querying Active Directory via LDAP in perl

Discussion in 'Perl Misc' started by joseph85750@yahoo.com, Dec 11, 2008.

  1. Guest

    I've been poking at this on and off over the past few months, never
    having much success. I was never sure what sort of crazy query string
    the AD server wanted. But then it occurred to me that my Linux
    Evolution email client does this without any problems-- only using the
    IP address of the Active Directory LDAP server. I can query/search,
    and it immediately returns all matches.

    How can it do this without the big ugly
    "cn=users,dc=foo,dc=blah,o=acme......" string ?

    Since this is obviously possible and simple (except for me), how could
    I do this same simple query in perl-- only armed with the IP address
    of my AD/LDAP server?

    Curiously,
    JS
    , Dec 11, 2008
    #1
    1. Advertising

  2. Thrill5 Guest

    <> wrote in message
    news:...
    > I've been poking at this on and off over the past few months, never
    > having much success. I was never sure what sort of crazy query string
    > the AD server wanted. But then it occurred to me that my Linux
    > Evolution email client does this without any problems-- only using the
    > IP address of the Active Directory LDAP server. I can query/search,
    > and it immediately returns all matches.
    >
    > How can it do this without the big ugly
    > "cn=users,dc=foo,dc=blah,o=acme......" string ?
    >
    > Since this is obviously possible and simple (except for me), how could
    > I do this same simple query in perl-- only armed with the IP address
    > of my AD/LDAP server?
    >
    > Curiously,
    > JS


    Google "LDAP query syntax", and you will find a whole bunch of information
    about querying AD via LDAP.
    Thrill5, Dec 12, 2008
    #2
    1. Advertising

  3. Guest

    On Dec 11, 7:11 pm, "Thrill5" <> wrote:
    > <> wrote in message
    >
    > news:...
    >
    >
    >
    > > I've been poking at this on and off over the past few months, never
    > > having much success.  I was never sure what sort of crazy query string
    > > the AD server wanted.   But then it occurred to me that my Linux
    > > Evolution email client does this without any problems-- only using the
    > > IP address of the Active Directory LDAP server.  I can query/search,
    > > and it immediately returns all matches.

    >
    > > How can it do this without the big ugly
    > > "cn=users,dc=foo,dc=blah,o=acme......" string ?

    >
    > > Since this is obviously possible and simple (except for me), how could
    > > I do this same simple query in perl-- only armed with the IP address
    > > of my AD/LDAP server?

    >
    > > Curiously,
    > > JS

    >
    > Google "LDAP query syntax",  and you will find a whole bunch of information
    > about querying AD via LDAP.


    Yes, google returns many articles mentioning query strings, such as:

    search DN: ou=groups,ou=@company,dc=corp,dc=trx,dc=com

    But back to my original question-- Evolution doesn't seem to need any
    of this. In Evolution, you simply give it the IP address of your AD/
    LDAP server and it all magically works. Evolution is running on a
    linux box, which has no knowledge of the query string variables.

    I even tried running a tcpdump on the connection to figure out what it
    was doing but couldn't figure it out.
    , Dec 12, 2008
    #3
  4. Thrill5 Guest

    <> wrote in message
    news:...
    On Dec 11, 7:11 pm, "Thrill5" <> wrote:
    > <> wrote in message
    >
    > news:...
    >
    >
    >
    > > I've been poking at this on and off over the past few months, never
    > > having much success. I was never sure what sort of crazy query string
    > > the AD server wanted. But then it occurred to me that my Linux
    > > Evolution email client does this without any problems-- only using the
    > > IP address of the Active Directory LDAP server. I can query/search,
    > > and it immediately returns all matches.

    >
    > > How can it do this without the big ugly
    > > "cn=users,dc=foo,dc=blah,o=acme......" string ?

    >
    > > Since this is obviously possible and simple (except for me), how could
    > > I do this same simple query in perl-- only armed with the IP address
    > > of my AD/LDAP server?

    >
    > > Curiously,
    > > JS

    >
    > Google "LDAP query syntax", and you will find a whole bunch of information
    > about querying AD via LDAP.


    >Yes, google returns many articles mentioning query strings, such as:
    >
    >search DN: ou=groups,ou=@company,dc=corp,dc=trx,dc=com
    >
    >But back to my original question-- Evolution doesn't seem to need any
    >of this. In Evolution, you simply give it the IP address of your AD/
    >LDAP server and it all magically works. Evolution is running on a
    >linux box, which has no knowledge of the query string variables.
    >
    >I even tried running a tcpdump on the connection to figure out what it
    >was doing but couldn't figure it out.


    You obviously haven't read them, if you did you would know how to do this.
    You need only to specify the CN to search for, the base DN (where to start
    the search) along with setting the appropriate seach scope (i.e. subtree).
    Thrill5, Dec 13, 2008
    #4
  5. Guest

    On Dec 13, 10:48 am, "Thrill5" <> wrote:
    > <> wrote in message
    >
    > news:...
    > On Dec 11, 7:11 pm, "Thrill5" <> wrote:
    >
    >
    >
    > > <> wrote in message

    >
    > >news:...

    >
    > > > I've been poking at this on and off over the past few months, never
    > > > having much success. I was never sure what sort of crazy query string
    > > > the AD server wanted. But then it occurred to me that my Linux
    > > > Evolution email client does this without any problems-- only using the
    > > > IP address of the Active Directory LDAP server. I can query/search,
    > > > and it immediately returns all matches.

    >
    > > > How can it do this without the big ugly
    > > > "cn=users,dc=foo,dc=blah,o=acme......" string ?

    >
    > > >Since this is obviously possible and simple(except for me), how could
    > > > I do this same simple query in perl-- only armed with the IP address
    > > > of my AD/LDAP server?

    >
    > > > Curiously,
    > > > JS

    >
    > > Google "LDAP query syntax", and you will find a whole bunch of information
    > > about querying AD via LDAP.
    > >Yes, google returns many articles mentioning query strings, such as:

    >
    > >search DN: ou=groups,ou=@company,dc=corp,dc=trx,dc=com

    >
    > >But back to my original question-- Evolution doesn't seem to need any
    > >of this. In Evolution, you simply give it the IP address of your AD/
    > >LDAP server and it all magically works. Evolution is running on a
    > >linux box, which has no knowledge of the query string variables.

    >
    > >I even tried running a tcpdump on the connection to figure out what it
    > >was doing but couldn't figure it out.

    >
    > You obviously haven't read them, if you did you would know how to do this.
    > You need only to specify the CN to search for, the base DN (where to start
    > the search) along with setting the appropriate seach scope (i.e. subtree).


    How does the Evolution mail client know how to query the AD Ldap
    then? I specified no CN, DN, or subtree; only the IP address of the
    AD Ldap.
    , Dec 14, 2008
    #5
  6. writes:

    > On Dec 13, 10:48 am, "Thrill5" <> wrote:
    >> <> wrote in message
    >>
    >> news:...
    >> On Dec 11, 7:11 pm, "Thrill5" <> wrote:
    >>


    <snip>

    >> > Google "LDAP query syntax", and you will find a whole bunch of information
    >> > about querying AD via LDAP.
    >> >Yes, google returns many articles mentioning query strings, such as:

    >>
    >> >search DN: ou=groups,ou=@company,dc=corp,dc=trx,dc=com

    >>
    >> >But back to my original question-- Evolution doesn't seem to need any
    >> >of this. In Evolution, you simply give it the IP address of your AD/
    >> >LDAP server and it all magically works. Evolution is running on a
    >> >linux box, which has no knowledge of the query string variables.

    >>
    >> >I even tried running a tcpdump on the connection to figure out what it
    >> >was doing but couldn't figure it out.

    >>
    >> You obviously haven't read them, if you did you would know how to do this.
    >> You need only to specify the CN to search for, the base DN (where to start
    >> the search) along with setting the appropriate seach scope (i.e. subtree).

    >
    > How does the Evolution mail client know how to query the AD Ldap
    > then? I specified no CN, DN, or subtree; only the IP address of the
    > AD Ldap.


    Evolution does specify the CN:

    mvdwege@gareth:/usr/lib/evolution$ find . -exec strings \{} \; | grep -i 'cn ='
    cn = %s

    Furthermore, I concur with the previous poster: *read* those search
    entries. LDAP query syntax isn't that hard to understand, it's just
    verbose.

    Mart

    --
    "We will need a longer wall when the revolution comes."
    --- AJS, quoting an uncertain source.
    Mart van de Wege, Dec 14, 2008
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Andrew
    Replies:
    1
    Views:
    581
    Kevin Spencer
    Jun 24, 2004
  2. Gerry Hickman

    Re: Querying Active Directory from ASP.NET

    Gerry Hickman, Sep 21, 2004, in forum: ASP .Net
    Replies:
    6
    Views:
    484
    Gerry Hickman
    Sep 23, 2004
  3. Gerry Hickman

    Re: Querying Active Directory from ASP.NET

    Gerry Hickman, Sep 23, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    1,361
    Gerry Hickman
    Sep 23, 2004
  4. =?Utf-8?B?VHJleSBNaXRjaGVsbA==?=

    ASP.Net querying Active Directory works on one page and not anothe

    =?Utf-8?B?VHJleSBNaXRjaGVsbA==?=, Jul 19, 2005, in forum: ASP .Net
    Replies:
    0
    Views:
    381
    =?Utf-8?B?VHJleSBNaXRjaGVsbA==?=
    Jul 19, 2005
  5. Andrew

    Problem querying LDAP and/or Active Directory

    Andrew, Jun 23, 2004, in forum: ASP .Net Security
    Replies:
    1
    Views:
    276
    Joe Kaplan \(MVP - ADSI\)
    Jun 24, 2004
Loading...

Share This Page