Class: Seiso::ImportLdap

Inherits:
Object
  • Object
show all
Defined in:
lib/seiso/import_ldap.rb,
lib/seiso/import_ldap/authentication_failed_error.rb

Overview

Imports LDAP person data into Seiso.

Author

Willie Wheeler ([email protected])

Copyright

Copyright © 2014-2015 Expedia, Inc.

License

Apache 2.0

Defined Under Namespace

Classes: AuthenticationFailedError

Constant Summary collapse

BATCH_SIZE = 
20
ACTIVE_DIRECTORY_ATTRS =

Active Directory: msdn.microsoft.com/en-us/library/ms675090(v=vs.85).aspx

[
  "dn",
  "sAMAccountName",
  "name",
  "givenName",
  "sn",
  "title",
  "company",
  "department",
  "division",
  "l",
  "streetAddress",
  "telephoneNumber",
  "mail",
  "manager"
  
  # Not currently using these
  # "objectClass",
  # "objectCategory",
  # "cn",
  # "displayName",
  # "userPrincipalName",
  # "st",
  # "postalCode",
  # "co",
  # "c",
  # "physicalDeliveryOfficeName",
  # "showInAddressBook",
  # "memberOf",
  # "managedObjects",
  # "whenCreated",
  # "whenChanged",
  # "logonCount",
  # "lastLogonTimestamp"
]

Instance Method Summary collapse

Constructor Details

#initialize(ldap_settings, seiso_settings) ⇒ ImportLdap

Creates a new LDAP importer.

  • ldap_settings: Has the following settings

    • host

    • port

    • username

    • password

    • ldap_base_dn: tree base (for searching)

    • ldap_user_dn: user filter (for searching)

  • seiso_settings

See sample-conf for example configurations.



65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
 
# File 'lib/seiso/import_ldap.rb', line 65

def initialize(ldap_settings, seiso_settings)
  @source = ldap_settings['source']

  # LDAP connector
  @ldap = Net::LDAP.new
  @ldap.host = ldap_settings['host']
  @ldap.port = ldap_settings['port']
  @ldap.auth ldap_settings['username'], ldap_settings['password']

  # Seiso connector
  @seiso = Seiso::Connector.new seiso_settings

  # LDAP search params
  @tree_base = ldap_settings['tree_base']
  @person_filter = Net::LDAP::Filter::FilterParser.parse(ldap_settings['person_filter'])
  puts "tree_base=#{@tree_base}"
  puts "person_filter=#{@person_filter}"
end

Instance Method Details

#import_allObject 



92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
 
# File 'lib/seiso/import_ldap.rb', line 92

def import_all
  if !ldap.bind
    raise Seiso::ImportLdap::AuthenticationFailedError
  end
  
  # TODO Currently we assume Active Directory. Will generalize if/when somebody asks for it.
  attrs = ACTIVE_DIRECTORY_ATTRS

  # Hash so we can resolve managers by distinguished name (DN)
  users = {}
  ldap.search(:base => @tree_base, :filter => @person_filter, :attributes => attrs) do |user|
    dn = single_value(user, "dn")
    users[dn] = user
  end

  # Step #1: Delete stale users
#      seiso_users = seiso.get_keys("people", @source, 0)
#      puts seiso_users
  # TODO
  
  # Step #2: Create users
  people = []
  users.each do |dn, user|
    people << to_seiso_person(user)
  end

  # TODO Page this, and use PATCH instead of PUT to avoid nulling out managers
  seiso.post_items("people", people)
  
  # Step #3: Link managers
  # TODO
end

#ldapObject 



84
85
86
 
# File 'lib/seiso/import_ldap.rb', line 84

def ldap
  @ldap
end

#seisoObject 



88
89
90
 
# File 'lib/seiso/import_ldap.rb', line 88

def seiso
  @seiso
end