TL;DR

perl-ldap rocks!

I recently had to gather some data from an Active Directory server. After looking at some objects using a graphical interface, I quickly realized that something programmatic was more up to the job.

So I turned to Perl, of course. So I turned to CPAN, of course.

It turns out that perl-ldap has all I needed and was extremely easy to install and use. Thereโ€™s been a bit of language impedance mismatch because I was looking for a login method, which is just called bind. Apart from this, everything was quite smooth actually.

A minimal example to get started searching stuff:

use v5.24;
use Net::LDAP;
use JSON::PP 'encode_json';
my $ad = Net::LDAP->($ENV{LDAP_HOST});
$ad->bind($ENV{LDAP_USER}, password => $ENV{LDAP_PASS});
my $results = $ad->search(
    base => $ENV{LDAP_BASE},
    filter => (shift(@ARGV) // '(cn=whatever)'),
);
my @records;
while (defined(my $entry = $results->shift_entry)) {
    push @records, entry2record($entry);
}
$ad->unbind; # logout
say encode_json(\@records);

sub entry2record {
    my $entry = shift;
    {
        map {
            my @values = $entry->get_value($_);
            $_ => (@values > 1 ? \@values : $values[0]);
        } $entry->attributes
    };
}

This is it, bye!