我正在尝试从Ruby应用程序连接到AD实例。我已经选择LDAP做这项工作。
下面是我编写的连接设置和脚本。
def name_for_login( email, password )
email = email[/\A\w+/].downcase # Throw out the domain, if it was there
email << "@example.com" # I only check people in my company
ldap = Net::LDAP.new(
host: '10.0.0.2',
port: 1027,
auth: { method: :simple, email: email, password:password }
)
if ldap.bind
p 'lol'
# Yay, the login credentials were valid!
# Get the user's full name and return it
ldap.search(
base: "OU=Users,OU=Accounts,DC=example,DC=com",
filter: Net::LDAP::Filter.eq( "mail", email ),
attributes: %w[ displayName ],
return_result:true
).first.displayName.first
end
end
和测试凭据:
如果运行脚本,它将引发以下错误:
irb(main):025:0> name_for_login('tester','Pass@123')
Net::LDAP::BindingInformationInvalidError: Invalid binding information
from /Library/Ruby/Gems/2.3.0/gems/net-ldap-0.16.1/lib/net/ldap/auth_adapter/simple.rb:14:in `bind'
from /Library/Ruby/Gems/2.3.0/gems/net-ldap-0.16.1/lib/net/ldap/connection.rb:278:in `block in bind'
from /Library/Ruby/Gems/2.3.0/gems/net-ldap-0.16.1/lib/net/ldap/instrumentation.rb:19:in `instrument'
from /Library/Ruby/Gems/2.3.0/gems/net-ldap-0.16.1/lib/net/ldap/connection.rb:275:in `bind'
from /Library/Ruby/Gems/2.3.0/gems/net-ldap-0.16.1/lib/net/ldap.rb:868:in `block in bind'
from /Library/Ruby/Gems/2.3.0/gems/net-ldap-0.16.1/lib/net/ldap/instrumentation.rb:19:in `instrument'
from /Library/Ruby/Gems/2.3.0/gems/net-ldap-0.16.1/lib/net/ldap.rb:860:in `bind'
from (irb):9:in `name_for_login'
from (irb):25
from /usr/bin/irb:11:in `<main>'
我不确定从哪里进行故障排除以了解问题。
AD位于Azure托管的Windows服务器上。
答案 0 :(得分:0)
我不了解Ruby,但我的猜测是问题出在这里:
auth: { method: :simple, email: email, password:password }
根据the documentation,您应该使用username属性,而不是email。并且您需要将其设置为帐户的用户名(sAMAccountName)或userPrincipalName(可能与电子邮件地址或distinguishedName相同)。
假设userPrincipalName与电子邮件地址相同,则可能可行:
auth: { method: :simple, username: email, password:password }