L

ldap-admin

Some ruby code written to manage an ldap directory.

0cd1e155 fix in README.md · by Georg Hopp

ldap-admin

A tool to manage users in an LDAP dictionary or a MySQL database.

unfinished

Synopsis

The DN's used in tester.rb are obviously not applicable for other sites. Additionally they do not reflect the current structure used here at weird-web-workers.org.

To test anything you need to have a directory and use fitting DN's for testing.

Description

What is there

  • Various data-models (user, group, mailAccount, mailALias, etc.)
  • These might be stored in different storage backends
  • These storage engines are queried with different query languages.
  • The model specifies which data is queried.
  • The storage engine decides how the data is queried.

Conflict: With ldap it is difficult to separate the which from the how.

Possible solution: Some kind of factory that initializes the concrete database by the class of the model and the class of the storage engine.

Alternative: Instead of a separate factory it might be feasable to create a generic database class with a method to create an instance by a given model.

Problem: Then the database class has to know the initialization information for the associated model, which is an implementation detail of the model in fact. So this information should come from somewhere else but probably not from the model, because it probably also needs implementation details of the database class.

Maybe: it is possible to do something by nameing conventions. But it might be cleaner to have a separate configuration file for each storage backend in which the necessary informations for the queries of the models can be configured.

A yaml file for this might look like this: (ldap.yml)

ldap: # => wenn es pro Datenbank ne eigenen datei gibt ist das nicht noetig
 host: host.one.virtual
 port: 389
 queries:
  User:
   baseDn: ou=user,o=system,dc=weird-web-workers,dc=org
   filter: (objectClass=posixAccount)
  Group:
   baseDn: ou=group,o=system,dc=weird-web-workers,dc=org
   filter: (objectClass=posixGroup)

...

As an alternative of a single mapping file we could create one mapping file for each mode / storage backend combination. These would be very small and fast readable.

Filesystem structure:

model - user.rb
      - group.rb
      - site.rb
      - mailalias_role.rb
      - mailalias_person.rb
      - mailaccount.rb
data - ldap.rb
data - config - ldap.yml
adapter - ldap.rb
        - config - ldap - user.yml
                        - group.yml
                        - site.yml
                        - mailalias_role.yml
                        - mailalias_person.yml
                        - mailaccount.yml

Requirements

  • A running test dictionary or database
  • Ruby

Dependencies

unknown

Contributing

Just email me.

License

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.

Author

Georg Hopp georg@steffers.org