Class: Seiso::ImportLdap

Inherits:
Object
  • Object
show all
Defined in:
lib/seiso/import_ldap.rb,
lib/seiso/import_ldap/authentication_failed_error.rb

Overview

Imports LDAP person data into Seiso.

Author

Willie Wheeler ([email protected])

Copyright

Copyright © 2014-2015 Expedia, Inc.

License

Apache 2.0

Defined Under Namespace

Classes: AuthenticationFailedError

Constant Summary collapse

BATCH_SIZE =
20
ACTIVE_DIRECTORY_ATTRS =
[
  "dn",
  "sAMAccountName",
  "name",
  "givenName",
  "sn",
  "title",
  "company",
  "department",
  "division",
  "l",
  "streetAddress",
  "telephoneNumber",
  "mail",
  "manager"
  
  # Not currently using these
  # "objectClass",
  # "objectCategory",
  # "cn",
  # "displayName",
  # "userPrincipalName",
  # "st",
  # "postalCode",
  # "co",
  # "c",
  # "physicalDeliveryOfficeName",
  # "showInAddressBook",
  # "memberOf",
  # "managedObjects",
  # "whenCreated",
  # "whenChanged",
  # "logonCount",
  # "lastLogonTimestamp"
]

Instance Method Summary collapse

Constructor Details

#initialize(ldap_settings, seiso_settings) ⇒ ImportLdap

Creates a new LDAP importer.

  • ldap_settings: Has the following settings

    • host

    • port

    • username

    • password

    • ldap_base_dn: tree base (for searching)

    • ldap_user_dn: user filter (for searching)

  • seiso_settings

See sample-conf for example configurations.


65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
# File 'lib/seiso/import_ldap.rb', line 65

def initialize(ldap_settings, seiso_settings)
  @source = ldap_settings['source']

  # LDAP connector
  @ldap = Net::LDAP.new
  @ldap.host = ldap_settings['host']
  @ldap.port = ldap_settings['port']
  @ldap.auth ldap_settings['username'], ldap_settings['password']

  # Seiso connector
  @seiso = Seiso::Connector.new seiso_settings

  # LDAP search params
  @tree_base = ldap_settings['tree_base']
  @person_filter = Net::LDAP::Filter::FilterParser.parse(ldap_settings['person_filter'])
  puts "tree_base=#{@tree_base}"
  puts "person_filter=#{@person_filter}"
end

Instance Method Details

#import_allObject


84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
# File 'lib/seiso/import_ldap.rb', line 84

def import_all
  if !@ldap.bind
    raise Seiso::ImportLdap::AuthenticationFailedError
  end
  
  # TODO Currently we assume Active Directory. Will generalize if/when somebody asks for it.
  attrs = ACTIVE_DIRECTORY_ATTRS

  # Hash so we can resolve managers by distinguished name (DN)
  users = {}
  @ldap.search(:base => @tree_base, :filter => @person_filter, :attributes => attrs) do |user|
    dn = single_value(user, "dn")
    users[dn] = user
  end

  # Step #1: Delete stale users
  # TODO
  
  # Step #2: Create users
  people = []
  users.each do |dn, user|
    people << to_seiso_person(user)
  end

  # TODO Page this, and use PATCH instead of PUT to avoid nulling out managers
  @seiso.put_items("people", people)
  
  # Step #3: Link managers
  # TODO
end