#!/usr/local/bin/perl ################################################################################################################################################## # # PERFORCE LDAP AUTHENTICATION TRIGGER SCRIPT # This trigger script will be used to authenticate Perforce login sessions against the LDAP in UNIX and AD in Windows. # How to apply the trigger: # -> Must have admin or superuser account access <- # Triggers: # ldap-trigger auth-check auth /path-to-the-trigger-script/ldap.pl ldap-hostname port %user% uid=%user%,cn=users,cn=corp,dc=abc-company,dc=com # # For this test instance we apply it as follows # FOR UNIX-LDAP - store the list of ldap servers in a file called /home/userid/bin/unix_ldap (one server CNAME in each line) # Triggers: # ldap-trigger auth-check auth /home/userid/new-ldap.pl 389 %user% uid=%user%,cn=users,cn=corp,dc=abc-company,dc=com # # FOR WINDOWS-AD : Store the List of AD servers in a file called /home/userid/bin/NT-AD (one AD server CNAME in each line) # Triggers: # AD-trigger auth-check auth /home/userid/new-ldap.pl 389 %user% uid=%user%,CN=users,DC=corp,DC=ad,DC=abc-company,DC=com # In general, please use the DN that suits the LDAP or AD of your company. ################################################################################################################################################### use strict; use Net::LDAP; use Net::LDAP qw(LDAP_EXTENSION_START_TLS); use Authen::Simple::Passwd; use Net::Ping; use IO::Socket; ############################## # GLOBAL VARIABLE DEFINITION ############################## my ($tmp_usr_file,$specialcheck,$ldaptestval,$max_count,$checkval,$option,$ip,$target,$curr_time,$max,$pport,$checkval,$count_enabled,$remote,$option,$count,$adhost,$adservers,$adserver_cnt)=""; my ($ldap_passwd,$login_attempt,$baseDN,$nuser,$reason,$host,$port,$dn,$emailid,$user,$ldap,$result,$password, $ncmd,$fullname,$fname,$lname,$dtstamp,$logfile,$temp,$p4userid,$uid,$k,$cmd,$val)=""; my (@testldapportargs,@temparray,@array,@tmp,@ad)=(); my $argc = scalar(@ARGV); my $caCertFile="/home/userid/bin/cacert.pem"; # THE WORKSPACE FOR PERFORCE SUPER-USER ACCOUNT THAT RUNS P4D is /home/userid/p4workspace/BU-UNIT-NAME_PORT my $htpasswd="/home/userid/p4workspace/ABC-DEPT_3024/.htpasswd"; my $workdir="/home/userid/p4workspace/ABC-DEPT_3024/"; my $hostfile="/home/userid/bin/unix_ldap"; my $ldap_retrycount=5; my $password_retry=3; my ($ldaptestval,$max_count,$option,$ip,$target,$curr_time,$max,$port,$checkval,$count_enabled,$remote,$option,$count)=""; my $sendmail='/usr/lib/sendmail'; my $specialuser=1; my @specialusers=("build","wengangm","haoruiw","giddeong","erich","admin","stevew","shengjieh","regress","calvinp","qiangj","cesarm","jasong","dechengx","frankl","frederice","gwangseonp","howarda","jamesf","jasona","jcm","joshs","kaitlinw","lingyongc","mingquanl","paulg","pengd","andrewc","peterd","roberth","russells","sanjayg","support","yongpingz","zhinengn","zhuz"); my $irvine_ux_passwd=0; my $temp_usr_file_path="/tmp/p4_BU-Unit_login_"; my $send_usr_email=1; my $user_emailid=""; my $email_tag=1; # SENDEMAIL VARIABLES my $to="jsiddaga\@abc.com,scm-l2-list\@abc.com"; my $from="userid\@abc.com"; my ($subject,$message,$failedlogin)=""; # END OF SENDEMAIL VAIRABLES ################################### # --END OF VARIBLE DEFINITIONS -- ################################### ## Perforce requires messages on stdout ## open(STDERR, ">&STDOUT") or die "Can't dup stdout"; ############################# # OPEN LOG FILE FOR WRITING # ############################# # # Using a logfile to store the events of the script fired. # The file will be stored in /home/userid for debug purpose only and will be removed later. $logfile="/tmp/p4auth-BU-Unit-log.txt"; $dtstamp= localtime(time); open(FIL,">>$logfile") or die "\n Cannot open file $logfile for write access: $!\n"; print FIL "\n---TRIGGER FIRED--- $dtstamp ---"; ## check argument count ## #print "\nNUMBER OF ARGUMENTS:$#ARGV\nARGUMENTS ARE : @ARGV\n"; if( $argc != 3 ) { die "wrong number of arguments!\n"; } ## Read UNIX-LDAP servers file for a list LDAP hostnames. open(HFIL,"$hostfile") or die "\n CANNOT OPEN FILE $hostfile FOR READ OPERATION: $!\n"; @ad=; close(HFIL); #print FIL "\n LDAP SERVERS ARE:\n@ad\n"; # CHECK IF THERE ARE MORE THAN 1 AD SERVERS IN @ad. IF THERE ARE THEN SET THE $adservers TO THE NUMBER OF AD SERVERS $adservers=$#ad; ## End of read UNIX-LDAP Servers ##################### ## assign arguments ## $port = shift @ARGV; $user = shift @ARGV; $dn = shift @ARGV; $baseDN="$dn"; print FIL "\nUSER:$user\nDN:$dn"; ########################################################################################## #Check to see if the P4-user id is a special id that requires the use of mapping ########################################################################################## $specialcheck=grep(/$user/,@specialusers); $specialuser=0 if($specialcheck==1); print FIL "\n SPECIALCHECK=$specialcheck\n"; print FIL "\t SPECIAL USER\n" if($specialuser==0); ################################################################## # Call the Check Perforce- Unix Function before proceeding further ################################################################## sub checkuser() { $nuser=check_p4_unix_id($user); chomp($nuser); #print FIL "NUSER:$nuser\n"; #print "\n\n UPON CHECKING, THE UNIX ID WAS FOUND TO BE: $nuser\n"; # NOW, IF THE PERFORCE USER ID IS DIFFERENT FROM THE UNIX ID, # REPLACE THE DN STRING WITH THE APPPOPRIATE UNIX ID if($nuser ne $user) { $dn=~s/$user/$nuser/g; #print "\n NEW-DN: $dn\n"; $user="$nuser"; } } ############################################## # -----END OF CHECK PERFORCE AND UNIX ID------ ############################################## ########################################################## # DEFINING THE MAPPING HASH TABLE TO MAP P4-ID TO UNIX-ID # THIS IS FOR THOSE USERS WHOSE P4 ID AND UNIX ID DON'T MATCH ########################################################## my %special=("jack"=>"sjackson", "jossie"=>"wjoss"); ########################################################## # END OF MAPPING HASH ########################################################## if($specialuser==0) { $nuser="$special{$user}"; $dn=~s/$user/$nuser/g; $user="$nuser"; print FIL "The UNIX user id now is: $user\n DN NOW--->$dn\n"; } ## read the password from and truncate the newline ## $password = ; $password =~ s/\n//; &checkuser if($specialuser==1); ############################################################################ # CHECK IF LDAP SERVER AND PORT ARE ACTIVE ############################################################################ # DEFINE THE ARGUMENTS TO PASS TO THE LDAP-PORT CHECK SUBROUTINE # REPEAT PINGING THE LDAP SERVER 5 TIMES : INDICATED BY -c 5 (THE FIRST TWO ARGUMENTS PARSED TO THE SUBROUTINE) # WHICH LDAP SERVER? -> PARSE $host # WHICH PORT ON LDAP SERVER? -> PARSE $port foreach $adhost(@ad) { chomp($adhost); $host="$adhost"; $host=~s/\s+//; $adservers--; #print FIL "\n HOST: $host\n"; # SET THE $adserver_cnt TO TRUE IF $adservers>=0; # IF $adserver_cnt IS SET TO TRUE, i.e VALUE=0, THE SCRIPT MUST RERUN TEST TO SEE IF OTHER LDAP SERVERS IN @ad ARE ACTIVE. # IF $adserver_cnt IS SET TO FALSE, i.e VALUE=1, THE SCRIPT SHOULD RESORT TO FALLBACK PLAN. $adserver_cnt=0 if($adservers>=0); $adserver_cnt=1 if($adservers<0); ############################################################################## @testldapportargs=("-c","5","$host","$port"); $ldaptestval=&checkportvalidity(@testldapportargs); print FIL "LDAP SERVER RUNNING OR NOT:$ldaptestval\t (0 value indicates RUNNING, 1 indicates DOWN)\n"; #print "\n RESULT OF CHECKING IF LDAP SERVER IS RUNNING OR NOT:\n $ldaptestval\t (0 value indicates RUNNING, 1 indicates DOWN)\n"; # IF THE LDAPTESTVAL IS ZERO, i.e LDAP IS ACIVE, QUIT AND MOVE TOWARDS AUTHENTICATING USER AGAINST LDAP # IF $adserver_cnt=1, THEN THERE ARE NO MORE AD SERVERS TO CHECK. QUIT. last if($ldaptestval==0 || $adserver_cnt==1); } if($ldaptestval==1 && $adserver_cnt==1) { print FIL "\n LDAP DOWN!! -> RESORTING TO FALLBACK PLAN\n"; &fallback(1); } elsif($ldaptestval==0) { print FIL "LDAP WORKING. USER AUTHENTICATION AGAINST LDAP MUST BE RUN\n"; } # IF $ldaptestval = 0 IT MEANS LDAP SERVER IS RUNNING FINE. CONTINUE WITH LDAP AUTHENTICATION # IF $ldaptestval = 1 IT MEANS LDAP SERVER IS DOWN, JUMP TO FALLBACK PLAN. ######################################################################################## ## make a standard non-encrypted connection to LDAP ## my $ldap = Net::LDAP->new( $host, port => $port ) or die "$@"; # READ THE CERTIFICATE FILE (-r $caCertFile) or die ("Cannot open CA Certificate file for read\n"); my $mesg= $ldap->start_tls(verify=>'require', cafile=>$caCertFile); if($mesg->code()) { print FIL "\n ERROR:",$mesg->code(),":->",$mesg->error(); close(FIL); die ("\nERROR:",$mesg->code(),": ",$mesg->error()); } $password_retry--; my $result = $ldap->bind( $dn, password => $password ); #while($result->code && $password_retry>0) #{ # $checkval=&retry_login; # last if($checkval==0); #} ## check result, report errors ## #if(($result->code && $password_retry<0) || $checkval==1) if($result->code) { # FAIL PERFORCE LOGIN IF THE PASSWORD PROVIDED WAS INCORRECT print FIL "\nLDAP bind Failure: $result->code\n"; $send_usr_email=&failed_login_test($user,$temp_usr_file_path); &endtrigger; close(FIL); print "\n\t\tINCORRECT PASSWORD ENTERED!\n\t\tPLEASE TRY AGAIN WITH YOUR UNIX PASSWORD\n"; $irvine_ux_passwd=&test_irvine_ux_password($user); &send_user_email($user) if($send_usr_email==0 && $irvine_ux_passwd==0); &send_user_email($user,$irvine_ux_passwd) if($send_usr_email==0 && $irvine_ux_passwd==2); die "LDAP bind failure!\n"; } $result=$ldap->unbind; if($result->code) { die "LDAP Unbind failure\n"; } &endtrigger; exit(0); #--------X----------- ############################# # END OF SCRIPT ############################# ########################################################### # SUBROUTINE TO CHECK IF P4 USERID MATCHES WITH UNIX UID ########################################################### sub check_p4_unix_id() { $p4userid=shift @_; chomp($p4userid); print FIL "P4 User-id: $p4userid"; $cmd="pwd"; $val=`$cmd 2>&1`; #print FIL "\n PRESENT-WORKING-DIR:$val \n"; $cmd=""; $val=""; $cmd="getent passwd $p4userid| cut -d \":\" -f1"; #print FIL "\n COMMAND BEING RUN: $cmd\n"; $uid=`$cmd 2>&1`; if($?) { print FIL "\n ERROR: $uid\n $!\n"; &endtrigger; exit 1; } chomp($uid); print FIL "\nUNIX-UID: $uid"; if($uid eq $p4userid) { #print FIL "\nUSER IDS ARE THE SAME\n"; # EXIT POINT FOR SUB-ROUTINE return $p4userid; } # If the associated UNIX id is different from the P4 userid # Extract the Fullname of the user by using the P4 userid. # Store the fullname in $fullname else { chdir $workdir or die "\n Cannot chdir to $workdir : $!\n"; $cmd="pwd"; $val=`$cmd 2>&1`; #print FIL "\n NOW->PRESENT-WORKING-DIR IS:$val \n"; ################################################################################### # PERFORCE DAEMON ACCOUNT, userid, LOGS IN HERE. # THIS IS DONE BECAUSE FOR SOME REASON userid ACCOUNT GETS BOOTED OUT OF PERFORCE ################################################################################### # $cmd="p4 login <$passwdfile"; # print FIL "\n COMMAND FOR EXTRACTING P4 USER DETAILS:$cmd\n"; # $val=`$cmd 2>&1`; # if($?) # { # print "\n ERROR:$val\n"; # exit 1; # } $cmd="p4 user -o $p4userid"; $val=`$cmd 2>&1`; @tmp=split(/\n/,$val); foreach(@tmp) { if(/^Email/) { s/Email:\s+//; $emailid="$_"; } if(/^FullName/) { s/FullName:\s+//; $fullname="$_"; } } print FIL "\n$val\nFullName:$fullname\n"; } $fullname="\""."$fullname"."\""; # Look for FullName in the Unix directory for a valid login $cmd="ypcat -k passwd| grep $fullname| cut -d \" \" -f1"; print FIL "\n COMMAND BEING EXECUTED:\n$cmd\n"; #print "\n COMMAND BEING EXECUTED:\n$cmd\n"; $k=`$cmd 2>&1`; # What to do if user has more than 1 entry?? if($k eq "") { #print "\n USER $p4userid DOES NOT HAVE A UNIX ACCOUNT! \n"; #print FIL "\n USER $p4userid DOES NOT HAVE A UNIX ACCOUNT! \n"; #close(FIL); #exit 1; ####################################################################################### # SECTION TO SEGGREGATE FIRST NAME AND LAST NAME RUN A SEARCH. WILL USE ONLY IF NEEDED. ####################################################################################### $fullname=~s/"//g; @array=split(/\s/,$fullname); print "\n$#array\n"; #foreach(@array){print"\n$_";} $lname=pop(@array); $fname=shift(@array); #print "\n First Name: $fname\nLast Name:$lname\n"; # Look for first name $cmd="ypcat -k passwd | grep $fname| cut -d \" \" -f1"; #print "\nLooking for First name :\n$cmd\n\n\n"; $k=`$cmd 2>&1`; #print "\n Value found: $k\n"; #print "\n UID : $k\n"; #print "\n PERFORCE USER ID:$p4userid\t AND ITS MATCHING UNIX ID: $k\n"; # Look for last name if first name is not found if($k eq "") { $cmd="ypcat -k passwd | grep $lname"; #print "\nLooking for Last name:\n$cmd\n\n\n"; $k=`$cmd 2>&1`; print "\n USER $p4userid DOES NOT HAVE A UNIX ACCOUNT! \n" if($k eq ""); &endtrigger; #return $p4userid; exit 1; } print FIL "\n PERFORCE USER ID:$p4userid\nMATCHING UNIX ID: $k\n" if($k ne ""); # EXIT POINT OF SUB-ROUTINE return $k; } else { @temparray=split(/\n/,$k); if($#temparray>0) { print "\n MULITPLE USER-IDs FOR $fullname. \nIDS ARE:\n@temparray\n"; print "\n WHAT ID SHOULD BE USED ??!!\n"; &endtrigger; exit 1; } print "\n MATCHING UNIX ID: $k\n"; print FIL "\n MATCHING UNIX-ID: $k\n"; } # close(FIL); return $k; #exit 0; } ################################ # END OF SUBROUTINE ################################ ########################################### # TRIGGER END TIMESTAMP SUBROUTINE ########################################### sub endtrigger() { $dtstamp= localtime(time); print FIL "\n-----TRIGGER END TIME : $dtstamp-------"; print FIL "\n------------XXXXXX--------------\n"; return; } ############################################ # END OF SUBROUTINE ########################################### ############################################################################################################# # FALL-BACK SUBROUTINE # # THIS SUB-ROUTINE WILL BE FIRED IN THE FOLLOWING INSTANCES: # # 1. TRIGGER SCRIPT IS UNABLE TO FIND A UNIX ACCOUNT FOR THE PEFORCE USER TRYING TO LOGIN. # # 2. LDAP IS DOWN. # # 3. LDAP AUTHENTICATION FOR USER FAILS. TRY LOCAL USER-ID/PASSWORD FILE FOR AUTHENTICATION # # ARGUMENT PASSED TO THIS SUBROUTINE IS CAPTURED IN $reason # $reason = 1 IMPLIES THAT FALLBACK IS USED BECAUSE LDAP IS DOWN # $reason = 2 IMPLIES THAT LDAP AUTHENTICATION FAILED FOR THE USER ################################################################################################################ sub fallback() { $reason=shift(@_); print FIL "\n RESORTING TO FALLBACK PLAN !!\n AUTHENTICATING FALLBACK FOR $user\n"; print FIL "\n REASON FOR USING FALLBACK PLAN : LDAP DOWN\n" if($reason==1); print FIL "\n REASON FOR USING FALLBACK PLAN : LDAP AUTHENTICATION FAILED FOR USER\n" if($reason==2); my $passwd=Authen::Simple::Passwd->new(passwd=>$htpasswd); if($passwd->authenticate($user,$password)) { print FIL "\n SUCCESSFUL IN FALLBACK AUTHENTICATION OF $user!\n------XXXX----\n"; &endtrigger; close(FIL); exit 0; } else { print FIL "\nLDAP bind Failure: $result->code\n"; &endtrigger; close(FIL); die "LDAP bind failure!\n"; } } ######################################################################################################### # END OF FALL-BACK SUBROUTINE ######################################################################################################### ######################################################################################################### # # SUBROUTINE TO CHECK IF LDAP SERVER AND PORT ARE ACTIVE # # ###################################################### # USAGE: THIS FUNCTION WILL BE USED TO CHECK IF THE TRIGGER SHOULD AUTHENTICATE AGAINST LDAP # OR # RESORT TO THE FALLBACK PLAN IN CASE LDAP IS DOWN ######################################################################################################### sub checkportvalidity() { #print "\n HERE NOW-->\n @_\n"; @ARGV=(@_); #print "\n ARGV ARRAY: @ARGV\n"; if ( $ARGV[0] eq "-c" ) { shift(@ARGV); #print "\n NOW...... @ARGV\n"; $max_count = $ARGV[0] ; $option = "TCP" ; $count_enabled = 1 ; #print "\n$option port check with count of $max_count - " ; shift(@ARGV); } else { $option = "TCP" ; print "\n$option port check - " ; } ##### ##### Check that the right amount of arguments are correct ##### there should be two - first is server name, and ##### second is the port number ##### if ( $ARGV[1] eq "" && $ARGV[2] eq "" ) { print "\nYou must pass in the host and port"; print "\nUSAGE : ping_port.pl [-u|-t|-c COUNT] [IPADDRESS] [PORT]"; print "\n"; print "\n"; exit } $target = shift(@ARGV); #print "checking $target...\n"; ##### ##### main section ##### $ip = name($target); $count = 1; $max = $max_count + 1 ; $curr_time=` date '+%m-%d-%Y @ %H:%M:%S' `;chomp($curr_time); if ( $max < 2 ) { $max = 2 } ; foreach $pport (@ARGV) { while ( $count < $max ) { $checkval=check_tcp_port($ip,$pport); return 0 if($checkval==0); #sleep 1; $count = $count + 1 ; if ( $count_enabled != 1 ) { $max = $max + 1 } ; } print "\n"; return 1 if($checkval==1); } ##### ##### Get name or IP, return IP address ##### sub name { my ($host) = @_; eval { my $ipaddr = inet_ntoa(inet_aton($host)); #print "IP for $host :\t$ipaddr\n\n"; return $ipaddr; } || die "Could not find host.\n"; } ##### ##### Check to see if a port is open ##### sub check_tcp_port { my ($host,$pport) = @_; $curr_time=` date '+%m-%d-%Y @ %H:%M:%S' `;chomp($curr_time); $remote = IO::Socket::INET -> new ( Proto => "tcp", Timeout => 3, PeerAddr => $host, PeerPort => $pport ); if ($remote) { close $remote; #print "YAHOO\t$host:$pport ($option) =>\tActive ($count - $curr_time)\n"; return 0; } else { print "$host:$pport ($option) =>\tInactive ($count - $curr_time)\n"; return 1; } } } ######################################################################################################### # END OF LDAP AND PORT CHECK SUBROUTINE ######################################################################################################### ################################################################## # #SEND EMAIL SUBROUTINE IF LOGIN FAILS ################################################################## sub send_email() { $failedlogin=shift @_; chomp($failedlogin); $subject="$failedlogin - PERFORCE LOGIN FAILURE!!"; $message="\tPERFORCE SERVER: pf-sj1-8.sj.abc.com:1690\n\nPLEASE CHECK LOG-FILE /tmp/p4auth-BU-Unit-log.txt"; open(MAIL,"|$sendmail -oi -t"); print MAIL "From:$from\n"; print MAIL "To:$to\n"; print MAIL "Subject:$subject\n\n"; print MAIL "$message\n"; close(MAIL); return; } #################################################################### # END OF SEND EMAIL SUBROUTINE #################################################################### #################################################################### # PASSWORD RETRY SUBROUTINE #################################################################### sub retry_login() { $password_retry--; print "\n PASSWORD-RETRY-COUNT:$password_retry\n"; print "\n INCORRECT UNIX PASSWORD. Please retry entering correct UNIX password\nPassword:"; $password=; $password=~s/\n//; $result=$ldap->bind($dn,password=>$password); return 1 if($result->code); return 0; } #################################################################### # END OF PASSWORD RETRY SUBROUTINE #################################################################### ######################################################################### # SUBROUTINE TO CHECK IF UNIX PASSWORD FOR USER IS REPLICATED ON LDAP ######################################################################### sub test_irvine_ux_password() { print FIL "\n X->TEMP: $user\n"; $cmd="rsh engcm-irva-03.irv.abc.com getent passwd $user|cut -d \":\" -f2"; $val=`$cmd 2>&1`; $val=~s/\*//g; chomp($val); print FIL "\n Value:$val"; return 2 if($val eq "CIFSONLY" || $val eq "AUTOSYNC"); return 0 if($val ne "CIFSONLY" || $val ne "AUTOSYNC"); } ######################################################################### # END OF SUBROUTINE ######################################################################### ########################################################################## # SUBROUTINE TO TRACK THE FAILURE OF LOGINS BY USERS AND EMAIL IF NEED BE ########################################################################## sub failed_login_test() { $tmp_usr_file="$temp_usr_file_path"."$user"; chomp($tmp_usr_file); if(-e $tmp_usr_file) { open(TMPFIL,"$tmp_usr_file") or die "\nCannot open file $tmp_usr_file for read acces: $!\n"; $login_attempt=; close(TMPFIL); chomp($login_attempt); print "\Old-Login-attempt-val:$login_attempt\n"; $login_attempt++; print "\nNew-Login-attempt-val:$login_attempt\n"; if($login_attempt>=3) { $email_tag=0; $login_attempt=0; } open(TMPFIL,">$tmp_usr_file") or die "\nCannot open file $tmp_usr_file for write acces: $!\n"; print TMPFIL "$login_attempt"; close(TMPFIL); } else { $cmd="touch $tmp_usr_file"; $val=`$cmd 2>&1`; if($?) { print FIL "\nUNABLE TO CREATE LOGIN-COUNTER FILE FOR USER $user: $!\n$val\n"; exit 1; } $login_attempt=1; open(TMPFIL,">$tmp_usr_file") or die "\nCannot open file $tmp_usr_file for write acces: $!\n"; print TMPFIL "$login_attempt"; close(TMPFIL); } return 0 if($email_tag==0); return 1 if($email_tag!=0); } ########################################################################## # END OF FAILED LOGIN TEST ########################################################################## ########################################################################## # SEND USER EMAIL SUBROUTINE UPON 3rd FAILURE ATTEMPT TO LOGIN ########################################################################## sub send_user_email() { $user_emailid=shift @_; $ldap_passwd=shift @_; chomp($ldap_passwd); $failedlogin="$user_emailid"; chomp($user_emailid); $user_emailid="$user_emailid"."\@abc.com"; chomp($user_emailid); $to="$to".",$user_emailid"; chomp($to); $subject="$failedlogin - PERFORCE LOGIN FAILURE!!"; $message="Dear BU-Unit Perforce User,\n\nYour third login attempt to Perforce Server: p4-server.abc.com:1690 has failed.\n\nPlease login using your IRVINE UNIX password.\nTHE LDAP TRIGGER IS ENABLED ON THE PERFORCE SERVER.\n\nPlease contact scm-l2-list\@abc.com team OR jsiddaga\@abc.com for help. \n\nThank You!\nEngCM Team" if($ldap_passwd==0); $message="Dear BU-Unit Perforce User,\n\nYour third login attempt to Perforce Server: pf-server.abc.com:1690 has failed.\n\nPlease login using your IRVINE UNIX password.\nTHE LDAP TRIGGER IS ENABLED ON THE PERFORCE SERVER.\n\n --> USER'S PASSWORD NOT ACTIVE IN IRVINE-UNIX <-- \n\n Please contact support\@abc.com team OR p4-admin\@abc.com for help. \n\nThank You!\nEngCM Team" if($ldap_passwd==2); open(MAIL,"|$sendmail -oi -t"); print MAIL "From:$from\n"; print MAIL "To:$to\n"; print MAIL "Subject:$subject\n\n"; print MAIL "$message\n"; close(MAIL); return; } ########################################################################## # END OF SEND-USER-EMAIL SUBROUTINE ##########################################################################