1 / 9

LDAP API: Searching

LDAP API: Searching. CNS 4650 Fall 2004 Rev. 2. LDAP Search. Create connection Bind (if needed) Perform search Display results Close connection. Project 1 Example. Language is PERL Data is not completely formatted to specification Example code is in download area

merry
Download Presentation

LDAP API: Searching

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. LDAP API: Searching CNS 4650 Fall 2004 Rev. 2

  2. LDAP Search • Create connection • Bind (if needed) • Perform search • Display results • Close connection

  3. Project 1 Example • Language is PERL • Data is not completely formatted to specification • Example code is in download area • These slides will walk through the code

  4. Declares this is a PERL script Include Net::LDAP and Net::LDAP::LDIF libraries, so that we can use the LDAP API calls Declare $LDAPSERVER and $SEARCHBASE as empty strings. They are used to hold the server address and search base that is passed from the command line $YEAR, $MONTH, $DAY, $TIME are set to the current date and time. This uses the `date` command found on Linux/Unix workstations. Chomp() is used to remove the carriage return. $COMBODATE puts all the values together in a generalizedTime format (Discussed later in these slides) $FILTER is the defined filter, in this case it only searches for “user-password-expire” that is greater than the current date and time #!/usr/bin/perl -w use Net::LDAP use Net::LDAP::LDIF; $LDAPSERVER = $SEARCHBASE = ""; $YEAR = `date "+%Y"`; chomp($YEAR); $MONTH = `date "+%m"`; chomp($MONTH); $DAY = `date "+%d"`; chomp($DAY); $DAY = $DAY + 3; $TIME = `date "+%H%M%SZ"`; chomp($TIME); $COMBODATE = $YEAR . $MONTH . $DAY . $TIME; $FILTER = "&(user-password-expire>=$COMBODATE)"; … Variables

  5. The first if statement checks the argument vector to see if any arguments were passed in, if not returns usage statement The $LDAPSERVER variable is set to the first command line argument and $SEARCHBASE is set to the second command line argument … if(!@ARGV) { print "You must specify a server!\n"; } else { $LDAPSERVER = $ARGV[0]; $SEARCHBASE = $ARGV[1]; … Command Line Arguments

  6. The LDAP connection is made by calling Net::LDAP() Net::LDAP returns a LDAP handle that is used to perform the search and then to unbind Net::LDAP(host, port, timeout, async, debug, onerror, version) http://search.cpan.org/~gbarr/perl-ldap/lib/Net/LDAP.pod my $conn = new Net::LDAP($LDAPSERVER); Build the LDAP Connection

  7. The LDAP handle ($conn) is used to perform the search The search() call can be passed base, scope, filter, attrs (attributes returned) If the attributes are not listed all the attributes of the objects found will be returned … $mesg = $conn->search( base=>$SEARCHBASE, scope=>"sub", filter=>$FILTER, attrs=>['mail', 'uid', 'user-password-expire',]); … Perform the Search

  8. The $mesg structure has a value named “count” that contains the number of objects returned from the search The $entry creates storage for a single entry that is extracted from $mesg To retrieve a attribute value use the $entry->get_value() call, pass in the name of the attribute. Example: “uid” … for ($i = 0; $i < $mesg->count; $i++) { my $entry = $mesg->entry($i); print $entry->get_value( 'mail' ); print "\n\n"; print join(" ", $entry->get_value( 'uid' ), "your password will expire on", $entry->get_value( 'user-password-expire' )); print "\nPlease change your password before that date.\nThank you,\nIS&T"; print "\n\n\n" } … Printing out the Return Data

  9. The connection always needs to be unbound Make sure the LDAP handle is not destroyed before the connection is unbound $conn->unbind; Unbind from the Directory

More Related