This little code example in Perl shows how to connect to an OpenLDAP server using the ldaps protocol. It tries several servers and uses the first one it can connect to.
#!/usr/bin/perl use strict; use Net::LDAP; use Net::LDAP::Extension::WhoAmI; # LDAPS is basically the same as the LDAP-Module using ldaps:// URIs #use Net::LDAPS; my $userName = 'USERNAME'; my $passWord = 'PASSWORD'; my @Servers = ("server1", "server2", "server3"); my $ldap = undef; # Code = 34, Name: LDAP_INVALID_DN_SYNTAX (dn is not a full path) # Code = 48, Name: LDAP_INAPPROPRIATE_AUTH (empty dn or password) # Code = 49, Name: LDAP_INVALID_CREDENTIALS (wrong dn or password) sub lErr { my $mesg = shift; printf STDERR "Error: %sn", $mesg->error(); printf STDERR "Error Code: %sn", $mesg->code(); printf STDERR "Error Name: %sn", $mesg->error_name(); printf STDERR "Error Text: %s", $mesg->error_text(); printf STDERR "Error Description: %sn", $mesg->error_desc(); printf STDERR "Server Error: %sn", $mesg->server_error(); } foreach my $server (@Servers) { $ldap = Net::LDAP->new("ldaps://$server:636", verify => 'require', inet4 => 1, timeout => 3, cafile => '/etc/ssl/certs/ldap_slapd_cacert.pem' ); if($ldap) { print "Ok connecting to $servern"; last; } else { print "Error connecting to $server: $@n"; } } if($ldap) { print "Now connected to " . $ldap->host() . "n"; } else { exit -1; } my $mesg = $ldap->bind("uid=$userName,ou=People,dc=example,dc=com", password => "$passWord"); if($mesg->is_error()) { exit $mesg->code; } # Using $ldap->bind again after $ldap->unbind doesn't work $ldap->unbind;
There is also an option to connect to an array of servers with only one function call. It basically does the same thing: Looping through a list of servers and use the first successful connection. But you have to be careful, there is a known bug if “verify” is set to “optional” (s. https://rt.cpan.org/Public/Bug/Display.html?id=118477).