Net::ldap - add_attribute

rcmn · February 2, 2007, 10:22pm

i’m trying to add a workstation “monnomdemachine” to a group “mygroup”

but i get “#<OpenStruct message=“Unwilling to perform”, code=53>”

require ‘net/ldap’

look up Machine to ProdWindowsXPWorkstations

ldap = Net::LDAP.new :host => ‘11111111’,
:port => 389,
:auth => {
:method => :simple,
:username =>
“cn=user,ou=ou0,ou=ou1,ou=ou3,dc=dc,dc=dc1,dc=net”,
:password => “pass”
}

filter = Net::LDAP::Filter.eq( “cn”, “monnomdemachine” )
treebase = “dc=dc,dc=dc1,dc=net”

ldap.search( :base => treebase, :filter => filter ) do |entry|
$dnwks = “DN: #{entry.dn}”
end

gr = "CN=mygoupe,OU=uu2,OU=uu1,OU=uu,dc=dc,dc=dc1,dc=net"

ldap.add_attribute gr, :member, $dnwks

p ldap.get_operation_result

rcmn · February 3, 2007, 12:43am

On 2/2/07, Rcmn 73 [email protected] wrote:

  :port => 389,
ldap.search( :base => treebase, :filter => filter ) do |entry|

Looks like you gave the parameters to Net::LDAP#add_attribute in the
wrong
order.

By the way, you don’t have to give a block to Net::LDAP#search if you
prefer
not to. It will return an array of the returned objects.

rcmn · February 3, 2007, 1:40am

Looks like you gave the parameters to Net::LDAP#add_attribute in the
wrong
order.

are we talking about

ldap.add_attribute gr, :member, $dnwks

or

ldap.search( :base => treebase, :filter => filter ) do |entry|

search seems to work fine since i’m able to return entry but i have
trouble add_attribute .i followed the rdoc but maybe i don’t use it
properly.

rcmn · February 3, 2007, 1:47am

On 2/2/07, Rcmn 73 [email protected] wrote:

are we talking about

ldap.add_attribute gr, :member, $dnwks

Yes. Re-read the rdoc. The DN which specifies the entry to which you are
adding the attribute is the first parameter.

rcmn · February 3, 2007, 9:20pm

Francis C. wrote:

On 2/2/07, Rcmn 73 [email protected] wrote:

are we talking about

ldap.add_attribute gr, :member, $dnwks

Yes. Re-read the rdoc. The DN which specifies the entry to which you are
adding the attribute is the first parameter.

i think i’m using it properly.

ldap.add_attribute gr, :member, $dnwks

“gr” is the group to which i want to add an entry.
“:member” is the attribute.So i will add the member $dnwks to gr.
“$dnwks” is the object i want to add.

also it tried various combination but it get worst.

rcmn · February 5, 2007, 8:22pm

On 2/5/07, Rcmn 73 [email protected] wrote:

        :method => :simple,


dn = "CN=mygoupe,OU=uu2,OU=uu1,OU=uu,dc=dc,dc=dc1,dc=net"
ldap.add_attribute dn, :member, dnwks
end
p ldap.get_operation_result

–
Posted via http://www.ruby-forum.com/.

Ah. Sounds like the problem was a schema violation all along, then. That
also is consistent with a 53 error code.

rcmn · February 5, 2007, 5:45pm

I finally found my mistake and fixed it that way.
thank you for the help.

require ‘net/ldap’

look up Machine to ProdWindowsXPWorkstations

ldap = Net::LDAP.new :host => ‘11111111’,
:port => 389,
:auth => {
:method => :simple,
:username =>
“cn=user,ou=ou0,ou=ou1,ou=ou3,dc=dc,dc=dc1,dc=net”,
:password => “pass”
}

filter = Net::LDAP::Filter.eq( “cn”, “monnomdemachine” )
treebase = “dc=dc,dc=dc1,dc=net”

ldap.search( :base => treebase, :filter => filter ) do |entry|
dnwks = “DN: #{entry.dn}”

dn = "CN=mygoupe,OU=uu2,OU=uu1,OU=uu,dc=dc,dc=dc1,dc=net"

ldap.add_attribute dn, :member, dnwks
end
p ldap.get_operation_result

rcmn · February 5, 2007, 8:43pm

Francis C. wrote:

On 2/5/07, Rcmn 73 [email protected] wrote:
        :method => :simple,


dn = "CN=mygoupe,OU=uu2,OU=uu1,OU=uu,dc=dc,dc=dc1,dc=net"
ldap.add_attribute dn, :member, dnwks
end
p ldap.get_operation_result

–
Posted via http://www.ruby-forum.com/.
Ah. Sounds like the problem was a schema violation all along, then. That
also is consistent with a 53 error code.

yes it was.thx.

I had 2 other questions the first one is related to this post
(no subject) - Ruby - Ruby-Forum and i was wondering if
other people asked for it and if so ;do you think it might be supported?
if not what would be a good work around ?

rcmn · February 5, 2007, 9:11pm

On 2/5/07, Rcmn 73 [email protected] wrote:

and i forgot my 2nd question.would ldap.modify be faster than
ldap.add_attribute ?

–
Posted via http://www.ruby-forum.com/.

#add_attribute and #modify are essentially the same protocol on the
wire. I
doubt the client-side code for one is much faster than the other. If it
were, the network latency would probably be far more than the difference
anyway.

rcmn · February 5, 2007, 9:00pm

Rcmn 73 wrote:

Francis C. wrote:

On 2/5/07, Rcmn 73 [email protected] wrote:
:method => :simple,

I had 2 other questions the first one is related to this post
(no subject) - Ruby - Ruby-Forum and i was wondering if
other people asked for it and if so ;do you think it might be supported?
if not what would be a good work around ?

and i forgot my 2nd question.would ldap.modify be faster than
ldap.add_attribute ?

rcmn · February 5, 2007, 9:15pm

On 2/5/07, Rcmn 73 [email protected] wrote:

Rcmn 73 wrote:

Francis C. wrote:

On 2/5/07, Rcmn 73 [email protected] wrote:
:method => :simple,

I had 2 other questions the first one is related to this post
(no subject) - Ruby - Ruby-Forum and i was wondering if
other people asked for it and if so ;do you think it might be supported?
if not what would be a good work around ?

I have to confess that I 'm still not clear on what you want to do in
regard
to the password storage problem. Net::LDAP already has the ability to
take a
Ruby block in place of a String password in the places where a password
is
required (Net::LDAP#open, Net::LDAP#new). Check that out and see if you
can
use it. If not, then I’ll need a more clearly-stated feature request.