radcli 0.1.0

data/ext/radcli/radenroll.c

@@ -0,0 +1,278 @@
+#include <radcli.h>
+
+VALUE c_adenroll;
+
+// Free function for the Adcli::AdEnroll class.
+static void radenroll_free (RUBY_ADENROLL *ptr) {
+    if(!ptr)
+        return;
+
+    adcli_enroll_unref (ptr->enroll);
+
+    free (ptr);
+}
+
+// Allocation function for the Adcli:AdEnroll class.
+static VALUE radenroll_allocate (VALUE klass) {
+    RUBY_ADENROLL *ptr = malloc (sizeof(RUBY_ADENROLL));
+
+    memset (ptr, 0, sizeof(RUBY_ADENROLL));
+
+    return Data_Wrap_Struct (klass, 0, radenroll_free, ptr);
+}
+
+/*
+ * call-seq:
+ *  conn_object = Adcli::AdConn.connect('YOUR.REALM.COM')
+ *  Adcli::AdEnroll.new(conn_object)
+ * 
+ * Creates and returns a new Adcli::AdEnroll object. 
+ * 
+ */
+static VALUE radenroll_initialize (VALUE self, VALUE ad_conn) {
+    RUBY_ADCONN *ptr_conn;
+    RUBY_ADENROLL *ptr_enroll;
+
+    Data_Get_Struct (ad_conn, RUBY_ADCONN, ptr_conn);
+    Data_Get_Struct (self, RUBY_ADENROLL, ptr_enroll);
+
+    adcli_enroll *enroll = adcli_enroll_new (ptr_conn->conn);
+    ptr_enroll->enroll = enroll;
+
+    return self;
+}
+
+static VALUE radenroll_get_host_fqdn (VALUE self) {
+   RUBY_ADENROLL *ptr_enroll;
+   const char *c_host_fqdn = NULL;
+
+   Data_Get_Struct (self, RUBY_ADENROLL, ptr_enroll);
+
+   c_host_fqdn = adcli_enroll_get_host_fqdn(ptr_enroll->enroll);
+
+   return rb_str_new_cstr (c_host_fqdn); 
+}
+
+static VALUE radenroll_set_host_fqdn (VALUE self, VALUE value) {
+   RUBY_ADENROLL *ptr_enroll;
+   adcli_enroll *enroll;
+   Check_Type(value, T_STRING);
+   const char *c_fqdn = StringValuePtr (value); 
+   Data_Get_Struct (self, RUBY_ADENROLL, ptr_enroll);
+
+   enroll = ptr_enroll->enroll;
+   adcli_enroll_set_host_fqdn (enroll, c_fqdn);
+
+   return self;
+}
+
+
+/*
+ * call-seq:
+ *  
+ *  adenroll.get_computer_name # => hostname.your.realm.com
+ * 
+ * Creates and returns the computer name.
+ * 
+ */
+static VALUE radenroll_get_computer_name (VALUE self) {
+    RUBY_ADENROLL *ptr_enroll;
+    const char *c_computer_name = NULL;
+
+    Data_Get_Struct (self ,RUBY_ADENROLL, ptr_enroll);
+
+    c_computer_name  = adcli_enroll_get_computer_name (ptr_enroll->enroll);
+
+    return rb_str_new_cstr (c_computer_name);
+}
+
+/*
+ * call-seq:
+ *  
+ *  adenroll.set_computer_name('hostname')
+ * 
+ * Set the computer name to do the enroll operation on (join or delete).
+ * 
+ */
+static VALUE radenroll_set_computer_name (VALUE self, VALUE value) {
+    RUBY_ADENROLL *ptr_enroll;
+    adcli_enroll *enroll;
+
+
+    Check_Type(value, T_STRING);
+
+    const char *c_value = StringValuePtr (value);
+
+    Data_Get_Struct (self, RUBY_ADENROLL, ptr_enroll);
+
+    enroll = ptr_enroll->enroll;
+    adcli_enroll_set_computer_name (enroll, c_value);
+
+    return self;
+}
+
+/*
+ * call-seq:
+ * 
+ *  adenroll.set_domain_ou('OU=Testing,DC=domain,DC=example,DC=com')
+ * 
+ * Set the domain organizational unit.
+ * 
+ */
+static VALUE radenroll_set_domain_ou (VALUE self, VALUE value) {
+    RUBY_ADENROLL *ptr_enroll;
+    adcli_enroll *enroll;
+
+    Check_Type(value, T_STRING);
+
+    Data_Get_Struct (self, RUBY_ADENROLL, ptr_enroll);
+
+    const char *c_value = StringValuePtr(value);
+    enroll = ptr_enroll->enroll;
+
+    adcli_enroll_set_domain_ou(enroll, c_value);
+    
+    return self;
+}
+
+/*
+ * call-seq:
+ *  
+ *  adenroll.get_computer_password
+ * 
+ * Gets the computer password 
+ * 
+ */
+static VALUE radenroll_get_computer_password (VALUE self) {
+    RUBY_ADENROLL *ptr_enroll;
+    const char *c_computer_password = NULL;
+
+    Data_Get_Struct (self ,RUBY_ADENROLL, ptr_enroll);
+
+    c_computer_password = adcli_enroll_get_computer_password (ptr_enroll->enroll);
+
+    return rb_str_new_cstr (c_computer_password);
+}
+
+/*
+ * call-seq:
+ *  
+ *  adenroll.set_computer_password('computer-password')
+ * 
+ * Sets the computer password 
+ * 
+ */
+static VALUE radenroll_set_computer_password (VALUE self, VALUE value) {
+    RUBY_ADENROLL *ptr_enroll;
+    Check_Type(value, T_STRING);
+
+    adcli_enroll *enroll;
+    Data_Get_Struct (self, RUBY_ADENROLL, ptr_enroll);
+
+    enroll = ptr_enroll->enroll;
+    const char *c_value = StringValuePtr (value);
+
+    adcli_enroll_set_computer_password (enroll, c_value);
+
+    return self;
+}
+
+/*
+ * call-seq:
+ *  
+ *  adenroll.join
+ * 
+ * Joins a new computer to the Active Directory domain. Creates a machine account and sets a password for it.
+ * 
+ */                 
+static VALUE radenroll_join (VALUE self) {
+    RUBY_ADENROLL *ptr_enroll;
+    adcli_result result;
+
+    Data_Get_Struct (self, RUBY_ADENROLL, ptr_enroll);
+
+    result = adcli_enroll_join (ptr_enroll->enroll, ADCLI_ENROLL_NO_KEYTAB);
+
+    if(result != ADCLI_SUCCESS) {
+        rb_raise(rb_eRuntimeError, "%s", adcli_get_last_error());
+    }
+
+    return self;
+}
+
+/*
+ * call-seq
+ *
+ * adenroll.password
+ * 
+ * Updates a computer password 
+ * 
+ */
+static VALUE radenroll_password (VALUE self) {
+    RUBY_ADENROLL *ptr_enroll;
+    adcli_result result;
+
+    Data_Get_Struct (self, RUBY_ADENROLL, ptr_enroll);
+
+    result = adcli_enroll_password (ptr_enroll->enroll, ADCLI_ENROLL_PASSWORD_VALID);
+
+    if (result != ADCLI_SUCCESS) {
+    	rb_raise(rb_eRuntimeError, "%s", adcli_get_last_error());
+    }
+
+    return self;
+}
+
+
+/*
+ * call-seq:
+ *  
+ *  adenroll.delete
+ * 
+ * Deletes a existing computer from the Active Directory domain
+ * 
+ */   
+static VALUE radenroll_delete (VALUE self) {
+    RUBY_ADENROLL *ptr_enroll;
+    adcli_result result;;
+
+    Data_Get_Struct (self, RUBY_ADENROLL, ptr_enroll);
+
+    result = adcli_enroll_delete (ptr_enroll->enroll, 0);
+
+    if (result != ADCLI_SUCCESS) {
+        rb_raise(rb_eRuntimeError, "%s", adcli_get_last_error());
+    }
+
+    return self;
+}
+
+void Init_AdEnroll()
+{
+    c_adenroll = rb_define_class_under (m_adcli, "AdEnroll", rb_cObject);
+    c_adenroll_exception = rb_define_class_under (m_adcli, "Exception", rb_eStandardError);
+
+    // Allocate functions
+    rb_define_alloc_func (c_adenroll, radenroll_allocate);
+
+    // AdEnroll methods
+    rb_define_method (c_adenroll, "initialize", radenroll_initialize, 1);
+
+    rb_define_method (c_adenroll, "get_host_fqdn", radenroll_get_host_fqdn, 0);
+    rb_define_method (c_adenroll, "set_host_fqdn", radenroll_set_host_fqdn, 1);
+
+    rb_define_method (c_adenroll, "get_computer_name", radenroll_get_computer_name, 0);
+    rb_define_method (c_adenroll, "set_computer_name", radenroll_set_computer_name, 1);
+
+    rb_define_method (c_adenroll, "set_domain_ou", radenroll_set_domain_ou, 1);
+
+    rb_define_method (c_adenroll, "get_computer_password", radenroll_get_computer_password, 0);
+    rb_define_method (c_adenroll, "set_computer_password", radenroll_set_computer_password, 1);
+
+    rb_define_method (c_adenroll, "join", radenroll_join, 0);
+    rb_define_method (c_adenroll, "password", radenroll_password, 0);
+    rb_define_method (c_adenroll, "delete", radenroll_delete, 0);
+
+
+
+}

data/radcli.gemspec

@@ -0,0 +1,26 @@
+require 'rubygems'
+
+Gem::Specification.new do |spec|
+    spec.name       = 'radcli'
+    spec.version    = '0.1.0'
+    spec.authors    = ['Mårten Cassel']
+    spec.license    = 'Artistic-2.0'
+    spec.email      = ['marten.cassel@gmail.com']
+    spec.homepage   = 'http://github.com/martencassel/radcli'
+    spec.summary    = 'A Ruby interface for the adcli library'
+    spec.test_files = Dir['test/test*']
+    spec.extensions = ['ext/radcli/extconf.rb']
+    spec.files      = `git ls-files`.split("\n").reject { |f| f.include?('git') }
+
+    spec.extra_rdoc_files  = ['README.md', 'CHANGES', 'MANIFEST'] + Dir['ext/radcli/*.c']
+
+    spec.add_dependency('rake-compiler')
+
+    spec.add_development_dependency('test-unit', '>= 2.1.0')
+    
+    spec.description = <<-EOF
+      The radcli library provides a Ruby interface for performing actions on 
+      a Active Directory domain using the realmd/adcli tool library.
+    EOF
+end
+

data/scripts/delete.rb

@@ -0,0 +1,20 @@
+#!/usr/bin/env ruby
+ 
+require 'radcli'
+
+adconn = Adcli::AdConn.new("example.com")
+adconn.set_login_user("Administrator")
+adconn.set_user_password("password")
+adconn.set_domain_realm("EXAMPLE.COM")
+adconn.set_domain_controller("dc.example.com")
+res = adconn.connect
+
+enroll = Adcli::AdEnroll.new(adconn)
+enroll.set_computer_name("server")
+
+begin
+  enroll.delete()
+rescue => error
+  puts error
+end
+

data/scripts/fail_adconnect.rb

@@ -0,0 +1,46 @@
+#!/usr/bin/env ruby
+ 
+require 'radcli'
+
+# Couldn't resolve host name: foo.example.com: Name or service not known
+
+adconn = Adcli::AdConn.new("example.com")
+adconn.set_login_user("Administrator")
+adconn.set_user_password("password")
+adconn.set_domain_realm("EXAMPLE.COM")
+adconn.set_domain_controller("foo.example.com")
+
+begin
+  res = adconn.connect
+rescue => error
+  puts error
+end
+
+# Couldn't get kerberos ticket for: Administrator@EXAMPLE.INCORRECT: Cannot find KDC for realm "EXAMPLE.INCORRECT"
+
+adconn = Adcli::AdConn.new("example.com")
+adconn.set_login_user("Administrator")
+adconn.set_user_password("password")
+adconn.set_domain_realm("EXAMPLE.INCORRECT")
+adconn.set_domain_controller("dc.example.com")
+
+begin
+  res = adconn.connect
+rescue => error
+  puts error
+end
+
+# Couldn't authenticate as: Administrator@EXAMPLE.COM: Preauthentication failed
+
+adconn = Adcli::AdConn.new("example.com")
+adconn.set_login_user("Administrator")
+adconn.set_user_password("incorrect")
+adconn.set_domain_realm("EXAMPLE.COM")
+adconn.set_domain_controller("dc.example.com")
+
+begin
+  res = adconn.connect
+rescue => error
+  puts error
+end
+

data/scripts/join.rb

@@ -0,0 +1,22 @@
+#!/usr/bin/env ruby
+ 
+require 'radcli'
+
+adconn = Adcli::AdConn.new("example.com")
+adconn.set_login_user("Administrator")
+adconn.set_user_password("password")
+adconn.set_domain_realm("EXAMPLE.COM")
+adconn.set_domain_controller("dc.example.com")
+res = adconn.connect
+
+enroll = Adcli::AdEnroll.new(adconn)
+enroll.set_host_fqdn("server.example.com")
+enroll.set_computer_name("server")
+enroll.set_computer_password("password")
+
+begin
+  enroll.join()
+rescue => error
+  puts error
+end
+

data/scripts/reset.rb

@@ -0,0 +1,24 @@
+#!/usr/bin/env ruby
+ 
+require 'radcli'
+
+adconn = Adcli::AdConn.new("example.com")
+adconn.set_login_user("Administrator")
+adconn.set_user_password("password")
+adconn.set_domain_realm("EXAMPLE.COM")
+adconn.set_domain_controller("dc.example.com")
+res = adconn.connect
+
+enroll = Adcli::AdEnroll.new(adconn)
+enroll.set_computer_name("serverixx")
+enroll.set_computer_password("newpass")
+
+begin
+  enroll.password()
+rescue => error
+  puts error
+end
+
+
+# kinit server@EXAMPLE.COM
+# >newpass

data/test/test_radconn.rb

@@ -0,0 +1,110 @@
+########################################################################
+# test_radconn.rb
+#
+# Test suite for the Adcli::Adconn class. 
+#
+require 'rubygems'
+gem 'test-unit'
+
+require 'test/unit'
+require 'radcli'
+
+class TC_Adconn < Test::Unit::TestCase
+  def setup
+    @domain = "TEST.DOMAIN"
+    @realm = "TEST.REALM"
+    @domain_controller = "TEST-DC"
+    @ccache_name = "testccache"
+    @login_user = "testuser"
+    @user_password = "testpassword"
+
+    @conn = Adcli::AdConn.new(@domain)
+  end
+
+  test "an error is raised on connect if an invalid domain controller is used" do
+    @conn.set_login_user("Administrator")
+    @conn.set_user_password("password")
+    @conn.set_domain_realm("EXAMPLE.COM")
+    @conn.set_domain_controller("foo.example.com")
+
+    exception = assert_raises(RuntimeError) { @conn.connect }
+    assert_equal("Couldn't resolve host name: foo.example.com: Name or service not known", exception.message)
+  end
+  
+  test "an error is raised on connect if an invalid realm is used" do
+    @conn.set_login_user("Administrator")
+    @conn.set_user_password("password")
+    @conn.set_domain_realm("EXAMPLE.INCORRECT")
+    @conn.set_domain_controller("dc.example.com")
+
+    exception = assert_raises(RuntimeError) { @conn.connect }
+  end
+  
+  test "argument to constructor must be a string" do
+    assert_raise(TypeError){ Adcli::AdConn.new(1) }
+    assert_raise(TypeError){ Adcli::AdConn.new(true) }
+  end
+  
+  test "constructor accepts a domain name" do
+    assert_nothing_raised{ Adcli::AdConn.new('domain') }
+  end
+
+  test "argument to domain realm setter must be a string" do
+    assert_raise(TypeError){ @conn.set_domain_realm(1) }
+    assert_raise(TypeError){ @conn.set_domain_realm(true) }
+  end
+
+  test "domain realm setter/getter sets/returns value" do
+    @conn.set_domain_realm(@realm)
+    realm = @conn.get_domain_realm()
+    assert_equal(@realm, realm)
+  end
+
+  test "argument to domain controller setter must be a string" do
+    assert_raise(TypeError){ @conn.set_domain_controller(1) }
+    assert_raise(TypeError){ @conn.set_domain_controller(true) }
+  end
+  
+  test "domain controller setter/getter sets/returns value" do
+    @conn.set_domain_controller(@domain_controller)
+    domain_controller = @conn.get_domain_controller()
+    assert_equal(@domain_controller, domain_controller)
+  end
+
+  test "argument to ccache-name setter must be a string" do
+    assert_raise(TypeError){ @conn.set_login_ccache_name(1) }
+    assert_raise(TypeError){ @conn.set_login_ccache_name(true) }
+  end
+
+  test "login ccache name setter/getter sets/returns value" do
+    @conn.set_login_ccache_name(@ccache_name)
+    login_ccache = @conn.get_login_ccache_name()
+    assert_equal(@ccache_name, login_ccache)
+  end
+
+  test "argument to login user setter must be a string" do
+    assert_raise(TypeError){ @conn.set_login_user(1) }
+    assert_raise(TypeError){ @conn.set_login_user(true) }
+  end
+
+  test "login user setter/getter sets/returns value" do
+    @conn.set_login_user(@login_user)
+    login_user = @conn.get_login_user()
+    assert_equal(@login_user, login_user)
+  end
+
+  test "argument to login password setter must be a string" do
+    assert_raise(TypeError){ @conn.set_user_password(1) }
+    assert_raise(TypeError){ @conn.set_user_password(true) } 
+  end
+  
+  test "login password setter/getter sets/returns value" do
+    @conn.set_user_password(@user_password)
+    password = @conn.get_user_password()
+    assert_equal(@user_password, password)
+  end
+
+  def teardown
+  end
+
+end