Forum: Ruby net::ldap - add_attribute

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Rcmn 7. (Guest)
on 2007-02-02 23:22
i'm trying to add a workstation "monnomdemachine" to a group "mygroup"

but i get "#<OpenStruct message="Unwilling to perform", code=53>"


require 'net/ldap'

# look up Machine to ProdWindowsXPWorkstations
 ldap = Net::LDAP.new :host => '11111111',
      :port => 389,
      :auth => {
            :method => :simple,
            :username =>
"cn=user,ou=ou0,ou=ou1,ou=ou3,dc=dc,dc=dc1,dc=net",
            :password => "pass"
      }

 filter = Net::LDAP::Filter.eq( "cn", "monnomdemachine" )
 treebase = "dc=dc,dc=dc1,dc=net"

 ldap.search( :base => treebase, :filter => filter ) do |entry|
   $dnwks = "DN: #{entry.dn}"
   end

    gr = "CN=mygoupe,OU=uu2,OU=uu1,OU=uu,dc=dc,dc=dc1,dc=net"
 ldap.add_attribute gr, :member, $dnwks

p ldap.get_operation_result
Francis C. (Guest)
on 2007-02-03 01:43
(Received via mailing list)
On 2/2/07, Rcmn 73 <removed_email_address@domain.invalid> wrote:
>       :port => 389,
> ldap.search( :base => treebase, :filter => filter ) do |entry|
>
>

Looks like you gave the parameters to Net::LDAP#add_attribute in the
wrong
order.

By the way, you don't have to give a block to Net::LDAP#search if you
prefer
not to. It will return an array of the returned objects.
Rcmn 7. (Guest)
on 2007-02-03 02:40
> Looks like you gave the parameters to Net::LDAP#add_attribute in the
> wrong
> order.
>

are we talking about
> ldap.add_attribute gr, :member, $dnwks

or

> ldap.search( :base => treebase, :filter => filter ) do |entry|

search seems to work fine since i'm able to return entry but i have
trouble add_attribute .i followed the rdoc but maybe i don't use it
properly.
Francis C. (Guest)
on 2007-02-03 02:47
(Received via mailing list)
On 2/2/07, Rcmn 73 <removed_email_address@domain.invalid> wrote:
>
>
>  are we talking about
> > ldap.add_attribute gr, :member, $dnwks



Yes. Re-read the rdoc. The DN which specifies the entry to which you are
adding the attribute is the first parameter.
Rcmn 7. (Guest)
on 2007-02-03 22:20
Francis C. wrote:
> On 2/2/07, Rcmn 73 <removed_email_address@domain.invalid> wrote:
>>
>>
>>  are we talking about
>> > ldap.add_attribute gr, :member, $dnwks
>
>
>
> Yes. Re-read the rdoc. The DN which specifies the entry to which you are
> adding the attribute is the first parameter.

i think i'm using it properly.
> ldap.add_attribute gr, :member, $dnwks

"gr" is the group to which i want to add an entry.
":member" is the attribute.So i will add the member $dnwks to gr.
"$dnwks" is the object i want to add.

also it tried various combination but it get worst.
Rcmn 7. (Guest)
on 2007-02-05 18:45
I finally found my mistake and fixed it that way.
thank you for the help.

require 'net/ldap'

# look up Machine to ProdWindowsXPWorkstations
 ldap = Net::LDAP.new :host => '11111111',
      :port => 389,
      :auth => {
            :method => :simple,
            :username =>
"cn=user,ou=ou0,ou=ou1,ou=ou3,dc=dc,dc=dc1,dc=net",
            :password => "pass"
      }

 filter = Net::LDAP::Filter.eq( "cn", "monnomdemachine" )
 treebase = "dc=dc,dc=dc1,dc=net"

 ldap.search( :base => treebase, :filter => filter ) do |entry|
   dnwks = "DN: #{entry.dn}"


    dn = "CN=mygoupe,OU=uu2,OU=uu1,OU=uu,dc=dc,dc=dc1,dc=net"
 ldap.add_attribute dn, :member, dnwks
end
p ldap.get_operation_result
Francis C. (Guest)
on 2007-02-05 21:22
(Received via mailing list)
On 2/5/07, Rcmn 73 <removed_email_address@domain.invalid> wrote:
>             :method => :simple,
>
>
>     dn = "CN=mygoupe,OU=uu2,OU=uu1,OU=uu,dc=dc,dc=dc1,dc=net"
> ldap.add_attribute dn, :member, dnwks
> end
> p ldap.get_operation_result
>
> --
> Posted via http://www.ruby-forum.com/.
>
>

Ah. Sounds like the problem was a schema violation all along, then. That
also is consistent with a 53 error code.
Rcmn 7. (Guest)
on 2007-02-05 21:43
Francis C. wrote:
> On 2/5/07, Rcmn 73 <removed_email_address@domain.invalid> wrote:
>>             :method => :simple,
>>
>>
>>     dn = "CN=mygoupe,OU=uu2,OU=uu1,OU=uu,dc=dc,dc=dc1,dc=net"
>> ldap.add_attribute dn, :member, dnwks
>> end
>> p ldap.get_operation_result
>>
>> --
>> Posted via http://www.ruby-forum.com/.
>>
>>
>
> Ah. Sounds like the problem was a schema violation all along, then. That
> also is consistent with a 53 error code.

yes it was.thx.

I had 2 other questions the first one is related to this post
http://www.ruby-forum.com/topic/82437#144516 and i was wondering if
other people asked for it and if so ;do you think it might be supported?
if not what would be a good work around ?
Rcmn 7. (Guest)
on 2007-02-05 22:00
Rcmn 73 wrote:
> Francis C. wrote:
>> On 2/5/07, Rcmn 73 <removed_email_address@domain.invalid> wrote:
>>            :method => :simple,

> I had 2 other questions the first one is related to this post
> http://www.ruby-forum.com/topic/82437#144516 and i was wondering if
> other people asked for it and if so ;do you think it might be supported?
> if not what would be a good work around ?

 and i forgot my 2nd question.would ldap.modify be faster than
ldap.add_attribute ?
Francis C. (Guest)
on 2007-02-05 22:11
(Received via mailing list)
On 2/5/07, Rcmn 73 <removed_email_address@domain.invalid> wrote:
>
> and i forgot my 2nd question.would ldap.modify be faster than
> ldap.add_attribute ?
>
> --
> Posted via http://www.ruby-forum.com/.
>
>

#add_attribute and #modify are essentially the same protocol on the
wire. I
doubt the client-side code for one is much faster than the other. If it
were, the network latency would probably be far more than the difference
anyway.
Francis C. (Guest)
on 2007-02-05 22:15
(Received via mailing list)
On 2/5/07, Rcmn 73 <removed_email_address@domain.invalid> wrote:
>
> Rcmn 73 wrote:
> > Francis C. wrote:
> >> On 2/5/07, Rcmn 73 <removed_email_address@domain.invalid> wrote:
> >>            :method => :simple,
>
> > I had 2 other questions the first one is related to this post
> > http://www.ruby-forum.com/topic/82437#144516 and i was wondering if
> > other people asked for it and if so ;do you think it might be supported?
> > if not what would be a good work around ?



I have to confess that I 'm still not clear on what you want to do in
regard
to the password storage problem. Net::LDAP already has the ability to
take a
Ruby block in place of a String password in the places where a password
is
required (Net::LDAP#open, Net::LDAP#new). Check that out and see if you
can
use it. If not, then I'll need a more clearly-stated feature request.
This topic is locked and can not be replied to.