1Net::LDAP(3) User Contributed Perl Documentation Net::LDAP(3)
2
6 Net::LDAP - Lightweight Directory Access Protocol
7
9 use Net::LDAP;
10 $ldap = Net::LDAP->new( 'ldap.bigfoot.com' ) or die "$@";
12 $mesg = $ldap->bind ; # an anonymous bind
14 $mesg = $ldap->search( # perform a search
16 base => "c=US",
17 filter => "(&(sn=Barr) (o=Texas Instruments))"
18 );
19 $mesg->code && die $mesg->error;
21 foreach $entry ($mesg->entries) { $entry->dump; }
23 $mesg = $ldap->unbind; # take down session
25 $ldap = Net::LDAP->new( 'ldap.umich.edu' );
27 # bind to a directory with dn and password
29 $mesg = $ldap->bind( 'cn=root, o=University of Michigan, c=us',
30 password => 'secret'
31 );
32 $result = $ldap->add( 'cn=Barbara Jensen, o=University of Michigan, c=US',
34 attr => [
35 'cn' => ['Barbara Jensen', 'Barbs Jensen'],
36 'sn' => 'Jensen',
37 'mail' => 'b.jensen@umich.edu',
38 'objectclass' => ['top', 'person',
39 'organizationalPerson',
40 'inetOrgPerson' ],
41 ]
42 );
43 $result->code && warn "failed to add entry: ", $result->error ;
45 $mesg = $ldap->unbind; # take down session
46
48 Net::LDAP is a collection of modules that implements a LDAP services
49 API for Perl programs. The module may be used to search directories or
50 perform maintenance functions such as adding, deleting or modifying
51 entries.
52 This document assumes that the reader has some knowledge of the LDAP
54 protocol.
55
57 new ( HOST, OPTIONS )
58 Creates a new Net::LDAP object and opens a connection to the named
59 host.
60 "HOST" may be a host name or an IP number. TCP port may be speci‐
62 fied after the host name followed by a colon (such as local‐
63 host:10389). The default TCP port for LDAP is 389.
64 You can also specify a URI, such as 'ldaps://127.0.0.1:666' or
66 'ldapi://%2fvar%2flib%2fldap_sock'. Note that '%2f's in the LDAPI
67 socket path will be translated into '/'. This is to support LDAP
68 query options like base, search etc. although the query part of the
69 URI will be ignored in this context. If port was not specified in
70 the URI, the default is either 389 or 636 for 'LDAP' and 'LDAPS'
71 schemes respectively.
72 "HOST" may also be a reference to an array of hosts, host-port
74 pairs or URIs to try. Each will be tried in order until a connec‐
75 tion is made. Only when all have failed will the result of "undef"
76 be returned.
77 port => N
79 Port to connect to on the remote server. May be overridden by
80 "HOST".
81 scheme => 'ldap' ⎪ 'ldaps' ⎪ 'ldapi'
83 Connection scheme to use when not using an URI as "HOST".
84 (Default: ldap)
85 timeout => N
87 Timeout passed to IO::Socket when connecting the remote server.
88 (Default: 120)
89 multihomed => N
91 Will be passed to IO::Socket as the "MultiHomed" parameter when
92 connecting to the remote server
93 localaddr => HOST
95 Will be passed to IO::Socket as the "LocalAddr" parameter,
96 which sets the client's IP address (as opposed to the server's
97 IP address.)
98 debug => N
100 Set the debug level. See the debug method for details.
101 async => 1
103 Perform all operations asynchronously.
104 onerror => 'die' ⎪ 'warn' ⎪ undef ⎪ sub { ... }
106 In synchronous mode, change what happens when an error is
107 detected.
108 'die'
110 Net::LDAP will croak whenever an error is detected.
111 'warn'
113 Net::LDAP will warn whenever an error is detected.
114 undef
116 Net::LDAP will warn whenever an error is detected and "-w"
117 is in effect. The method that was called will return
118 "undef".
119 sub { ... }
121 The given sub will be called in a scalar context with a
122 single argument, the result message. The value returned
123 will be the return value for the method that was called.
124 version => N
126 Set the protocol version being used (default is LDAPv3). This
127 is useful if you want to talk to an old server and therefore
128 have to use LDAPv2.
129 raw => REGEX
131 Use REGEX to denote the names of attributes that are to be con‐
132 sidered binary in search results.
133 When running on Perl 5.8 and this option is given Net::LDAP
135 converts all values of attributes not matching this REGEX into
136 Perl UTF-8 strings so that the regular Perl operators (pattern
137 matching, ...) can operate as one expects even on strings with
138 international characters.
139 If this option is not given or the version of Perl Net::LDAP is
141 running on is too old strings are encodeed the same as in ear‐
142 lier versions of perl-ldap.
143 Example: raw => qr/(?i:^jpegPhoto⎪;binary)/
145 Example
147 $ldap = Net::LDAP->new( 'remote.host', async => 1 );
149 LDAPS connections have some extra valid options, see the start_tls
151 method for details. Note the default value for 'sslversion' for
152 LDAPS is 'sslv2/3', and the default port for LDAPS is 636.
153 For LDAPI connections, HOST is actually the location of a UNIX
155 domain socket to connect to. The default location is
156 '/var/run/ldapi'.
157
159 Each of the following methods take as arguments some number of fixed
160 parameters followed by options, these options are passed in a named
161 fashion, for example
162 $mesg = $ldap->bind( "cn=me,o=example", password => "mypasswd");
164 The return value from these methods is an object derived from the
166 Net::LDAP::Message class. The methods of this class allow you to exam‐
167 ine the status of the request.
168 abandon ( ID, OPTIONS )
170 Abandon a previously issued request. "ID" may be a number or an
171 object which is a sub-class of Net::LDAP::Message, returned from a
172 previous method call.
173 control => CONTROL
175 control => [ CONTROL, ... ]
176 See "CONTROLS" below
177 callback => CALLBACK
179 See "CALLBACKS" below
180 Example
182 $res = $ldap->search( @search_args );
184 $mesg = $ldap->abandon( $res ); # This could be written as $res->abandon
186 add ( DN, OPTIONS )
188 Add a new entry to the directory. "DN" can be either a
189 Net::LDAP::Entry object or a string.
190 attrs => [ ATTR => VALUE, ... ]
192 "VALUE" should be a string if only a single value is wanted, or
193 a reference to an array of strings if multiple values are
194 wanted.
195 This argument is not used if "DN" is a Net::LDAP::Entry object.
197 control => CONTROL
199 control => [ CONTROL, ... ]
200 See "CONTROLS" below
201 callback => CALLBACK
203 See "CALLBACKS" below
204 Example
206 # $entry is an object of class Net::LDAP::Entry
208 $mesg = $ldap->add( $entry );
209 $mesg = $ldap->add( $dn,
211 attrs => [
212 name => 'Graham Barr',
213 attr => 'value1',
214 attr => 'value2',
215 multi => [qw(value1 value2)]
216 ]
217 );
218 bind ( DN, OPTIONS )
220 Bind (log in) to the server. "DN" is the DN to bind with. An anony‐
221 mous bind may be done by calling bind without any arguments.
222 control => CONTROL
224 control => [ CONTROL, ... ]
225 See "CONTROLS" below
226 callback => CALLBACK
228 See "CALLBACKS" below
229 noauth ⎪ anonymous => 1
231 Bind without any password. The value passed with this option is
232 ignored.
233 password => PASSWORD
235 Bind with the given password.
236 sasl => SASLOBJ
238 Bind using a SASL mechanism. The argument given should be a
239 sub-class of Authen::SASL.
240 Example
242 $mesg = $ldap->bind; # Anonymous bind
244 $mesg = $ldap->bind( $dn, password => $password );
246 # $sasl is an object of class Authen::SASL
248 $mesg = $ldap->bind( $dn, sasl => $sasl, version => 3 );
249 compare ( DN, OPTIONS )
251 Compare values in an attribute in the entry given by "DN" on the
252 server. "DN" may be a string or a Net::LDAP::Entry object.
253 attr => ATTR
255 The name of the attribute to compare.
256 value => VALUE
258 The value to compare with.
259 control => CONTROL
261 control => [ CONTROL, ... ]
262 See "CONTROLS" below.
263 callback => CALLBACK
265 See "CALLBACKS" below.
266 Example
268 $mesg = $ldap->compare( $dn,
270 attr => 'cn',
271 value => 'Graham Barr'
272 );
273 delete ( DN, OPTIONS )
275 Delete the entry given by "DN" from the server. "DN" may be a
276 string or a Net::LDAP::Entry object.
277 control => CONTROL
279 control => [ CONTROL, ... ]
280 See "CONTROLS" below.
281 callback => CALLBACK
283 See "CALLBACKS" below.
284 Example
286 $mesg = $ldap->delete( $dn );
288 moddn ( DN, OPTIONS )
290 Rename the entry given by "DN" on the server. "DN" may be a string
291 or a Net::LDAP::Entry object.
292 newrdn => RDN
294 This value should be a new RDN to assign to "DN".
295 deleteoldrdn => 1
297 This option should be passwd if the existing RDN is to be
298 deleted.
299 newsuperior => NEWDN
301 If given this value should be the DN of the new superior for
302 "DN".
303 control => CONTROL
305 control => [ CONTROL, ... ]
306 See "CONTROLS" below.
307 callback => CALLBACK
309 See "CALLBACKS" below.
310 Example
312 $mesg = $ldap->moddn( $dn, newrdn => 'cn=Graham Barr' );
314 modify ( DN, OPTIONS )
316 Modify the contents of the entry given by "DN" on the server. "DN"
317 may be a string or a Net::LDAP::Entry object.
318 add => { ATTR => VALUE, ... }
320 Add more attributes or values to the entry. "VALUE" should be a
321 string if only a single value is wanted in the attribute, or a
322 reference to an array of strings if multiple values are wanted.
323 delete => [ ATTR, ... ]
325 Delete complete attributes from the entry.
326 delete => { ATTR => VALUE, ... }
328 Delete individual values from an attribute. "VALUE" should be a
329 string if only a single value is being deleted from the
330 attribute, or a reference to an array of strings if multiple
331 values are being deleted.
332 replace => { ATTR => VALUE, ... }
334 Replace any existing values in each given attribute with
335 "VALUE". "VALUE" should be a string if only a single value is
336 wanted in the attribute, or a reference to an array of strings
337 if multiple values are wanted. A reference to an empty array
338 will remove the entire attribute.
339 changes => [ OP => [ ATTR => VALUE ], ... ]
341 This is an alternative to add, delete and replace where the
342 whole operation can be given in a single argument. "OP" should
343 be add, delete or replace. "VALUE" should be either a string or
344 a reference to an array of strings, as before.
345 Use this form if you want to control the order in which the
347 operations will be performed.
348 control => CONTROL
350 control => [ CONTROL, ... ]
351 See "CONTROLS" below.
352 callback => CALLBACK
354 See "CALLBACKS" below.
355 Example
357 $mesg = $ldap->modify( $dn, add => { sn => 'Barr' } );
359 $mesg = $ldap->modify( $dn, delete => [qw(faxNumber)] );
361 $mesg = $ldap->modify( $dn, delete => { 'telephoneNumber' => '911' } );
363 $mesg = $ldap->modify( $dn, replace => { 'mail' => 'gbarr@pobox.com' } );
365 $mesg = $ldap->modify( $dn,
367 changes => [
368 # add sn=Barr
369 add => [ sn => 'Barr' ],
370 # delete all fax numbers
371 delete => [ faxNumber => []],
372 # delete phone number 911
373 delete => [ telephoneNumber => ['911']],
374 # change email address
375 replace => [ mail => 'gbarr@pobox.com']
376 ]
377 );
378 search ( OPTIONS )
380 Search the directory using a given filter. This can be used to
381 read attributes from a single entry, from entries immediately below
382 a particular entry, or a whole subtree of entries.
383 The result is an object of class Net::LDAP::Search.
385 base => DN
387 The DN that is the base object entry relative to which the
388 search is to be performed.
389 scope => 'base' ⎪ 'one' ⎪ 'sub'
391 By default the search is performed on the whole tree below the
392 specified base object. This maybe changed by specifying a
393 "scope" parameter with one of the following values:
394 base
396 Search only the base object.
397 one Search the entries immediately below the base object.
399 sub Search the whole tree below (and including) the base
401 object. This is the default.
402 deref => 'never' ⎪ 'search' ⎪ 'find' ⎪ 'always'
404 By default aliases are dereferenced to locate the base object
405 for the search, but not when searching subordinates of the base
406 object. This may be changed by specifying a "deref" parameter
407 with one of the following values:
408 never
410 Do not dereference aliases in searching or in locating the
411 base object of the search.
412 search
414 Dereference aliases in subordinates of the base object in
415 searching, but not in locating the base object of the
416 search.
417 find
419 Dereference aliases in locating the base object of the
420 search, but not when searching subordinates of the base
421 object. This is the default.
422 always
424 Dereference aliases both in searching and in locating the
425 base object of the search.
426 sizelimit => N
428 A sizelimit that restricts the maximum number of entries to be
429 returned as a result of the search. A value of 0, and the
430 default, means that no restriction is requested. Servers may
431 enforce a maximum number of entries to return.
432 timelimit => N
434 A timelimit that restricts the maximum time (in seconds)
435 allowed for a search. A value of 0 (the default), means that no
436 timelimit will be requested.
437 typesonly => 1
439 Only attribute types (no values) should be returned. Normally
440 attribute types and values are returned.
441 filter => FILTER
443 A filter that defines the conditions an entry in the directory
444 must meet in order for it to be returned by the search. This
445 may be a string or a Net::LDAP::Filter object. Values inside
446 filters may need to be escaped to avoid security problems; see
447 Net::LDAP::Filter for a definition of the filter format,
448 including the escaping rules.
449 attrs => [ ATTR, ... ]
451 A list of attributes to be returned for each entry that matches
452 the search filter.
453 If not specified, then the server will return the attributes
455 that are specified as accessible by default given your bind
456 credentials.
457 Certain additional attributes such as "createTimestamp" and
459 other operational attributes may also be available for the ask‐
460 ing:
461 $mesg = $ldap->search( ... ,
463 attrs => ['createTimestamp']
464 );
465 To retrieve the default attributes and additional ones, use
467 '*'.
468 $mesg = $ldap->search( ... ,
470 attrs => ['*', 'createTimestamp']
471 );
472 To retrieve no attributes (the server only returns the DNs of
474 matching entries), use '1.1':
475 $mesg = $ldap->search( ... ,
477 attrs => ['1.1']
478 );
479 control => CONTROL
481 control => [ CONTROL, ... ]
482 See "CONTROLS" below.
483 callback => CALLBACK
485 See "CALLBACKS" below.
486 raw => REGEX
488 Use REGEX to denote the names of attributes that are to be con‐
489 sidered binary in search results.
490 When running on Perl 5.8 and this option is given Net::LDAP
492 converts all values of attributes not matching this REGEX into
493 Perl UTF-8 strings so that the regular Perl operators (pattern
494 matching, ...) can operate as one expects even on strings with
495 international characters.
496 If this option is not given or the version of Perl Net::LDAP is
498 running on is too old strings are encodeed the same as in ear‐
499 lier versions of perl-ldap.
500 The value provided here overwrites the value inherited from the
502 constructor.
503 Example: raw => qr/(?i:^jpegPhoto⎪;binary)/
505 Example
507 $mesg = $ldap->search(
509 base => $base_dn,
510 scope => 'sub',
511 filter => '(⎪(objectclass=rfc822mailgroup)(sn=jones))'
512 );
513 Net::LDAP::LDIF->new( \*STDOUT,"w" )->write( $mesg->entries );
515 start_tls ( OPTIONS )
517 Calling this method will convert the existing connection to using
518 Transport Layer Security (TLS), which provides an encrypted connec‐
519 tion. This is only possible if the connection uses LDAPv3, and
520 requires that the server advertizes support for LDAP_EXTEN‐
521 SION_START_TLS. Use "supported_extension" in Net::LDAP::RootDSE to
522 check this.
523 verify => 'none' ⎪ 'optional' ⎪ 'require'
525 How to verify the server's certificate:
526 none
528 The server may provide a certificate but it will not be
529 checked - this may mean you are be connected to the wrong
530 server
531 optional
533 Verify only when the server offers a certificate
534 require
536 The server must provide a certificate, and it must be
537 valid.
538 If you set verify to optional or require, you must also set
540 either cafile or capath. The most secure option is require.
541 sslversion => 'sslv2' ⎪ 'sslv3' ⎪ 'sslv2/3' ⎪ 'tlsv1'
543 This defines the version of the SSL/TLS protocol to use.
544 Defaults to 'tlsv1'.
545 ciphers => CIPHERS
547 Specify which subset of cipher suites are permissible for this
548 connection, using the standard OpenSSL string format. The
549 default value is 'ALL', which permits all ciphers, even those
550 that don't encrypt.
551 clientcert => '/path/to/cert.pem'
553 clientkey => '/path/to/key.pem'
554 keydecrypt => sub { ... }
555 If you want to use the client to offer a certificate to the
556 server for SSL authentication (which is not the same as for the
557 LDAP Bind operation) then set clientcert to the user's certifi‐
558 cate file, and clientkey to the user's private key file. These
559 files must be in PEM format.
560 If the private key is encrypted (highly recommended) then key‐
562 decrypt should be a subroutine that returns the decrypting key.
563 For example:
564 $ldap = Net::LDAP->new( 'myhost.example.com', version => 3 );
566 $mesg = $ldap->start_tls(
567 verify => 'require',
568 clientcert => 'mycert.pem',
569 clientkey => 'mykey.pem',
570 keydecrypt => sub { 'secret'; },
571 capath => '/usr/local/cacerts/'
572 );
573 capath => '/path/to/servercerts/'
575 cafile => '/path/to/servercert.pem'
576 When verifying the server's certificate, either set capath to
577 the pathname of the directory containing CA certificates, or
578 set cafile to the filename containing the certificate of the CA
579 who signed the server's certificate. These certificates must
580 all be in PEM format.
581 The directory in 'capath' must contain certificates named using
583 the hash value of the certificates' subject names. To generate
584 these names, use OpenSSL like this in Unix:
585 ln -s cacert.pem `openssl x509 -hash -noout < cacert.pem`.0
587 (assuming that the certificate of the CA is in cacert.pem.)
589 checkcrl => 1
591 If capath has been configured, then it will also be searched
592 for certificate revocation lists (CRLs) when verifying the
593 server's certificate. The CRLs' names must follow the form
594 hash.rnum where hash is the hash over the issuer's DN and num
595 is a number starting with 0.
596 See "SSL_check_crl" in IO::Socket::SSL for further information.
598 unbind ( )
600 The unbind method does not take any parameters and will unbind you
601 from the server. Some servers may allow you to re-bind or perform
602 other operations after unbinding. If you wish to switch to another
603 set of credentials while continuing to use the same connection, re-
604 binding with another DN and password, without unbind-ing, will gen‐
605 erally work.
606 Example
608 $mesg = $ldap->unbind;
610 The following methods are for convenience, and do not return
612 "Net::LDAP::Message" objects.
613 async ( VALUE )
615 If "VALUE" is given the async mode will be set. The previous value
616 will be returned. The value is true if LDAP operations are being
617 performed asynchronously.
618 certificate ( )
620 Returns an X509_Certificate object containing the server's certifi‐
621 cate. See the IO::Socket::SSL documentation for information about
622 this class.
623 For example, to get the subject name (in a peculiar OpenSSL-spe‐
625 cific format, different from RFC 1779 and RFC 2253) from the
626 server's certificate, do this:
627 print "Subject DN: " . $ldaps->certificate->subject_name . "\n";
629 cipher ( )
631 Returns the cipher mode being used by the connection, in the string
632 format used by OpenSSL.
633 debug ( VALUE )
635 If "VALUE" is given the debug bit-value will be set. The previous
636 value will be returned. Debug output will be sent to "STDERR". The
637 bits of this value are:
638 1 Show outgoing packets (using asn_hexdump).
640 2 Show incoming packets (using asn_hexdump).
641 4 Show outgoing packets (using asn_dump).
642 8 Show incoming packets (using asn_dump).
643 The default value is 0.
645 disconnect ( )
647 Disconnect from the server
648 root_dse ( OPTIONS )
650 The root_dse method retrieves cached information from the server's
651 rootDSE.
652 attrs => [ ATTR, ... ]
654 A reference to a list of attributes to be returned. If not
655 specified, then the following attributes will be requested
656 subschemaSubentry
658 namingContexts
659 altServer
660 supportedExtension
661 supportedFeatures
662 supportedControl
663 supportedSASLMechanisms
664 supportedLDAPVersion
665 The result is an object of class Net::LDAP::RootDSE.
667 Example
669 my $root = $ldap->root_dse;
671 # get naming Context
672 $root->get_value( 'namingContext', asref => 1 );
673 # get supported LDAP versions
674 $root->supported_version;
675 As the root DSE may change in certain circumstances - for instance
677 when you change the connection using start_tls - you should always
678 use the root_dse method to return the most up-to-date copy of the
679 root DSE.
680 schema ( OPTIONS )
682 Read schema information from the server.
683 The result is an object of class Net::LDAP::Schema. Read this doc‐
685 umentation for further information about methods that can be per‐
686 formed with this object.
687 dn => DN
689 If a DN is supplied, it will become the base object entry from
690 which the search for schema information will be conducted. If
691 no DN is supplied the base object entry will be determined from
692 the rootDSE entry.
693 Example
695 my $schema = $ldap->schema;
697 # get objectClasses
698 @ocs = $schema->all_objectclasses;
699 # Get the attributes
700 @atts = $schema->all_attributes;
701 socket ( )
703 Returns the underlying "IO::Socket" object being used.
704 host ( )
706 Returns the host to which he connection was established. For LDAPI
707 connections the socket path is returned.
708 port ( )
710 Returns the the port connected to or "undef" in case of LDAPI con‐
711 nections.
712 uri ( )
714 Returns the URI connected to.
715 As the value returned is that element of the constructor's HOST
717 argument with which the connection was established this may or may
718 not be a legal URI.
719 scheme ( )
721 Returns the scheme of the connection. One of ldap, ldaps or ldapi.
722 sync ( MESG )
724 Wait for a given "MESG" request to be completed by the server. If
725 no "MESG" is given, then wait for all outstanding requests to be
726 completed.
727 Returns an error code defined in Net::LDAP::Constant.
729 process ( MESG )
731 Process any messages that the server has sent, but do not block. If
732 "MESG" is specified then return as soon as "MESG" has been pro‐
733 cessed.
734 Returns an error code defined in Net::LDAP::Constant.
736 version ( )
738 Returns the version of the LDAP protocol that is being used.
739
741 Many of the methods described above accept a control option. This
742 allows the user to pass controls to the server as described in LDAPv3.
743 A control is a reference to a HASH and should contain the three ele‐
745 ments below. If any of the controls are blessed then the method
746 "to_asn" will be called which should return a reference to a HASH con‐
747 taining the three elements described below.
748 For most purposes Net::LDAP::Control objects are the easiest way to
750 generate controls.
751 type => OID
753 This element must be present and is the name of the type of control
754 being requested.
755 critical => FLAG
757 critical is optional and should be a boolean value, if it is not
758 specified then it is assumed to be false.
759 value => VALUE
761 If the control being requested requires a value then this element
762 should hold the value for the server.
763
765 Most of the above commands accept a callback option. This option should
766 be a reference to a subroutine. This subroutine will be called for each
767 packet received from the server as a response to the request sent.
768 When the subroutine is called the first argument will be the
770 Net::LDAP::Message object which was returned from the method.
771 If the request is a search then multiple packets can be received from
773 the server. Each entry is received as a separate packet. For each of
774 these the subroutine will be called with a Net::LDAP::Entry object as
775 the second argument.
776 During a search the server may also send a list of references. When
778 such a list is received then the subroutine will be called with a
779 Net::LDAP::Reference object as the second argument.
780
782 Net::LDAP also exports constants for the error codes that can be
783 received from the server, see Net::LDAP::Constant.
784
786 Net::LDAP::Constant, Net::LDAP::Control, Net::LDAP::Entry,
787 Net::LDAP::Filter, Net::LDAP::Message, Net::LDAP::Reference,
788 Net::LDAP::Search, Net::LDAP::RFC
789 The homepage for the perl-ldap modules can be found at
791 http://ldap.perl.org/.
792
794 This document is based on a document originally written by Russell Ful‐
795 ton <r.fulton@auckland.ac.nz>.
796 Chris Ridd <chris.ridd@isode.com> for the many hours spent testing and
798 contribution of the ldap* command line utilities.
799
801 A discussion mailing list is hosted by the Perl Foundation at
802 <perl-ldap@perl.org> No subscription is necessary!
803
805 We hope you do not find any, but if you do please report them to the
806 mailing list.
807 If you have a patch, please send it as an attachment to the mailing
809 list.
810
812 Graham Barr <gbarr@pobox.com>
813
815 Copyright (c) 1997-2004 Graham Barr. All rights reserved. This program
816 is free software; you can redistribute it and/or modify it under the
817 same terms as Perl itself.
818perl v5.8.8 2007-02-10 Net::LDAP(3)