open_directory_utils 0.1.6 → 0.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +2 -2
- data/README.md +17 -5
- data/examples/create_od_users.rb +1 -1
- data/examples/relations.yml +48 -0
- data/examples/update_relationship.rb +48 -0
- data/lib/open_directory_utils/clean_check.rb +4 -4
- data/lib/open_directory_utils/commands_base.rb +9 -5
- data/lib/open_directory_utils/{commands_group_create_remove.rb → commands_groups.rb} +2 -43
- data/lib/open_directory_utils/commands_user_attribs.rb +437 -20
- data/lib/open_directory_utils/commands_user_create_remove.rb +71 -349
- data/lib/open_directory_utils/connection.rb +3 -4
- data/lib/open_directory_utils/version.rb +1 -1
- metadata +5 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6de1c571a212c010b912433a24f7a277e07c5744f65af17d9384671fd70d48ad
|
4
|
+
data.tar.gz: fc5069610163e65864a51579d095fc58cef7f4a9b6120f69013fd6a4e6ba95e7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6a12c8b2e7c1fc858d82a7b144332255fea5acca0c835d45b962fa9f4a8a7d16b741dc429851e40dcc535cda7f0dfe2403399972695f7c4e126d2e5253894005
|
7
|
+
data.tar.gz: 01217a3e336327a79a436c13701faa1d0e73bcd828416da3108f19203de68f259f8166868fc72d2fc1641a857bad2466b8572754bf6e3eebf6363ea0d12b1c6f
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
@@ -7,13 +7,25 @@ One can also build custom DSCL commands and send them to the server as needed to
|
|
7
7
|
|
8
8
|
## Change Log
|
9
9
|
|
10
|
-
* **v0.1.
|
11
|
-
|
12
|
-
* **v0.1.
|
13
|
-
|
10
|
+
* **v0.1.8** - 2018-06-??
|
11
|
+
- remove attribs[:value] side effect (return original attribs - always)
|
12
|
+
* **v0.1.7** - 2018-06-19
|
13
|
+
- add update user method
|
14
|
+
- fix unused variable warnings
|
15
|
+
- attributes separated from users_creation_delete_update
|
16
|
+
- able to create and update accounts with relationships & OrganizationInfo
|
17
|
+
* **v0.1.6** - 2018-06-18
|
18
|
+
- fixed EMailAddress (was incorrectly EMailAttribute)
|
19
|
+
* **v0.1.5**
|
20
|
+
- 2018-06-14 - add version number to connection for easy checking
|
21
|
+
* **v0.1.4** - 2018-06-13
|
22
|
+
- changed the return hash to {response: xxx, status: 'success'}
|
23
|
+
* **v0.1.3** - 2018-06-13
|
24
|
+
- able to sync all fields in typcial OD
|
14
25
|
- refactored results code (ssh_cmds have redacted passwords)
|
15
26
|
- finished adding pre-built od commands for users - good for syncing accounts
|
16
|
-
* **v0.1.2** - 2018-06-09
|
27
|
+
* **v0.1.2** - 2018-06-09
|
28
|
+
- all user creation features enabled
|
17
29
|
- user creation will add user to a group if group_name present
|
18
30
|
- new accounts disabled by default (w/ option to enable on creation)
|
19
31
|
- now repo includes example code (to create accounts)
|
data/examples/create_od_users.rb
CHANGED
@@ -0,0 +1,48 @@
|
|
1
|
+
---
|
2
|
+
# preferred with first name, last name, email and group membership
|
3
|
+
# by default account is disabled unless enabled: true is present
|
4
|
+
- :user_name: barrutp220
|
5
|
+
:relations: 511541
|
6
|
+
# - :user_name: albuerl430
|
7
|
+
# :relations: 557430
|
8
|
+
# - :user_name: rogersl264
|
9
|
+
# :relations: 558264
|
10
|
+
# - :user_name: miklauc283
|
11
|
+
# :relations: 558283
|
12
|
+
# - :user_name: portilc119
|
13
|
+
# :relations: 559119
|
14
|
+
# - :user_name: aguilax190
|
15
|
+
# :relations: 559190
|
16
|
+
# - :user_name: gonzalm208
|
17
|
+
# :relations: 559208
|
18
|
+
#
|
19
|
+
# milesm866 | 564866
|
20
|
+
# galvanj568 | 565568
|
21
|
+
# tiradob869 | 565869
|
22
|
+
# changt870 | 566870
|
23
|
+
# nohm396 | 570396
|
24
|
+
# grigoli979 | 571979
|
25
|
+
# bedoyac063 | 573063
|
26
|
+
# mariglm633 | 575633
|
27
|
+
# yudinm437 | 576437
|
28
|
+
# fijogai896 | 577896
|
29
|
+
# zunzunj443 | 579443
|
30
|
+
# zhouw300 | 583300
|
31
|
+
# canavej018 | 585018
|
32
|
+
# xuz906 | 588906
|
33
|
+
# benetor857 | 590857
|
34
|
+
# flaskaa617 | 592617
|
35
|
+
# berengd044 | 593044
|
36
|
+
# guow690 | 593690
|
37
|
+
# lacerdm840 | 593840
|
38
|
+
# mussina201 | 599201
|
39
|
+
# binzegj915 | 599915
|
40
|
+
# borowyk252 | 600252
|
41
|
+
# mussina288 | 600288
|
42
|
+
# linj671 | 603671
|
43
|
+
# rizoorm894 | 603894
|
44
|
+
# gonzalg934 | 603934
|
45
|
+
# pieribe687 | 611687
|
46
|
+
# shukshm297 | 615297
|
47
|
+
# elizarf803 | 622803
|
48
|
+
# zuoj861 | 602861
|
@@ -0,0 +1,48 @@
|
|
1
|
+
#!/usr/bin/env ruby -w
|
2
|
+
|
3
|
+
require 'yaml'
|
4
|
+
require 'open_directory_utils'
|
5
|
+
|
6
|
+
# setup server connection
|
7
|
+
srv_info = {}
|
8
|
+
begin
|
9
|
+
srv_info = YAML.load_file( File.open('connection.yml') )
|
10
|
+
rescue Errno::ENOENT, LoadError, Psych::Error, Psych::SyntaxError
|
11
|
+
srv_info = {srv_hostname: 'od.example.com', srv_username: 'odsshlogin',
|
12
|
+
dir_username: 'diradmin', dir_password: 'T0p-S3cret' }
|
13
|
+
end
|
14
|
+
|
15
|
+
od = OpenDirectoryUtils::Connection.new( srv_info )
|
16
|
+
puts "\nSERVER SETTINGS:"
|
17
|
+
pp od
|
18
|
+
|
19
|
+
|
20
|
+
# get users
|
21
|
+
users = []
|
22
|
+
begin
|
23
|
+
users = YAML.load( File.open('relations.yml') )
|
24
|
+
rescue Errno::ENOENT, LoadError, Psych::SyntaxError, YAML::Error
|
25
|
+
users = [
|
26
|
+
{username: 'odtest1', usernumber: '87654321', primary_group_id: 1031},
|
27
|
+
{username: 'odtest2', usernumber: '87654322', primary_group_id: 1031},
|
28
|
+
]
|
29
|
+
ensure
|
30
|
+
pp "USERS:"
|
31
|
+
pp users
|
32
|
+
end
|
33
|
+
|
34
|
+
make_accts = false
|
35
|
+
puts "Review the user data \nEnter 'Y' to create od accounts\n (otherwise you see a dry run)"
|
36
|
+
answer = gets.chomp.downcase
|
37
|
+
if answer.eql? 'y'
|
38
|
+
make_accts = true
|
39
|
+
end
|
40
|
+
|
41
|
+
# create accounts
|
42
|
+
puts "\nCreating OD Accounts:"
|
43
|
+
Array(users).each do |person|
|
44
|
+
# show commands
|
45
|
+
pp od.send(:user_set_relationships, person, od.dir_info)
|
46
|
+
# Make Account
|
47
|
+
pp od.run(command: :user_set_relationships, params: person ) if make_accts.eql? true
|
48
|
+
end
|
@@ -16,16 +16,16 @@ module OpenDirectoryUtils
|
|
16
16
|
assert{not attrib[key].eql? '{}'}
|
17
17
|
assert{not attrib[key].include? ' '} if key.eql? :scope
|
18
18
|
assert{not attrib[key].include? ' '} if [:uid, :username, :record_name].include? key
|
19
|
-
rescue NoMethodError, ArgumentError => error
|
19
|
+
rescue NoMethodError, ArgumentError # => error
|
20
20
|
message = "#{key}: '#{attrib[key].inspect}' invalid"
|
21
21
|
message += ", value_name: :#{value}" unless value.nil?
|
22
22
|
raise ArgumentError, message
|
23
23
|
end
|
24
24
|
|
25
25
|
def tidy_attribs(attribs)
|
26
|
-
|
27
|
-
attribs.each{ |k,v|
|
28
|
-
return
|
26
|
+
user_attribs = {}
|
27
|
+
attribs.each{ |k,v| user_attribs[k] = v.to_s.strip }
|
28
|
+
return user_attribs
|
29
29
|
end
|
30
30
|
|
31
31
|
def user_record_name_alternatives(attribs)
|
@@ -45,17 +45,18 @@ module OpenDirectoryUtils
|
|
45
45
|
end
|
46
46
|
|
47
47
|
# /usr/bin/pwpolicy -a diradmin -p "BigSecret" -u username -setpolicy "isDisabled=0"
|
48
|
-
def build_pwpolicy_command(
|
48
|
+
def build_pwpolicy_command(attribs, dir_info)
|
49
49
|
ans = %Q[#{dir_info[:pwpol]}]
|
50
50
|
ans += %Q[ -a #{dir_info[:username]}] unless dir_info[:username].nil? or
|
51
51
|
dir_info[:username].empty?
|
52
52
|
ans += %Q[ -p "#{dir_info[:password]}"] unless dir_info[:password].nil? or
|
53
53
|
dir_info[:password].empty?
|
54
54
|
ans += %Q[ -n #{dir_info[:data_path]}]
|
55
|
-
ans += %Q[ -u #{
|
56
|
-
ans += %Q[ -#{
|
57
|
-
ans += %Q[ "#{
|
58
|
-
|
55
|
+
ans += %Q[ -u #{attribs[:record_name]}]
|
56
|
+
ans += %Q[ -#{attribs[:attribute]}]
|
57
|
+
ans += %Q[ "#{attribs[:value]}"] unless attribs[:value].nil? or
|
58
|
+
attribs[:value].empty?
|
59
|
+
attribs[:value] = nil
|
59
60
|
return ans
|
60
61
|
end
|
61
62
|
|
@@ -86,6 +87,7 @@ module OpenDirectoryUtils
|
|
86
87
|
attribs[:attribute].empty?
|
87
88
|
ans += %Q[ "#{attribs[:value]}"] unless attribs[:value].nil? or
|
88
89
|
attribs[:value].empty?
|
90
|
+
attribs[:value] = nil
|
89
91
|
return ans
|
90
92
|
end
|
91
93
|
|
@@ -119,6 +121,8 @@ module OpenDirectoryUtils
|
|
119
121
|
ans += %Q[ -t #{params[:type]}] # type can be user or group
|
120
122
|
end
|
121
123
|
ans += %Q[ #{params[:value]}] # the group to be manipulated
|
124
|
+
params[:value] = nil
|
125
|
+
return ans
|
122
126
|
end
|
123
127
|
|
124
128
|
end
|
@@ -8,7 +8,7 @@ module OpenDirectoryUtils
|
|
8
8
|
# @note - these commands were derived from the following resrouces:
|
9
9
|
# * http://krypted.com/mac-os-x/create-groups-using-dscl/
|
10
10
|
# * https://apple.stackexchange.com/questions/307173/creating-a-group-via-users-groups-in-command-line?utm_medium=organic&utm_source=google_rich_qa&utm_campaign=google_rich_qa
|
11
|
-
module
|
11
|
+
module CommandsGroups
|
12
12
|
|
13
13
|
# include OpenDirectoryUtils::Dscl
|
14
14
|
include OpenDirectoryUtils::CleanCheck
|
@@ -44,7 +44,7 @@ module OpenDirectoryUtils
|
|
44
44
|
# pp attribs
|
45
45
|
|
46
46
|
attribs = group_record_name_alternatives(attribs)
|
47
|
-
groupname = attribs[:record_name]
|
47
|
+
# groupname = attribs[:record_name]
|
48
48
|
attribs[:value] = username
|
49
49
|
# pp attribs
|
50
50
|
|
@@ -58,26 +58,6 @@ module OpenDirectoryUtils
|
|
58
58
|
dscl( cmd_attribs, dir_info )
|
59
59
|
end
|
60
60
|
|
61
|
-
# def user_remove_from_group(attribs, dir_info)
|
62
|
-
# attribs = user_record_name_alternatives(attribs)
|
63
|
-
#
|
64
|
-
# attribs[:value] = attribs[:group_membership]
|
65
|
-
# attribs[:value] = attribs[:value] || attribs[:groupmembership]
|
66
|
-
# attribs[:value] = attribs[:value] || attribs[:group_name]
|
67
|
-
# attribs[:value] = attribs[:value] || attribs[:groupname]
|
68
|
-
# attribs[:value] = attribs[:value] || attribs[:gid]
|
69
|
-
#
|
70
|
-
# check_critical_attribute( attribs, :record_name, :username )
|
71
|
-
# check_critical_attribute( attribs, :value, :groupname )
|
72
|
-
# attribs = tidy_attribs(attribs)
|
73
|
-
# command = { operation: 'edit', action: 'delete', type: 'user'}
|
74
|
-
# user_attrs = attribs.merge(command)
|
75
|
-
#
|
76
|
-
# dseditgroup( user_attrs, dir_info )
|
77
|
-
# end
|
78
|
-
# # module_function :user_remove_from_group
|
79
|
-
# # alias_method :user_remove_group_memebership, :user_remove_from_group
|
80
|
-
|
81
61
|
# dscl . -delete /Groups/yourGroupName
|
82
62
|
# https://tutorialforlinux.com/2011/09/15/delete-users-and-groups-from-terminal/
|
83
63
|
def group_delete(attribs, dir_info)
|
@@ -143,27 +123,6 @@ module OpenDirectoryUtils
|
|
143
123
|
dscl( user_attrs, dir_info )
|
144
124
|
end
|
145
125
|
|
146
|
-
# # probably can't create password for group?
|
147
|
-
# # /usr/bin/dscl -u diradmin -P liaP-meD-Aj-pHi-hOb-en-c /LDAPv3/127.0.0.1 -create /Groups/odgrouptest passwd "*"
|
148
|
-
# # "<main> attribute status: eDSNoStdMappingAvailable\n" +
|
149
|
-
# # "<dscl_cmd> DS Error: -14140 (eDSNoStdMappingAvailable)"]
|
150
|
-
# def group_set_passwd(attribs, dir_info)
|
151
|
-
# attribs = group_record_name_alternatives(attribs)
|
152
|
-
#
|
153
|
-
# attribs[:value] = attribs[:value] || attribs[:password]
|
154
|
-
# attribs[:value] = attribs[:value] || attribs[:passwd]
|
155
|
-
# attribs[:value] = attribs[:value] || '*'
|
156
|
-
#
|
157
|
-
# check_critical_attribute( attribs, :record_name )
|
158
|
-
# check_critical_attribute( attribs, :value, :password )
|
159
|
-
#
|
160
|
-
# command = {action: 'passwd', scope: 'Groups', attribute: nil}
|
161
|
-
# user_attrs = attribs.merge(command)
|
162
|
-
#
|
163
|
-
# dscl( user_attrs, dir_info )
|
164
|
-
# end
|
165
|
-
# alias_method :group_set_password, :group_set_passwd
|
166
|
-
|
167
126
|
# create group -- dscl . -create /Groups/ladmins
|
168
127
|
# add group passwd -- dscl . -create /Groups/ladmins passwd “*”
|
169
128
|
# add group name -- dscl . -create /Groups/ladmins RealName “Local Admins”
|