Forum: Ruby ruby-ldap, invalid credentials

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Daniel.Berger (Guest)
on 2005-11-17 19:39
(Received via mailing list)
Hi all,

Another ldap newb question.

I can't seem to bind to the ldap server with a password.  For example,
this works:

# ldaptest.rb
require "ldap"

ldap_server = "ldap.foo.com"
password    = "XXX"

ldap = LDAP::Conn.new(ldap_server)
ldap.simple_bind("cn=djberge,dc=foo,dc=bar,dc=com")

However, if I try to password as the second argument to simple_bind, I
get an
Invalid credentials (LDAP::ResultError).  I'm positive the password is
correct.

My main goal is to perform ldap authentication within a Rails
controller.  I
thought I could just check success or failure on simple_bind, but that
doesn't
seem to be the case.

What am I doing wrong?

Thanks,

Dan
bouncer (Guest)
on 2005-11-18 15:39
(Received via mailing list)
class LdapAdmin
  def initialize()
    @LDAP_SERVER = 'ldap.lse.ac.uk'
    @LDAP_BASE_DN = 'dc=linux,dc=lse,dc=ac,dc=uk'
  end

  def login_connect?(login, password)
    # test whether the login can connect to ldap with password
    # -> true - yes
    # -> false - no
    require 'ldap'
    flag = false
    con = LDAP::Conn.new(@LDAP_SERVER)
    con.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
    begin
      con.bind("cn=#{login},#{@LDAP_BASE_DN}", password)
      con.unbind()
      flag = true
    rescue LDAP::ResultError
      flag = false
    end
    return flag
  end
end

the above chunk of code works for me. the #{login} is admin and the
password
is the one specified in /etc/ldap/slapd.conf file (basically, i use it
to
log in to ldap admin account).

hope this helps,

vlad
bouncer (Guest)
on 2005-11-18 15:48
(Received via mailing list)
http://pegacat.com/jxplorer/

helps me a lot with ldap.

vlad
This topic is locked and can not be replied to.