Active Directory Module for Ruby

This module enables effortless interaction with Active Directory servers.

It is built atop the Ruby/LDAP extension with explicit support for the idiosyncrasies of Microsoft Windows Servers and the LDAP objects defined therein. This includes support for:

  • Users (objectClass=user)

  • Groups (objectClass=group)

  • Additional objects will be supported in future releases (e.g. Computers, Printers, etc)

Installation

RubyGems

The preferred method if installing the Active Directory Module for Ruby is with RubyGems. Installing with RubyGems is as simple as typing:

gem install activedirectory-x.x.x.gem

If you did not download the gem file and instead have the source distribution extracted you may create a gem by typing:

rake package

in the directory containing the Active Directory Module for Ruby source.

Source

If you prefer not to use RubyGems to install the library, you may install the module from source by typing:

ruby install.rb

in the directory containing the Active Directory Module for Ruby source.

Usage Instructions

Including the module

Once installed, you must include the ActiveDirectory module into your project. If you are using RubyGems, use:

require_gem "activedirectory"

Otherwise, include the module with:

require "activedirectory"

Configuring your Active Directory instance

Interacting with an Active Directory instance requires that you first configure the connection to a Windows domain controller. This configuration needs to be called only once when your application starts up. If you are using this module within a Ruby on Rails application, you would place this in your environment.rb file.

ActiveDirectory::Base.server_settings = {
  :host     => "server.example.com",
  :username => "username",
  :password => "password",
  :domain   => "example.com",
  :base_dn  => "DC=example,DC=com"
}

Once ActiveDirectory::Base has been configured, any call into the API will open a new connection to the server on-demand (or use an existing open connection).

Example Usage

User Objects

Locating users within a directory is very flexible. You may load individual users by their account name (sAMAccountName), their distinguished name (dn), or any number of users based on the criteria used in your LDAP search base and filters.

# Load all users (including disabled) within the default Base DN.
all_users      = ActiveDirectory::User.find(:all)

# Load all disabled users within the default Base DN.
disabled_users = ActiveDirectory::User.find(:all,
                   :filter => "(userAccountControl=514)")

# Load all users who are in the Managers organizational unit whose accounts
# are not disabled.
managers       = ActiveDirectory::User.find(:all,
                   :base   => "OU=Managers,DC=example,DC=com",
                   :filter => "(userAccountControl=512)")

# Load the user "John Doe" by his sAMAccountName.
user = ActiveDirectory::User.find("jdoe")

# Load the user "John Doe" by his distinguished name (DN).
user = ActiveDirectory::User.find("CN=John Doe,CN=Users,DC=example,DC=com")

Group Objects

Locating Groups is just as simple as Users, however, you must provide a Distinguished Name (DN) for loading.

# Load all groups within the default Base DN.
all_groups = ActiveDirectory::Group.find(:all)

# Load the "Developers" group by its distinguished name (DN).
developers = ActiveDirectory::Group.find("CN=Developers,DC=example,DC=com")

License

The Active Directory Module for Ruby module is licensed under the MIT License.

Copyright (c) 2005-2006 Justin Mecham

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to
deal in the Software without restriction, including without limitation the
rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
sell copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
IN THE SOFTWARE.

Contact

The Active Directory Module for Ruby is developed and maintained by Justin Mecham (jmecham@[email protected]).