Sign in to follow this  
Followers 0
RogFleming

Generic LDAP Integration ldapsearch and ldapmodify

1 post in this topic

I wanted to share since over the last yeqar or so there not been much in how to use Autoit with Generic LDAp directories for example Apache Directory Server, IPlanet and other generic flavors: If you can find a genric or even Sun's open source ldapsearch or ldapmodify.exe you will be good to go: You will notice I linked an user in AD to a user in LDAP. So the 2 directories can work together without extending the schema in AD or using ATOM. Basically LDAP directory is a marrior of AD and using AD to figure the path in the LDAP directory.

this is an example for searching for a record in ldap:

Func _GetAppCredentials($AD_USERNAME,$app)
            If _CheckUserRecord($AD_USERNAME) = 0 Then
            _CreateUserRecord($AD_USERNAME)
            EndIf
            $AppCred =_GetAppData($AD_USERNAME,$app)
            $pwddata =_ArraySearch($AppCred,"userPassword:",0,0,0,1)
            $apppwd = StringTrimLeft($AppCred[$pwddata],13)
            $userdata = _ArraySearch($AppCred,"sn:",0,0,0,1)
            $applogin = StringTrimLeft($AppCred[$userdata],3)

EndFunc

Func _CheckUserRecord($AD_USERNAME)
    _GetLDAPDataFromREG()
    _AD_Open()
    $USERFQDN = _AD_SamAccountNameToFQDN($AD_USERNAME)
    _AD_Close()
    Local $ldapuserfqdn = StringTrimLeft($USERFQDN, 3)
    Local $pwdlen, $userpwddata
    Local $ldapdir = "C:\Progra~1\LDAP\"
    Local $ldapport = "10389"
    Local $ldapsearch = "ldapsearch.exe"
    Local $ldapmodify = "ldapmodify.exe"
    Local $ldapscope = "sub"
    Local $ldapPerson = "OU="&$ldapuserfqdn
    Local $ldapconn = "-h" & " " & $ldapsvr & " " & "-p" & " " & $ldapport
    Local $ldapauth = "-D" & " " & $ldapadmin & " " & "-w" & " " & $ldappwd

    ConsoleWrite($ldapdir&$ldapsearch&" "&$ldapconn&" "&$ldapauth&" "&"-b"&" "&$ldapBaseDN&" "&$ldapPerson&" "&"objectclass=*"&@CRLF)
    Local $foo1 =Run(@ComSpec&" /c"&" "&$ldapdir&"\"&$ldapsearch&" "&$ldapconn&" "&$ldapauth&" "&"-b"&" "&""""&$ldapPerson&""""&" "&"OU=*",$ldapdir, @SW_HIDE, $STDERR_CHILD + $STDOUT_CHILD)
    Local $line1
    While 1
        $line1 = StdoutRead($foo1)
        If @error Then ExitLoop
        If $line1 <> "" Then
            ConsoleWrite("_CheckUserRecord1:"&" "&$line1)
            Return 1
        EndIf
    WEnd

    While 1
        $line1 = StderrRead($foo1)
        If @error Then ExitLoop
            ConsoleWrite("_CheckUserRecord_Error"&" "&$line1)
        Return -1
    WEnd
    ConsoleWrite("_CheckUserRecord0:"&" "&$line1)
    Return 0
EndFunc

For creating a record:

Func _CreateUserRecord($AD_USERNAME)
    _GetLDAPDataFromREG()
    _AD_Open()
    $USERFQDN = _AD_SamAccountNameToFQDN($AD_USERNAME)
    _AD_Close()
    Local $ldapuserfqdn = StringTrimLeft($USERFQDN, 3)
    Local $ldapdir = _PathFull("C:\Progra~1\LDAP\")
    Local $ldapfile = "SetUser.ldif"
    Local $ldapsvr = "localhost"
    Local $ldapport = "10389"
    Local $ldapsearch = "ldapsearch.exe"
    Local $ldapmodify = "ldapmodify.exe"
    Local $ldapconn = "-h" & " " & $ldapsvr & " " & "-p" & " " & $ldapport
    Local $ldapcmd = "-D" & " " & $ldapadmin & " " & "-w" & " " & $ldappwd
    Local $ldapaddfile = "-a -f" & " " & $ldapdir & $ldapfile

    _FileCreate($ldapdir & $ldapfile)
    $ldapfilename = FileOpen($ldapdir & $ldapfile, 1)
    FileWrite($ldapfilename,"dn: ou="& $ldapuserfqdn & @CRLF)
    FileWrite($ldapfilename,"changetype: add"&@CRLF)
    FileWrite($ldapfilename,"objectClass: organizationalUnit"&@CRLF)
    FileWrite($ldapfilename,"objectClass: top"&@CRLF)
    ;FileWrite($ldapfilename,"ou:"&$ldapuserfqdn&@CRLF)

    FileClose($ldapfilename)

    If $ldapfilename = -1 Then
        ConsoleWrite("Error"&" "&"LDIF file is missing")
        Exit
    EndIf
    Local $foo1 = Run(@ComSpec&" /c"&" "&$ldapdir&"ldapmodify.exe"&" "&"-h"&" "&$ldapsvr&" "&"-p"&" "&$ldapport&" "&"-a -f"&" "&$ldapfile&" "&"-D"&" "&$ldapadmin&" "&"-w"&" "&$ldappwd, $ldapdir, @SW_HIDE, $STDERR_CHILD + $STDOUT_CHILD)
    Local $line1
    Sleep(25)
    While 1
        $line1 = StdoutRead($foo1)
        If @error Then ExitLoop
        If $line1 <> "" Then
            ConsoleWrite("_CreateUserRecord: "&$line1)
        EndIf
    WEnd

    While 1
        $line1 = StderrRead($foo1)
        If @error Then ExitLoop
        If $line1 <> "" Then
            ConsoleWrite("_CreateUserRecord_Error: "&$line1)
        EndIf
    WEnd
    If FileExists($ldapfilename) Then
        FileDelete($ldapfilename)
    EndIf
    ;AddAppToUser($AppName,$distinguishedName,$sAMAccountName,$userpwd)
EndFunc   ;==>CreateDirUser

Get record information:

Func _GetAppData($AD_USERNAME,$app)
    _GetLDAPDataFromREG()
    _AD_Open()
    $USERFQDN = _AD_SamAccountNameToFQDN($AD_USERNAME)
    _AD_Close()
    Local $ldapuserfqdn = StringTrimLeft($USERFQDN, 3)
    Local $userlen, $usernamedata
    Local $ldapdir = _PathFull("C:\Progra~1\LDAP\")
    Local $ldapport = "10389"
    Local $ldapsearch = "ldapsearch.exe"
    Local $ldapmodify = "ldapmodify.exe"
    Local $ldapscope = "sub"
    Local $ldapPerson = "ou="&$ldapuserfqdn
    Local $ldapconn = "-h" & " " & $ldapsvr & " " & "-p" & " " & $ldapport
    Local $ldapauth = "-D" & " " & $ldapadmin & " " & "-w" & " " & $ldappwd
    Local $foo1 =Run(@ComSpec&" /c"&" "&$ldapdir&"\"&$ldapsearch&" "&$ldapconn&" "&$ldapauth&" "&"-b"&" "&""""&$ldapPerson&""""&" "&"cn="&$app,$ldapdir, @SW_HIDE, $STDERR_CHILD + $STDOUT_CHILD)
    Local $line1
    While 1
        $line1 = StdoutRead($foo1)
        If @error Then ExitLoop
        If $line1 <> "" Then
            ConsoleWrite(":_GetAppData: "&$line1)
            $stripwsdata = StringStripWS($line1,4)
            $appinfo = StringSplit($stripwsdata,@CR)
            Return $appinfo
        EndIf
    WEnd

    While 1
        $line1 = StderrRead($foo1)
        If @error Then ExitLoop
            ConsoleWrite("_GetAppData_Error: "&$line1)
        Return -1
    WEnd
    ConsoleWrite("_GetAppdata: No Application Username found"&@CRLF)
EndFunc   ;==>CheckLdapCred

Share this post


Link to post
Share on other sites



Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0