Active Directory [L1 ] is Microsoft's implementation of, among other things, LDAP services.
Two approaches to AD work [L2 ] are:
I like this [L3 ] reference to Microsoft's own AD Searches [sic] Tools. Note, though, that the previous page fails to mention ldifde and csvde, which, despite the appearance of their documentation [L4 ] [L5 ], are available for Windows Server 2000. Also significant is schemadocfile [L6 ].
LV 2009-Sep-15 So, does anyone have an example of interacting with Active Directory from Tcl? In particular, what I'd like to be able to do is find a simple way to get information about the users on AD so that I can audit the information (to determine whether the user's attributes like department, room number, etc. are correct).
Little example. LDAP authentication function.
package require ldap
foreach SERVER [list ad1 ad2] {
if {[catch {set handle [ldap::connect $SERVER $ad_tcp_port]} err]} {
puts "ldap::connect: $err"
continue
}
if {[catch {set tok [ldap::bind $handle $User $Passwd]} err]} {
# Auth problem, skip next ad server
catch {ldap::disconnect $handle} err
continue
} else {
# User/Passwd OK
break
}
}
catch {ldap::unbind $handle} err
catch {ldap::disconnect $handle} err