Jump to content

Generic LDAP Integration ldapsearch and ldapmodify


RogFleming
 Share

Recommended Posts

I wanted to share since over the last yeqar or so there not been much in how to use Autoit with Generic LDAp directories for example Apache Directory Server, IPlanet and other generic flavors: If you can find a genric or even Sun's open source ldapsearch or ldapmodify.exe you will be good to go: You will notice I linked an user in AD to a user in LDAP. So the 2 directories can work together without extending the schema in AD or using ATOM. Basically LDAP directory is a marrior of AD and using AD to figure the path in the LDAP directory.

this is an example for searching for a record in ldap:

Func _GetAppCredentials($AD_USERNAME,$app)
            If _CheckUserRecord($AD_USERNAME) = 0 Then
            _CreateUserRecord($AD_USERNAME)
            EndIf
            $AppCred =_GetAppData($AD_USERNAME,$app)
            $pwddata =_ArraySearch($AppCred,"userPassword:",0,0,0,1)
            $apppwd = StringTrimLeft($AppCred[$pwddata],13)
            $userdata = _ArraySearch($AppCred,"sn:",0,0,0,1)
            $applogin = StringTrimLeft($AppCred[$userdata],3)

EndFunc

Func _CheckUserRecord($AD_USERNAME)
    _GetLDAPDataFromREG()
    _AD_Open()
    $USERFQDN = _AD_SamAccountNameToFQDN($AD_USERNAME)
    _AD_Close()
    Local $ldapuserfqdn = StringTrimLeft($USERFQDN, 3)
    Local $pwdlen, $userpwddata
    Local $ldapdir = "C:\Progra~1\LDAP\"
    Local $ldapport = "10389"
    Local $ldapsearch = "ldapsearch.exe"
    Local $ldapmodify = "ldapmodify.exe"
    Local $ldapscope = "sub"
    Local $ldapPerson = "OU="&$ldapuserfqdn
    Local $ldapconn = "-h" & " " & $ldapsvr & " " & "-p" & " " & $ldapport
    Local $ldapauth = "-D" & " " & $ldapadmin & " " & "-w" & " " & $ldappwd

    ConsoleWrite($ldapdir&$ldapsearch&" "&$ldapconn&" "&$ldapauth&" "&"-b"&" "&$ldapBaseDN&" "&$ldapPerson&" "&"objectclass=*"&@CRLF)
    Local $foo1 =Run(@ComSpec&" /c"&" "&$ldapdir&"\"&$ldapsearch&" "&$ldapconn&" "&$ldapauth&" "&"-b"&" "&""""&$ldapPerson&""""&" "&"OU=*",$ldapdir, @SW_HIDE, $STDERR_CHILD + $STDOUT_CHILD)
    Local $line1
    While 1
        $line1 = StdoutRead($foo1)
        If @error Then ExitLoop
        If $line1 <> "" Then
            ConsoleWrite("_CheckUserRecord1:"&" "&$line1)
            Return 1
        EndIf
    WEnd

    While 1
        $line1 = StderrRead($foo1)
        If @error Then ExitLoop
            ConsoleWrite("_CheckUserRecord_Error"&" "&$line1)
        Return -1
    WEnd
    ConsoleWrite("_CheckUserRecord0:"&" "&$line1)
    Return 0
EndFunc

For creating a record:

Func _CreateUserRecord($AD_USERNAME)
    _GetLDAPDataFromREG()
    _AD_Open()
    $USERFQDN = _AD_SamAccountNameToFQDN($AD_USERNAME)
    _AD_Close()
    Local $ldapuserfqdn = StringTrimLeft($USERFQDN, 3)
    Local $ldapdir = _PathFull("C:\Progra~1\LDAP\")
    Local $ldapfile = "SetUser.ldif"
    Local $ldapsvr = "localhost"
    Local $ldapport = "10389"
    Local $ldapsearch = "ldapsearch.exe"
    Local $ldapmodify = "ldapmodify.exe"
    Local $ldapconn = "-h" & " " & $ldapsvr & " " & "-p" & " " & $ldapport
    Local $ldapcmd = "-D" & " " & $ldapadmin & " " & "-w" & " " & $ldappwd
    Local $ldapaddfile = "-a -f" & " " & $ldapdir & $ldapfile

    _FileCreate($ldapdir & $ldapfile)
    $ldapfilename = FileOpen($ldapdir & $ldapfile, 1)
    FileWrite($ldapfilename,"dn: ou="& $ldapuserfqdn & @CRLF)
    FileWrite($ldapfilename,"changetype: add"&@CRLF)
    FileWrite($ldapfilename,"objectClass: organizationalUnit"&@CRLF)
    FileWrite($ldapfilename,"objectClass: top"&@CRLF)
    ;FileWrite($ldapfilename,"ou:"&$ldapuserfqdn&@CRLF)

    FileClose($ldapfilename)

    If $ldapfilename = -1 Then
        ConsoleWrite("Error"&" "&"LDIF file is missing")
        Exit
    EndIf
    Local $foo1 = Run(@ComSpec&" /c"&" "&$ldapdir&"ldapmodify.exe"&" "&"-h"&" "&$ldapsvr&" "&"-p"&" "&$ldapport&" "&"-a -f"&" "&$ldapfile&" "&"-D"&" "&$ldapadmin&" "&"-w"&" "&$ldappwd, $ldapdir, @SW_HIDE, $STDERR_CHILD + $STDOUT_CHILD)
    Local $line1
    Sleep(25)
    While 1
        $line1 = StdoutRead($foo1)
        If @error Then ExitLoop
        If $line1 <> "" Then
            ConsoleWrite("_CreateUserRecord: "&$line1)
        EndIf
    WEnd

    While 1
        $line1 = StderrRead($foo1)
        If @error Then ExitLoop
        If $line1 <> "" Then
            ConsoleWrite("_CreateUserRecord_Error: "&$line1)
        EndIf
    WEnd
    If FileExists($ldapfilename) Then
        FileDelete($ldapfilename)
    EndIf
    ;AddAppToUser($AppName,$distinguishedName,$sAMAccountName,$userpwd)
EndFunc   ;==>CreateDirUser

Get record information:

Func _GetAppData($AD_USERNAME,$app)
    _GetLDAPDataFromREG()
    _AD_Open()
    $USERFQDN = _AD_SamAccountNameToFQDN($AD_USERNAME)
    _AD_Close()
    Local $ldapuserfqdn = StringTrimLeft($USERFQDN, 3)
    Local $userlen, $usernamedata
    Local $ldapdir = _PathFull("C:\Progra~1\LDAP\")
    Local $ldapport = "10389"
    Local $ldapsearch = "ldapsearch.exe"
    Local $ldapmodify = "ldapmodify.exe"
    Local $ldapscope = "sub"
    Local $ldapPerson = "ou="&$ldapuserfqdn
    Local $ldapconn = "-h" & " " & $ldapsvr & " " & "-p" & " " & $ldapport
    Local $ldapauth = "-D" & " " & $ldapadmin & " " & "-w" & " " & $ldappwd
    Local $foo1 =Run(@ComSpec&" /c"&" "&$ldapdir&"\"&$ldapsearch&" "&$ldapconn&" "&$ldapauth&" "&"-b"&" "&""""&$ldapPerson&""""&" "&"cn="&$app,$ldapdir, @SW_HIDE, $STDERR_CHILD + $STDOUT_CHILD)
    Local $line1
    While 1
        $line1 = StdoutRead($foo1)
        If @error Then ExitLoop
        If $line1 <> "" Then
            ConsoleWrite(":_GetAppData: "&$line1)
            $stripwsdata = StringStripWS($line1,4)
            $appinfo = StringSplit($stripwsdata,@CR)
            Return $appinfo
        EndIf
    WEnd

    While 1
        $line1 = StderrRead($foo1)
        If @error Then ExitLoop
            ConsoleWrite("_GetAppData_Error: "&$line1)
        Return -1
    WEnd
    ConsoleWrite("_GetAppdata: No Application Username found"&@CRLF)
EndFunc   ;==>CheckLdapCred
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...