[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: newbie: search request without bind operation
I guess I was wrong, here is a peice of code that will allow a search
without the bind:
!/usr/local/bin/perl
use Net::LDAP;
$ldap = Net::LDAP->new('172.21.81.101') or die "$@";
$mesg = $ldap->search(
base => "o=People,dc=priceline,dc=com",
scope => 'sub',
filter => "uid=jsheahan",
);
my $max = $mesg->count;
for( my $index = 0 ; $index < $max ; $index++) {
my $entry = $mesg->entry($index);
my $dn = $entry->dn; # Obtain DN of this entry
@attrs = $entry->attributes; # Obtain attributes for this entry.
foreach my $var (@attrs) {
#get a list of values for a given attribute
$attr = $entry->get_value( $var, asref => 1 );
if ( defined($attr) ) {
foreach my $value ( @$attr ) {
print "$var: $value\n"; # Print each value
for the attribute.
}
}
}
}
-----Original Message-----
From: Francois Beretti [mailto:francois.beretti@enatel.com]
Sent: Monday, March 17, 2003 10:04 AM
To: Sheahan, John (PCLN-NW)
Cc: 'Josephine Suganthi'; Liste OpenLDAP Software
Subject: RE: newbie: search request without bind operation
Le lun 17/03/2003 à 14:59, Sheahan, John (PCLN-NW) a écrit :
> I have been working diligently with the basic bind and search functions
> every day for the past 2 weeks. Although I am hardly an expert, I know of
no
> way to do a search without doing a bind first. The difference between an
> anonymous bind and a non-anonymous bind, is that you don't have to include
> the rootdn and password on an anonmous bind and you would have to include
it
> for a non-anonymous bind.
You can also bind as a simple user, not only as rootdn with rootpw
You can/should even delete the rootdn directive, after populating the
database with basic entries (like a manager dn).
a non-anonymous bind is just an authenticated bind
>
> -----Original Message-----
> From: Josephine Suganthi [mailto:j_jsuganthi@hotmail.com]
> Sent: Monday, March 17, 2003 3:36 AM
> To: openldap-software@OpenLDAP.org
> Subject: newbie: search request without bind operation
>
>
> Hi,
>
> Can I do a search request on a ldap server without giving a bind
request?
>
> Is this possible when the ldap server is supporting anonymous bind?
>
Seen in the LDAPv3 RFC (RFC #2251):
Unlike LDAP v2, the client need not send a Bind Request in the first
PDU of the connection. The client may request any operations and the
server MUST treat these as unauthenticated. If the server requires
that the client bind before browsing or modifying the directory, the
server MAY reject a request other than binding, unbinding or an
extended request with the "operationsError" result.
If the client did not bind before sending a request and receives an
operationsError, it may then send a Bind Request. If this also fails
or the client chooses not to bind on the existing connection, it will
close the connection, reopen it and begin again by first sending a
PDU with a Bind Request. This will aid in interoperating with
servers implementing other versions of LDAP.
I don't know if slapd make a difference between anonymous and
unauthenticated
> Thanks for the help
> Josephine
Francois Beretti