#define MOIRA_KERBEROS 0x2
#define MOIRA_STRINGS 0x4
#define MOIRA_LISTS 0x8
+#define MOIRA_MACHINE 0x16
#define CHECK_GROUPS 1
#define CLEANUP_GROUPS 2
#define ACTIVE_DIRECTORY "ACTIVE_DIRECTORY:"
#define PORT "PORT:"
#define PROCESS_MACHINE_CONTAINER "PROCESS_MACHINE_CONTAINER:"
+#define GROUP_POPULATE_MEMBERS "GROUP_POPULATE_MEMBERS:"
+#define MAX_MEMBERS "MAX_MEMBERS:"
#define MAX_DOMAINS 10
char DomainNames[MAX_DOMAINS][128];
int ActiveDirectory = 1;
int UpdateDomainList;
int fsgCount;
+int GroupPopulateDelete = 0;
+int group_members = 0;
+int max_group_members = 0;
extern int set_password(char *user, char *password, char *domain);
char *pUserOu, char *MoiraId);
int populate_group(LDAP *ldap_handle, char *dn_path, char *group_name,
char *group_ou, char *group_membership,
- int group_security_flag, char *MoiraId);
+ int group_security_flag, char *MoiraId, int synchronize);
int SetHomeDirectory(LDAP *ldap_handle, char *user_name,
char *DistinguishedName,
char *WinHomeDir, char *WinProfileDir,
if (rc = moira_connect())
{
- critical_alert("AD incremental",
+ critical_alert("Ldap incremental",
"Error contacting Moira server : %s",
error_message(rc));
return;
if (machine_check(ldap_handle, dn_path, MachineName))
{
- com_err(whoami, 0, "Unable to find machine %s (alias %s) in AD.",
+ com_err(whoami, 0, "Unable to find machine %s (alias %s) in directory.",
OriginalMachineName, MachineName);
moira_disconnect();
return;
if (rc = moira_connect())
{
- critical_alert("AD incremental", "Error contacting Moira server : %s",
+ critical_alert("Ldap incremental", "Error contacting Moira server : %s",
error_message(rc));
return;
}
if (rc = moira_connect())
{
- critical_alert("AD incremental",
+ critical_alert("Ldap incremental",
"Error contacting Moira server : %s",
error_message(rc));
return;
if (atoi(after[L_ACTIVE]))
{
populate_group(ldap_handle, dn_path, after[L_NAME], group_ou,
- group_membership, security_flag, list_id);
+ group_membership, security_flag, list_id, 1);
}
moira_disconnect();
if (!atoi(before[LM_EXTRA_ACTIVE]))
{
com_err(whoami, 0,
- "Unable to add %s to group %s : group not active",
+ "Unable to remove %s from group %s : group not active",
before[2], before[0]);
return;
}
{
if (rc = moira_connect())
{
- critical_alert("AD incremental",
+ critical_alert("Ldap incremental",
"Error contacting Moira server : %s",
error_message(rc));
return;
if (atoi(ptr[LM_EXTRA_ACTIVE]))
{
populate_group(ldap_handle, dn_path, ptr[LM_LIST], group_ou,
- group_membership, security_flag, moira_list_id);
+ group_membership, security_flag, moira_list_id, 1);
}
moira_disconnect();
com_err(whoami, 0, "removing user %s from list %s", user_name,
group_name);
pUserOu = user_ou;
-
+
if (!strcasecmp(ptr[LM_TYPE], "MACHINE"))
{
+ if (!ProcessMachineContainer)
+ {
+ com_err(whoami, 0, "Process machines and containers disabled, "
+ "skipping");
+ return;
+ }
+
memset(machine_ou, '\0', sizeof(machine_ou));
memset(NewMachineName, '\0', sizeof(NewMachineName));
if (get_machine_ou(ldap_handle, dn_path, ptr[LM_MEMBER],
}
if (rc = moira_connect()) {
- critical_alert("AD incremental",
+ critical_alert("Ldap incremental",
"Error contacting Moira server : %s",
error_message(rc));
return;
if (rc = populate_group(ldap_handle, dn_path, group_name,
group_ou, group_membership,
- security_flag, moira_list_id))
+ security_flag, moira_list_id, 0))
com_err(whoami, 0, "Unable to remove %s from group %s", user_name,
group_name);
moira_disconnect();
-
- if (!strcasecmp(ptr[LM_TYPE], "STRING"))
- {
- if (rc = moira_connect())
- {
- critical_alert("AD incremental",
- "Error contacting Moira server : %s",
- error_message(rc));
- return;
- }
-
- if (rc = populate_group(ldap_handle, dn_path, group_name,
- group_ou, group_membership, security_flag,
- moira_list_id))
- com_err(whoami, 0, "Unable to remove %s from group %s",
- user_name, group_name);
- moira_disconnect();
- }
+ if (rc = member_remove(ldap_handle, dn_path, group_name,
+ group_ou, group_membership, ptr[LM_MEMBER],
+ pUserOu, moira_list_id))
+ com_err(whoami, 0, "Unable to remove %s from group %s", user_name,
+ group_name);
+
return;
}
{
if (rc = moira_connect())
{
- critical_alert("AD incremental",
+ critical_alert("Ldap incremental",
"Error connection to Moira : %s",
error_message(rc));
return;
}
if (rc = moira_connect()) {
- critical_alert("AD incremental",
+ critical_alert("Ldap incremental",
"Error contacting Moira server : %s",
error_message(rc));
return;
if (rc = populate_group(ldap_handle, dn_path, group_name,
group_ou, group_membership, security_flag,
- moira_list_id))
+ moira_list_id, 0))
com_err(whoami, 0, "Unable to add %s to group %s", user_name,
group_name);
moira_disconnect();
- if (!strcasecmp(ptr[LM_TYPE], "STRING"))
- {
- if (rc = moira_connect())
- {
- critical_alert("AD incremental",
- "Error contacting Moira server : %s",
- error_message(rc));
- return;
- }
-
- if (rc = populate_group(ldap_handle, dn_path, group_name,
- group_ou, group_membership, security_flag,
- moira_list_id))
- com_err(whoami, 0, "Unable to add %s to group %s",
- user_name, group_name);
-
- moira_disconnect();
- }
+ if (rc = member_add(ldap_handle, dn_path, group_name,
+ group_ou, group_membership, ptr[LM_MEMBER],
+ pUserOu, moira_list_id))
+ com_err(whoami, 0, "Unable to add %s to group %s", user_name, group_name);
return;
}
{
if (atoi(before[U_STATE]) == 0)
{
- com_err(whoami, 0, "expunging user %s from AD", before[U_NAME]);
+ com_err(whoami, 0, "expunging user %s from directory",
+ before[U_NAME]);
user_delete(ldap_handle, dn_path, before[U_NAME], before_user_id);
}
else
if (rc = moira_connect())
{
- critical_alert("AD incremental",
+ critical_alert("Ldap incremental",
"Error connection to Moira : %s",
error_message(rc));
return;
{
if (i > 30)
{
- critical_alert("AD incremental",
- "WINAD incremental failed (%s exists): %s",
+ critical_alert("Ldap incremental",
+ "Ldap incremental failed (%s exists): %s",
STOP_FILE, tbl_buf);
return(1);
}
char *report_to_originator_v[] = {NULL, NULL};
char *address_book_v[] = {NULL, NULL};
char *legacy_exchange_dn_v[] = {NULL, NULL};
+ char *null_v[] = {NULL, NULL};
u_int groupTypeControl;
char groupTypeControlStr[80];
char contact_mail[256];
LK_ENTRY *group_base;
int group_count;
int MailDisabled = 0;
+ char search_filter[1024];
if(UseGroupUniversal)
groupTypeControl = ADS_GROUP_TYPE_UNIVERSAL_GROUP;
group_count = 0;
group_base = NULL;
- sprintf(filter, "(&(objectClass=user)(cn=%s))", after_group_name);
+ sprintf(search_filter, "(&(objectClass=user)(cn=%s))",
+ after_group_name);
attr_array[0] = "cn";
attr_array[1] = NULL;
- if ((rc = linklist_build(ldap_handle, dn_path, filter, attr_array,
- &group_base, &group_count,
+ if ((rc = linklist_build(ldap_handle, dn_path, search_filter,
+ attr_array, &group_base, &group_count,
LDAP_SCOPE_SUBTREE)) != 0)
{
com_err(whoami, 0, "Unable to process group %s : %s",
if (group_count != 1)
{
com_err(whoami, 0, "Unable to process multiple groups with "
- "MoiraId = %s exist in the AD", MoiraId);
+ "MoiraId = %s exist in the directory", MoiraId);
return(AD_MULTIPLE_GROUPS_FOUND);
}
{
mail_v[0] = contact_mail;
ADD_ATTR("mail", mail_v, LDAP_MOD_REPLACE);
+
+ if(!ActiveDirectory)
+ {
+ null_v[0] = "/dev/null";
+ ADD_ATTR("mailRoutingAddress", null_v, LDAP_MOD_REPLACE);
+ }
}
}
char *address_book_v[] = {NULL, NULL};
char *legacy_exchange_dn_v[] = {NULL, NULL};
char *gidNumber_v[] = {NULL, NULL};
+ char *null_v[] = {NULL, NULL};
char groupTypeControlStr[80];
char group_membership[1];
int i;
{
mail_v[0] = contact_mail;
ADD_ATTR("mail", mail_v, LDAP_MOD_ADD);
+
+ if(!ActiveDirectory)
+ {
+ null_v[0] = "/dev/null";
+ ADD_ATTR("mailRoutingAddress", null_v, LDAP_MOD_ADD);
+ }
}
}
if ((rc != LDAP_SUCCESS) && (rc != LDAP_ALREADY_EXISTS))
{
- com_err(whoami, 0, "Unable to create list %s in AD : %s",
+ com_err(whoami, 0, "Unable to create list %s in directory : %s",
av[L_NAME], ldap_err2string(rc));
callback_rc = rc;
return(rc);
{
mail_v[0] = contact_mail;
ADD_ATTR("mail", mail_v, LDAP_MOD_REPLACE);
+
+ if(!ActiveDirectory)
+ {
+ null_v[0] = "/dev/null";
+ ADD_ATTR("mailRoutingAddress", null_v, LDAP_MOD_REPLACE);
+ }
}
else
{
mail_v[0] = NULL;
ADD_ATTR("mail", mail_v, LDAP_MOD_REPLACE);
+
+ if(!ActiveDirectory)
+ {
+ null_v[0] = NULL;
+ ADD_ATTR("mailRoutingAddress", null_v, LDAP_MOD_REPLACE);
+ }
}
}
if (rc != LDAP_SUCCESS)
{
- com_err(whoami, 0, "Unable to update list %s in AD : %s",
+ com_err(whoami, 0, "Unable to update list %s in directory : %s",
av[L_NAME], ldap_err2string(rc));
callback_rc = rc;
return(rc);
if (AceSidCount == 0)
{
com_err(whoami, 0, "Group %s: Administrator: %s, Type: %s - does not "
- "have an AD SID.", TargetGroupName, AceName, AceType);
+ "have a directory SID.", TargetGroupName, AceName, AceType);
com_err(whoami, 0, " Non-admin security group template will be used.");
}
else
if ((rc = ldap_delete_s(ldap_handle, group_base->dn)) != LDAP_SUCCESS)
{
linklist_free(group_base);
- com_err(whoami, 0, "Unable to delete list %s from AD : %s",
+ com_err(whoami, 0, "Unable to delete list %s from directory : %s",
group_name, ldap_err2string(rc));
return(rc);
}
else
{
linklist_free(group_base);
- com_err(whoami, 0, "Unable to find list %s in AD.", group_name);
+ com_err(whoami, 0, "Unable to find list %s in directory.", group_name);
return(AD_NO_GROUPS_FOUND);
}
get_group_membership(group_membership, group_ou, &security_flag, av);
rc = populate_group((LDAP *)call_args[0], (char *)call_args[1],
av[L_NAME], group_ou, group_membership,
- security_flag, "");
+ security_flag, "", 1);
return(0);
}
char **call_args;
char *s;
call_args = ptr;
-
- strcpy(temp, av[ACE_NAME]);
+ strcpy(temp, av[ACE_NAME]);
+ StringTrim(temp);
+
if (!check_string(temp))
return(0);
strcat(s, ".mit.edu");
}
}
-
+
if (!((int)call_args[3] & MOIRA_STRINGS))
return(0);
-
+
if (contact_create((LDAP *)call_args[0], call_args[1], temp, contact_ou))
return(0);
-
}
else if (!strcmp(av[ACE_TYPE], "LIST"))
{
return(0);
}
+ else if (!strcmp(av[ACE_TYPE], "MACHINE"))
+ {
+ if (!((int)call_args[3] & MOIRA_MACHINE))
+ return(0);
+ }
else
return(0);
while (linklist)
{
- if (!strcasecmp(temp, linklist->member))
+ if (!strcasecmp(temp, linklist->member) &&
+ !strcasecmp(av[ACE_TYPE], linklist->type))
return(0);
linklist = linklist->next;
ULONG rc;
char *s;
+ if (max_group_members && (group_members < max_group_members))
+ return(0);
+
if (!check_string(group_name))
return(AD_INVALID_NAME);
if (group_count != 1)
{
- com_err(whoami, 0, "Unable to find list %s in AD",
+ com_err(whoami, 0, "Unable to find list %s in directory",
group_name);
linklist_free(group_base);
group_base = NULL;
LK_ENTRY *group_base;
ULONG rc;
+ if (max_group_members && (group_members < max_group_members))
+ return(0);
+
if (!check_string(group_name))
return(AD_INVALID_NAME);
linklist_free(group_base);
group_base = NULL;
group_count = 0;
- com_err(whoami, 0, "Unable to find list %s %d in AD",
+ com_err(whoami, 0, "Unable to find list %s %d in directory",
group_name, group_count);
return(AD_MULTIPLE_GROUPS_FOUND);
}
if ((rc != LDAP_SUCCESS) && (rc != LDAP_ALREADY_EXISTS))
{
- com_err(whoami, 0, "Unable to modify contact %s in AD : %s",
+ com_err(whoami, 0, "Unable to modify contact %s in directory : %s",
gPtr->dn, ldap_err2string(rc));
return(rc);
}
if(!strcmp(group_ou, contact_ou))
{
ADD_ATTR("mailRoutingAddress", mail_routing_v, LDAP_MOD_ADD);
- }
-
- if(!strcmp(group_ou, contact_ou))
- {
ADD_ATTR("eduPersonPrincipalName", mail_routing_v, LDAP_MOD_ADD);
}
}
}
}
- if ((rc != LDAP_SUCCESS) && (rc != LDAP_ALREADY_EXISTS))
- {
- n = 0;
- ADD_ATTR("cn", contact_v, LDAP_MOD_ADD);
-
- if(ActiveDirectory)
- {
- ADD_ATTR("objectClass", objectClass_v, LDAP_MOD_ADD);
- }
- else
- {
- ADD_ATTR("objectClass", objectClass_ldap_v, LDAP_MOD_ADD);
- }
-
- ADD_ATTR("name", name_v, LDAP_MOD_ADD);
- ADD_ATTR("displayName", name_v, LDAP_MOD_ADD);
- ADD_ATTR("description", desc_v, LDAP_MOD_ADD);
- mods[n] = NULL;
- rc = ldap_add_ext_s(ld, new_dn, mods, NULL, NULL);
-
- for (i = 0; i < n; i++)
- free(mods[i]);
- }
-
if ((rc != LDAP_SUCCESS) && (rc != LDAP_ALREADY_EXISTS))
{
com_err(whoami, 0, "Unable to create contact %s : %s",
if (group_count != 1)
{
- com_err(whoami, 0, "Unable to find user %s in AD",
+ com_err(whoami, 0, "Unable to find user %s in directory",
user_name);
linklist_free(group_base);
return(AD_NO_USER_FOUND);
{
if (rc = moira_connect())
{
- critical_alert("AD incremental",
+ critical_alert("Ldap incremental",
"Error contacting Moira server : %s",
error_message(rc));
return;
{
if (rc = moira_connect())
{
- critical_alert("AD incremental",
+ critical_alert("Ldap incremental",
"Error contacting Moira server : %s",
error_message(rc));
return;
{
mail_v[0] = contact_mail;
ADD_ATTR("mail", mail_v, LDAP_MOD_REPLACE);
+
+ if(!ActiveDirectory)
+ {
+ ADD_ATTR("mitMoiraMail", mail_v, LDAP_MOD_REPLACE);
+ }
}
n = SetHomeDirectory(ldap_handle, user_name, distinguished_name, WinHomeDir,
{
mail_v[0] = contact_mail;
ADD_ATTR("mail", mail_v, LDAP_MOD_REPLACE);
+
+ if(!ActiveDirectory)
+ {
+ ADD_ATTR("mitMoiraMail", mail_v, LDAP_MOD_REPLACE);
+ }
}
mods[n] = NULL;
{
mail_v[0] = contact_mail;
ADD_ATTR("mail", mail_v, LDAP_MOD_ADD);
+
+ if(!ActiveDirectory)
+ {
+ ADD_ATTR("mitMoiraMail", mail_v, LDAP_MOD_ADD);
+ }
}
if(strlen(av[U_FIRST])) {
{
if (rc = moira_connect())
{
- critical_alert("AD incremental",
+ critical_alert("Ldap incremental",
"Error contacting Moira server : %s",
error_message(rc));
return;
if (!(rc = mr_query("get_pobox", 1, argv, save_query_info, save_argv)))
{
+ n = 0;
+ ADD_ATTR("mailRoutingAddress", mail_routing_v, LDAP_MOD_REPLACE);
+ mods[n] = NULL;
+ rc = ldap_modify_s((LDAP *)call_args[0], new_dn, mods);
+
+ if (rc == LDAP_ALREADY_EXISTS || rc == LDAP_TYPE_OR_VALUE_EXISTS)
+ rc = LDAP_SUCCESS;
+
+ if(rc)
+ com_err(whoami, 0,
+ "Unable to set the mailRoutingAddress for %s : %s",
+ user_name, ldap_err2string(rc));
+
p = strdup(save_argv[3]);
if((c = strchr(p, ',')) != NULL) {
if (group_count != 1)
{
linklist_free(group_base);
- com_err(whoami, 0, "Unable to find user %s in AD",
+ com_err(whoami, 0, "Unable to find user %s in directory",
user_name);
return(LDAP_NO_SUCH_OBJECT);
}
if (group_count != 1)
{
- com_err(whoami, 0, "Unable to find user %s in AD",
- user_name);
goto cleanup;
}
static int illegalchars_ldap[] = {
1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* ^@ - ^O */
1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* ^P - ^_ */
- 0, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 0, 0, 1, /* SPACE - / */
+ 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, /* SPACE - / */
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, /* 0 - ? */
0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* @ - O */
1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, /* P - _ */
int check_string(char *s)
{
char character;
+ char *string;
+
+ string = s;
for (; *s; s++)
{
if(ActiveDirectory)
{
if (illegalchars[(unsigned) character])
- return 0;
+ {
+ com_err(whoami, 0, "Found illegal char '%c' (%d) in string %s",
+ character, (unsigned) character, string);
+ return 0;
+ }
}
else
{
if (illegalchars_ldap[(unsigned) character])
- return 0;
+ {
+ com_err(whoami, 0, "Found illegal char '%c' (%d) in string %s",
+ character, (unsigned) character, string);
+ return 0;
+ }
}
}
if (rc = mr_query("get_list_info", 1, av, GetAceInfo, AceInfo))
{
- com_err(whoami, 0, "Unable to get ACE info for list %s : %s",
- GroupName, error_message(rc));
+ if(rc != MR_NO_MATCH)
+ com_err(whoami, 0, "Unable to get ACE info for list %s : %s",
+ GroupName, error_message(rc));
+
return(1);
}
if (make_new_group(ldap_handle, dn_path, "", AceName, AceOu,
AceMembership, 0, UpdateGroup, maillist))
return(1);
+
+ populate_group(ldap_handle, dn_path, AceName, AceOu, AceMembership,
+ 0, "", 1);
}
else if (!strcasecmp(AceInfo[0], "USER"))
{
call_args[3] = NULL;
callback_rc = 0;
+ if(!strcasecmp(AceName, PRODUCTION_PRINCIPAL) ||
+ !strcasecmp(AceName, TEST_PRINCIPAL))
+ {
+ return(1);
+ }
+
if (rc = mr_query("get_user_account_by_login", 1, av,
save_query_info, save_argv))
{
int populate_group(LDAP *ldap_handle, char *dn_path, char *group_name,
char *group_ou, char *group_membership,
- int group_security_flag, char *MoiraId)
+ int group_security_flag, char *MoiraId,
+ int synchronize)
{
char *av[3];
char *call_args[7];
int n = 0;
char group_dn[512];
LDAPMod *mods[20];
+ char *member_v[] = {NULL, NULL};
char *save_argv[U_END];
+ char machine_ou[256];
+ char NewMachineName[1024];
com_err(whoami, 0, "Populating group %s", group_name);
av[0] = group_name;
call_args[0] = (char *)ldap_handle;
call_args[1] = dn_path;
call_args[2] = group_name;
- call_args[3] = (char *)(MOIRA_USERS | MOIRA_KERBEROS | MOIRA_STRINGS);
+ call_args[3] = (char *)(MOIRA_USERS | MOIRA_KERBEROS | MOIRA_STRINGS |
+ MOIRA_MACHINE);
call_args[4] = NULL;
member_base = NULL;
+ group_members = 0;
if (rc = mr_query("get_end_members_of_list", 1, av,
member_list_build, call_args))
{
+ if(rc == MR_LIST)
+ return(0);
+
com_err(whoami, 0, "Unable to populate list %s : %s",
group_name, error_message(rc));
return(3);
}
+ if (member_base != NULL)
+ {
+ ptr = member_base;
+
+ while(ptr != NULL)
+ {
+ if (!strcasecmp(ptr->type, "LIST"))
+ {
+ ptr = ptr->next;
+ continue;
+ }
+
+ if (!strcasecmp(ptr->type, "MACHINE") && !ProcessMachineContainer)
+ {
+ ptr = ptr->next;
+ continue;
+ }
+
+ if(!strcasecmp(ptr->type, "USER"))
+ {
+ if(!strcasecmp(ptr->member, PRODUCTION_PRINCIPAL) ||
+ !strcasecmp(ptr->member, TEST_PRINCIPAL))
+ {
+ ptr = ptr->next;
+ continue;
+ }
+ }
+
+ ptr = ptr->next;
+ group_members++;
+ }
+ }
+
+ if(max_group_members && !synchronize && (group_members > max_group_members))
+ {
+ com_err(whoami, 0,
+ "Group %s membership of %d exceeds maximum %d, skipping",
+ group_name, group_members, max_group_members);
+ return(0);
+ }
+
members = (char **)malloc(sizeof(char *) * 2);
-
+
if (member_base != NULL)
{
ptr = member_base;
continue;
}
+ if (!strcasecmp(ptr->type, "MACHINE") && !ProcessMachineContainer)
+ {
+ ptr = ptr->next;
+ continue;
+ }
+
if(!strcasecmp(ptr->type, "USER"))
{
if(!strcasecmp(ptr->member, PRODUCTION_PRINCIPAL) ||
sprintf(member, "uid=%s,%s,%s", ptr->member, pUserOu,
dn_path);
}
-
}
else if (!strcasecmp(ptr->type, "STRING"))
{
sprintf(member, "cn=%s,%s,%s", escape_string(ptr->member),
pUserOu, dn_path);
}
+ else if (!strcasecmp(ptr->type, "MACHINE"))
+ {
+ memset(machine_ou, '\0', sizeof(machine_ou));
+ memset(NewMachineName, '\0', sizeof(NewMachineName));
+
+ if (!get_machine_ou(ldap_handle, dn_path, ptr->member,
+ machine_ou, NewMachineName))
+ {
+ pUserOu = machine_ou;
+ sprintf(member, "cn=%s,%s,%s", NewMachineName, pUserOu,
+ dn_path);
+ }
+ else
+ {
+ ptr = ptr->next;
+ continue;
+ }
+ }
if(i > 1)
members = (char **)realloc(members, ((i + 2) * sizeof(char *)));
}
members[i] = NULL;
+
+ sprintf(group_dn, "cn=%s,%s,%s", group_name, group_ou, dn_path);
+
+ if(GroupPopulateDelete)
+ {
+ n = 0;
+ ADD_ATTR("member", member_v, LDAP_MOD_REPLACE);
+ mods[n] = NULL;
+
+ if ((rc = ldap_modify_s(ldap_handle, group_dn,
+ mods)) != LDAP_SUCCESS)
+ {
+ com_err(whoami, 0,
+ "Unable to populate group membership for %s: %s",
+ group_dn, ldap_err2string(rc));
+ }
+ for (i = 0; i < n; i++)
+ free(mods[i]);
+ }
+
n = 0;
ADD_ATTR("member", members, LDAP_MOD_REPLACE);
mods[n] = NULL;
-
- sprintf(group_dn, "cn=%s,%s,%s", group_name, group_ou, dn_path);
-
+
if ((rc = ldap_modify_s(ldap_handle, group_dn,
mods)) != LDAP_SUCCESS)
{
for (i = 0; i < n; i++)
free(mods[i]);
-
+
free(members);
return(0);
if (rc == LDAP_NOT_ALLOWED_ON_NONLEAF)
container_move_objects(ldap_handle, dn_path, distinguishedName);
else
- com_err(whoami, 0, "Unable to delete container %s from AD : %s",
+ com_err(whoami, 0, "Unable to delete container %s from directory : %s",
av[CONTAINER_NAME], ldap_err2string(rc));
}
if (group_count != 1)
{
- com_err(whoami, 0,
- "Unable to process machine %s : machine not found in AD",
- NewMachineName);
return(1);
}
if (group_count != 1)
{
- com_err(whoami, 0, "Unable to find machine %s in AD: %s",
+ com_err(whoami, 0, "Unable to find machine %s in directory: %s",
MoiraMachineName);
return(1);
}
{
if (rc = moira_connect())
{
- critical_alert("AD incremental",
+ critical_alert("Ldap incremental",
"Error contacting Moira server : %s",
error_message(rc));
return;
{
if (rc = moira_connect())
{
- critical_alert("AD incremental",
+ critical_alert("Ldap incremental",
"Error contacting Moira server : %s",
error_message(rc));
return;
mods)) != LDAP_SUCCESS)
{
com_err(whoami, 0, "Unable to change the %s attribute for %s "
- "in the AD : %s",
+ "in the directory : %s",
attribute, user_name, ldap_err2string(rc));
}
}
ActiveDirectory = 0;
}
}
+ else if (!strncmp(temp, GROUP_POPULATE_MEMBERS,
+ strlen(GROUP_POPULATE_MEMBERS)))
+ {
+ if (strlen(temp) > (strlen(GROUP_POPULATE_MEMBERS)))
+ {
+ strcpy(temp1, &temp[strlen(GROUP_POPULATE_MEMBERS)]);
+ StringTrim(temp1);
+ if (!strcasecmp(temp1, "DELETE"))
+ {
+ GroupPopulateDelete = 1;
+ }
+ }
+ }
+ else if (!strncmp(temp, MAX_MEMBERS, strlen(MAX_MEMBERS)))
+ {
+ if (strlen(temp) > (strlen(MAX_MEMBERS)))
+ {
+ strcpy(temp1, &temp[strlen(MAX_MEMBERS)]);
+ StringTrim(temp1);
+ max_group_members = atoi(temp1);
+ }
+ }
else
{
if (strlen(ldap_domain) != 0)
q = s;
- /* Replace leading spaces */
-
- while(isspace(*q)) {
- string[i++] = '\\';
- string[i++] = '2';
- string[i++] = '0';
- q++;
- }
-
/* Escape any special characters */
for(; *q != '\0'; q++) {