Add objectClass to objects specified by filter

From Notes

Jump to: navigation, search
#!/usr/bin/perl

use strict ;
use Net::LDAP ;

my $server = "ldap://<server>.example.com:389" ;
my $userbase = "ou=People,dc=example,dc=com" ;
my $searchbase = "dc=example,dc=com" ;

my $bind_dn= "cn=Manager,dc=example,dc=com" ;
my $bind_pass = "<password>" ;

my $ldap = Net::LDAP->new("$server") or die "$@";
my $mesg = $ldap->start_tls(
                           verify => 'require',
                           cafile => '/usr/share/ssl/certs/ca_cert.crt',
                           sslversion => 'tlsv1',
                           ciphers => 'HIGH:MEDIUM:+SSLv2:RSA'
                         );

$mesg = $ldap->bind($bind_dn,          
                        password => $bind_pass,
                        version => 3 );

#$mesg = $ldap->bind() ;

# Error checking on bind
$mesg->code && warn "bind failed: ", $mesg->error ;

$mesg = $ldap->search(
                       base    => $searchbase, 
                       filter  => "(&(objectClass=posixAccount)(!(objectClass=shadowAccount)))"
                       ) ;

# Error checking on search
$mesg->code && warn "search failed: ", $mesg->error ;

# Print number of results
my $count = $mesg->count ;
printf "Results: %d\n", $count ;

for ( my $i = 0 ; $i < $count ; $i++ ) {
  my $entry = $mesg->entry ( $i );
#  foreach my $attr ( $entry->attributes ) {
#    print join( ": ", $attr, $entry->get_value( $attr ) ), "\n";
#  }
  my $dn = $entry->dn ;
  print $dn ;

#  my $mod_mesg = $ldap->modify( $dn, add => { objectClass => 'shadowAccount' } );
  
  # Error checking on add
#  $mod_mesg->code && warn "add failed: ", $mesg->error ;

  print "\n" ;
}

#my $entry ;
#foreach $entry ($mesg->entries) { $entry->dump; }

$mesg = $ldap->unbind() ;

# Error checking on un-bind
$mesg->code && warn "failed to un-bind: ", $mesg->error ;

exit(0) ;
Retrieved from "http://www.itsecureadmin.com/wiki/index.php/Add_objectClass_to_objects_specified_by_filter"
Personal tools