#define PORT "PORT:"
#define PROCESS_MACHINE_CONTAINER "PROCESS_MACHINE_CONTAINER:"
#define GROUP_POPULATE_MEMBERS "GROUP_POPULATE_MEMBERS:"
+#define MAX_MEMBERS "MAX_MEMBERS:"
#define MAX_DOMAINS 10
char DomainNames[MAX_DOMAINS][128];
int UpdateDomainList;
int fsgCount;
int GroupPopulateDelete = 0;
+int group_members = 0;
+int max_group_members = 0;
extern int set_password(char *user, char *password, char *domain);
char *pUserOu, char *MoiraId);
int populate_group(LDAP *ldap_handle, char *dn_path, char *group_name,
char *group_ou, char *group_membership,
- int group_security_flag, char *MoiraId);
+ int group_security_flag, char *MoiraId, int synchronize);
int SetHomeDirectory(LDAP *ldap_handle, char *user_name,
char *DistinguishedName,
char *WinHomeDir, char *WinProfileDir,
if (atoi(after[L_ACTIVE]))
{
populate_group(ldap_handle, dn_path, after[L_NAME], group_ou,
- group_membership, security_flag, list_id);
+ group_membership, security_flag, list_id, 1);
}
moira_disconnect();
if (atoi(ptr[LM_EXTRA_ACTIVE]))
{
populate_group(ldap_handle, dn_path, ptr[LM_LIST], group_ou,
- group_membership, security_flag, moira_list_id);
+ group_membership, security_flag, moira_list_id, 1);
}
moira_disconnect();
if (rc = populate_group(ldap_handle, dn_path, group_name,
group_ou, group_membership,
- security_flag, moira_list_id))
+ security_flag, moira_list_id, 0))
com_err(whoami, 0, "Unable to remove %s from group %s", user_name,
group_name);
moira_disconnect();
-
- if (!strcasecmp(ptr[LM_TYPE], "STRING"))
- {
- if (rc = moira_connect())
- {
- critical_alert("Ldap incremental",
- "Error contacting Moira server : %s",
- error_message(rc));
- return;
- }
-
- if (rc = populate_group(ldap_handle, dn_path, group_name,
- group_ou, group_membership, security_flag,
- moira_list_id))
- com_err(whoami, 0, "Unable to remove %s from group %s",
- user_name, group_name);
- moira_disconnect();
- }
+ if (rc = member_remove(ldap_handle, dn_path, group_name,
+ group_ou, group_membership, ptr[LM_MEMBER],
+ pUserOu, moira_list_id))
+ com_err(whoami, 0, "Unable to remove %s from group %s", user_name,
+ group_name);
+
return;
}
if (rc = populate_group(ldap_handle, dn_path, group_name,
group_ou, group_membership, security_flag,
- moira_list_id))
+ moira_list_id, 0))
com_err(whoami, 0, "Unable to add %s to group %s", user_name,
group_name);
moira_disconnect();
- if (!strcasecmp(ptr[LM_TYPE], "STRING"))
- {
- if (rc = moira_connect())
- {
- critical_alert("Ldap incremental",
- "Error contacting Moira server : %s",
- error_message(rc));
- return;
- }
-
- if (rc = populate_group(ldap_handle, dn_path, group_name,
- group_ou, group_membership, security_flag,
- moira_list_id))
- com_err(whoami, 0, "Unable to add %s to group %s",
- user_name, group_name);
-
- moira_disconnect();
- }
+ if (rc = member_add(ldap_handle, dn_path, group_name,
+ group_ou, group_membership, ptr[LM_MEMBER],
+ pUserOu, moira_list_id))
+ com_err(whoami, 0, "Unable to add %s to group %s", user_name, group_name);
return;
}
ADD_ATTR("mitMoiraId", mitMoiraId_v, LDAP_MOD_REPLACE);
ADD_ATTR("groupType", groupTypeControl_v, LDAP_MOD_REPLACE);
- if(!ActiveDirectory)
- {
- ADD_ATTR("name", name_v, LDAP_MOD_REPLACE);
- }
-
if (Exchange)
{
if(atoi(maillist) && !MailDisabled && email_isvalid(mail))
get_group_membership(group_membership, group_ou, &security_flag, av);
rc = populate_group((LDAP *)call_args[0], (char *)call_args[1],
av[L_NAME], group_ou, group_membership,
- security_flag, "");
+ security_flag, "", 1);
return(0);
}
ULONG rc;
char *s;
+ if (max_group_members && (group_members < max_group_members))
+ return(0);
+
if (!check_string(group_name))
return(AD_INVALID_NAME);
LK_ENTRY *group_base;
ULONG rc;
+ if (max_group_members && (group_members < max_group_members))
+ return(0);
+
if (!check_string(group_name))
return(AD_INVALID_NAME);
ADD_ATTR("eduPersonPrincipalName", mail_v, LDAP_MOD_REPLACE);
ADD_ATTR("displayName", name_v, LDAP_MOD_REPLACE);
ADD_ATTR("eduPersonNickname", name_v, LDAP_MOD_REPLACE);
- ADD_ATTR("name", name_v, LDAP_MOD_REPLACE);
}
if (Exchange)
return(1);
populate_group(ldap_handle, dn_path, AceName, AceOu, AceMembership,
- 0, "");
+ 0, "", 1);
}
else if (!strcasecmp(AceInfo[0], "USER"))
{
int populate_group(LDAP *ldap_handle, char *dn_path, char *group_name,
char *group_ou, char *group_membership,
- int group_security_flag, char *MoiraId)
+ int group_security_flag, char *MoiraId,
+ int synchronize)
{
char *av[3];
char *call_args[7];
MOIRA_MACHINE);
call_args[4] = NULL;
member_base = NULL;
+ group_members = 0;
if (rc = mr_query("get_end_members_of_list", 1, av,
member_list_build, call_args))
return(3);
}
+ if (member_base != NULL)
+ {
+ ptr = member_base;
+
+ while(ptr != NULL)
+ {
+ if (!strcasecmp(ptr->type, "LIST"))
+ {
+ ptr = ptr->next;
+ continue;
+ }
+
+ if (!strcasecmp(ptr->type, "MACHINE") && !ProcessMachineContainer)
+ {
+ ptr = ptr->next;
+ continue;
+ }
+
+ if(!strcasecmp(ptr->type, "USER"))
+ {
+ if(!strcasecmp(ptr->member, PRODUCTION_PRINCIPAL) ||
+ !strcasecmp(ptr->member, TEST_PRINCIPAL))
+ {
+ ptr = ptr->next;
+ continue;
+ }
+ }
+
+ ptr = ptr->next;
+ group_members++;
+ }
+ }
+
+ if(max_group_members && !synchronize && (group_members > max_group_members))
+ {
+ com_err(whoami, 0,
+ "Group %s membership of %d exceeds maximum %d, skipping",
+ group_name, group_members, max_group_members);
+ return(0);
+ }
+
members = (char **)malloc(sizeof(char *) * 2);
if (member_base != NULL)
}
}
}
+ else if (!strncmp(temp, MAX_MEMBERS, strlen(MAX_MEMBERS)))
+ {
+ if (strlen(temp) > (strlen(MAX_MEMBERS)))
+ {
+ strcpy(temp1, &temp[strlen(MAX_MEMBERS)]);
+ StringTrim(temp1);
+ max_group_members = atoi(temp1);
+ }
+ }
else
{
if (strlen(ldap_domain) != 0)