Author: marcus

Posted on

LDAP LDIF Perl search script

[problem]

You want to search an LDIF file for a given dn, or pattern.

[/problem]

[solution]

Multi-line pattern search and output – useful for LDIFs! πŸ˜‰

Written in Perl – see example tab.

[/solution]

[example]

Replace pattern to a given name, etc and filename to LDIF output file.

perl -ane '$/="dn" ;

print,"\n\n" if($_ =~/pattern/);' filename

For example:


$ cat user.ldif
dn: cn=user0,dc=subdiv,dc=demo,dc=net
objectClass: person
sn: User
cn: user0
userPassword: today321

dn: cn=user1,dc=subdiv,dc=demo,dc=net
objectClass: person
sn: User
cn: user1
userPassword: today321

$ perl -ane '$/="dn" ;
print,"nn" if($_ =~/user1/);' user.ldif

: cn=user1,dc=subdiv,dc=demo,dc=net
objectClass: person
sn: User
cn: user1
userPassword: today321

[/example]

[reference]

[tags]LDAP LDIF Search, LDAP LDIF extraction, LDAP Training School[/tags]

[/reference]

Posted on

Modify LDAP records with JNDI

[problem]

Need to modify an LDAP record with JNDI, the Java Naming Directory Interface.

Following on from using java to perform LDAP searches, here is a quick demo on modifying records.

[/problem]

[solution]

Here I’m using java to modify John Doe’s record, changing the givenname entry to John A.

As you’ll notice all values are hard coded (such as hostname, port, password, etc). These could be read in from a config file, or passed in through command line arguments.

[/solution]

[example]


$ cat chLdapDetails.java
import java.util.*;
import java.io.*;
import javax.naming.*;
import javax.naming.directory.*;
import javax.naming.ldap.*;

public class chLdapDetails {

public static void main(String argv[]) {

String url="ldap://127.0.0.1:389";
Hashtable env=new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL,url);
env.put(Context.SECURITY_AUTHENTICATION,"simple");
env.put(Context.SECURITY_PRINCIPAL,
"cn=Manager,dc=demo,dc=net");
env.put(Context.SECURITY_CREDENTIALS,"secret");

try {

DirContext ctx=new InitialDirContext(env);
ModificationItem[] mods = new ModificationItem[1];
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,
new BasicAttribute("givenname","John A"));
ctx.modifyAttributes("cn=jdoe,dc=demo,dc=net", mods);
ctx.close();

} catch(NamingException ne) { System.err.println(ne.toString()); }

}
}

Heres a run through:


$ java getLdapDetails Doe
John, Doe - [email protected]

$ java chLdapDetails
$ java getLdapDetails Doe
John A, Doe - [email protected]

[/example]

[reference]

[tags]LDAP updates JNDI, JNDI LDAP, JNDI, LDAP Training School[/tags]

[/reference]

Posted on

scan network port with perl

[problem]

You want to test a network port, on a remote system – over TCP/IP.

Maybe this is a new setup, or you want confirmation it is working.

Perhaps the firewall rules have just been changed! πŸ™‚

[/problem]

[solution]

A nice small bit of Perl code that I’ve used thousands of times!

In fact I’m running it in most of my production environments,
as a check that the a process is not only running – but also responding.

Yep, you could just use telnet – but some systems have that taken off for security.

Additionally it is n’t as easy to program telnet – I know, I know – you can with expect. πŸ™‚

[/solution]

[example]

Here is just a one liner, but you can easily incorporate this into a script.

perl -MIO::Socket -e '$socket=IO::Socket::INET->
new(Proto=>tcp,PeerAddr=>$ARGV[0],PeerPort=>$ARGV[1]);
if($@) { print "Failed: $@n" } else { print "Succeedn"; }' host port

[/example]

[reference]

[tags]Perl, Network, TCPIP, Port Scanner, Perl Coding School[/tags]

[/reference]

Posted on

Obtain epoch time and calculate date yesterday

[problem]

You want to capture the current epoch. Maybe to use in a log file, or as a filename.

Or maybe you want to calculate the date yesterday.

[/problem]

[solution]

This piece of code is very useful for performing date calculations. You can obtain the current epoch (time in seconds since Jan 1 1970), then add 3600 for 1 hour – or 86400 for 24 hours hence.

[/solution]

[example]

So use in a UNIX variable like this:

epoch=perl -M'English' -e 'print $BASETIME."n";'

To work out 24 hours ago, just subtract 86400.

perl -M'English' -e 'print(($BASETIME-86400)."n");'

Then to see the date yesterday:


$ perl -M'English' -e 'print(($BASETIME-86400)."n");'
1180746252
$ perl -M'English' -e 'print(localtime(1180746252)."n");'
Sat Jun 2 09:04:12 2007

[/example]

[reference]

[tags]Perl, epoch, date manipulation, Perl Coding School[/tags]

[/reference]

[recommended]



[/recommended]

Posted on

Calculate largest field big data file

[problem]

I wanted to upload a delimited field to mysql db, but hit the problem that the file contained nearly 3000 rows and no schema on the required size of each field.

Therefore I needed to traverse the file and calculate the length of each field. Then at the end, print the largest field found for each column.

[/problem]

[solution]

Perl to the rescue! Pretty easy in Perl, after scratching my head attempting with awk. πŸ™‚

Anyway the code is under the example tab. I’m using the pipe symbol as a delimiter “|” – so just substitute this with your delimiter, cat your file and pipe it through this script.

In the example I show how you can manipulate the file, to produce pipe delimited fields too.

[/solution]

[example]

This is how to run the script. Basically you just need to pipe your output through find largest.

cat yourfile | ./find_largest.pl

Here is the code.

 #!/usr/bin/perl
 
@highest=();
 
while( < STDIN >  ) {
 
    @thisline=split(/|/);
 
    for($i=0;$i<=$#thisline;$i++) {
 
        $thislength=length($thisline[$i]);
 
        if($thislength > $highest[$i]) { $highest[$i]=$thislength; }
 
    }
 
}
 
print(join("|",@highest)."n");
 
exit(0);
 
__END__
 
 
 
So for example, if I want to find the largest fields in one of my web logs - for crunching into a db:
 
     
  • First off I only want lines starting with a space, then a number.
    •  
  • Next I need to replace all multiple spaces between fields, with 1 space.
    •  
  • Then I replace the spaces between each field, with a pipe.
    •  
  • Lastly I pump it through find_largest.pl - which gives me the largest sized field
    •  
 

 [marcus@bree]/var/log/httpd% grep "^ [0-9]" access_log.tools
 | sed -e 's/  / /g' -e 's/ /|/g' |
 ~/Perl_Bin/find_largest.pl
 |14|1|1|21|6|5|103|9|3|5
 
 
[/example]
 
[reference]
 
[tags]Perl, Data Analysis, Perl Coding School[/tags]
  
[/reference]
Posted on

ldapsearch logical NOT

[problem]

You want to perform an LDAP search, matching entries which do not match certain criteria.

[/problem]

[solution]

To perform a logical NOT we just use the exclamation mark ! – see example.

[/solution]

[example]

This is how to perform a logical OR LDAP search.


ldapsearch -x -v-D"cn=Manager,dc=demo,dc=net"-w secret
-b"dc=demo,dc=net" "(!(sn=Doe))"

[/example]

[reference]

[tags]ldapsearch syntax, openldap ldapsearch, LDAP Training School[/tags]

[/reference]

Posted on

ldapsearch logical AND

[problem]

You want to match more than one field, in your LDAP search.

[/problem]

[solution]

To match more than one field we use the ampersand – “&” with ldapsearch.

[/solution]

[example]

This is how to perform a logical AND LDAP search.


ldapsearch -x -v-D"cn=Manager,dc=demo,dc=net"-w secret
-b"dc=demo,dc=net" "(&(givenname=John)(sn=Smith))"

[/example]

[reference]

[tags]ldapsearch syntax, openldap ldapsearch, LDAP Training School[/tags]

[/reference]

Posted on

ldapsearch with logical OR

[problem]

You want to match more one or another pattern, in your LDAP search.

[/problem]

[solution]

To match more one pattern or another we use the pipe symbol “|” .

[/solution]

[example]

This is how to perform a logical OR LDAP search.


ldapsearch -x -v-D"cn=Manager,dc=demo,dc=net"-w secret
-b"dc=demo,dc=net" "(|(sn=Doe)(sn=Smith))"

[/example]

[reference]

[tags]ldapsearch syntax, openldap ldapsearch, LDAP Training School[/tags]

[/reference]

Posted on

Deleting LDAP Record

[problem]

You want to delete a LDAP entry.

[/problem]

[solution]

In this example, we just use ldapdelete from the command line.

Remember to take a backup. ldapsearch with -L

[/solution]

[example]

Here is an example of deleting a record in LDAP:


ldapdelete -v -D'cn=Manager..' -w ${passwd}
-h ${host} -p ${port}<<EOT
cn=….
EOT

Effectively – you just need to supply the full DN. Also be aware you need to delete the lowest branch first, for example:

uid=….
sales=…,uid=….

You need to delete sales first, then uid.

[/example]

[reference]

[tags]ldapdelete, LDAP Training School[/tags]

[/reference]

Posted on

Modify LDAP record entry

[problem]

You want to modify or change a record in LDAP.

Supplanting one value with another.

[/problem]

[solution]

Use ldapmodify from the command line.

Again take a backup with -L – just to be sure. πŸ™‚

[/solution]

[example]

Here is an example of modifying a record in LDAP, when you need to modify an entry to an existing record:


ldapmodify -x -v-D”cn=Manager,dc=demo,dc=net”-w secret<<EOT
dn: cn=jdoe,dc=demo,dc=net
changetype: modify
replace: mail
mail: [email protected]
EOT

[/example]

[reference]

[tags]ldapmodify, modify ldap record, LDAP Training School[/tags]

[/reference]