LDAP Domino and AD scripts

[Oliver Falk]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Tony Enderby schrieb:
> A while ago I remember seeing a list member post links to some perl (from
> memory) scripts
> 
> that extract domino and AD user lists via LDAP for inclusion in a sendmail
> access map db.
> 
>  
> 
> Could I trouble anyone who knows where these scripts live to post a link
> please?
> 
>  
> 
> Many thanks in advance,

I have some AD -> Access MAP Perl Script... I found this on one of our
company mailservers - I'm quite sure, that this is nothing new that
we've written - so no copyright. :-)

- -of
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGWVMxxWN5Ge8lKUMRAqBmAJ4wAvnNKHuSA1XLlEYjHUqVxhK2kQCg9QVk
kMaQgaylr25ruLEofkoxTAU=
=8xu5
-----END PGP SIGNATURE-----
-------------- next part --------------
#!/usr/bin/perl -w

# This script will pull all users' SMTP addresses from your Active Directory
# (including primary and secondary email addresses) and list them in the
# format "user at example.com OK" which Postfix uses with relay_recipient_maps.
# Be sure to double-check the path to perl above.

use strict;
use warnings;
use Net::LDAP;
use Getopt::Long;

# If you use more than 1 domaincontroller you'll have to use a sort -u on the output...
my $dcs = 'adserver.office.company.com';
my $result = GetOptions("domaincontrollers|dc|dcs=s"    => \$dcs);

die "No domaincontrollers specified!" unless $dcs;

foreach my $dc (split(/\s/, $dcs)) {
        # Enter the LDAP container for your userbase.
        my $hqbase="ou=something,dc=office,dc=company,dc=com";

        # Enter the username & password for a valid user in your Active Directory
        # with username in the form cn=username,cn=Users,dc=example,dc=com
        my $user="office\\somereadonlyldapuser";
        my $passwd="somegoodpassword";

        # Connecting to Active Directory domain controllers
        my $ldap = Net::LDAP->new($dc, version => 2);

        my $mesg = $ldap->bind(
                $user,
                password => $passwd
        );

        if ( $mesg->code()) {
                die ("error:", $mesg->error());
        }

        my $searchbase = $hqbase;

        # Searching for users (not contacts) that are mail-enabled
        $mesg = $ldap->search(
                base    => $searchbase,
                filter  => "(&(sAMAccountName=*)(mail=*))",
                attrs   => "proxyAddresses"
        );

        my $entries = $mesg->count();

        if ($entries lt 1) {
                print "entries=0 \n";
        }

        # Filtering results for proxyAddresses attributes, thanks to Markus Schabel
        # and Viktor Duchovni
        foreach my $entry ($mesg->entries()) {
                # LDAP Attributes are multi-valued, so we have to print each one.
                foreach my $mail ($entry->get_value("proxyAddresses")) {
                        # Test if the Line starts with one of the following lines:
                        # proxyAddresses: smtp:
                        # proxyAddresses: SMTP:
                        # and also discard this starting string, so that $mail is only the
                        # address without any other characters...
                        if ($mail =~ s/^(smtp|SMTP)://gs) {
                                print $mail." OK\n";
                        }
                }
        }

        # Unbinding
        $ldap->unbind();
}