Module: AdSearch

Defined in:
lib/ad_search.rb,
lib/ad_search/version.rb

Overview

Search Active Directory and get a hash in return

Constant Summary collapse

BIGEPOCH =

Microsoft Active Directories way of keeping track of time: BIGEPOCH (01/01/1970) is 116444916000000000 “100 nanosecond intervals since 01/01/1601”

116444916000000000
VERSION = 
"0.0.2"

Class Method Summary collapse

Class Method Details

.active_account?(ad_object) ⇒ Boolean

Returns:

  • (Boolean) 


81
82
83
84
85
86
87
88
89
90
91
 
# File 'lib/ad_search.rb', line 81

def self.active_account?(ad_object)
  #See if account is disabled or the account is expired
  tmpuac = ad_object.userAccountControl[0].to_i
  if tmpuac & 2 == 2
    return false
  elsif ad_object.accountExpires[0].to_i != 0 and Time.now > Time.at((ad_object.accountExpires[0].to_i - BIGEPOCH) / 10000000) #Microsoft to epoch time
    return false
  else
    return true
  end
end

.connect_to_ad(username, password, domain, host, base) ⇒ Object

Connection to Active Directory



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
 
# File 'lib/ad_search.rb', line 9

def self.connect_to_ad(username, password, domain, host, base)
  ldap = Net::LDAP.new :host => host,
                       :port => 389,
                       :base => base,
                       :auth => {
                           :method => :simple,
                           :username => username + '@' + domain,
                           :password => password
                       }
  if ldap.bind
    return ldap
  else
    raise 'authentication failed'
  end
end

.search_active_users_by_username(ad_connection, search_term, treebase) ⇒ Object 



25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
 
# File 'lib/ad_search.rb', line 25

def self.search_active_users_by_username(ad_connection, search_term, treebase)
  users = Hash.new

  #Create a filter based on the username
  filter = Net::LDAP::Filter.eq("sAMAccountName", search_term)
  #Create a 2nd filter that makes sure we are only searching on users
  filter2 = Net::LDAP::Filter.eq("objectCategory", "organizationalPerson")
  #Join the filters together
  joined_filter = Net::LDAP::Filter.join(filter, filter2)

  count = 0
  ad_connection.search(:base => treebase, :filter => joined_filter) do |entry|
    if active_account?(entry)
      username = entry.sAMAccountName.to_s[2..-3]
      #Split the first name and last name and remove un-needed characters
      name = entry.name.to_s
      name_length = name.length
      name = name[2..-3].split
      begin
        manager = entry.manager.to_s.split(',')
        manager = manager[0][5..-1]
      rescue
        manager = 'Manager is not set'
      end
      begin
        title =  entry.title.to_s[2..-3]
      rescue
        title = 'Title is not set'
      end
      begin
        office = entry.physicaldeliveryofficename.to_s[2..-3]
      rescue
        office = 'Office is not set'
      end
      begin
        email = entry.mail.to_s[2..-3]
      rescue
        email = 'Email is not set'
      end

      users[username] = 	{"first_name" => name[0],
                           "last_name" => name[1],
                           "username" => username,
                           "title" => title,
                           "office" => office,
                           "email" => email
                           #"manager" => manager
      }
      count = count + 1
    end
  end
  return users
end