RE: pl/sql authenicate with active directory

RE: pl/sql authenicate with active directory

 

  


Hi,

Read some doc on dbms_ldap.search_s and use the following stuff in your
procedure.


delcare

l_res_attrs DBMS_LDAP.STRING_COLLECTION;-- A String Collection
used
-- to specify which
-- attributes to
return
-- from the search.


begin

l_res_attrs(1) := 'objectguid';
l_res_attrs(2) := 'samaccountname';
......
l_res_attrs(27):= 'mailnickname';


-- Pick only users in AD with objectClass = user and samaccountname
the
-- userid passed.

l_search_filter :=
'(&(objectCategory=Person)(objectClass=user)(samaccountname=' ||
p_userid || '))' ;


l_retval := dbms_ldap.search_s( ld => l_my_session
, base => l_ldap_baseDN
, scope =>
dbms_ldap.SCOPE_SUBTREE
, filter => l_search_filter
, attrs => l_res_attrs
, attronly => 0
, res => l_res_message
);

l_retval := dbms_ldap.count_entries(l_my_session, l_res_message);

/*** use outputon l_retval to determine if user exists *****/

l_retval is 1 if p_user_id exists user exists )

end;
/


-----Original Message-----
From: Amit
[mailto:oracledba-ezmlmshield-x96658216.[Email address protected]
Sent: Thursday, 27 December 2007 11:25 p.m.
To: LazyDBA Discussion
Subject: pl/sql authenicate with active directory

declare
l_retval pls_integer;
l_retval2 pls_integer;
l_session dbms_ldap.session;
l_ldap_host varchar2(256);
l_ldap_port varchar2(256);
l_ldap_user varchar2(256) := 'XXXXX';
l_ldap_passwd varchar2(256) := 'XXXXX';
l_ldap_base varchar2(256);
begin
l_retval := -1;
dbms_ldap.use_exception := TRUE;
l_ldap_host := 'XXXX.com';
l_ldap_port := '389';
l_ldap_user :=
'cn='||l_ldap_user||',cn=Users,dc=XXX,dc=com';

l_session := dbms_ldap.init( l_ldap_host, l_ldap_port );
l_retval := dbms_ldap.simple_bind_s( l_session, l_ldap_user,
l_ldap_passwd );
dbms_output.put_line( 'Return value: ' || l_retval );
l_retval2 := dbms_ldap.unbind_s( l_session );

exception when others

then
dbms_output.put_line (rpad('ldap session ',25,' ') ||
': ' ||
rawtohex(substr(l_session,1,8)) ||
'(returned from init)');
dbms_output.put_line( 'error: ' || sqlerrm||' '||sqlcode
);
dbms_output.put_line( 'user: ' || l_ldap_user );

dbms_output.put_line( 'host: ' || l_ldap_host );
dbms_output.put_line( 'port: ' || l_ldap_port );
l_retval := dbms_ldap.unbind_s( l_session ); end;

this code works well for authentication but I need to enter full name
for username I am unable to authenticate with nickname like joem instead
of joe marks. But I tried with windows domain name /nickname its fail to
authenticate also....

Anyone has solutions to fetch records of user and to authenticate with
nickname means with samaccount


DISCLAIMER:
This message contains privileged and confidential information and is
intended only for an individual named. If you are not the intended
recipient, you should not disseminate, distribute, store, print, copy or
deliver this message. Please notify the sender immediately by e-mail if
you have received this e-mail by mistake and delete this e-mail from
your system. E-mail transmission cannot be guaranteed to be secure or
error-free as information could be intercepted, corrupted, lost,
destroyed, arrive late or incomplete or contain viruses. The sender,
therefore, does not accept liability for any errors or omissions in the
contents of this message which arise as a result of e-mail transmission.
If verification is required, please request a hard-copy version.


---------------------------------------------------------------------
TO REPLY TO EVERYBODY , PLEASE CLICK REPLY-ALL, NOT JUST REPLY To post a
dba job: http://jobs.lazydba.com To Subscribe : http://www.LazyDBA.com
To unsubscribe: http://www.lazydba.com/unsubscribe.html

Oracle LazyDBA home page