ruby net/ldap

[Dave Smith]

[Note: parts of this message were removed to make it a legal post.]

I need to move some user objects from one OU to another. Is there a way to
do this with net/ldap? This is basically done by renaming the DN, so the CN
stays the same but the rest of whatever changes. Can anyone show me an
example of doing this with net/ldap?

 

[Glen Holcomb]

[Note: parts of this message were removed to make it a legal post.]

I need to move some user objects from one OU to another. Is there a way
to
do this with net/ldap? This is basically done by renaming the DN, so the
CN
stays the same but the rest of whatever changes. Can anyone show me an
example of doing this with net/ldap?

I was wanting to do the same thing recently. However it looks like all you
can do directly is change the cn (the dn is untouchable directly). You
could always read the data into memory, delete the origional entry, and
create a new one with the original data.

 

[rvd5star]

I also need to do the same thing like adding new groups and assigning
users
to existing groups using ruby-net-ldap. However, the library doesn't
seem to support it.
If we delete the old cn and create a new one, the unicodePwd and other
attributes might
not be able to be replicated to the new entry.

I'm thinking of using the ActiveLDAP because it is capable of managing
the user Groups.
But I want to support a dynamic connection to secondary AD servers.
I'm not sure if it can be
supported in ActiveLDAP.

[Note: parts of this message were removed to make it a legal post.]

I need to move some user objects from one OU to another. Is there a way
to
do this with net/ldap? This is basically done by renaming the DN, so the
CN
stays the same but the rest of whatever changes. Can anyone show me an
example of doing this with net/ldap?

I was wanting to do the same thing recently. However it looks like all you
can do directly is change the cn (the dn is untouchable directly). You
could always read the data into memory, delete the origional entry, and
create a new one with the original data.

--
"Hey brother Christian with your high and mighty errand, Your actions speak
so loud, I can't hear a word you're saying."

-Greg Graffin (Bad Religion)

 

[Kouhei Sutou]

Hi,

In <09099394-4c41-4c7a-b4c2-11d9c7f4622a@y22g2000prd.googlegroups.com>
"Re: ruby net/ldap" on Mon, 12 May 2008 17:10:12 +0900,

But I want to support a dynamic connection to secondary AD servers.
I'm not sure if it can be
supported in ActiveLDAP.

I think it can be supported.


Thanks,

 

[rvd5star]

Hi,

Thank you for your reply.
By the way, can ActiveLdap work on ActiveDirectory server?

Thanks,

 

[Glen Holcomb]

[Note: parts of this message were removed to make it a legal post.]

Hi,

Thank you for your reply.
By the way, can ActiveLdap work on ActiveDirectory server?

Thanks,

Assigning users to existing groups is not a problem at all with
ruby-net-ldap. I do that now. You just need to understand Active
Directory. You need to add them to the member attribute.

 

[rvd5star]

Hello Glen,

Could you show me a code snippet on how to assign a member to an
existing group?
Since ActiveLdap is quite slower than ruby-net-ldap, I was thinking of
using
both libraries. I'll use ruby-net-ldap for managing users and
activeldap for managing
groups.

What do you think? Any advice?

Thanks.

[Note: parts of this message were removed to make it a legal post.]

Hi,

Thank you for your reply.
By the way, can ActiveLdap work on ActiveDirectory server?

Assigning users to existing groups is not a problem at all with
ruby-net-ldap. I do that now. You just need to understand Active
Directory. You need to add them to the member attribute.

--
"Hey brother Christian with your high and mighty errand, Your actions speak
so loud, I can't hear a word you're saying."

-Greg Graffin (Bad Religion)

 

[rvd5star]

One more thing, when I try to establish connection to
our AD server using the Base.establish_connection(), I get
an "nil". Does it mean that the connection fails?

I also want to connect thru SSL. Is there anything that
I need to consider?

Hello Glen,

Could you show me a code snippet on how to assign a member to an
existing group?
Since ActiveLdap is quite slower than ruby-net-ldap, I was thinking of
using
both libraries. I'll use ruby-net-ldap for managing users and
activeldap for managing
groups.

What do you think? Any advice?

Thanks.

[Note: parts of this message were removed to make it a legal post.]

Assigning users to existing groups is not a problem at all with
ruby-net-ldap. I do that now. You just need to understand Active
Directory. You need to add them to the member attribute.

-Greg Graffin (Bad Religion)

 

[Kouhei Sutou]

Hi,

One more thing, when I try to establish connection to
our AD server using the Base.establish_connection(), I get
an "nil". Does it mean that the connection fails?
No.

I also want to connect thru SSL. Is there anything that
I need to consider?

establish_connectionmethod => :ssl) # or :tls


Thanks,

 

[Glen Holcomb]

[Note: parts of this message were removed to make it a legal post.]

Hi,



establish_connectionmethod => :ssl) # or :tls


Thanks,

for course in self.courses
ldap.add_attribute("cn=#{course.full_title}," +
@@lab_env[lab][:group_container_path], :member, "cn=#{self.user_name}," +
@@lab_env[lab][:user_container_path])
end

I will translate here:

ldap.add_attribute("full group dn", :member, "full user dn")

 

[Kouhei Sutou]

Hi,

for course in self.courses
ldap.add_attribute("cn=#{course.full_title}," +
@@lab_env[lab][:group_container_path], :member, "cn=#{self.user_name}," +
@@lab_env[lab][:user_container_path])
end

I will translate here:

ldap.add_attribute("full group dn", :member, "full user dn")

In ActiveLdap:
courses.each do |course|
course.members << user
end


Thanks,