Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
12-16-2008, 02:58 PM
|
#1
|
Member
Registered: Sep 2005
Location: USA, TN
Distribution: CentOS & Ubuntu for Desktop
Posts: 454
Rep:
|
Can't call method "get_value"
i have a bash script that supposed to import users from ldap into mysql. when i run the script it get:
Code:
Can't call method "get_value" on an undefined value at ./LdapSync line 271.
I'm guessing that the method "get_value" is related to ldap. Do i need to add a line or something in ldap.conf to activate that method?
Any help will be appreciated?
|
|
|
12-17-2008, 07:57 AM
|
#2
|
LQ Guru
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 27,192
|
Quote:
Originally Posted by waelaltaqi
i have a bash script that supposed to import users from ldap into mysql. when i run the script it get:
Code:
Can't call method "get_value" on an undefined value at ./LdapSync line 271.
I'm guessing that the method "get_value" is related to ldap. Do i need to add a line or something in ldap.conf to activate that method?
Any help will be appreciated?
|
We're guessing too, since you didn't post the script....hard to diagnose a problem without seeing it.
|
|
|
12-17-2008, 09:26 AM
|
#3
|
Member
Registered: Sep 2005
Location: USA, TN
Distribution: CentOS & Ubuntu for Desktop
Posts: 454
Original Poster
Rep:
|
There you go
Code:
#!/usr/bin/perl
#
# Gets mail users from an ldapsearch and creates the user in the mailscanner
# mysql database if they not yet exist. Updates the full name and password
# values for all existing users when run as well. The script simply drops
# and re-adds the users-filters entries for all users.
#
# - Leah Cunningham <leah@heinous.org>
#
# INCLUDES
#
use DBI;
use MIME::Base64::Perl;
use Data::Dumper;
use Net::LDAP;
#
# CONFIGURATION VARIABLES
#
ReadConfig("ldap_conf.pl");
my $LDAPPASS = command_output("cat /etc/ldap.secret");
my $ADM_GROUP = "useradmins";
my $SQL_DB_HOST = "localhost";
my $SQL_DB_PORT = "3306";
my $SQL_DB_USER = "root";
my $SQL_DB_PASS = "test";
my $SQL_DB_NAME = "mailscanner";
#
# GLOBAL VARIABLES
#
my @ADMINS;
my @USERS_QUEUE;
my @USERS_UPDATE_QUEUE;
my @USER_FILTERS_QUEUE;
my $DBH = DBI->connect( "dbi:mysql:database=$SQL_DB_NAME;host=$SQL_DB_HOST;port=$SQL_DB_PORT",
$SQL_DB_USER,$SQL_DB_PASS, {
RaiseError => 1,
AutoCommit => 0,
}
) || die "Database connection not made: $DBI::errstr";
my $LDAP = LDAP_Bind($Config::ldap_server,$Config::ldap_admin,$LDAPPASS);
&main;
$DBH->disconnect();
sub main {
#&drop_users;
&drop_user_filters;
&fetch_admins;
my @users = command_output_array(
"ldapsearch -x -D $Config::ldap_admin -w$LDAPPASS uid=*@*.* mail | awk '/uid/ {print \$2}' | awk -F, '{print \$1}' | awk -Fuid= '{print \$2}'"
);
foreach my $user (@users) {
next if ($user !~ m/\S@\S/) or ($user =~ m/.*@.*@/);
my ($username,$fqdomain) = split(/@/, $user);
my ($domain,$ext) = split(/\./, $fdomain);
#
# Getting the user settings from LDAP
#
my $filter = "(uid=$username\@$fqdomain)";
my $mesg = $LDAP->search(filter=>$filter,
base=>$Config::usersdn,
attrs=> ["uid","userPassword","sn","givenName","mail"] );
my @entries = $mesg->entries;
my $sn = $entries[0]->get_value("sn");
my $givenName = $entries[0]->get_value("givenName");
my $password = $entries[0]->get_value("userPassword");
my @mail = $entries[0]->get_value("mail");
my $fullname = $givenName . ' ' . $sn;
# print "username: $username, fdomain: $fdomain, domain: $domain, ext: $ext\n";
if (! check_exists($username . '@' . $fqdomain)) {
#print "user: $username\@$fqdomain not yet in database ... queuing for addition\n";
#
# Now we need to queue up the user for addition
#
queue_user($username . '@' . $fqdomain,$password,$fullname,@mail);
#print "username: $username, password: $password\n";
} else {
### MAYBE SOME UPDATE CODE HERE ###
queue_user_update($username . '@' . $fqdomain,$password,$fullname,@mail);
#print "user: $username\@$fqdomain is in the database ... skipping\n";
}
}
if (@USERS_QUEUE) {
&create_users;
} else { print "No users to add $USERS_QUEUE\n"; print Dumper(@USERS_QUEUE); }
if (@USERS_UPDATE_QUEUE) {
&update_users;
} else { print "No users to update $USERS_UPDATE_QUEUE\n"; print Dumper(@USERS_QUEUE); }
if (@USER_FILTERS_QUEUE) {
&create_user_filters;
} else { print "No user filter entries to add @USER_FILTERS_QUEUE\n"; }
}
sub drop_users {
my $drop = "DROP TABLE `users`";
my $create = "CREATE TABLE `users` ( `username` varchar(60) NOT NULL default '', `password` varchar(32) default NULL, `fullname` varchar(50) NOT NULL default '', `type` enum('A','D','U','R','H') default NULL, `quarantine_report` tinyint(1) default '0', `spamscore` tinyint(4) default '0', `highspamscore` tinyint(4) default '0', `noscan` tinyint(1) default '0', `quarantine_rcpt` varchar(60) default NULL, PRIMARY KEY (`username`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1;";
$DBH->do($drop);
$DBH->do($create);
}
sub update_users {
foreach my $user (@USERS_UPDATE_QUEUE) {
#[$user,$pass,$fullname]
my $username = $DBH->quote($user->[0]);
my $password = $DBH->quote($user->[1]);
my $fullname = $DBH->quote($user->[2]);
#UPDATE `users` SET `password` = '{CRYPT}IssbC.vCx0TzI', `fullname` = 'Leah R. M. Cunningham' WHERE CONVERT(`username` USING utf8) = 'leahc@iplink.net' LIMIT 1;
my $update = "UPDATE `users` SET `password` = $password, `fullname` = $fullname WHERE CONVERT(`username` USING utf8) = $username LIMIT 1;";
$DBH->do($update);
}
}
sub create_users {
my $sql = qq{ INSERT INTO users VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ? ) };
my $sth = $DBH->prepare($sql);
for(@USERS_QUEUE) {
eval {
$sth->bind_param( 1, @$_->[0]);
$sth->bind_param( 2, @$_->[1]);
$sth->bind_param( 3, @$_->[2]);
$sth->bind_param( 4, @$_->[3]);
$sth->bind_param( 5, @$_->[4]);
$sth->bind_param( 6, @$_->[5]);
$sth->bind_param( 7, @$_->[6]);
$sth->bind_param( 8, @$_->[7]);
$sth->bind_param( 9, @$_->[8]);
};
$sth->execute();
$DBH->commit();
if( $@ ) {
warn "Database error: $DBI::errstr\n";
$dbh->rollback(); #just die if rollback is failing
}
}
}
sub drop_user_filters {
my $drop = "DROP TABLE `user_filters`";
my $create = "CREATE TABLE `user_filters` ( `username` varchar(60) NOT NULL default '', `filter` text, `verify_key` varchar(32) NOT NULL default '', `active` enum('N','Y') default 'N', KEY `user_filters_username_idx` (`username`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1;";
$DBH->do($drop);
$DBH->do($create);
}
sub create_user_filters {
my $sql = qq{ INSERT INTO user_filters VALUES ( ?, ?, ?, ? ) };
my $sth = $DBH->prepare($sql);
for(@USER_FILTERS_QUEUE) {
eval {
$sth->bind_param( 1, @$_->[0]);
$sth->bind_param( 2, @$_->[1]);
$sth->bind_param( 3, @$_->[2]);
$sth->bind_param( 4, @$_->[3]);
};
$sth->execute();
$DBH->commit();
if( $@ ) {
warn "Database error: $DBI::errstr\n";
$dbh->rollback(); #just die if rollback is failing
}
}
}
sub queue_user {
my ($user,$pass,$fullname,@mail) = @_;
chomp($user,$pass,$fullname,@mail);
my @users_entry;
my $is_admin = 'no';
foreach my $admin (@ADMINS) {
chomp( $admin );
if ($admin =~ m/$user/) {
@users_entry = [$user,$pass,$fullname,'A','0','0','0','0','0'];
$is_admin = 'yes';
print "$admin equals $user\n";
}
}
if ($is_admin =~ m/^no$/ ) {
@users_entry = [$user,$pass,$fullname,'U','0','0','0','0','0'];
}
#print Dumper(@users_entry);
my $rand = rand();
foreach $mail (@mail) {
my @user_filters_entry = [$user,$mail,$rand,'Y'];
push(@USER_FILTERS_QUEUE,@user_filters_entry);
}
#print Dumper(@user_filters_entry);
push(@USERS_QUEUE,@users_entry);
#print Dumper(@USERS_QUEUE);
}
sub queue_user_update {
my ($user,$pass,$fullname,@mail) = @_;
chomp($user,$pass,$fullname,@mail);
my $users_entry = [$user,$pass,$fullname];
my $rand = rand();
foreach $mail (@mail) {
my @user_filters_entry = [$user,$mail,$rand,'Y'];
push(@USER_FILTERS_QUEUE,@user_filters_entry);
}
#print Dumper(@user_filters_entry);
push(@USERS_UPDATE_QUEUE,$users_entry);
#print Dumper(@USERS_QUEUE);
}
sub check_exists {
my ($user) = @_;
chomp($user);
my $sql = qq{ SELECT * FROM users where USERNAME LIKE ?};
my $sth = $DBH->prepare($sql);
$sth->bind_param(1, $user);
$sth->execute;
while ( my @rows = $sth->fetchrow ) {
if ($rows[0]) {
return 1;
} else {
return 0;
}
}
}
sub run_command {
my (@command) = @_;
system("@command 2>/dev/null") == 0
or return "system command: \"@command\"\n\tfailed: $?";
}
sub command_output_array {
my (@command) = @_;
open(HANDLE, "@command|");
my @output = <HANDLE>;
close(HANDLE);
my $count = 0;
my $n_entries = $#output;
for ( $count = $count; $count <= $n_entries; $count++ ) {
chomp($output[$count]);
}
return @output;
}
sub command_output {
my (@command) = @_;
open(HANDLE, "@command|");
my $output = <HANDLE>;
close(HANDLE);
chomp $output;
return $output;
}
sub ReadConfig {
my ($readfile) = @_;
if ((! -r "$ENV{PWD}/$readfile") and (! -r "/etc/$readfile")) {
die " Error reading " . $readfile . " from working directory or /etc\n";
} elsif (-r "$ENV{PWD}/$readfile") {
$readfile="$ENV{PWD}/$readfile";
package Config;
do $readfile;
} else {
$readfile="/etc/$readfile";
package Config;
do $readfile;
}
}
#
# Returns a connection to the ldap server
#
sub LDAP_Bind {
my ($ldap_server,$ldap_admin,$ldap_pass) = @_;
my $ldap = Net::LDAP->new($ldap_server) or die "Unable to connect to $ldap_server: $@\n";
$ldap->bind ("$ldap_admin",
password => "$ldap_pass") or die "Unable to bind: $@\n";
return $ldap;
}
sub fetch_admins {
#
# Getting the user settings from LDAP
#
my $filter = "(cn=$ADM_GROUP)";
my $mesg = $LDAP->search(filter=>$filter,
base=>$Config::groupdn,
attrs=> ["memberUid"] );
my @entries = $mesg->entries;
@ADMINS = $entries[0]->get_value("memberUid");
}
Obviously, the red line
Thanks
Last edited by waelaltaqi; 11-02-2009 at 11:44 AM.
|
|
|
12-17-2008, 09:54 AM
|
#4
|
LQ Guru
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 27,192
|
Quote:
Originally Posted by waelaltaqi
There you go
Obviously, the red line
Thanks
|
Ahh...that's a perl program, not a bash script.
From the looks of it (haven't run it), it either could be there is no such group as the admin group (typo? Caps????), or there's no one in it, so it's dying.
Have you tried to comment out that subroutine, and see if the rest of it works?
|
|
|
12-17-2008, 10:18 AM
|
#5
|
Member
Registered: Sep 2005
Location: USA, TN
Distribution: CentOS & Ubuntu for Desktop
Posts: 454
Original Poster
Rep:
|
After commenting that line:
Code:
[root@mailgw mailscanner]# ./LdapSync
ldap_bind: Can't contact LDAP server (-1)
No users to add
No users to update
No user filter entries to add
the script will pull ldap container info from ldap_config.pl :
Code:
ldap_server = "ldap://ldap.domain.com";
$ldap_admin = "uid=mailwatch,dc=DomainUsers,dc=domain,dc=com";
$ldap_basedn = "dc=DomainUsers,dc=Domain,dc=com";
$usersdn="ou=DomainUsers" . $ldap_basedn;
$groupdn="ou=DomainUsers" . $ldap_basedn;
i can
Code:
telnet ldap.domain.com 389
just fine ...
the original ldap_config.pl before modification looked like this:
Code:
#
# LDAP CONFIGURATION PARAMS - can be uncommented here, or put in a file
# /etc/ldap.conf.pl
#
$ldap_server = "ldap://localhost";
$ldap_admin = "uid=mailadmin,dc=oxmail,dc=example,dc=net";
$ldap_basedn = "dc=oxmail,dc=example,dc=net";
$usersdn="ou=Users,ou=OxObjects," . $ldap_basedn;
$groupdn="ou=Groups,ou=OxObjects," . $ldap_basedn;
i didn't quit understand the userdn and groupdn lines and at this point it seems that this is my problem. I will keep playing with it but i'll appreciate it if you can point me in the right direction
Last edited by waelaltaqi; 12-17-2008 at 10:20 AM.
|
|
|
12-17-2008, 12:36 PM
|
#6
|
LQ Guru
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 27,192
|
Quote:
Originally Posted by waelaltaqi
After commenting that line:
Code:
[root@mailgw mailscanner]# ./LdapSync
ldap_bind: Can't contact LDAP server (-1)
No users to add
No users to update
No user filter entries to add
the script will pull ldap container info from ldap_config.pl :
Code:
ldap_server = "ldap://ldap.domain.com";
$ldap_admin = "uid=mailwatch,dc=DomainUsers,dc=domain,dc=com";
$ldap_basedn = "dc=DomainUsers,dc=Domain,dc=com";
$usersdn="ou=DomainUsers" . $ldap_basedn;
$groupdn="ou=DomainUsers" . $ldap_basedn;
i didn't quit understand the userdn and groupdn lines and at this point it seems that this is my problem. I will keep playing with it but i'll appreciate it if you can point me in the right direction
|
Well, is your LDAP server really called "ldap.domain.com"?? The original ldap_config.pl is pointing to localhost (your local machine). Is that where the LDAP server is? If not, you've obviously got to put in the right FQDN or IP address for the ldap_server field. Also, check your domain (dc) fields in ldap_basedn and ldap_admin. Those LOOK like default values.....
|
|
|
12-17-2008, 12:43 PM
|
#7
|
Member
Registered: Sep 2005
Location: USA, TN
Distribution: CentOS & Ubuntu for Desktop
Posts: 454
Original Poster
Rep:
|
ldap.domain.com is a name i made up to hide my client's real domain name.
As far as connectivity, i can see ldap.domain.com:
Code:
[root@mail/]# telnet ldap.domain.com 389
Trying 216.206.131.18...
Connected to ldap.comefriusa.com (216.206.131.18).
Escape character is '^]'.
i can telnet on TCP 389 which is LDAP so i know that there is no networking issue here.
from previous post, i have ldap://ldap.domain.com configured into ldap_config.pl
now i'm trying to find a way to test ldap from linux box like search for users in remote ldap to test functionality and authentication.
I was reading a little about ldapsearch but i have yet to figure out how to make it search on a remote system... I'm getting some crazy A$$ errors ...
|
|
|
All times are GMT -5. The time now is 09:36 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|