Class: Adauth::AdObjects::User

Inherits:
Adauth::AdObject show all
Defined in:
lib/adauth/ad_objects/user.rb

Overview

Active Directory User Object

Inherits from Adauth::AdObject

Constant Summary collapse

Fields =

Field mapping

Maps methods to LDAP fields e.g.

:foo => :bar

Becomes

Computer.name

Which calls .name on the LDAP object

{ :login => :samaccountname,
:first_name => :givenname,
:last_name => :sn,
:email => :mail,
:name => :name,
:cn_groups => [ :memberof,
    Proc.new {|g| g.sub(/.*?CN=(.*?),.*/, '\1').to_s} ]
}
ObjectFilter =

Object Net::LDAP filter

Used to restrict searches to just this object

Net::LDAP::Filter.eq('objectClass', 'user')

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from Adauth::AdObject

add_object_filter, all, #cn_groups_nested, #delete, #dn_ous, filter, #groups, #handle_field, #initialize, #is_a_member?, #ldap_object, #members, #method_missing, method_missing, #modify, #ous, reverse_field, where

Constructor Details

This class inherits a constructor from Adauth::AdObject

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class Adauth::AdObject

Class Method Details

.authenticate(user, password) ⇒ Object

Returns a connection to AD within the users context, used to check a user credentails

Using this would by pass the group and OU Filtering provided by Adauth#authenticate


35
36
37
# File 'lib/adauth/ad_objects/user.rb', line 35

def self.authenticate(user, password)
    user_connection = Adauth::Connection.new(Adauth.connection_hash(user, password)).bind
end

Instance Method Details

#add_to_group(group) ⇒ Object

Add the user to the supplied group


52
53
54
55
# File 'lib/adauth/ad_objects/user.rb', line 52

def add_to_group(group)
  expects group, Adauth::AdObjects::Group
  group.modify([[:add, :member, @ldap_object.dn]])
end

#member_of?(group) ⇒ Boolean

Returns True/False if the user is member of the supplied group

Returns:

  • (Boolean)

40
41
42
# File 'lib/adauth/ad_objects/user.rb', line 40

def member_of?(group)
    cn_groups.include?(group)
end

#remove_from_group(group) ⇒ Object

Remove the user from the supplied group


58
59
60
61
# File 'lib/adauth/ad_objects/user.rb', line 58

def remove_from_group(group)
  expects group, Adauth::AdObjects::Group
  group.modify([[:delete, :member, @ldap_object.dn]])
end

#set_password(new_password) ⇒ Object

Changes the password to the supplied value


45
46
47
48
49
# File 'lib/adauth/ad_objects/user.rb', line 45

def set_password(new_password)
  Adauth.logger.info("password management") { "Attempting password reset for #{self.}" }
  password = microsoft_encode_password(new_password)
  modify([[:replace, :unicodePwd, password]])
end