Connector::Proxy::Net::LDAP
This is the base class for all LDAP Proxy modules. It does not offer any external functionality but bundles common configuration options.
my $conn = Connector::Proxy::Net::LDAP->new({ LOCATION => 'ldap://localhost:389', base => 'dc=example,dc=org', filter => '(cn=[% ARGS.0 %])', }); $conn->get('John Doe');
Above code will run a query of cn=test@example.org against the server using an anonymous bind.
cn=test@example.org against the server
my $conn = Connector::Proxy::Net::LDAP->new( { LOCATION => 'ldap://localhost:389', base => 'dc=example,dc=org', filter => '(cn=[% ARGS.0 %])', binddn => 'cn=admin,dc=openxpki,dc=org', password => 'admin', attrs => ['usercertificate;binary','usercertificate'], });
Uses bind credentials and queries for entries having (at least) one of the mentioned attributes.
You can control how existing attributes in the node are treated setting the action parameter in the connectors base configuration.
connector: LOCATION:... .... action: replace
This is the default (the action parameter may be omitted). The passed value is set as the only value in the attribute. Any values (even if there are more than one) are removed. If undef is passed, the whole attribute is removed from the node.
The given value is appended to exisiting attributes. If undef is passed, the request is ignored.
The given value is deleted from the attribute entry. If there are more items in the attribute, the remaining values are left untouched. If the value is not present or undef is passed, the request is ignored.
If you want the connector to autocreate missing nodes, you need to provide the ldap properties of each node-class.
create: objectclass: inetOrgPerson pkiUser values: sn: copy:self ou: IT Department
You can specify multiple objectclass entries seperated by space.
The objects attribute is always set, you can use the special word copy:self to copy the attribute value within the object. The values section is optional.
copy:self
[ca1] myrepo@ = connector:connectors.ldap [connectors] [connectors.ldap] class = Connector::Proxy::Net::LDAP LOCATION = ldap://ldaphost:389 base = dc=openxpki,dc=org filter = (cn=[% ARGS.0 %]) attrs = userCertificate;binary binddn = cn=admin,dc=openxpki,dc=org password = admin action = replace [connectors.ldap.create] basedn: ou=Webservers,ou=Server CA3,dc=openxpki,dc=org rdnkey: cn value: [% ARGS.0 %] [connectors.ldap.schema.cn] objectclass: inetOrgPerson [connectors.ldap.schema.cn.values] sn: copy:self [connectors.ldap.schema.ou] objectclass: organizationalUnit
Search a node by DN.
$self->_getByDN( 'cn=John Doe,ou=people,dc=openxpki,dc=org' );
Returns the ldap entry object or undef if not found. Pass {create = 1}> and configure your connector to auto create a new node if none is found.
{create =
Used internally by _getByDN to create new nodes.
Used internally to assemble the DN for a missing node. Returns the ldap entry or undef if autocreation is not possible.
Very simple approch to split a DN path into its components. Please do not use quoting of path components, as this is not supported. RDNs must be split by a Comma, Comma inside a value must be escaped using a backslash character. Multivalued RDNs are not supported.
To install Connector, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Connector
CPAN shell
perl -MCPAN -e shell install Connector
For more information on module installation, please visit the detailed CPAN module installation guide.