def fetch_ldap_group(self, file): """ fetch group mapping from group ldap server :param file: output file name """ self.logger.info("Fetching ldap groups") settings = Hashtable() settings.put(Context.INITIAL_CONTEXT_FACTORY, self.args[Constant.LDAP_GROUP_CONTEXT_FACTORY_KEY]) settings.put(Context.PROVIDER_URL, self.args[Constant.LDAP_GROUP_CONTEXT_PROVIDER_URL_KEY]) settings.put(Context.SECURITY_PRINCIPAL, self.args[Constant.LDAP_GROUP_CONTEXT_SECURITY_PRINCIPAL_KEY]) settings.put(Context.SECURITY_CREDENTIALS, self.args[Constant.LDAP_GROUP_CONTEXT_SECURITY_CREDENTIALS_KEY]) ctx = InitialDirContext(settings) search_target = "(objectClass=posixGroup)" return_attributes_standard = ['group_id', 'member_ids'] return_attributes_actual = json.loads(self.args[Constant.LDAP_GROUP_SEARCH_RETURN_ATTRS_KEY]) return_attributes_map = dict(zip(return_attributes_standard, return_attributes_actual)) ctls = SearchControls() ctls.setReturningAttributes(return_attributes_actual) ctls.setSearchScope(SearchControls.SUBTREE_SCOPE) ldap_records = [] org_units = json.loads(self.args[Constant.LDAP_GROUP_SEARCH_DOMAINS_KEY]) for search_unit in org_units: results = ctx.search(search_unit, search_target, ctls) for r in results: person_attributes = r.getAttributes() group = person_attributes.get(return_attributes_map['group_id']).get(0) group = re.sub(r"\r|\n", '', group).strip().encode('utf8') # skip special group that contains all group users if group == 'users': continue members = person_attributes.get(return_attributes_map['member_ids']) if members: self.group_map[group] = members sort_id = 0 for member in members.getAll(): member = re.sub(r"\r|\n", '', member).strip().encode('utf8') ldap_group_tuple = [self.group_app_id] ldap_group_tuple.append(group) ldap_group_tuple.append(sort_id) if member in self.ldap_user: ldap_group_tuple.append(self.app_id) else: ldap_group_tuple.append(self.group_app_id) ldap_group_tuple.append(member) ldap_group_tuple.append(self.wh_exec_id) ldap_records.append(ldap_group_tuple) sort_id += 1 else: pass self.logger.info("%d records found in group accounts" % (len(self.group_map))) csv_writer = csv.writer(open(file, "w"), delimiter='\x1a', quoting=csv.QUOTE_MINIMAL, lineterminator="\n") csv_writer.writerows(ldap_records)
def fetch_ldap_group(self, file): """ fetch group mapping from group ldap server :param file: output file name """ settings = Hashtable() settings.put(Context.INITIAL_CONTEXT_FACTORY, self.args[Constant.LDAP_GROUP_CONTEXT_FACTORY_KEY]) settings.put(Context.PROVIDER_URL, self.args[Constant.LDAP_GROUP_CONTEXT_PROVIDER_URL_KEY]) settings.put(Context.SECURITY_PRINCIPAL, self.args[Constant.LDAP_GROUP_CONTEXT_SECURITY_PRINCIPAL_KEY]) settings.put(Context.SECURITY_CREDENTIALS, self.args[Constant.LDAP_GROUP_CONTEXT_SECURITY_CREDENTIALS_KEY]) ctx = InitialDirContext(settings) search_target = "(objectClass=posixGroup)" return_attributes_standard = ['group_id', 'member_ids'] return_attributes_actual = json.loads(self.args[Constant.LDAP_GROUP_SEARCH_RETURN_ATTRS_KEY]) return_attributes_map = dict(zip(return_attributes_standard, return_attributes_actual)) ctls = SearchControls() ctls.setReturningAttributes(return_attributes_actual) ctls.setSearchScope(SearchControls.SUBTREE_SCOPE) ldap_records = [] org_units = json.loads(self.args[Constant.LDAP_GROUP_SEARCH_DOMAINS_KEY]) for search_unit in org_units: results = ctx.search(search_unit, search_target, ctls) for r in results: person_attributes = r.getAttributes() group = person_attributes.get(return_attributes_map['group_id']).get(0) group = re.sub(r"\r|\n", '', group).strip().encode('utf8') # skip special group that contains all group users if group == 'users': continue members = person_attributes.get(return_attributes_map['member_ids']) if members: self.group_map[group] = members sort_id = 0 for member in members.getAll(): member = re.sub(r"\r|\n", '', member).strip().encode('utf8') ldap_group_tuple = [self.group_app_id] ldap_group_tuple.append(group) ldap_group_tuple.append(sort_id) if member in self.ldap_user: ldap_group_tuple.append(self.app_id) else: ldap_group_tuple.append(self.group_app_id) ldap_group_tuple.append(member) ldap_group_tuple.append(self.wh_exec_id) ldap_records.append(ldap_group_tuple) sort_id += 1 else: pass self.logger.info("%d records found in group accounts" % (len(self.group_map))) csv_writer = csv.writer(open(file, "w"), delimiter='\x1a', quoting=csv.QUOTE_MINIMAL, lineterminator="\n") csv_writer.writerows(ldap_records)
def __init__(self, url): env = Hashtable() env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory") env.put(Context.SECURITY_AUTHENTICATION, "none") env.put(Context.PROVIDER_URL, url) ctx = InitialDirContext(env) self.ctx = ctx
def fetch_ldap_user(self, file): """ fetch ldap user from ldap server :param file: output file name """ # Setup LDAP Context Options settings = Hashtable() settings.put(Context.INITIAL_CONTEXT_FACTORY, self.args[Constant.LDAP_CONTEXT_FACTORY_KEY]) settings.put(Context.PROVIDER_URL, self.args[Constant.LDAP_CONTEXT_PROVIDER_URL_KEY]) settings.put(Context.SECURITY_PRINCIPAL, self.args[Constant.LDAP_CONTEXT_SECURITY_PRINCIPAL_KEY]) settings.put(Context.SECURITY_CREDENTIALS, self.args[Constant.LDAP_CONTEXT_SECURITY_CREDENTIALS_KEY]) # Connect to LDAP Server ctx = InitialDirContext(settings) # load the java Hashtable out of the ldap server # Query starting point and query target search_target = '(objectClass=person)' return_attributes_standard = ['user_id', 'distinct_name', 'name', 'display_name', 'title', 'employee_number', 'manager', 'mail', 'department_number', 'department', 'start_date', 'mobile'] return_attributes_actual = self.split_property(self.args[Constant.LDAP_SEARCH_RETURN_ATTRS_KEY]) return_attributes_map = dict(zip(return_attributes_standard, return_attributes_actual)) ctls = SearchControls() ctls.setReturningAttributes(return_attributes_actual) ctls.setSearchScope(SearchControls.SUBTREE_SCOPE) ldap_records = [] # domain format should look like : 'OU=domain1','OU=domain2','OU=domain3,OU=subdomain3' org_units = self.split_property(self.args[Constant.LDAP_SEARCH_DOMAINS_KEY]) for search_unit in org_units: search_result = ctx.search(search_unit, search_target, ctls) # print search_return_attributes for person in search_result: ldap_user_tuple = [self.app_id] if search_unit == self.args[Constant.LDAP_INACTIVE_DOMAIN_KEY]: ldap_user_tuple.append('N') else: ldap_user_tuple.append('Y') person_attributes = person.getAttributes() user_id = person_attributes.get(return_attributes_map['user_id']) user_id = re.sub(r"\r|\n", '', user_id.get(0)).strip().encode('utf8') self.ldap_user.add(user_id) for attr_name in return_attributes_actual: attr = person_attributes.get(attr_name) if attr: attr = re.sub(r"\r|\n", '', attr.get(0)).strip().encode('utf8') # special fix for start_date if attr_name == return_attributes_map['start_date'] and len(attr) == 4: attr += '0101' ldap_user_tuple.append(attr) else: ldap_user_tuple.append("") ldap_user_tuple.append(self.wh_exec_id) ldap_records.append(ldap_user_tuple) self.logger.info("%d records found in ldap search" % (len(self.ldap_user))) csv_writer = csv.writer(open(file, "w"), delimiter='\x1a', quoting=csv.QUOTE_MINIMAL, lineterminator="\n") csv_writer.writerows(ldap_records)
def fetch_ldap_user(self, file): """ fetch ldap user from ldap server :param file: output file name """ # Setup LDAP Context Options settings = Hashtable() settings.put(Context.INITIAL_CONTEXT_FACTORY, self.args[Constant.LDAP_CONTEXT_FACTORY_KEY]) settings.put(Context.PROVIDER_URL, self.args[Constant.LDAP_CONTEXT_PROVIDER_URL_KEY]) settings.put(Context.SECURITY_PRINCIPAL, self.args[Constant.LDAP_CONTEXT_SECURITY_PRINCIPAL_KEY]) settings.put(Context.SECURITY_CREDENTIALS, self.args[Constant.LDAP_CONTEXT_SECURITY_CREDENTIALS_KEY]) # Connect to LDAP Server ctx = InitialDirContext(settings) # load the java Hashtable out of the ldap server # Query starting point and query target search_target = '(objectClass=person)' return_attributes_standard = [ 'user_id', 'distinct_name', 'name', 'display_name', 'title', 'employee_number', 'manager', 'mail', 'department_number', 'department', 'start_date', 'mobile' ] return_attributes_actual = self.split_property( self.args[Constant.LDAP_SEARCH_RETURN_ATTRS_KEY]) return_attributes_map = dict( zip(return_attributes_standard, return_attributes_actual)) ctls = SearchControls() ctls.setReturningAttributes(return_attributes_actual) ctls.setSearchScope(SearchControls.SUBTREE_SCOPE) ldap_records = [] # domain format should look like : 'OU=domain1','OU=domain2','OU=domain3,OU=subdomain3' org_units = self.split_property( self.args[Constant.LDAP_SEARCH_DOMAINS_KEY]) for search_unit in org_units: search_result = ctx.search(search_unit, search_target, ctls) # print search_return_attributes for person in search_result: ldap_user_tuple = [self.app_id] if search_unit == self.args[Constant.LDAP_INACTIVE_DOMAIN_KEY]: ldap_user_tuple.append('N') else: ldap_user_tuple.append('Y') person_attributes = person.getAttributes() user_id = person_attributes.get( return_attributes_map['user_id']) user_id = re.sub(r"\r|\n", '', user_id.get(0)).strip().encode('utf8') self.ldap_user.add(user_id) for attr_name in return_attributes_actual: attr = person_attributes.get(attr_name) if attr: attr = re.sub(r"\r|\n", '', attr.get(0)).strip().encode('utf8') # special fix for start_date if attr_name == return_attributes_map[ 'start_date'] and len(attr) == 4: attr += '0101' ldap_user_tuple.append(attr) else: ldap_user_tuple.append("") ldap_user_tuple.append(self.wh_exec_id) ldap_records.append(ldap_user_tuple) self.logger.info("%d records found in ldap search" % (len(self.ldap_user))) csv_writer = csv.writer(open(file, "w"), delimiter='\x1a', quoting=csv.QUOTE_MINIMAL, lineterminator="\n") csv_writer.writerows(ldap_records)