Using Perl With Net::LDAP - How Do I Search An Active Directory Record For Strings.

Using Perl With The Net::LDAP Module I am querying an entire directory to make-up a list of users and tossing the information into a database. (I'm fine with authentication, I get each record fine, and can search a single entry item but...

I look at each AD entry (See my example code below)

In each entry I search for certain strings.

What is _not_ happening during my search - if there is more than one item for the same object the search result returns false.

I trust that I have provided enough information and code.
(While not a total new-bee with Perl, I am still learning, go easy on me, please?)

$What_To_Check = 'Someone's Name';

my $scope = "subtree";
my $filter = "(&(objectclass=user)(objectcategory=user)(sAMAccountName=".$What_To_Check."))";
my $ldap = Net::LDAP->new($dc) or die $@;
my $rc = $ldap->bind( $user, password => $passwd);

my $search = $ldap->search (
         base => $base,
       scope => $scope,
         filter => $filter

foreach my $entry ($search->entries) {
     $Technician = $entry->get_value('memberof');

if ($Technician =~ /Admins/) {
           $My_Flag = True;
           print "\nHey, I Found An Admin\n";


I want to search the entry "memberOf" for string 'Admins', but it is only sees the first line and returns "False"  - what am I doing wrong?

(Am Example from an "Entry Dump")

   lotsStuff : Plenty Here On This Side Too
mOreStuff : Plenty More Here As Well
 memberOf: CN=Newport-RSRC,OU=Users,OU=Newport,OU=NHCNE,DC=med,DC=nads,DC=navy,DC=mil
                       CN=NHCNE - OWA Users,OU=NHCNE,DC=med,DC=nads,DC=navy,DC=mil
                       CN=Newport Admins,OU=Users,OU=Newport,OU=NHCNE,DC=med,DC=nads,DC=navy,DC=mil
                       CN=NHCNE - OU ADMIN,OU=NHCNE,DC=med,DC=nads,DC=navy,DC=mil
                       CN=Newport User Admins,OU=Users,OU=Newport,OU=NHCNE,DC=med,DC=nads,DC=navy,DC=mil
 andMore : More Junk Here.

Who is Participating?
rugdogConnect With a Mentor Commented:

the memberOf attribute is multivalued, you need to tell Net::LDAP you want all of its values assigning it to an array,
you might modigy it like:

foreach my $entry ($search->entries) {
    my @memberof = $entry->get_value('memberof');

  for $Technician (@memberof){
    if ($Technician =~ /Admins/) {
          $My_Flag = True;
          print "\nHey, I Found An Admin\n";
In the documentation, it indicates that the server may enforce a maximum number of returned results.. are you sure that's not the case here?

sizelimit => N
    A sizelimit that restricts the maximum number of entries to be
    returned as a result of the search. A value of 0, and the
    default, means that no restriction is requested. Servers may   <----
    enforce a maximum number of entries to return.                   <----

Also, despite it indicating a default of 0, did you try specifically setting the sizelimit attribute to a higher number?
billfinkriAuthor Commented:
Thanks kindly for such a quick response.

I'm not certain that my question was understood clearly enough.

If you look at the example of the 'entry dump' - you'll see 5(+) rows returned for 'memberOf'.

It is that entry that I am merely searching through, (see the code "$Technician = ...")

My search is not seeing (in my example AD Entry Dump)  the 2nd, 3rd ... through Xth line of 'memberOf' - it only returns 'true/false' as a result of the 1st line in in the 'memberOf' entry.

If I understand YOU correctly - if there were such a restriction, I wouldn't get that 'entry-dump' with that many lines of 'memberOf' displaying, correct?
billfinkriAuthor Commented:

You must have some sort of serious way of transmitting your thoughts / brainwaves through the air.

I swear - just as I heard my Email notification that I had "New Email" (that being YOUR response and BEFORE reading it) I was thinking to myself ... "I wonder, what would happen if I tried assigning it to an array?!!


It's works flawlessly - and thank you!
you're welcome
All Courses

From novice to tech pro — start learning today.