Class: PasswordExpirationNotifier::LDAP

Inherits:

Object

• Object
• PasswordExpirationNotifier::LDAP

Defined in:

lib/password_expiration_notifier/ldap.rb

Class Method Summary

• .windows_time_to_ruby_time(windows_time) ⇒ Object

Instance Method Summary

• #add_filter(key, value) ⇒ Object
• #initialize(conf) ⇒ LDAP constructor

  A new instance of LDAP.

• #users(key = nil, value = nil) ⇒ Object

Constructor Details

#initialize(conf) ⇒ LDAP

Returns a new instance of LDAP.

# File 'lib/password_expiration_notifier/ldap.rb', line 6

def initialize(conf)
  opt = conf.ldap.to_h
  opt[:auth] = {
    username: conf.ldap.user,
    password: conf.ldap.password,
    method:   :simple
  }
  @filters = []
  @connection = Net::LDAP.new(opt)
end

Class Method Details

.windows_time_to_ruby_time(windows_time) ⇒ Object

# File 'lib/password_expiration_notifier/ldap.rb', line 43

def windows_time_to_ruby_time(windows_time)
  unix_time = (windows_time.to_i)/10000000-11644473600
  Time.at(unix_time)
end

Instance Method Details

#add_filter(key, value) ⇒ Object

# File 'lib/password_expiration_notifier/ldap.rb', line 17

def add_filter(key, value)
  @filters << Net::LDAP::Filter.eq(key, value)
end

#users(key = nil, value = nil) ⇒ Object

# File 'lib/password_expiration_notifier/ldap.rb', line 21

def users(key = nil, value = nil)
  users = {}
  if @connection.bind
    filter = @filters.inject {|f1, f2| f1 & f2}
    @connection.search(filter: filter, return_result: false) do |entry|
      # UserAccountControl flag 0x0002 => ACCOUNTDISABLE
      # see https://support.microsoft.com/en-us/kb/305144
      next unless entry['UserAccountControl'].first.to_i & 0x0002 == 0
      entries = {}
      entry.each do |attr, values|
        entries[attr] = values.size == 1 ? values.first : values
      end
      users[entry['sAMAccountName'].first] = entries
    end
  end
  users.map do |k,v|
    v[:pwdlastset] = LDAP.windows_time_to_ruby_time(v[:pwdlastset])
    [k, v]
  end
end