I’ve a small routine that checks an entered username (textfield) and password (secure text field) again an ldap server to check that the entered creds. Works perfectly under AppleScript editor:
set domainSTR to "bob.com"
set ouSTR to "ou=Employees,ou=Bob Users,dc=bob,dc=com"
set ldapQueryResults to ""
set UserPW to "passwordofuser"
set User to "testuser"
try
set ldapQueryResults to do shell script "ldapsearch -H ldap://ldap.bob.com -x -D " & CECUser & "@" & domainSTR & " -w " & UserPW & " -b '" & ouSTR & "' -LLL sAMAccountName=" & User
on error errMsg
set ldapQueryResults to errMsg -- we do this so that the if statements below are neater and all use the same ldapQueryResults variable
end try
log ldapQueryResults
if ldapQueryResults contains "Invalid credentials (49)" then -- Bad credentials. UN / PW not entered correctly
set CredCheck to "Incorrectly entered credentials. Please try again."
else if ldapQueryResults contains "Can't contact LDAP server" then -- server unreachable: are we connected to the network?
set CredCheck to "Cannot contact server. Pleasure ensure that you're connected to the network via Ethernet and try again"
else if ldapQueryResults contains "distinguishedName" then -- success
set CredCheck to "Success! Please click Continue..."
-- set my ButtonIsEnabled to true -- re-enables continue button
else
set CredCheck to "There's been an undefined error. Please try again or contact helpdesk"
end if
log CredCheck
for the testing, as mentioned, I run this in AppleScript, and it’s fine. I’ve obviously changed the OU and domain to protect the innocent
If I chuck the same code into Xcode, version 4.5.2, it works fine.
If I then change UserPW and User to reflect the names of the properties bound to the textfield and securetextfield, it fails with the following –
I can see that it’s not passing the contents of the secure text field to the do shell script, but I don’t know how to rectify it. Doubly confused as, in another project, I’ve successfully passed the contents of a secure text field to a do shell script containing a pwpolicy…
So, two questions.
-
Can I resolve this issue somehow?
-
If not, is there a built in library I can use for ldap search queries instead?
Thanks in advance