Tool

Reading the LDAP 'networkAddress' Attribute of a Server or User Object

Author Info

18 December 2007 - 6:45pm
Submitted by: colin_pearce

Author Blog
Author Profile

Tags

Tags Map
tool
Reads:

3874

Score:
0
0
 
Comments:

4

license: 
free

A perl script to read the LDAP 'networkAddress' attribute of a server or user object from an eDirectory LDAP server and get the TCP/IP address in decimal dot notation.

The network address attribute when read via LDAP is in the form-
LDAP Format, String:
taggedData = uint32String "#" octetstring
byte 0 = uint32String = Address Type: eg. 1 = IP Address (user); 9 = TCP Address (server)
byte 1 = char = "#" - separator
byte 2+ = octetstring - the ordinal value of the address

The following instructions assume that you have a working LDAP server and Perl installed with the Net::LDAP module http://ldap.perl.org/ . Of course, the LDAP 'networkAddress' attribute must be visible for your LDAP proxy user.

This script can be used a command line tool or called from another script by passing the following arguments:
- LDAP server qualified DNS name or IP address
- Base OU for the LDAP search, o=myorg
- CN of the object look up the IP address of, username or server name
In that order! eg:
netaddr.pl (ldap server) (base dn) (object)

AttachmentSize
netaddr.pl.txt2.22 KB

Author Info

18 December 2007 - 6:45pm
Submitted by: colin_pearce

Author Blog
Author Profile

Tags

Tags Map


Related Articles


User Comments

PHP IP Address code snippet

Submitted by bthoreson on 21 December 2007 - 9:26pm.

$addr = "";
$addrtype = intval(substr($networkaddress, 0, 1));

// throw away bytes 0 and 1 which should be the addrtype and the "#" separator
$networkaddress = substr($networkaddress, 2);

$addrtypes = array('IPX', 'IP', 'SDLC', 'Token Ring', 'OSI', 'AppleTalk', 'NetBEUI', 'Socket', 'UDP', 'TCP', 'UDP6', 'TCP6', 'Reserved (12)', 'URL', 'Count');

$len = strlen($networkaddress);

if ($len > 0) {
for ($i=0; $i<$len; $i+=1) {
$byte = substr($networkaddress, $i, 1);
$addr .= ord($byte);

if ($addrtype == 1){ // dot separate IP addresses...
$addr .= ".";
}
}

if ($addrtype == 1) {
// strip last period from end of $addr
$addr = substr($addr, 0, strlen($addr)-1);
}
}
else {
$addr .= "address not available.";
}

printf($addrtypes[$addrtype] . ": " . $addr);

C# IP Address Code Snippet

Submitted by morgaia on 18 June 2008 - 7:02am.

This took me a good while to figure out, so I hope that the community finds it useful. Please feel free to e-mail me if you have comments or suggestions...

// with a connected and bound ldap connection ldapConn...

LdapEntry server = ldapConn.Read(serverDN); // find server in tree

// retrieve and decode the server's network address

LdapAttribute serverNetAddr = server.getAttribute("networkaddress");

// loop through the multivalued networkaddress field
foreach(sbyte[] addrBytes in serverNetAddr.ByteValueArray) {

   // get the first character in the line which indicates type
   char type = (char)addrBytes[0];

   if(type == '9') { // only interested in TCP address
       string serverTCPAddr = "";
       for(int i=(addrBytes.Length-4); i<addrBytes.Length; i++) { // last four bytes are the ip address
      byte b = unchecked((byte)addrBytes[i]); // convert sbyte to byte
         serverTCPAddr = serverTCPAddr + b; // append value to string
         if(i>0 && i<(addrBytes.Length - 1))
         serverTCPAddr = serverTCPAddr + "."; // brute force the dots
    }

  }

}

Thanks for the C# example,

Submitted by jjader on 5 November 2008 - 9:48am.

Thanks for the C# example, works like a charm!

The inverse

Submitted by sparch on 5 May 2009 - 2:17pm.

Hi, I would like to know if is there a way to provide the inverse value, I mean, I got the IP address, and I wanna compare with the value into networkAddress to see if the IP being passed to me matches with the one into NDS.

Is that possible?

Thanks!

© 2009 Novell, Inc. All Rights Reserved.