LDAP Authentication using CGI+TCL

Question

How can I authenticate a user with LDAP using CGI/TCL stack?

Please provide a sample code-snippet if possible.

---

I am using an Apache Web Server on RHEL 5.0; AD exists on a remote Win2003 server.

Answer 1

Here is an example that will connect to an ldap server and retrieve all of the info ldap has about an email address:

package require ldap
set sEmailAddress "user@example.com"

set handle [::ldap::connect example.com 3268]
ldap::bind $handle

set result [::ldap::search $handle "dc=example,dc=com" "(mail=$sEmailAddress)" {sAMAccountName}]

foreach {object attributes} $result {
  foreach {name val} $attributes {
    puts "$name\t$val"
  }
}

Answer 2

Here's the ldap package. You first bind using some "bind user" who can see everyone. You then search for the user based on some attribute like e-mail address or sAMAccountName. If the user exists, bind again using the given password and the full path of the user.