Skip Menu |
 

This queue is for tickets about the RT-Extension-LDAPImport CPAN distribution.

Report information
The Basics
Id: 92388
Status: new
Priority: 0/
Queue: RT-Extension-LDAPImport

People
Owner: Nobody in particular
Requestors: tsibley [...] cpan.org
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: [PATCH] Support importing group members separately from the user import stage
Download (untitled) / with headers
text/plain 1.1k
The particular critical use case is when user entries don't have a memberOf attribute (or the bind DN can't see the memberOf attribute), so including just group members in the normal user import stage is impossible without manually listing the group memberships. The PR is a better version of this awful hack possible with the latest release: Set( $LDAPGroupMapping, { Name => 'cn', Member_Attr => sub { require Net::LDAP::Util; my %args = @_; my $self = $args{'self'}; my $members = $args{'ldap_entry'}->get_value('member', asref => 1); # Yay, dn is stored in an attribute called distinguishedName, which # makes this filter so much easier. (Note that "dn" isn't actually an # attribute, so you can't just filter by it you must use it as the # base.) my $membersOf = join "", map { "(distinguishedName=" . Net::LDAP::Util::escape_filter_value($_) . ")" } @$members; local $RT::LDAPFilter = "(&(objectClass=person)(|$membersOf))"; $self->import_users( $args{'import'} ); return @$members; }, Member_Attr_Value => 'dn', });


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.