Net::ldap - add_attribute


#1

i’m trying to add a workstation “monnomdemachine” to a group “mygroup”

but i get “#<OpenStruct message=“Unwilling to perform”, code=53>”

require ‘net/ldap’

look up Machine to ProdWindowsXPWorkstations

ldap = Net::LDAP.new :host => ‘11111111’,
:port => 389,
:auth => {
:method => :simple,
:username =>
“cn=user,ou=ou0,ou=ou1,ou=ou3,dc=dc,dc=dc1,dc=net”,
:password => “pass”
}

filter = Net::LDAP::Filter.eq( “cn”, “monnomdemachine” )
treebase = “dc=dc,dc=dc1,dc=net”

ldap.search( :base => treebase, :filter => filter ) do |entry|
$dnwks = “DN: #{entry.dn}”
end

gr = "CN=mygoupe,OU=uu2,OU=uu1,OU=uu,dc=dc,dc=dc1,dc=net"

ldap.add_attribute gr, :member, $dnwks

p ldap.get_operation_result


#2

On 2/2/07, Rcmn 73 removed_email_address@domain.invalid wrote:

  :port => 389,

ldap.search( :base => treebase, :filter => filter ) do |entry|

Looks like you gave the parameters to Net::LDAP#add_attribute in the
wrong
order.

By the way, you don’t have to give a block to Net::LDAP#search if you
prefer
not to. It will return an array of the returned objects.


#3

Looks like you gave the parameters to Net::LDAP#add_attribute in the
wrong
order.

are we talking about

ldap.add_attribute gr, :member, $dnwks

or

ldap.search( :base => treebase, :filter => filter ) do |entry|

search seems to work fine since i’m able to return entry but i have
trouble add_attribute .i followed the rdoc but maybe i don’t use it
properly.


#4

On 2/2/07, Rcmn 73 removed_email_address@domain.invalid wrote:

are we talking about

ldap.add_attribute gr, :member, $dnwks

Yes. Re-read the rdoc. The DN which specifies the entry to which you are
adding the attribute is the first parameter.


#5

Francis C. wrote:

On 2/2/07, Rcmn 73 removed_email_address@domain.invalid wrote:

are we talking about

ldap.add_attribute gr, :member, $dnwks

Yes. Re-read the rdoc. The DN which specifies the entry to which you are
adding the attribute is the first parameter.

i think i’m using it properly.

ldap.add_attribute gr, :member, $dnwks

“gr” is the group to which i want to add an entry.
“:member” is the attribute.So i will add the member $dnwks to gr.
“$dnwks” is the object i want to add.

also it tried various combination but it get worst.


#6

On 2/5/07, Rcmn 73 removed_email_address@domain.invalid wrote:

        :method => :simple,


dn = "CN=mygoupe,OU=uu2,OU=uu1,OU=uu,dc=dc,dc=dc1,dc=net"

ldap.add_attribute dn, :member, dnwks
end
p ldap.get_operation_result


Posted via http://www.ruby-forum.com/.

Ah. Sounds like the problem was a schema violation all along, then. That
also is consistent with a 53 error code.


#7

I finally found my mistake and fixed it that way.
thank you for the help.

require ‘net/ldap’

look up Machine to ProdWindowsXPWorkstations

ldap = Net::LDAP.new :host => ‘11111111’,
:port => 389,
:auth => {
:method => :simple,
:username =>
“cn=user,ou=ou0,ou=ou1,ou=ou3,dc=dc,dc=dc1,dc=net”,
:password => “pass”
}

filter = Net::LDAP::Filter.eq( “cn”, “monnomdemachine” )
treebase = “dc=dc,dc=dc1,dc=net”

ldap.search( :base => treebase, :filter => filter ) do |entry|
dnwks = “DN: #{entry.dn}”

dn = "CN=mygoupe,OU=uu2,OU=uu1,OU=uu,dc=dc,dc=dc1,dc=net"

ldap.add_attribute dn, :member, dnwks
end
p ldap.get_operation_result


#8

Francis C. wrote:

On 2/5/07, Rcmn 73 removed_email_address@domain.invalid wrote:

        :method => :simple,


dn = "CN=mygoupe,OU=uu2,OU=uu1,OU=uu,dc=dc,dc=dc1,dc=net"

ldap.add_attribute dn, :member, dnwks
end
p ldap.get_operation_result


Posted via http://www.ruby-forum.com/.

Ah. Sounds like the problem was a schema violation all along, then. That
also is consistent with a 53 error code.

yes it was.thx.

I had 2 other questions the first one is related to this post
http://www.ruby-forum.com/topic/82437#144516 and i was wondering if
other people asked for it and if so ;do you think it might be supported?
if not what would be a good work around ?


#9

On 2/5/07, Rcmn 73 removed_email_address@domain.invalid wrote:

and i forgot my 2nd question.would ldap.modify be faster than
ldap.add_attribute ?


Posted via http://www.ruby-forum.com/.

#add_attribute and #modify are essentially the same protocol on the
wire. I
doubt the client-side code for one is much faster than the other. If it
were, the network latency would probably be far more than the difference
anyway.


#10

Rcmn 73 wrote:

Francis C. wrote:

On 2/5/07, Rcmn 73 removed_email_address@domain.invalid wrote:
:method => :simple,

I had 2 other questions the first one is related to this post
http://www.ruby-forum.com/topic/82437#144516 and i was wondering if
other people asked for it and if so ;do you think it might be supported?
if not what would be a good work around ?

and i forgot my 2nd question.would ldap.modify be faster than
ldap.add_attribute ?


#11

On 2/5/07, Rcmn 73 removed_email_address@domain.invalid wrote:

Rcmn 73 wrote:

Francis C. wrote:

On 2/5/07, Rcmn 73 removed_email_address@domain.invalid wrote:
:method => :simple,

I had 2 other questions the first one is related to this post
http://www.ruby-forum.com/topic/82437#144516 and i was wondering if
other people asked for it and if so ;do you think it might be supported?
if not what would be a good work around ?

I have to confess that I 'm still not clear on what you want to do in
regard
to the password storage problem. Net::LDAP already has the ability to
take a
Ruby block in place of a String password in the places where a password
is
required (Net::LDAP#open, Net::LDAP#new). Check that out and see if you
can
use it. If not, then I’ll need a more clearly-stated feature request.