Net::LDAP, Active Directory and Disabled Users #2

I've been trying to write a simple perl script that will query the active
directory via LDAP and give me a list of email addresses for disabled users
(eg, addresses we don't want to accept email for anymore). I found a website
or two that suggested I use the following as my filter:

(&(objectCategory=person)(userAccountControl:1.2.840.113556.1.4.803:=2))

I was begining to think these websites were wrong as whenever I tried this
filter, I'd go no results. With other filters, I'd get the results I'd
expect to get. I then tried that filter in a couple other applications (one
MS tool and a PHP script running on the same box as my perl script) and it
worked as expected in those cases. In the intrest of testing, I created a
Net::LDAP::Filter object in my script and it seemed to parse the filter
fine. But when I try to run it via the search routine of Net::LDAP I get the
following error:

I/O Error   at ./gather_email.pl line 24, <DATA> line 283.


Unfortuantely, I'm not an LDAP expert by any means nor am I at all familiar
with the Net::LDAP code so I think I've hit a stand-still. Has anybody else
expierenced this (I did try a couple searches and came up empty). Or better
yet, does anybody know how to fix it :).


Thanks,
Jake


0
jacob
9/29/2003 8:16:51 PM
perl.ldap 1268 articles. 0 followers. Follow

0 Replies
1465 Views

Similar Articles

[PageSpeed] 8

Reply:

Similar Artilces:

Net::LDAP, Active Directory and Disabled Users
------_=_NextPart_001_01C386CB.502F3B30 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I've been trying to write a simple perl script that will query the = active directory via LDAP and give me a list of email addresses for disabled = users (eg, addresses we don't want to accept email for anymore). I found a = website or two that suggested I use the following as my filter: (&(objectCategory=3Dperson)(userAccountControl:1.2.840.113556.1.4.803:=3D= 2)) I was beginning to think these websites were wrong as whene...

RE: Net::LDAP, Active Directory and Disabled Users
Version of Perl:=20 5.8.0 (as supplied with RedHat9) Version of Net::LDAP: [jsteenha@jake utilities]$ perl -mNet::LDAP -e 'print = "$Net::LDAP::VERSION\n"' 0.29 Relevant part of Perl code: #!/usr/bin/perl use Net::LDAP; use Net::LDAP::Filter; $filter =3D = '(&(objectCategory=3Dperson)(userAccountControl:1.2.840.113556.1.4.803:=3D= 2))'; #$filter =3D '(objectCategory=3Dperson)'; $f =3D new Net::LDAP::Filter; $f->parse($filter); $f->print(); #exit; my $ldap =3D Net::LDAP->new('acutex-dc01'); my $mesg =3D $...

RE: :LDAP, Active Directory and Disabled Users #2
Useraccountcontrol is a bit flag attribute. You get 514 because a disabled user account has the following properties: 2 : disabled 512 : normal account (not a special account) You can get the list of flags here: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/adsi /ads_user_flag_enum.asp You can use 2 or 514 to find disabled users. This filter will match disabled users: (&(objectCategory=person)(objectclass=user)(userAccountControl:1.2.840.11355 6.1.4.803:=2)) Without objectclass, the filter could also match computer objects. You can f...

RE: :LDAP, Active Directory and Disabled Users
Do some testing - query userAccountControl for an active user - then disable the user and query userAccountControl again. The result will = be the what you should use in your query. In my case all inactive users are 514 .... Best of luck ... HTH -----Original Message----- From: Steenhagen, Jacob [mailto:Jacob.Steenhagen@us.hilite.com] Sent: Monday, September 29, 2003 4:50 PM To: perl-ldap@perl.org Subject: Net::LDAP, Active Directory and Disabled Users I've been trying to write a simple perl script that will query the active directory via LDAP and give me a list o...

RE: :LDAP, Active Directory and Disabled Users #3
I apologize for the repost on this... I originally tried posting it via = NNTP and didn't see it show up so I thought (incorrectly) that NNTP was = read-only and to get the message through I had to send it via the = mailing list. -- "Outlook not so good." That magic 8-ball knows everything! I'll ask = about Exchange Server next.=20 -----Original Message----- From: Jake [mailto:jacob.NOSPAM.steenhagen@us.hilite.BYEBYE.com] Sent: Monday, September 29, 2003 4:17 PM To: perl-ldap@perl.org Subject: Net::LDAP, Active Directory and Disabled Users I've been...

Getting User List from Active Directory using LDAP with Asp.Net
Dear All, Did any body worked on the below process? Getting User List from Active Directory using LDAP with Asp.Net. If Yes, Can u pls guide me to proceed? warm regards, Minor. Not sure if that was supposed to be a hyperlink or not in your post.  However, you should start with the first post in this forum for common patterns.  You are looking for all users, so you can use "(&(objectClass=user)(objectCategory=person))" as your search filter.  Ryan DunnWeblog The BookLDAP Programming Help...

Return All Users with User Groups from Active Directory with LDAP
Hello.  I am trying to write a report that pulls information in from Active Directory.  I have a view created that gets a listing of users and a view that creates a listing of user groups, but I can't seem to figure out how to get all user groups that are associated with the users.  This is what I have. SELECT     *FROM         OPENQUERY(ADSI, 'SELECT objectSid, samAccountName, distinguishedName FROM ''LDAP://wmdomain.local''WHERE objectClass = ''User''')    ...

Fw: Re: make Net::LDAP::LDIF more similar to Net::LDAP #2
Hi, Am 09.06.2004 um 01:44 Uhr haben Sie geschrieben: > Extending Net::LDAP::Entry to update against LDIF and LDAP objects > could allow the changetype modifications to be to produced. > > This would be really useful to produce changetypes for entry objects by > updating against an LDIF object to produce the changetype LDIF required > up to synchronise entry objects. as Graham posted you can to that already now. Simply create your Net::LDAP::Entry object with the changes option set to TRUE. Having created the ::LDIF object that way you autom...

Net::LDAP and Net:LDAP::LDIF read & add problems #2
I'm trying to read in a simple LDIF file to add an entry to my LDAP server. Here is the basic routine (extraneous details omitted for brevity and security): $ldif = Net::LDAP::LDIF->new($tmp,"r",onerror => 'warn'); $entry = $ldif->ready_entry(); $ldap = Net::LDAP->new($LDAPSERVER); $result=$ldap->bind("$binddn",password=>"$bindpass",version=>"3"); $result=$ldap->add($entry); Now, everything seems to work until I get to the $ldap->add method. From that I get various versions of the following: obj...

Active Directory Ldap Authentication on Bugzilla 3.2.2
Hello All, I am trying to setup Active Directory LDAP authentication on Bugzilla 3.2.2 but getting following error Failed to bind to the LDAP server. The error message was: 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece´┐Ż Using following options I have changed original domain name to example for security reasons 'LDAPBaseDN' => 'DC=example,DC=com', 'LDAPbinddn' => 'CN=users;CN=user name;DC=example;DC=com:password', 'LDAPfilter' => '', ...

iFolder and Active Directory LDAPS (LDAP over SSL)
I am looking for some insight in getting my iFolder server communicating with an Active directory server over SSL for user Authentication. I am using iFolder 2.1.3 and Windows 2003SP1 on the servers for both iFolder server OS and Active Directory OS. I have installed the root cert for the domain on the iFolder server. When I use the iFolder installer I can extend the schema of the directory structure over 636 using SSL without any problems, it connects and looks good. When iFolder starts the logfile has the following entries Starting iFolder server, version 2.1.3 [04/06/01] Conf...

RE: Active Directory and LDAP sizelimit #2
Thanks, Brian. I had finally got someone to point me to ntdsutil - now I'm trying to make it work. The various on-line things from Microsoft aren't that informative. But at least I now know where to look. jj John Thayer Jensen, System Administrator Computing Service, School of Business University of Auckland Room 256, 15 Wynyard Street voice: +64 9 373-7599 ext 87543 FAX: +64 9 373-7696 mobile: +64 21 049-7702 quickdial: 60001 http://staff.business.auckland.ac.nz/~j.jensen -----Original Message----- From: Johnson, Brian K [mailto:brian.k.johnson@lmco.com]...

4 issues with Net::LDAP and Active Directory
------_=_NextPart_001_01C74A47.D441C220 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable I have 4 issues which I do not understand and I have searched the Net::LDAP documentation up and down and cannot figure it out. =20 1. pwdLastSet is only available for the DN of the user who is logged in. (That seems a little odd, why is that?) and yes I logged in as another user using LDAP and it was available for them and not me. =20 2. pwdLastSet is some Active Directory timestamp (Why oh why cant Microsoft just use utc like ev...

Bugzilla 2.18rc3, Active Directory, and LDAP
Hi, everyone, I'm trying to get Bugzilla 2.18rc3 to authenticate against Active Directory. I've read the manual, done copious Web and newsgroup searches, double-checked everything I can think of, and I feel certain that I'm on the very cusp of success . . . but it's still not working. Here's the configuration I'm using: Bugzilla 2.18rc3 running on Fedora Core 2 Perl 5.8.3 with Net::LDAP and all the required and optional modules for Bugzilla Active Directory running on Windows 2003 In Bugzilla, here are the LDAP settings: LDAPserver: domainserve...

Web resources about - Net::LDAP, Active Directory and Disabled Users #2 - perl.ldap

Resources last updated: 12/11/2015 10:50:14 AM