re-enable dell upload
Some checks reported errors
continuous-integration/drone/push Build was killed
Some checks reported errors
continuous-integration/drone/push Build was killed
This commit is contained in:
@@ -265,6 +265,7 @@ func VerifyLdapCreds(username string, password string) error {
|
||||
username = CheckUsername(username)
|
||||
|
||||
ldaps := ldapConnect()
|
||||
defer ldaps.Close()
|
||||
|
||||
// try an authenticated bind to AD to verify credentials
|
||||
log.Printf("Attempting LDAP bind with user '%s' and password length '%d'\n", username, len(password))
|
||||
@@ -289,17 +290,17 @@ func VerifyLdapCreds(username string, password string) error {
|
||||
// GetGroupsOfUser returns the group for a user.
|
||||
// Taken from https://github.com/jtblin/go-ldap-client/issues/13#issuecomment-456090979
|
||||
func GetGroupsOfUser(username string, baseDN string, conn *ldap.Conn) ([]string, error) {
|
||||
var samAccountName string
|
||||
var sAMAccountName string
|
||||
var groups []string
|
||||
|
||||
if strings.Contains(username, "@") {
|
||||
s := strings.Split(username, "@")
|
||||
samAccountName = s[0]
|
||||
sAMAccountName = s[0]
|
||||
} else if strings.Contains(username, "\\") {
|
||||
s := strings.Split(username, "\\")
|
||||
samAccountName = s[len(s)-1]
|
||||
sAMAccountName = s[len(s)-1]
|
||||
} else {
|
||||
samAccountName = username
|
||||
sAMAccountName = username
|
||||
}
|
||||
|
||||
// Get the users DN
|
||||
@@ -307,7 +308,7 @@ func GetGroupsOfUser(username string, baseDN string, conn *ldap.Conn) ([]string,
|
||||
searchRequest := ldap.NewSearchRequest(
|
||||
baseDN,
|
||||
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
|
||||
fmt.Sprintf("(sAMAccountName=%s)", ldap.EscapeFilter(samAccountName)),
|
||||
fmt.Sprintf("(sAMAccountName=%s)", ldap.EscapeFilter(sAMAccountName)),
|
||||
[]string{},
|
||||
nil,
|
||||
)
|
||||
@@ -320,7 +321,7 @@ func GetGroupsOfUser(username string, baseDN string, conn *ldap.Conn) ([]string,
|
||||
}
|
||||
|
||||
if len(sr.Entries) != 1 {
|
||||
return nil, fmt.Errorf("user '%s' does not exist", samAccountName)
|
||||
return nil, fmt.Errorf("user '%s' does not exist", sAMAccountName)
|
||||
} else {
|
||||
// Get the groups of the first result
|
||||
groups = sr.Entries[0].GetAttributeValues("memberOf")
|
||||
@@ -328,3 +329,44 @@ func GetGroupsOfUser(username string, baseDN string, conn *ldap.Conn) ([]string,
|
||||
|
||||
return groups, nil
|
||||
}
|
||||
|
||||
func GetLdapUserDn(username string, baseDN string, conn *ldap.Conn) (string, error) {
|
||||
var sAMAccountName string
|
||||
|
||||
if strings.Contains(username, "@") {
|
||||
s := strings.Split(username, "@")
|
||||
sAMAccountName = s[0]
|
||||
} else if strings.Contains(username, "\\") {
|
||||
s := strings.Split(username, "\\")
|
||||
sAMAccountName = s[len(s)-1]
|
||||
} else {
|
||||
sAMAccountName = username
|
||||
}
|
||||
|
||||
// Search for the user's distinguishedName
|
||||
searchRequest := ldap.NewSearchRequest(
|
||||
baseDN,
|
||||
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
|
||||
fmt.Sprintf("(sAMAccountName=%s)", sAMAccountName),
|
||||
[]string{"distinguishedName"},
|
||||
nil,
|
||||
)
|
||||
|
||||
searchResult, err := conn.Search(searchRequest)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
if len(searchResult.Entries) == 0 {
|
||||
return "", fmt.Errorf("user '%s' does not exist", sAMAccountName)
|
||||
} else {
|
||||
// Retrieve the distinguishedName of the user
|
||||
distinguishedName := searchResult.Entries[0].GetAttributeValue("distinguishedName")
|
||||
if distinguishedName != "" {
|
||||
log.Printf("GetLdapUserDn located user's distinguishedName : '%s'\n", distinguishedName)
|
||||
return distinguishedName, nil
|
||||
} else {
|
||||
return "", fmt.Errorf("could not find distinguishedName for user '%s'", sAMAccountName)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user