It's works flawlessly - and thank you!
    0
     
    LVL 7

    Expert Comment

    by:rugdog
    you're welcome
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    The Complete Ruby on Rails Developer Course

    Ruby on Rails is one of the most popular web development frameworks, and a useful tool used by both startups and more established companies to build strong graphic user interfaces, and responsive websites and apps.

    A year or so back I was asked to have a play with MongoDB; within half an hour I had downloaded (http://www.mongodb.org/downloads),  installed and started the daemon, and had a console window open. After an hour or two of playing at the command …
    There are many situations when we need to display the data in sorted order. For example: Student details by name or by rank or by total marks etc. If you are working on data driven based projects then you will use sorting techniques very frequently.…
    Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
    how to add IIS SMTP to handle application/Scanner relays into office 365.

    856 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now