On 12/14/06 10:18 AM, "Eduardo Yez Parareda"
<eduardo.yanezNOSPAM / NOSPAMgmail.com> wrote:

> The LDAP server is from Netscape, don't know exactly which version is it.
> 
>> the Size limit exceeded error. Can you show an example of the bind_as
>> call that you are using?
> 
> Yes, of course. This is the module I use to authenticate with bind_as:
> 
>    require 'net/ldap'
> 
>    module LDAP
>      # If login succeeds returns true
>      # If login fails returns false
>      def self.authenticate(identifier, password)
>        if identifier.to_s.length > 0 and password.to_s.length > 0
>          ldap_con = initialize_ldap_con(identifier, password)
>          if ldap_con.bind_as
>            true
>          else
>            p "ERROR => #{ldap_con.get_operation_result}"
>            false
>          end
>        end
>      end
> 
>      private
> 
>      def self.initialize_ldap_con(identifier, password)
>        setup = {:host => AppConfig.ldap_server_host,
>                 :port => AppConfig.ldap_server_port,
>                 :base =>AppConfig.ldap_server_tree_base }
>        setup[:auth] = { :method => :simple, :username => identifier, :password
> => password }
>        Net::LDAP.new(setup)
>      end
>    end
> 
> However, this doesn't work when I use bind, first I had to make the DN.
> 
> 
> 


You should be able to search for a user and get back a dn if your ldap
server is setup for anonymous searching. For this example I'll filter
against the uid value in a ldap tree. Here is an example.

def search(name) 
    Ldap_con = Net::LDAP.new( :host => '<ldap server>', :port => <ldap
port>, :auth => { :method => :simple, :username => '', :password => '' },
:encryption => { :method => :simple_tls } )
 
  filter = Net::LDAP::Filter.eq("uid", name)
  treebase = '<Your treebase values>'
  ldap_con.search( :base => treebase, :filter => filter) do |entry|
    return entry.dn
  end
end

Then you can authenticate like this.

def authenticate(dn, password)
  ldap_con = initialize_ldap_con(dn, password) #Your ldap initialize method
  if ldap_con.bind
    return true
  else
    return false
  end
end