ucert 0.2.57
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/CHANGELOG.md +134 -0
- data/LICENSE.txt +22 -0
- data/README.rdoc +61 -0
- data/Rakefile +8 -0
- data/TODO +5 -0
- data/bin/ad_dump +74 -0
- data/bin/ad_update +48 -0
- data/bin/adgrep +149 -0
- data/bin/adp_dump +70 -0
- data/bin/aix_dump +69 -0
- data/bin/audiolog_dump +69 -0
- data/bin/bloomberg_dump +69 -0
- data/bin/check21_dump +69 -0
- data/bin/citidirect_be_dump +69 -0
- data/bin/citidirect_sec_dump +69 -0
- data/bin/citrixsf_dump +70 -0
- data/bin/clear_par_dump +70 -0
- data/bin/cmbrun_ny_dump +76 -0
- data/bin/cvm_dump +70 -0
- data/bin/db_direct_dump +69 -0
- data/bin/egifts_dump +68 -0
- data/bin/equinix_dump +69 -0
- data/bin/frb_dump +69 -0
- data/bin/go_contact_dump +16 -0
- data/bin/jpm_dump +69 -0
- data/bin/madison535_dump +70 -0
- data/bin/mantis_dump +79 -0
- data/bin/prime_dump +79 -0
- data/bin/sage100_dump +69 -0
- data/bin/sharefile_dump +69 -0
- data/bin/som_dump +74 -0
- data/bin/stb_dump +69 -0
- data/bin/swift_dump +79 -0
- data/bin/swift_online_dump +69 -0
- data/bin/t24_dump +79 -0
- data/bin/vpn_dump +69 -0
- data/bin/wms_dump +79 -0
- data/bin/yst_dump +79 -0
- data/data/ad/ad_delta.txt +94 -0
- data/data/ad/hosts +421 -0
- data/data/ad/hosts.old +597 -0
- data/data/ad/hosts_old +597 -0
- data/data/ad/ldap_computer.txt +19028 -0
- data/data/ad/ldap_person.txt +41241 -0
- data/data/adp/Active Employee Report.xlsx +0 -0
- data/data/adp/adp_user_map.txt +141 -0
- data/data/aix/EGIFTS1.txt +239 -0
- data/data/aix/NYSWIFT1.txt +222 -0
- data/data/aix/T24_APP1.txt +300 -0
- data/data/aix/T24_DBP.txt +252 -0
- data/data/aix/aix_user_map.txt +46 -0
- data/data/alliance_swift/Swift_Operator_Details.xlsx +0 -0
- data/data/alliance_swift/Swift_Operator_Profiles_Details.xlsx +0 -0
- data/data/alliance_swift/swift_operator_map.txt +22 -0
- data/data/audiolog/Capture_audiolog.PNG +0 -0
- data/data/bloomberg/AccountData.csv +2 -0
- data/data/bloomberg/Capture_SID_download.PNG +0 -0
- data/data/bloomberg/current_subscriptions.csv +11 -0
- data/data/check21/Capture_check21_users.PNG +0 -0
- data/data/citidirect_be/Capture.PNG +0 -0
- data/data/citidirect_be/Capture_new.PNG +0 -0
- data/data/citidirect_be/Capture_new_new.PNG +0 -0
- data/data/citidirect_be/UserProfileEntitlementReport.pdf +0 -0
- data/data/citidirect_be/UserProfileEntitlementsReport.old.xlsx +0 -0
- data/data/citidirect_be/UserProfileEntitlementsReport.xlsx +0 -0
- data/data/citidirect_be/be_user_map.txt +11 -0
- data/data/citidirect_securities/Capture.PNG +0 -0
- data/data/citidirect_securities/User_Entitlements_Report___CLNT.dat +19 -0
- data/data/citidirect_securities/User_Entitlements_Report___CLNT.xml +75 -0
- data/data/citidirect_securities/citidirect_securities_user_map.txt +10 -0
- data/data/citrix_sharefile/ShareFile_Access_Report.xlsx +0 -0
- data/data/citrix_sharefile/sharefile_user_map.txt +33 -0
- data/data/clear_par/ClearPar User Report.xlsx +0 -0
- data/data/clear_par/clear_par_user_map.txt +25 -0
- data/data/cmbrun_ny/CMBNY_Position_Rpt.xlsx +0 -0
- data/data/cmbrun_ny/CMBRUN_USER_RPT.xlsx +0 -0
- data/data/cmbrun_ny/Capture_cmbrun.PNG +0 -0
- data/data/cmbrun_ny/Capture_cmbrun_position.PNG +0 -0
- data/data/cmbrun_ny/crny_access_user_map.txt +55 -0
- data/data/cvm/cvm_user_func.xlsx +0 -0
- data/data/cvm/cvm_user_list.xlsx +0 -0
- data/data/cvm/cvm_user_map.txt +56 -0
- data/data/cvm/cvm_user_role.xlsx +0 -0
- data/data/db_direct/Capture_main.PNG +0 -0
- data/data/db_direct/Capture_rpt.PNG +0 -0
- data/data/db_direct/accountpermission.xlsx +0 -0
- data/data/db_direct/db_direct_user_map.txt +8 -0
- data/data/db_direct/di_direct_user_map.txt +0 -0
- data/data/db_direct/userfulldetail_2016010813232300644912.pdf +0 -0
- data/data/equinix/Secured Access List_CHINA MERCHANTS BANK.xlsx +0 -0
- data/data/equinix/equinix_user_map.txt +29 -0
- data/data/fis_egifts/CHINA_MERCHANTS_BANK_-_USER_ACCOUNT_FUNCTION_REPORT.xlsx +0 -0
- data/data/fis_egifts/egifts_user_map.txt +113 -0
- data/data/fis_prime/Prime_Operator_Rights_Report.xml +41958 -0
- data/data/fis_prime/Prime_Operator_Status_Report.xml +1827 -0
- data/data/fis_prime/Prime_Operators_and_Roles_Report.xml +1505 -0
- data/data/fis_prime/Prime_Rights_by_Role_Report.xml +22726 -0
- data/data/fis_prime/prime_user_map.txt +77 -0
- data/data/frb/FRB_Subscriber_Roles_Report.xlsx +0 -0
- data/data/frb/frb_user_map.txt +22 -0
- data/data/go_contact/go_contact.xlsx +0 -0
- data/data/go_contact/go_user_map.txt +134 -0
- data/data/go_contact/title_level_map.txt +141 -0
- data/data/jpm_access/Capture.PNG +0 -0
- data/data/jpm_access/jpm_access_user_map.txt +13 -0
- data/data/jpm_access/jpm_user_entitlements_details.txt +194 -0
- data/data/jpm_access/jpm_user_groupentitlements_details.txt +2 -0
- data/data/madison535/535madison_bldg_pass.xlsx +0 -0
- data/data/madison535/535madison_bldg_pass_2.xlsx +0 -0
- data/data/madison535/madison535_user_map.txt +191 -0
- data/data/mantis/Mantis_AccessLevels.xlsx +0 -0
- data/data/mantis/Mantis_ActiveUsers_Rpt.xlsx +0 -0
- data/data/mantis/mantis_access_user_map.txt +128 -0
- data/data/sage100/Capture_Sage100_Rpt.PNG +0 -0
- data/data/sage100/Capture_Sage100_Rpt_2.PNG +0 -0
- data/data/sage100/SY_UserReport_RolePreferencesDetails.xlsx +0 -0
- data/data/sage100/SY_UserReport_RoleTaskPermissionsDetails.xlsx +0 -0
- data/data/sage100/sy_user_map.txt +14 -0
- data/data/som/som_user_map.txt +40 -0
- data/data/som/som_user_report.csv +329 -0
- data/data/stb/STB_USERS.csv +177 -0
- data/data/stb/STB_USERS.pdf +0 -0
- data/data/stb/stb_user_map.txt +33 -0
- data/data/swift_online/UserReport.xlsx +0 -0
- data/data/swift_online/swo_access_user_map.txt +18 -0
- data/data/t24/T24_Grp_Rpt.csv +484 -0
- data/data/t24/T24_User_Rpt.csv +567 -0
- data/data/t24/t24_grp.xml +2904 -0
- data/data/t24/t24_user_map.txt +197 -0
- data/data/t24/t24_usr.xml +9628 -0
- data/data/vpn/Capture_VPN.PNG +0 -0
- data/data/wms/role_rpt.txt +451 -0
- data/data/wms/user_rpt.txt +55 -0
- data/data/wms/wms_user_map.txt +55 -0
- data/data/yst/YiShiTong_Org.csv +21 -0
- data/data/yst/YiShiTong_User.csv +163 -0
- data/data/yst/yst_user_map.txt +163 -0
- data/demos/filter_email.rb +19 -0
- data/demos/idm_ad_reload.rb +164 -0
- data/lib/ucert.rb +82 -0
- data/lib/ucert/ad_tracker.rb +694 -0
- data/lib/ucert/adp_payroll_tracker.rb +189 -0
- data/lib/ucert/aix_tracker.rb +175 -0
- data/lib/ucert/alliance_swift_tracker.rb +300 -0
- data/lib/ucert/audiolog_tracker.rb +67 -0
- data/lib/ucert/bloomberg_tracker.rb +96 -0
- data/lib/ucert/check21_tracker.rb +95 -0
- data/lib/ucert/citidirect_be_tracker.rb +418 -0
- data/lib/ucert/citidirect_securities_tracker.rb +230 -0
- data/lib/ucert/citrix_sharefile_tracker.rb +196 -0
- data/lib/ucert/clear_par_tracker.rb +187 -0
- data/lib/ucert/cmbrun_ny_tracker.rb +244 -0
- data/lib/ucert/cvm_tracker.rb +230 -0
- data/lib/ucert/db_direct_tracker.rb +205 -0
- data/lib/ucert/equinix_tracker.rb +202 -0
- data/lib/ucert/fis_egifts_tracker.rb +249 -0
- data/lib/ucert/fis_prime_tracker.rb +391 -0
- data/lib/ucert/frb_tracker.rb +232 -0
- data/lib/ucert/go_contact_tracker.rb +778 -0
- data/lib/ucert/jpm_access_tracker.rb +205 -0
- data/lib/ucert/madison535_tracker.rb +273 -0
- data/lib/ucert/mantis_tracker.rb +249 -0
- data/lib/ucert/sage100_tracker.rb +355 -0
- data/lib/ucert/som_tracker.rb +223 -0
- data/lib/ucert/stb_tracker.rb +199 -0
- data/lib/ucert/swift_online_tracker.rb +197 -0
- data/lib/ucert/t24_tracker.rb +342 -0
- data/lib/ucert/utils/utils.rb +200 -0
- data/lib/ucert/vpn_tracker.rb +94 -0
- data/lib/ucert/wms_tracker.rb +240 -0
- data/lib/ucert/yst_tracker.rb +264 -0
- data/test/ad_testfiles/ldap_computer_test.txt +21 -0
- data/test/ad_testfiles/ldap_person_test.txt +21 -0
- data/test/aix_testfiles/application1.txt +7 -0
- data/test/aix_testfiles/application2.txt +15 -0
- data/test/alliance_swift_testfiles/Swift_Operator_Details_Test.xlsx +0 -0
- data/test/alliance_swift_testfiles/Swift_Operator_Profiles_Details_Test.xlsx +0 -0
- data/test/alliance_swift_testfiles/swift_operator_map_test.txt +55 -0
- data/test/alliance_swift_testfiles/swift_operator_map_test_2.txt +55 -0
- data/test/alliance_swift_testfiles/swift_operator_map_test_format_fixed.txt +55 -0
- data/test/citidirect_be_testfiles/UserProfileEntitlementsReport_Test.xlsx +0 -0
- data/test/citidirect_securities_testfiles/User_Entitlements_Report___CLNT_Test.xml +48 -0
- data/test/citrix_sharefile_testfiles/ShareFile_Access_Report_Test.xlsx +0 -0
- data/test/cmbrun_ny_testfiles/CMBNY_Position_Rpt_02242016_test.xlsx +0 -0
- data/test/cmbrun_ny_testfiles/CMBRUN_USER_RPT_Test.xlsx +0 -0
- data/test/db_direct_testfiles/accountpermission_Test.xlsx +0 -0
- data/test/equinix_testfiles/Secured Access List_CHINA MERCHANTS BANK_TEST.xlsx +0 -0
- data/test/fis_egifts_testfiles/CHINA_MERCHANTS_BANK_-_USER_ACCOUNT_FUNCTION_REPORT_TEST.xlsx +0 -0
- data/test/fis_prime_testfiles/Prime_Operator_Rights_Report_Test.xml +158 -0
- data/test/fis_prime_testfiles/Prime_Operator_Status_Report_Copy.xml +1659 -0
- data/test/fis_prime_testfiles/Prime_Operator_Status_Report_Test.xml +51 -0
- data/test/fis_prime_testfiles/Prime_Operators_and_Roles_Report_Copy.xml +1360 -0
- data/test/fis_prime_testfiles/Prime_Operators_and_Roles_Report_Test.xml +45 -0
- data/test/fis_prime_testfiles/Prime_Rights_by_Role_Report_Test.xml +65 -0
- data/test/fis_prime_testfiles/prime_user_map.txt +3 -0
- data/test/frb_testfiles/FRB_Subscriber_Roles_Report_Test.xlsx +0 -0
- data/test/go_contact_testfiles/go_contact_test.xlsx +0 -0
- data/test/jpm_access_testfiles/Capture.PNG +0 -0
- data/test/jpm_access_testfiles/jpm_user_entitlements_details_original.txt +208 -0
- data/test/jpm_access_testfiles/jpm_user_entitlements_details_test.txt +7 -0
- data/test/madison535_testfiles/535madison_bldg_pass_2_Test.xlsx +0 -0
- data/test/madison535_testfiles/535madison_bldg_pass_Test.xlsx +0 -0
- data/test/mantis_testfiles/Mantis_AccessLevels_Test.xlsx +0 -0
- data/test/mantis_testfiles/Mantis_ActiveUsers_Rpt_Test.xlsx +0 -0
- data/test/sage100_testfiles/SY_UserReport_RolePreferencesDetails_Test.xlsx +0 -0
- data/test/sage100_testfiles/SY_UserReport_RoleTaskPermissionsDetails_Test.xlsx +0 -0
- data/test/som_testfiles/som_user_map_test.txt +7 -0
- data/test/som_testfiles/som_user_report_test.csv +25 -0
- data/test/stb_testfiles/STB_USERS_test.csv +24 -0
- data/test/stb_testfiles/STB_USERS_test_constant.csv +24 -0
- data/test/swift_online_testfiles/UserReport.xls +0 -0
- data/test/swift_online_testfiles/UserReport_Test.xlsx +0 -0
- data/test/swift_online_testfiles/test_outline_level.rb +7 -0
- data/test/t24_testfiles/T24_Grp_Rpt_Test.csv +7 -0
- data/test/t24_testfiles/T24_User_Rpt_Test.csv +7 -0
- data/test/test_ad_tracker.rb +148 -0
- data/test/test_aix_tracker.rb +71 -0
- data/test/test_alliance_swift_tracker.rb +131 -0
- data/test/test_audiolog_tracker.rb +23 -0
- data/test/test_check21_tracker.rb +30 -0
- data/test/test_citidirect_be_tracker.rb +110 -0
- data/test/test_citidirect_securities_tracker.rb +89 -0
- data/test/test_citrix_sharefile_tracker.rb +105 -0
- data/test/test_cmbrun_ny_tracker.rb +112 -0
- data/test/test_db_direct_tracker.rb +125 -0
- data/test/test_equinix_tracker.rb +119 -0
- data/test/test_fis_egifts_tracker.rb +105 -0
- data/test/test_fis_prime_tracker.rb +288 -0
- data/test/test_frb_tracker.rb +104 -0
- data/test/test_go_contact.rb +276 -0
- data/test/test_jpm_access_tracker.rb +122 -0
- data/test/test_madison535_tracker.rb +125 -0
- data/test/test_mantis_tracker.rb +133 -0
- data/test/test_sage100_tracker.rb +120 -0
- data/test/test_som_tracker.rb +71 -0
- data/test/test_stb_tracker.rb +120 -0
- data/test/test_swift_online_tracker.rb +116 -0
- data/test/test_t24_tracker.rb +151 -0
- data/test/test_utils.rb +46 -0
- data/test/test_vpn_tracker.rb +56 -0
- data/test/test_wms_tracker.rb +109 -0
- data/test/test_yst_tracker.rb +133 -0
- data/test/utils_testfiles/file2list_test.txt +13 -0
- data/test/utils_testfiles/load_know_user_map_testfile.txt +4 -0
- data/test/wms_testfiles/role_rpt_test.txt +6 -0
- data/test/wms_testfiles/user_rpt_test.txt +6 -0
- data/test/yst_testfiles/YiShiTong_Org_Test.csv +18 -0
- data/test/yst_testfiles/YiShiTong_User_Test.csv +5 -0
- data/ucert.gemspec +52 -0
- data/version.txt +12 -0
- metadata +410 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 547ed940918335967625c173f319b0951d9f6f4a
|
4
|
+
data.tar.gz: 13c122b4b87b00f3228e22ea1ced001b9435fe92
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: efae47999098b582e3bc93f617f287b78f40b33924aef36f6b93e896158a773918c9be63c2962cb3618ab2b81d13b16ff99711996980dae561132d985dc8308b
|
7
|
+
data.tar.gz: 0bb38bc7b7d7e82cc5b7c68df4868da940cc62b3a4f70332a17eb583e0b4f54d5cbb81eae16238f81fe48e9f6334bca852f1b8cce47dc810e85ce76cc71b6596
|
data/CHANGELOG.md
ADDED
@@ -0,0 +1,134 @@
|
|
1
|
+
#--
|
2
|
+
# ucert
|
3
|
+
#
|
4
|
+
# A Ruby library for enterprise user account certification / recertification / audit project
|
5
|
+
#
|
6
|
+
# Copyright (c) CMBNY Risk Department
|
7
|
+
#++
|
8
|
+
|
9
|
+
# Change-log
|
10
|
+
#
|
11
|
+
#
|
12
|
+
# 10/24/2017 Implement Ucer::ClearPar class.
|
13
|
+
# 10/24/2017 Re-vamp CitidirectSecuritiesTracker to handle the new 'dat' report format
|
14
|
+
# 09/29/2017 Re-vamp CitidirectBETracker parser due to the service entitlement report format change
|
15
|
+
# 09/19/2017 Fix YstTracker file encoding to acccomodate the new report format;
|
16
|
+
# Implement CmbrunNYTracker class print_position method.
|
17
|
+
# 09/12/2017 Implement Ucert::AdpPayrollTracker class.
|
18
|
+
# 09/10/2017 Re-implement Ucert::T24Tracker class, in order to support XML entitlement report format.
|
19
|
+
# 08/02/2017 Implement Ucert::SomTracker class.
|
20
|
+
# 04/19/2017 Implement Ucert::CvmTracker class which is a HO developed system under YST SSO.
|
21
|
+
# 04/18/2017 Add 'yst_id_2_dn' method under Ucert::YstTracker class.
|
22
|
+
# 02/01/2017 Implement the Ucert::BloombergTracker class.
|
23
|
+
# 01/23/2017 Fix the bug in the 'parse_sy_uer_role_task_permissions_detail_report' of Ucert::Sage100Tracker class,
|
24
|
+
# 01/23/2017 Fix the bug in 'parse_jpm_user_entitlement_report' method of Ucert::JpmAccessTracker class.
|
25
|
+
# 01/23/2017 Fix the bug in the 'cntl_code_2_property_flag?' method of Ucert::AdTracker class.
|
26
|
+
# 01/23/2017 Fix the bug in the 'is_ip?' method of Ucert::Utils module.
|
27
|
+
# 01/18/2017 Fix the 3 bugs in the Ucert::FisPrimeTracker class.
|
28
|
+
# 01/12/2017 Merge the unit test cases from Kainan(Aaron) Zhang.
|
29
|
+
# 09/12/2016 Implement 'go_dptm_list' method in the Ucert::GoTracker class.
|
30
|
+
# 08/17/2016 Bug fixes in GoTracker 'save!' and 'insert_dn' methods.
|
31
|
+
# 08/15/2016 Refine AdTracker 'search' algorithm; refine Madison535Tracker 'insert_dn' method.
|
32
|
+
# 08/12/2016 Improve the search algorithm in the GoTracker and AdTracker classes.
|
33
|
+
# 08/10/2016 Implement 'parse_madison535_user_access_report_2' method in the class Ucert::Madison535Tracker,
|
34
|
+
# i.e. the 2nd control system user entitlement report from GO.
|
35
|
+
# 08/01/2016 Implement Ucert::Madison535Tracker class and the associated bin utility.
|
36
|
+
# 06/23/2016 Implement Ucert::YstTracker class and the associated bin utility (一事通).
|
37
|
+
# 06/14/2016 Implement Ucert::WmsTracker class and the associated bin utility (Internal WMS credit report system).
|
38
|
+
# 05/11/2016 Remove 'db_tbls' file into 'data' directory; Refactor parse_be_user_entitlement_report method of
|
39
|
+
# Ucert::CitidirectBETracker class, in order to accomodate the new entitlement report data format.
|
40
|
+
# 04/21/2016 Refactor Ucert::GoTracker class by Chris.
|
41
|
+
# 04/18/2016 Implement Ucert::FrbTracker class and the associated bin utility (Federal Reserve Banks services).
|
42
|
+
# 04/11/2016 Refactor Ucert::GoTracker class by Chris.
|
43
|
+
# 04/01/2016 Refactor Ucert::Sage100Tracker class, add 'parse_sy_uer_role_task_permissions_detail_report' method in
|
44
|
+
# order to read additional task permissions report.
|
45
|
+
# 03/29/2016 Improve 'ad_searches_by_text' under Ucert::AdTracker class.
|
46
|
+
# 03/21/2016 Finish to check User Map Dn Match for all systems.
|
47
|
+
# 03/21/2016 Re-factor Ucert::AdTracker class; implement local_ip_2_host method for reverse DNS lookup.
|
48
|
+
# 03/17/2016 Fix a bug in the Ucert::CitidirectSecuritiesTracker class.
|
49
|
+
# 03/15/2016 Re-factor Ucert::AdTracker class; depreciate the 'adfind' connector support.
|
50
|
+
# 03/14/2016 Add 'demo/idm_ad_reload.rb' script to automate the 'cyber_idm' AD tables update automatically in the
|
51
|
+
# server side.
|
52
|
+
# 03/09/2016 Add 'db_tbls' file into 'data' directory, where its contains the list of matching db table names; the
|
53
|
+
# file would be needed by the app to perform database update.
|
54
|
+
# 03/08/2016 Add 'ad_delta' AD record change tracking support in the 'AdTracker' class.
|
55
|
+
# 03/04/2016 Fix a bug in the T24Tracker class 'parse_t24_user_report' method, where additional
|
56
|
+
# application or group entitlements were omitted.
|
57
|
+
# 03/04/2016 Improve the 'adgrep' bin utility to catch and display multiple matches.
|
58
|
+
# 02/29/2016 Implement additional logic in the GoTracker.go_searches_by_text method, to handle
|
59
|
+
# more flexible user search string input.
|
60
|
+
# 02/29/2016 Implement Ucert::AixTracker class and the associated bin utility; implement better DN record change
|
61
|
+
# detection mechanism across the board including GoTracker class.
|
62
|
+
# 02/25/2016 Implement Ucert::CitrixSharefileTracker class and the associated bin utility.
|
63
|
+
# 02/24/2016 Implement Ucert::EquinixTracker class and the associated bin utility;
|
64
|
+
# remove the obsolete AccountMap class.
|
65
|
+
# 02/24/2016 Update search function to Ucert::GoTracker.
|
66
|
+
# 02/24/2016 Add computer search function to Ucert::AdTracker.
|
67
|
+
# 02/23/2016 Bug fix of the inconsistancy with STB map file.
|
68
|
+
# 02/23/2016 Add search function to UCert::GoTracker class.
|
69
|
+
# 02/23/2016 Implement Ucert::StbTracker class and the associated bin utility.
|
70
|
+
# 02/19/2016 Fix map file dn data loss bug.
|
71
|
+
# 02/19/2016 Implement Ucert::CitidirectBETracker class and the associated bin utility.
|
72
|
+
# 02/18/2016 Implement function to Ucert::GoTracker to export go contact sheet.
|
73
|
+
# 02/17/2016 Implement Ucert::AudiologTracker class and the associated bin utility.
|
74
|
+
# 02/16/2016 Implement Ucert::MantisTracker class and the associated bin utility.
|
75
|
+
# 02/11/2016 Add membership information into the 'ad_dump' bin utility.
|
76
|
+
# 02/11/2016 Implement Ucert::CmbrunNYTracker class and the associated bin utility.
|
77
|
+
# 01/20/2016 Modify 'ad_update' utility to disable support for 'adfind' support and Domain ID logon;
|
78
|
+
# going forward, a valid DN would be needed. (Better Ubuntu Linux platform deployment experience).
|
79
|
+
# 01/20/2016 Implement Ucert::Check21Tracker class and the associated bin utility; fix a bug in
|
80
|
+
# Ucert::SwiftOnlineTracker.
|
81
|
+
# 01/14/2016 Implement Ucert::SwiftOnlineTracker class and the associated bin utility.
|
82
|
+
# 01/13/2016 Fix a bug in the Ucert::FisPrimeTracker.insert_dn method; implement Ucert::VpnTracker class
|
83
|
+
# and associated bin utility.
|
84
|
+
# 01/12/2016 Add two structural functions to Ucert::GoTracker.
|
85
|
+
# 01/12/2016 Implement Ucert::Sage100Tracker class and the associated bin utility.
|
86
|
+
# 01/11/2016 Re-factor 'insert_dn' mechanism, so that it would automatically detect and update the 'DN'
|
87
|
+
# field when it loads.
|
88
|
+
# 01/08/2016 Re-factor the Ucert::T24Tracker class, abstract out the 'insert_dn' method (finally).
|
89
|
+
# 01/08/2016 Implement Ucert::DbDirectTracker class and the associated bin utility.
|
90
|
+
# 01/07/2016 Implement Ucert::JpmAccessTracker class and the associated bin utility.
|
91
|
+
# 12/30/2015 Implement Ucert::CitidirectSecuritiesTracker class and the associated bin utility.
|
92
|
+
# 12/30/2015 Fix a bug in the T24Tracker.parse_t24_user_report function.
|
93
|
+
# 12/23/2015 Update several modifications for upload functions to different trackers by Chris
|
94
|
+
# 12/14/2015 Update "Ucert::AdTracker.update_ad_cache" method and add sanity check for LDAP ID input.
|
95
|
+
# 12/02/2015 Implement 'Ucert::AllianceSwiftTracker' class and associated 'swift_dump' utility; minor
|
96
|
+
# adjustment to the 'save!' method across all tracker classes.
|
97
|
+
# 12/01/2015 Re-implement 'adump.rb' by using 'Ucert::AdTracker' class; change its name to 'adgrep';
|
98
|
+
# fix a small bug in the 'Ucert::AdTracker.ad_search_by_text' method
|
99
|
+
# 11/30/2015 Modification for 'Ucert::T24Tracker.t24_2_ad_user' method
|
100
|
+
# 11/24/2015 Implement Ucert::FisEgiftsTracker class; add 'egifts_dump' utility; minor improvement to
|
101
|
+
# 'Ucert::T24Tracker.t24_2_ad_user' method
|
102
|
+
# 11/13/2015 Refactor 'ad_dump', 'ad_update' utilities; add ability to dump out 'computer' table
|
103
|
+
# 11/12/2015 Refactor Ucert::AdTracker class: a) add support to openldap as an AD connector,
|
104
|
+
# b) add 'get_dn_attribute' method
|
105
|
+
# 11/02/2015 Add 'search_by_dn' method for the Ucert::T24Tracker and Ucert::FisPrimeTracker classes.
|
106
|
+
# 10/30/2015 Add Ucert::Utils module; add Ucert::FisPrimeTracker class.
|
107
|
+
# 10/23/2015 Add class 'acct_cntl_code' definition back to Ucert::AdTracker class
|
108
|
+
# 10/08/2015 Ucert::T24Tracker class bug fixes and performance enhancement
|
109
|
+
# 10/08/2015 Add small utiliies under bin directory, i.e. 'ad_dump', 'ad_update', 't24_dump'
|
110
|
+
# 10/08/2015 Add Ucert::GoTracker class by Chris Gui
|
111
|
+
# 10/06/2015 Add Ucert::T24Tracker class
|
112
|
+
# 10/01/2015 Add 'get_os_info', 'cntl_code_2_property_flag', 'print' methods for Ucert::AdTracker class.
|
113
|
+
# 09/30/2015 Small bug fix of method 'ad_searches_by_text' to return Array under Exception condition.
|
114
|
+
# 09/29/2015 Add 'ad_searches_by_text', 'get_cns' methods for Ucert::AdTracker class.
|
115
|
+
# 09/15/2015 Add 'get_email_address', 'get_department', 'get_cn' for Ucert::AdTracker class, credit to Chris
|
116
|
+
|
117
|
+
## Mile-stones
|
118
|
+
|
119
|
+
- March 2016, go live with 'cyber_idm' app in Debian 14.0 LTS.
|
120
|
+
- Oct 2015, department proof-of-concept demo acceptance.
|
121
|
+
- June 2015, design considerations and prototypes.
|
122
|
+
|
123
|
+
### Backward Incompatibilities
|
124
|
+
|
125
|
+
- List of features that are backward incompatible:
|
126
|
+
|
127
|
+
|
128
|
+
## Beta Release 1.x
|
129
|
+
|
130
|
+
|
131
|
+
## Development Release 0.x
|
132
|
+
|
133
|
+
#
|
134
|
+
# 06/15/2015 Implement the active directory tracker class.
|
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2012-2015 CMBNY Risk Department
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.rdoc
ADDED
@@ -0,0 +1,61 @@
|
|
1
|
+
= Ucert Ruby API README
|
2
|
+
|
3
|
+
|
4
|
+
== What's this program for?
|
5
|
+
This program is designed for the enterprise wide user certification / recertification / audit purpose.
|
6
|
+
|
7
|
+
|
8
|
+
== Credits
|
9
|
+
The software architect and main developer is CMBNY ISO Yang Li starting in July 2015. Chris Gui is contributing to this software since September 2015.
|
10
|
+
|
11
|
+
|
12
|
+
== Program Version
|
13
|
+
The latest release is Beta version 0.2.x as of Sprint 2016. Please refer to the CHANGELOG.md for the program's history information.
|
14
|
+
|
15
|
+
|
16
|
+
== Author Contact
|
17
|
+
This program is designed and developed by CMBNY ISO Yang Li. You can reach him by Email. <yangli@ny.cmbchina.com> or Phone <646.843.6761>
|
18
|
+
|
19
|
+
|
20
|
+
== Installation
|
21
|
+
The easiest way to install ruby-prof is by using Ruby Gems. To install from the local gem file:
|
22
|
+
|
23
|
+
gem install ucert
|
24
|
+
|
25
|
+
|
26
|
+
== Requirements?
|
27
|
+
You need the Ruby 1.9.3 or above in order to use this program. In addition, I developed and tested the code in cygwin with Ruby 2.2.2.
|
28
|
+
1. You need to setup Ruby 1.9.x environment. In my test environment, I was able to set it up with RVM. Please refer to this page for more installation information:
|
29
|
+
http://www.ruby-lang.org/en/downloads/
|
30
|
+
|
31
|
+
2. In addition, the following dependency are needed by different components of this software:
|
32
|
+
a. "adfind"windows executable program by Joe Richards: www.joeware.net/freetools/tools/adfind/index.htm
|
33
|
+
(depreciated as of Dec 2015, due to the close-source and only support Windows environment)
|
34
|
+
b. OpenLdap (http://www.openldap.org/), replacemnt of "adfind"
|
35
|
+
|
36
|
+
|
37
|
+
== Active directory Discovery and Tracking
|
38
|
+
$ ad_update? (TBD)
|
39
|
+
|
40
|
+
|
41
|
+
== More Usage Cases:
|
42
|
+
There are more examples under the 'demos' folder of this package. The examples show how to use the 'ucert' API to get your job done easily. Please check out the code - they should be easy and straightforward to be understood.
|
43
|
+
|
44
|
+
|
45
|
+
== More document(s):
|
46
|
+
The software comes with the Ruby doc during your installation as shown above. For your convenience,
|
47
|
+
the Ruby doc is also distributed in a separate package 'ucert-x.x.x-rdoc.tar.gz'. You can unzip the package, navigate to the 'doc' folder, and click the 'index.html' to open the start page in your favorite browser.
|
48
|
+
|
49
|
+
If you need additional documentation / information other than this README file and the Ruby document package, please be patient - as I'm still working on it :)
|
50
|
+
|
51
|
+
|
52
|
+
== How do I report the bugs, or maybe require some new features?
|
53
|
+
Contact the author Yang Li directly at email 'yangli@ny.cmbchina.computer', or phone me directly on my extension x6761.
|
54
|
+
|
55
|
+
|
56
|
+
== Internal Distribution Only
|
57
|
+
Currently the code base is indented to be distributed internally. It's not available from the Internet. Please contact me directly if you need the latest version of the gem.
|
58
|
+
|
59
|
+
|
60
|
+
== Legal Disclaimer:
|
61
|
+
This software is provided strictly 'as-if' without any implied warranty. You're free to copy or modify the codes anyway you want - a reference back to this software will be appreciated. Please refer to the 'LICENSE.txt' file for more information.
|
data/Rakefile
ADDED
data/TODO
ADDED
data/bin/ad_dump
ADDED
@@ -0,0 +1,74 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
#--
|
3
|
+
# ucert
|
4
|
+
#
|
5
|
+
# A Ruby library for enterprise person account certification / recertification / audit project
|
6
|
+
#
|
7
|
+
# Copyright (c) CMBNY Risk Department
|
8
|
+
#++
|
9
|
+
|
10
|
+
# Small utility to dump out AD person and computer objectcategory from the AD cache file. The output is in plain-text format
|
11
|
+
# and ready for the database import
|
12
|
+
require 'optparse'
|
13
|
+
require 'ostruct'
|
14
|
+
require 'ucert'
|
15
|
+
|
16
|
+
class CmdOptions
|
17
|
+
# Returen an OpenStruct describing the command line options
|
18
|
+
def self.parse(args)
|
19
|
+
@options = OpenStruct.new # OpenStruct is a structure like hash table
|
20
|
+
@options.verbose = false # verbose and banner are key and value
|
21
|
+
@options.banner = "Usage: #{__FILE__ } -h"
|
22
|
+
@version = ["0","1"] # Program version information
|
23
|
+
@last_change = "10/07/2015"
|
24
|
+
opt_parser = OptionParser.new do |opts|
|
25
|
+
|
26
|
+
# Boolean switch for the verbose mode switch
|
27
|
+
opts.on("-v", "--[no-]verbose", "Verbose Mode") do |v|
|
28
|
+
@options.verbose = v
|
29
|
+
end
|
30
|
+
|
31
|
+
# Boolean switch for for person table dump switch
|
32
|
+
opts.on("-p", "--[no-]person", "Person Mode") do |v|
|
33
|
+
@options.person = v
|
34
|
+
end
|
35
|
+
|
36
|
+
# Boolean switch for for computer table dump switch
|
37
|
+
opts.on("-c", "--[no-]computer", "Computer Mode") do |v|
|
38
|
+
@options.computer = v
|
39
|
+
end
|
40
|
+
|
41
|
+
# Displaying help.
|
42
|
+
opts.on("-h", "--help", "Display Help") do |v|
|
43
|
+
puts opts
|
44
|
+
exit
|
45
|
+
end
|
46
|
+
|
47
|
+
# Another typical switch to print the version.
|
48
|
+
opts.on_tail("-V","--version", String, "Show Program Version") do
|
49
|
+
@options.version = "Program Version: #{@version.join('.')}; Last Modification: #{@last_change}"
|
50
|
+
puts @options.version
|
51
|
+
exit
|
52
|
+
end
|
53
|
+
end
|
54
|
+
opt_parser.parse!(args)
|
55
|
+
puts "Captured Command Line Arguments: #{@options}" if @options.verbose
|
56
|
+
return @options
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
##########################################################################
|
61
|
+
### Main ###
|
62
|
+
##########################################################################
|
63
|
+
# Command line arguments structure
|
64
|
+
@options=CmdOptions.parse(ARGV)
|
65
|
+
#puts "Options: #{@options}"
|
66
|
+
k=Ucert::AdTracker.new(:verbose=>false)
|
67
|
+
if @options.person
|
68
|
+
k.print("person")
|
69
|
+
elsif @options.computer
|
70
|
+
k.print("computer")
|
71
|
+
else
|
72
|
+
puts "Usage: #{__FILE__} -h"
|
73
|
+
end
|
74
|
+
k=nil
|
data/bin/ad_update
ADDED
@@ -0,0 +1,48 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
#--
|
3
|
+
# ucert
|
4
|
+
#
|
5
|
+
# A Ruby library for enterprise user account certification / recertification / audit project
|
6
|
+
#
|
7
|
+
# Copyright (c) CMBNY Risk Department
|
8
|
+
#++
|
9
|
+
|
10
|
+
# Small utility to update AD cache files.
|
11
|
+
require "ucert"
|
12
|
+
require "io/console"
|
13
|
+
|
14
|
+
|
15
|
+
if STDIN.respond_to?(:noecho)
|
16
|
+
def get_password(prompt="Password: ")
|
17
|
+
print prompt
|
18
|
+
STDIN.noecho(&:gets).chomp
|
19
|
+
end
|
20
|
+
else
|
21
|
+
def get_password(prompt="Password: ")
|
22
|
+
`read -s -p "#{prompt}" password; echo $password`.chomp
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
ny_ad=Ucert::AdTracker.new(:verbose=>false)
|
27
|
+
# Update adfind cache files
|
28
|
+
#puts "Update the AD cache file for external program \"adfind\"..."
|
29
|
+
#ny_ad.ldap_connector="adfind"
|
30
|
+
#ny_ad.update_ad_cache("person")
|
31
|
+
#ny_ad.update_ad_cache("computer")
|
32
|
+
|
33
|
+
# Update openldap cache file
|
34
|
+
puts "\n\nUpdate the AD cache file for external program \"openldap\"..."
|
35
|
+
ny_ad.ldap_connector="openldap"
|
36
|
+
puts "You need to provide the domain credential for connecting. Please enter a valid DN then press Enter: "
|
37
|
+
STDOUT.flush
|
38
|
+
ny_ad.ldap_connector_id=gets.chomp
|
39
|
+
#puts "Password: "
|
40
|
+
#STDOUT.flush
|
41
|
+
#ny_ad.ldap_connector_pass=gets.chomp
|
42
|
+
ny_ad.ldap_connector_pass = get_password("Then enter your password here: ")
|
43
|
+
puts
|
44
|
+
ny_ad.update_ad_cache("person")
|
45
|
+
ny_ad.update_ad_cache("computer")
|
46
|
+
|
47
|
+
|
48
|
+
ny_ad=nil
|
data/bin/adgrep
ADDED
@@ -0,0 +1,149 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
##########################################################################
|
3
|
+
# Program to sift through CMBNY domain setting for CMBNY user information
|
4
|
+
# Usage: ruby adgrep -h
|
5
|
+
#
|
6
|
+
# by Yang Li, yang.li@ny.cmbchina.com, (646) 843.6761
|
7
|
+
##########################################################################
|
8
|
+
# Change Log:
|
9
|
+
#
|
10
|
+
# 12/01/2015 Re-implement the program by using the Ucert gem API; change program name from 'ad_dump.rb' to 'adgrep'
|
11
|
+
# 09/25/2015 Re-org the program command option working flow; fix AD cache files path to the user home directory
|
12
|
+
# 09/18/2015 Add method 'code_2_flag' to perform user account status lookup; 'get_os_info' to retrieve OS
|
13
|
+
# 09/17/2015 Add method 'get_account_control_status' to retrieve user account status (i.e. lockout, disable etc..)
|
14
|
+
# 09/16/2015 Add command option '-print ' to export the records in the tab-delimited format.
|
15
|
+
# 09/15/2015 Add method 'get_cn' to retrieve the full name of CMBNY employee
|
16
|
+
|
17
|
+
require 'optparse'
|
18
|
+
require 'ostruct'
|
19
|
+
require 'ucert'
|
20
|
+
|
21
|
+
class CmdOptions
|
22
|
+
# Returen an OpenStruct describing the command line options
|
23
|
+
def self.parse(args)
|
24
|
+
# The options specified on the command line will be collected in *options*.
|
25
|
+
# We set default values here.
|
26
|
+
@options = OpenStruct.new # OpenStruct is a structure like hash table
|
27
|
+
@options.verbose = false # verbose and banner are key and value
|
28
|
+
@options.banner = "Usage: ruby adump.rb -h"
|
29
|
+
@version = ["0","9"] # Program version information
|
30
|
+
@last_change = "09/25/2015"
|
31
|
+
|
32
|
+
opt_parser = OptionParser.new do |opts|
|
33
|
+
# Boolean switch.
|
34
|
+
opts.on("-v", "--[no-]verbose", "Verbose Mode") do |v|
|
35
|
+
@options.verbose = v
|
36
|
+
end
|
37
|
+
|
38
|
+
# Displaying help.
|
39
|
+
opts.on("-h", "--help", "Display Help") do |v|
|
40
|
+
puts opts
|
41
|
+
exit
|
42
|
+
end
|
43
|
+
|
44
|
+
# Update adstore cache.
|
45
|
+
opts.on("-u", "--update", "Update Active Directory Cache Datebase") do |v|
|
46
|
+
@options.update = v
|
47
|
+
end
|
48
|
+
|
49
|
+
# Update adstore cache.
|
50
|
+
opts.on("-s", "--search type", String, "Search Active Directory Cache Datebase by Record Type \(person or computer\)") do |type|
|
51
|
+
@options.search = type.downcase
|
52
|
+
end
|
53
|
+
|
54
|
+
# Print the adstore cache record in the tab delimited format (easy for mySQL DB import via 'LOAD DATA INFILE' command later).
|
55
|
+
opts.on("-p", "--print type", String, "Print out records in tab-delimited format, by Type \(person or computer\)") do |dump|
|
56
|
+
@options.dump = dump.downcase
|
57
|
+
end
|
58
|
+
|
59
|
+
# Another typical switch to print the version.
|
60
|
+
opts.on_tail("-V","--version", String, "Show Program Version") do
|
61
|
+
@options.version = "Program Version: #{@version.join('.')}; Last Modification: #{@last_change}"
|
62
|
+
puts @options.version
|
63
|
+
exit
|
64
|
+
end
|
65
|
+
end
|
66
|
+
|
67
|
+
opt_parser.parse!(args)
|
68
|
+
puts "Captured Command Line Arguments: #{@options}" if @options.verbose
|
69
|
+
return @options
|
70
|
+
end
|
71
|
+
end # class CmdOptions
|
72
|
+
|
73
|
+
##########################################################################
|
74
|
+
### Main ###
|
75
|
+
##########################################################################
|
76
|
+
def print_person(my_dn)
|
77
|
+
ny_store=Ucert::AdTracker.new(:verbose=>@options.verbose)
|
78
|
+
my_record=ny_store.get_ad_record(my_dn)
|
79
|
+
my_id=ny_store.get_dn_attribute("person",my_dn,"sAMAccountName")
|
80
|
+
my_email=ny_store.get_dn_attribute("person",my_dn,"mail")
|
81
|
+
my_department=ny_store.get_dn_attribute("person",my_dn,"department")
|
82
|
+
my_cntl_code=ny_store.get_dn_attribute("person",my_dn,"userAccountControl")
|
83
|
+
my_acct_status=ny_store.code_2_flag(my_cntl_code)
|
84
|
+
puts "\nFound DN: #{my_dn}"
|
85
|
+
#puts "My Attributes: #{my_record}"
|
86
|
+
puts "Sam Account: #{my_id}"
|
87
|
+
puts "Email Address: #{my_email}"
|
88
|
+
puts "Department: #{my_department}"
|
89
|
+
puts "AD Account Status: #{my_acct_status}"
|
90
|
+
puts "AD Record: \n#{my_record}"
|
91
|
+
ny_store=nil
|
92
|
+
end
|
93
|
+
|
94
|
+
def print_computer(my_dn)
|
95
|
+
ny_store=Ucert::AdTracker.new(:verbose=>@options.verbose)
|
96
|
+
my_os=ny_store.get_os_info(my_dn)
|
97
|
+
my_record=ny_store.get_ad_record(my_dn)
|
98
|
+
puts "\nFound DN: #{my_dn}"
|
99
|
+
puts "OS: #{my_os}"
|
100
|
+
puts "AD Record: \n#{my_record}"
|
101
|
+
ny_store=nil
|
102
|
+
end
|
103
|
+
|
104
|
+
# Command line arguments structure
|
105
|
+
@options=CmdOptions.parse(ARGV)
|
106
|
+
# puts @options
|
107
|
+
ny_store=Ucert::AdTracker.new(:verbose=>@options.verbose)
|
108
|
+
if !@options.search.nil?
|
109
|
+
case @options.search
|
110
|
+
when "person" # perform the adstore query on "person" records
|
111
|
+
puts "Please enter partial string of your email address / AD logon ID or other personal details, then press Enter key:"
|
112
|
+
STDOUT.flush
|
113
|
+
address=gets.chomp
|
114
|
+
my_dns=ny_store.searches(address,"person")
|
115
|
+
abort "No Match Found! System Exit. " if my_dns.empty?
|
116
|
+
my_dns.map {|d| print_person(d)}
|
117
|
+
when "computer" # perform the adstore query on "computer" records
|
118
|
+
puts "Please enter partial string of your computer IP address / hostname or other details, then press Enter key:"
|
119
|
+
STDOUT.flush
|
120
|
+
address=gets.chomp
|
121
|
+
my_dns=ny_store.searches(address,"computer")
|
122
|
+
abort "No Match Found! System Exit. " if my_dns.empty?
|
123
|
+
my_dns.map {|d| print_computer(d)}
|
124
|
+
else
|
125
|
+
puts "Error: search record type unknown. \n#{@options.banner} "
|
126
|
+
#exit
|
127
|
+
end
|
128
|
+
elsif !@options.update.nil?
|
129
|
+
case @options.update
|
130
|
+
when true
|
131
|
+
puts "Update the local active directory cache database:"
|
132
|
+
ny_store.update_ad_cache("person")
|
133
|
+
ny_store.update_ad_cache("computer")
|
134
|
+
exit
|
135
|
+
else
|
136
|
+
#do nothing
|
137
|
+
end
|
138
|
+
elsif !@options.dump.nil?
|
139
|
+
case @options.dump
|
140
|
+
when "person" # perform the adstore query on "person" records
|
141
|
+
puts "Dumping out person records:" if @options.verbose
|
142
|
+
ny_store.print("person")
|
143
|
+
else
|
144
|
+
#do nothing
|
145
|
+
end
|
146
|
+
else
|
147
|
+
puts "Usage: ruby adump.rb -h"#print help
|
148
|
+
end
|
149
|
+
ny_store=nil
|