You will need the following files to compile the program: libldap.a (At least ldap v3.2) liblber.a (At least ldap v3.2) ldap.h lber.h ldapconfig.h TCL7.6 or TCL7.5 (TK4.2 or TK4.1 optional) You will need to make the following changes to the Makefile in the unix subdirectory: LIBS: (add) -lldap -llber GENERIC_OBJS: (add) tclLdapDel.o tclLdapModRDN.o tclLdapSearch.o tclLdapModify.o GENERIC_SRCS: (add) $(GENERIC_DIR)/tclLdapDel.c \ $(GENERIC_DIR)/tclLdapModRDN.c \ $(GENERIC_DIR)/tclLdapSearch.c \ $(GENERIC_DIR)/tclLdapModify.c \ # Object files used on all Unix systems: (add) tclLdapDel.o: $(GENERIC_DIR)/tclLdapDel.c $(CC) -c $(CC_SWITCHES) $(GENERIC_DIR)/tclLdapDel.c -llber -lldap tclLdapModRDN.o: $(GENERIC_DIR)/tclLdapModRDN.c $(CC) -c $(CC_SWITCHES) $(GENERIC_DIR)/tclLdapModRDN.c -llber -lldap tclLdapSearch.o: $(GENERIC_DIR)/tclLdapSearch.c $(CC) -c $(CC_SWITCHES) $(GENERIC_DIR)/tclLdapSearch.c -llber -lldap tclLdapModify.o: $(GENERIC_DIR)/tclLdapModify.c $(CC) -c $(CC_SWITCHES) $(GENERIC_DIR)/tclLdapModify.c -llber -lldap ALSO! ADD the LIBS to the tk4.x Makefile if you want these functions in your wish programs!!! then, all you should have to do is re-compile the tclsh binary and then re-compile the wish binary (you only need to re-compile the wish binary if you want to have these functions available in tk). FUNCTIONS PROVIDED: The code that I ported into tcl/tk is actually the tools code built by the University of Michigan stripped down and squashed into a standard tcl function. A LOT of the functionality in the tool code has been removed in oder to simplify the conversion process. (Also, things like sorting a search really aren't necessary since I return the results as a list. (You can use lsort to sort the results)) I will be putting the source code and any pre-compiled binaries I can make onto the TCL archives. I would like to request that if you make any binaries for any other platforms, please put a copy there. (That is only a request, not a requirement.) I currently have pre-compiled binaries for Linux 2.0.27, AIX v3.2.5, and AIX v4.2.1 unix systems. I do have plans to actually create a "REAL" interface to LDAP soon. (i.e. the ability to open a bind and store it in a variable. (Like the way you open a file in tcl and then do operations on that file by referencing the variable) etc., etc., ad nauseum) If you have any suggestions, or if you improve the code (which is highly likely, since I'm not a great programmer), please send me a copy of your improved code so I can use it. That (and credit for the original port) is all I ask in return for my code. /******************************************************************************/ Command: LdapDelete Arguments: Host BindDN Password DN-to-delete Where: Host = Hostname or IP address of the LDAP server BindDN = Manager's (or whoever's) DN Password = Password for the BindDN DN-to-delete = kind of self-explanatory isn't it? Results: errors: Cannot connect to host Invalid name or password Unable to delete entry messages: Entry deleted Return codes: success: TCL_OK failure: TCL_ERROR Note: Each argument to the LdapDelete command can be a variable. Example: LdapDelete host1 "cn=mgr,o=org1,c=us" "mgrpwd" "cn=Joe Doe,ou=org2,o=org1,c=us" or LdapDelete $host $mgr $mgrpwd $dn /******************************************************************************/ /******************************************************************************/ Command: LdapModRDN Arguments: Host BindDN Password DN RDN ReplaceFlag(1=replace,0=add) Where: Host = Hostname or IP address of the LDAP server BindDN = Manager's (or whoever's) DN Password = Password for the BindDN DN = FULL DN of original entry RDN = RELATIVE dn of new name ReplaceFlag = replace or add new name (1=replace, 0=add) Results: errors: Cannot connect to host Invalid name or password Unable to rename entry messages: Entry renamed Return codes: success: TCL_OK failure: TCL_ERROR Note: Each argument to the LdapModRDN command can be a variable. Example: LdapModRDN host1 "cn=mgr,o=org1,c=us" "mgrpwd" "cn=Joe Doe,ou=org2,o=org1,c=us" "cn=Joseph Doe" 1 or LdapModRDN $host $mgr $mgrpwd $dn $rdn $flag /******************************************************************************/ /******************************************************************************/ Command: LdapModify/LdapAdd Arguments: Host BindDN Password DN [LIST of attr=value pairs] Where: Host = Hostname or IP address of the LDAP server BindDN = Manager's (or whoever's) DN Password = Password for the BindDN DN = FULL DN of entry to change/add Attributes = A tcl LIST of attr=value pairs (This MUST be a list!) Results: errors: Cannot connect to host Invalid name or password No LIST argument passed Unable to modify entry Problem with data Unable to add entry (FOR THE ADD SUB-FUNCTION) Unable to change entry messages: None Return codes: success: TCL_OK failure: TCL_ERROR Note: Each argument to the LdapModify/LdapAdd command can be a variable. Example: %set attrs [list "sn=Jones" "telephoneNumber=+1 999 555 1212"] LdapModify host1 "cn=mgr,o=org1,c=us" "mgrpwd" "cn=Joe Doe,ou=org2,o=org1,c=us" [list "sn=Jones" "telephoneNumber=+1 999 555 1212"] or LdapModify $host $mgr $mgrpwd $dn $attrs LdapAdd host1 "cn=mgr,o=org1,c=us" "mgrpwd" "cn=Joe Doe,ou=org2,o=org1,c=us" [list "sn=Jones" "telephoneNumber=+1 999 555 1212"] or LdapAdd $host $mgr $mgrpwd $dn $attrs P.S. For the LdapModify command, if you place a minus "-" sign in front of an attr=value pair, the LdapModify command will delete that attr=value. (i.e. [list "-telephoneNumber=+1 999 555 1212"] will delete the phone number). /******************************************************************************/ /******************************************************************************/ Command: LdapSearch Arguments: Host BindDN Password Scope Deref BaseDN Filter [LIST of Attrs to return (optional)] Where: Host = Hostname or IP address of the LDAP server BindDN = Manager's (or whoever's) DN Password = Password for the BindDN Scope = One of "base, one, or sub" (default is subtree) Deref = One of "never, search, find, or always" (default is never) BaseDN = DN of the starting point for the search Filter = Standard LDAP-style search filter Attributes = A tcl LIST of attribute NAMES (This MUST be a list! If this option is left off, ALL attributes will be returned.) Results: errors: Cannot connect to host Invalid name or password Search failed Search failed to find anything messages: None Return codes: success: TCL_OK failure: TCL_ERROR Return data: A TCL LIST OF ATTR=VALUE PAIRS. (If more than one ENTRY is returned, then the sets of attr=value pairs are still returned as ONE list with a NULL list element separating the two (or more) entries.) Note: Each argument to the LdapSearch command can be a variable. Example: set attrs [list "sn" "telephoneNumber"] LdapSearch host1 "cn=mgr,o=org1,c=us" "mgrpwd" sub never "o=org1,c=us" "cn=Joseph Doe" [list "sn" "telephoneNumber"] or LdapSearch $host $mgr $mgrpwd $scope $deref $base $filter $attrs (The above search would do a subtree search starting in the o=org1,c=us directory using the filter cn=Joseph Doe and return the attributes "sn" and "telephoneNumber") (The same search without the "$attrs" would automatically return everything.) /******************************************************************************/ ENJOY! please send any suggestions/code enhancements to: tmurray@ix.netcom.com (Tony Murray)