Hi,
I already have a VBScript which I am able to perform a ldap query and get the home folder value for users from Active Directory and them map to a drive letter in Windows. This users an account which is allowed to query all users in the directory.
I would like to do the same on the Apple Mac clients. I’ve already written a couple of AppleScripts to record system information to a MySQL database so I am a little familiar with the scripting language.
What I am after is some help on how to perform a ldap query against an Active Directory for which I have credentials that are allowed to query.
The clients that will run the script WILL NOT necessarily be bound to AD but may be stand alone on the network so I don’t want to use the local account credentials for the query.
Has anyone any suggestions or pointers?
Please.
Thanks in advance
Paul
set domainSTR to "acme.com"
set ouSTR to "ou=Employees,ou=Acme Users,dc=acme,dc=com"
set ldapQueryResults to ""
set UserPW to "Ru8815hP45sW0rd"
set UserID to "bob"
try
set ldapQueryResults to do shell script "ldapsearch -H ldap://directoryservername.acme.com -x -D " & UserID & "@" & domainSTR & " -w " & UserPW & " -b '" & ouSTR & "' -LLL sAMAccountName=" & UserID --
on error errMsg
set ldapQueryResults to errMsg -- we do this so that the if statements below are neater and all use the same ldapQueryResults variable
end try
if ldapQueryResults contains "Invalid credentials (49)" then -- Bad credentials. UN / PW not entered correctly
set CredCheck to "Incorrectly entered credentials. Please try again."
else if ldapQueryResults contains "Can't contact LDAP server" then -- server unreachable: are we connected to the network?
set CredCheck to "Cannot contact server."
else if ldapQueryResults contains "distinguishedName" then -- success
set CredCheck to "Success! Please click Continue..."
else
set CredCheck to "There's been an undefined error. Please try again"
end if
log CredCheck
A documentation search of 10.8 returns nothing for ldap
