Class: Adauth::AdObjects::User

Inherits:

Adauth::AdObject

Object
Adauth::AdObject
Adauth::AdObjects::User

show all

Defined in:: lib/adauth/ad_objects/user.rb

Overview

Active Directory User Object

Inherits from Adauth::AdObject

Constant Summary collapse

Fields = Field mapping Maps methods to LDAP fields e.g. :foo => :bar Becomes Computer.name Which calls .name on the LDAP object

{ :login => :samaccountname,
:first_name => :givenname,
:last_name => :sn,
:email => :mail,
:name => :name,
:cn_groups => [ :memberof,
    Proc.new {|g| g.sub(/.*?CN=(.*?),.*/, '\1').to_s} ]
}

ObjectFilter = Object Net::LDAP filter Used to restrict searches to just this object

Net::LDAP::Filter.eq('objectClass', 'user')

Class Method Summary collapse

.authenticate(user, password) ⇒ Object

Returns a connection to AD within the users context, used to check a user credentails.

Instance Method Summary collapse

#add_to_group(group) ⇒ Object

Add the user to the supplied group.
#member_of?(group) ⇒ Boolean

Returns True/False if the user is member of the supplied group.
#remove_from_group(group) ⇒ Object

Remove the user from the supplied group.
#set_password(new_password) ⇒ Object

Changes the password to the supplied value.

Methods inherited from Adauth::AdObject

add_object_filter, all, #cn_groups_nested, #delete, #dn_ous, filter, #groups, #handle_field, #initialize, #is_a_member?, #ldap_object, #members, #method_missing, method_missing, #modify, #ous, reverse_field, where

Constructor Details

This class inherits a constructor from Adauth::AdObject

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class Adauth::AdObject

Class Method Details

.authenticate(user, password) ⇒ `Object`

Returns a connection to AD within the users context, used to check a user credentails

Using this would by pass the group and OU Filtering provided by Adauth#authenticate



35
36
37

# File 'lib/adauth/ad_objects/user.rb', line 35

def self.authenticate(user, password)
    user_connection = Adauth::Connection.new(Adauth.connection_hash(user, password)).bind
end

Instance Method Details

#add_to_group(group) ⇒ `Object`

Add the user to the supplied group

# File 'lib/adauth/ad_objects/user.rb', line 52

def add_to_group(group)
  expects group, Adauth::AdObjects::Group
  group.modify([[:add, :member, @ldap_object.dn]])
end

#member_of?(group) ⇒ `Boolean`

Returns True/False if the user is member of the supplied group

Returns:

(Boolean)



40
41
42

# File 'lib/adauth/ad_objects/user.rb', line 40

def member_of?(group)
    cn_groups.include?(group)
end

#remove_from_group(group) ⇒ `Object`

Remove the user from the supplied group

# File 'lib/adauth/ad_objects/user.rb', line 58

def remove_from_group(group)
  expects group, Adauth::AdObjects::Group
  group.modify([[:delete, :member, @ldap_object.dn]])
end

#set_password(new_password) ⇒ `Object`

Changes the password to the supplied value

# File 'lib/adauth/ad_objects/user.rb', line 45

def set_password(new_password)
  Adauth.logger.info("password management") { "Attempting password reset for #{self.login}" }
  password = microsoft_encode_password(new_password)
  modify([[:replace, :unicodePwd, password]])
end