Asp Forum - ruby net/ldap - comp.lang.ruby

Dave King

4/27/2008 6:01:00 PM

[Note: parts of this message were removed to make it a legal post.]

I need to move some user objects from one OU to another. Is there a way to
do this with net/ldap? This is basically done by renaming the DN, so the CN
stays the same but the rest of whatever changes. Can anyone show me an
example of doing this with net/ldap?

10 Answers

Glen Holcomb

4/28/2008 3:05:00 PM

[Note: parts of this message were removed to make it a legal post.]

On Sun, Apr 27, 2008 at 12:00 PM, Dave Smith <noobprog@gmail.com> wrote:

> I need to move some user objects from one OU to another. Is there a way
> to
> do this with net/ldap? This is basically done by renaming the DN, so the
> CN
> stays the same but the rest of whatever changes. Can anyone show me an
> example of doing this with net/ldap?
>

I was wanting to do the same thing recently. However it looks like all you
can do directly is change the cn (the dn is untouchable directly). You
could always read the data into memory, delete the origional entry, and
create a new one with the original data.

--
"Hey brother Christian with your high and mighty errand, Your actions speak
so loud, I can't hear a word you're saying."

-Greg Graffin (Bad Religion)

rvd5star

5/12/2008 8:10:00 AM

I also need to do the same thing like adding new groups and assigning
users
to existing groups using ruby-net-ldap. However, the library doesn't
seem to support it.
If we delete the old cn and create a new one, the unicodePwd and other
attributes might
not be able to be replicated to the new entry.

I'm thinking of using the ActiveLDAP because it is capable of managing
the user Groups.
But I want to support a dynamic connection to secondary AD servers.
I'm not sure if it can be
supported in ActiveLDAP.

On Apr 28, 11:04 pm, Glen Holcomb <damnbig...@gmail.com> wrote:
> [Note: parts of this message were removed to make it a legal post.]
>
> On Sun, Apr 27, 2008 at 12:00 PM, Dave Smith <noobp...@gmail.com> wrote:
> > I need to move some user objects from one OU to another. Is there a way
> > to
> > do this with net/ldap? This is basically done by renaming the DN, so the
> > CN
> > stays the same but the rest of whatever changes. Can anyone show me an
> > example of doing this with net/ldap?
>
> I was wanting to do the same thing recently. However it looks like all you
> can do directly is change the cn (the dn is untouchable directly). You
> could always read the data into memory, delete the origional entry, and
> create a new one with the original data.
>
> --
> "Hey brother Christian with your high and mighty errand, Your actions speak
> so loud, I can't hear a word you're saying."
>
> -Greg Graffin (Bad Religion)

Kouhei Sutou

5/12/2008 11:18:00 AM

Hi,

In <09099394-4c41-4c7a-b4c2-11d9c7f4622a@y22g2000prd.googlegroups.com>
"Re: ruby net/ldap" on Mon, 12 May 2008 17:10:12 +0900,
rvd5star <callmervd@gmail.com> wrote:

> But I want to support a dynamic connection to secondary AD servers.
> I'm not sure if it can be
> supported in ActiveLDAP.

I think it can be supported.

Thanks,
--
kou

rvd5star

5/12/2008 2:05:00 PM

Hi,

Thank you for your reply.
By the way, can ActiveLdap work on ActiveDirectory server?

Thanks,

On May 12, 7:17 pm, Kouhei Sutou <k...@cozmixng.org> wrote:
> Hi,
>
> In <09099394-4c41-4c7a-b4c2-11d9c7f46...@y22g2000prd.googlegroups.com>
> "Re: ruby net/ldap" on Mon, 12 May 2008 17:10:12 +0900,
> rvd5star <callme...@gmail.com> wrote:
>
> > But I want to support a dynamic connection to secondary AD servers.
> > I'm not sure if it can be
> > supported in ActiveLDAP.
>
> I think it can be supported.
>
> Thanks,
> --
> kou

Glen Holcomb

5/12/2008 2:54:00 PM

[Note: parts of this message were removed to make it a legal post.]

On Mon, May 12, 2008 at 8:10 AM, rvd5star <callmervd@gmail.com> wrote:

> Hi,
>
> Thank you for your reply.
> By the way, can ActiveLdap work on ActiveDirectory server?
>
> Thanks,
>
>
> On May 12, 7:17 pm, Kouhei Sutou <k...@cozmixng.org> wrote:
> > Hi,
> >
> > In <09099394-4c41-4c7a-b4c2-11d9c7f46...@y22g2000prd.googlegroups.com>
> > "Re: ruby net/ldap" on Mon, 12 May 2008 17:10:12 +0900,
> > rvd5star <callme...@gmail.com> wrote:
> >
> > > But I want to support a dynamic connection to secondary AD servers.
> > > I'm not sure if it can be
> > > supported in ActiveLDAP.
> >
> > I think it can be supported.
> >
> > Thanks,
> > --
> > kou
>
>
>
Assigning users to existing groups is not a problem at all with
ruby-net-ldap. I do that now. You just need to understand Active
Directory. You need to add them to the member attribute.

--
"Hey brother Christian with your high and mighty errand, Your actions speak
so loud, I can't hear a word you're saying."

-Greg Graffin (Bad Religion)

rvd5star

5/13/2008 1:50:00 AM

Hello Glen,

Could you show me a code snippet on how to assign a member to an
existing group?
Since ActiveLdap is quite slower than ruby-net-ldap, I was thinking of
using
both libraries. I'll use ruby-net-ldap for managing users and
activeldap for managing
groups.

What do you think? Any advice?

Thanks.

On May 12, 10:53 pm, Glen Holcomb <damnbig...@gmail.com> wrote:
> [Note: parts of this message were removed to make it a legal post.]
>
>
>
> On Mon, May 12, 2008 at 8:10 AM, rvd5star <callme...@gmail.com> wrote:
> > Hi,
>
> > Thank you for your reply.
> > By the way, can ActiveLdap work on ActiveDirectory server?
>
> > Thanks,
>
> > On May 12, 7:17 pm, Kouhei Sutou <k...@cozmixng.org> wrote:
> > > Hi,
>
> > > In <09099394-4c41-4c7a-b4c2-11d9c7f46...@y22g2000prd.googlegroups.com>
> > > "Re: ruby net/ldap" on Mon, 12 May 2008 17:10:12 +0900,
> > > rvd5star <callme...@gmail.com> wrote:
>
> > > > But I want to support a dynamic connection to secondary AD servers.
> > > > I'm not sure if it can be
> > > > supported in ActiveLDAP.
>
> > > I think it can be supported.
>
> > > Thanks,
> > > --
> > > kou
>
> Assigning users to existing groups is not a problem at all with
> ruby-net-ldap. I do that now. You just need to understand Active
> Directory. You need to add them to the member attribute.
>
> --
> "Hey brother Christian with your high and mighty errand, Your actions speak
> so loud, I can't hear a word you're saying."
>
> -Greg Graffin (Bad Religion)

rvd5star

5/13/2008 2:14:00 AM

One more thing, when I try to establish connection to
our AD server using the Base.establish_connection(), I get
an "nil". Does it mean that the connection fails?

I also want to connect thru SSL. Is there anything that
I need to consider?

On May 13, 9:49 am, rvd5star <callme...@gmail.com> wrote:
> Hello Glen,
>
> Could you show me a code snippet on how to assign a member to an
> existing group?
> Since ActiveLdap is quite slower than ruby-net-ldap, I was thinking of
> using
> both libraries. I'll use ruby-net-ldap for managing users and
> activeldap for managing
> groups.
>
> What do you think? Any advice?
>
> Thanks.
>
> On May 12, 10:53 pm, Glen Holcomb <damnbig...@gmail.com> wrote:
>
> > [Note: parts of this message were removed to make it a legal post.]
>
> > On Mon, May 12, 2008 at 8:10 AM, rvd5star <callme...@gmail.com> wrote:
> > > Hi,
>
> > > Thank you for your reply.
> > > By the way, can ActiveLdap work on ActiveDirectory server?
>
> > > Thanks,
>
> > > On May 12, 7:17 pm, Kouhei Sutou <k...@cozmixng.org> wrote:
> > > > Hi,
>
> > > > In <09099394-4c41-4c7a-b4c2-11d9c7f46...@y22g2000prd.googlegroups.com>
> > > > "Re: ruby net/ldap" on Mon, 12 May 2008 17:10:12 +0900,
> > > > rvd5star <callme...@gmail.com> wrote:
>
> > > > > But I want to support a dynamic connection to secondary AD servers.
> > > > > I'm not sure if it can be
> > > > > supported in ActiveLDAP.
>
> > > > I think it can be supported.
>
> > > > Thanks,
> > > > --
> > > > kou
>
> > Assigning users to existing groups is not a problem at all with
> > ruby-net-ldap. I do that now. You just need to understand Active
> > Directory. You need to add them to the member attribute.
>
> > --
> > "Hey brother Christian with your high and mighty errand, Your actions speak
> > so loud, I can't hear a word you're saying."
>
> > -Greg Graffin (Bad Religion)

Kouhei Sutou

5/13/2008 2:39:00 AM

Hi,

2008/5/13 rvd5star <callmervd@gmail.com>:
> One more thing, when I try to establish connection to
> our AD server using the Base.establish_connection(), I get
> an "nil". Does it mean that the connection fails?

No.

> I also want to connect thru SSL. Is there anything that
> I need to consider?

establish_connection(:method => :ssl) # or :tls

Thanks,
--
kou

Glen Holcomb

5/13/2008 1:04:00 PM

[Note: parts of this message were removed to make it a legal post.]

On Mon, May 12, 2008 at 8:38 PM, Kouhei Sutou <kou@cozmixng.org> wrote:

> Hi,
>
> 2008/5/13 rvd5star <callmervd@gmail.com>:
> > One more thing, when I try to establish connection to
> > our AD server using the Base.establish_connection(), I get
> > an "nil". Does it mean that the connection fails?
>
> No.
>
> > I also want to connect thru SSL. Is there anything that
> > I need to consider?
>
> establish_connection(:method => :ssl) # or :tls
>
>
> Thanks,
> --
> kou
>
>
for course in self.courses
ldap.add_attribute("cn=#{course.full_title}," +
@@lab_env[lab][:group_container_path], :member, "cn=#{self.user_name}," +
@@lab_env[lab][:user_container_path])
end

I will translate here:

ldap.add_attribute("full group dn", :member, "full user dn")

--
"Hey brother Christian with your high and mighty errand, Your actions speak
so loud, I can't hear a word you're saying."

-Greg Graffin (Bad Religion)

Kouhei Sutou

5/13/2008 1:22:00 PM

Hi,

2008/5/13 Glen Holcomb <damnbigman@gmail.com>:

> for course in self.courses
> ldap.add_attribute("cn=#{course.full_title}," +
> @@lab_env[lab][:group_container_path], :member, "cn=#{self.user_name}," +
> @@lab_env[lab][:user_container_path])
> end
>
> I will translate here:
>
> ldap.add_attribute("full group dn", :member, "full user dn")

In ActiveLdap:
courses.each do |course|
course.members << user
end

Thanks,
--
kou

comp.lang.ruby

ruby net/ldap

Dave King

Glen Holcomb

rvd5star

Kouhei Sutou

rvd5star

Glen Holcomb

rvd5star

rvd5star

Kouhei Sutou

Glen Holcomb

Kouhei Sutou

x Login to ForumsZone