toxerli
Reputation: 17
How to search roles in ldap recursively with Net::LDAP in Ruby
I'm creating a self service with the possibility to grant application roles (defined in a meta [ldap]) for a user. Our structure in the meta is not uniform. It looks like this:
o=meta
ou=Firm
ou=AppRoles
ou=GitLab
cn=Admin
cn=User
ou=SAP
ou=SAPCRT
cn=Admin
cn=User
ou=SAPLST
ou=NW
cn=Admin
cn=User
ou=ST
cn=Admin
cn=User
etc... So you see, the cn (Approle) is not always on the same level.
This is the code I have so far. It finds 'ou's like GitLab Admin and GitLab User. But I need to receive a list with Gitlab Admin, Gitlab User, SAP/SAPCRT Admin, SAP/SAPCRT User, SAP/SAPLST/NW Admin, and so forth.
base = 'ou=AppRoles,ou=Firm,o=META'
filter = Net::LDAP::Filter.begins('ou', query)
How can I setup Net::LDAP to filter/search recursively?
Upvotes: 0
Views: 172
Answers (1)
Dexirian
Reputation: 575
Not sure if this will print all cn's under AppRole, but with the "puts" command you will see the output, could you show us the return of this block of code?
def get_ldap_users(ldap_password)
filter = Net::LDAP::Filter.eq("ou", "AppRoles")
treebase = "dc=yourdomainhere"
get_ldap(ldap_password).search(:base => treebase, :filter => filter) do |entry|
puts "CN: #{entry.cn}"
end
end
Upvotes: 0
Related Questions
- How to query list of objects in an Active Directory OU from Ruby
- Active Directory: get the roles of a user
- LDAP : Find if user is member of group
- Query LDAP to get Role of a User
- Query Ldap for group details using net-ldap library
- Retrieve all users and their roles from LDAP using Java
- Search for "Enabled" users in net-ldap for Ruby
- Ruby LDAP search by encrypted password filter
- Better way to query an LDAP users via ruby net-ldap?
- ActiveLdap find users by attribute