Skip to content

Instantly share code, notes, and snippets.

@owen2345

owen2345/active directory connection

Last active August 29, 2015 14:02
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save owen2345/27ac51acde4df0ed8f7c to your computer and use it in GitHub Desktop.
Save owen2345/27ac51acde4df0ed8f7c to your computer and use it in GitHub Desktop.
Download ZIP
Ruby 2.0 code snippet
Raw
active directory connection
require 'net-ldap'
class CustomActiveDirectory
def initialize(host, port, base, username, pass)
@ldap = connect(host, port, base, username, pass)
end
def connected?
begin
return @ldap.bind
rescue
return false
end
end
def get_users_from_group(group_dn)
filter = Net::LDAP::Filter.eq("memberof", "#{group_dn}")
@ldap.search(:filter => filter)
end
# incomplete, instead this please use find_user(objectClass, "group")
def list_groups
group_filter = Net::LDAP::Filter.eq("objectClass", "group")
proxy_address_filter = Net::LDAP::Filter.eq("proxyAddresses", "*")
composite_filter = Net::LDAP::Filter.join(group_filter, proxy_address_filter)
@ldap.search(:filter => composite_filter)
end
# incomplete, instead this please use find_user(objectClass, "user|person")
def list_users(type = "person")
group_filter = Net::LDAP::Filter.eq("objectClass", type)
proxy_address_filter = Net::LDAP::Filter.eq("proxyAddresses", "*")
composite_filter = Net::LDAP::Filter.join(group_filter, proxy_address_filter)
@ldap.search(:filter => composite_filter)
end
#query => "(&(cn=Adriana Camacho*)(givenName=Adriana))"
#query => "(&(|(sn=Jones)(sn=Edwards))(!(givenName=David)))"
# info: http://search.cpan.org/~oliver/Net-LDAP-FilterBuilder-1.0004/lib/Net/LDAP/FilterBuilder.pm
def find_user(query, attributes = nil, base = nil)
data = {:filter => query.encode('utf-8')}
data[:attributes] = attributes if attributes.present?
data[:base] = base if base.present?
@ldap.search(data)
end
def authentificate(user, pass)
@ldap.auth user, pass
@ldap.bind
end
def connect(host, port, base, username, pass)
ldap = Net::LDAP.new :host => host,
:port => port,
:base => base,
:auth => { :username => username,
:password => pass,
:method => :simple }
ldap
end
end
######### sample ######
ad = CustomActiveDirectory.new(main_configuration("host_active_directory"), main_configuration("port_active_directory"),
main_configuration("base_active_directory"), main_configuration("user_active_directory"),
main_configuration("pass_active_directory"))
if ad.connected? && ad.authentificate("#{params[:session][:username]}@megaxine.net", params[:session][:password])
ad_user = ad.find_user("(samaccountname=#{params[:session][:username]})").first
if ad_user.present?
unless active_directory_add_user(ad, ad_user)
redirect_to action: "signin", error: "Datos incompletos de AD para ingresar al sistema. Por favor reporte este error a su aministrador."
return
end
user = active_directory_get_user(params[:session][:username])
if user.present?
flash[:notice] = "Sesión iniciada usando su cuenta de Active directory"
do_login_user(user)
else
flash[:notice] = "Usuario logeado en Active directory pero error de acceso al sistema"
redirect_to action: "signin", :redirect_to => session[:return_to]
end
return
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment