X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=FS%2FFS%2Fpart_export%2Fldap.pm;h=823d99dbf1ad57d065fd760d2bc1f5a7f52d85a6;hb=7b125e587a4d1ee0aca692e23ea7897f671855ae;hp=a28504313f74fced3b470db897dd0a61b8c5ffe9;hpb=96c1150cabe382dbafbdc8f4e89a2719fe24d605;p=freeside.git diff --git a/FS/FS/part_export/ldap.pm b/FS/FS/part_export/ldap.pm index a28504313..823d99dbf 100644 --- a/FS/FS/part_export/ldap.pm +++ b/FS/FS/part_export/ldap.pm @@ -1,11 +1,52 @@ package FS::part_export::ldap; -use vars qw(@ISA); +use vars qw(@ISA %info @saltset); +use Tie::IxHash; use FS::Record qw( dbh ); use FS::part_export; @ISA = qw(FS::part_export); +tie my %options, 'Tie::IxHash', + 'dn' => { label=>'Root DN' }, + 'password' => { label=>'Root DN password' }, + 'userdn' => { label=>'User DN' }, + 'attributes' => { label=>'Attributes', + type=>'textarea', + default=>join("\n", + 'uid $username', + 'mail $username\@$domain', + 'uidno $uid', + 'gidno $gid', + 'cn $first', + 'sn $last', + 'mailquota $quota', + 'vmail', + 'location', + 'mailtag', + 'mailhost', + 'mailmessagestore $dir', + 'userpassword $crypt_password', + 'hint', + 'answer $sec_phrase', + 'objectclass top,person,inetOrgPerson', + ), + }, + 'radius' => { label=>'Export RADIUS attributes', type=>'checkbox', }, +; + +%info = ( + 'svc' => 'svc_acct', + 'desc' => 'Real-time export to LDAP', + 'options' => \%options, + 'notes' => <<'END' +Real-time export to arbitrary LDAP attributes. Requires installation of +Net::LDAP from CPAN. +END +); + +@saltset = ( 'a'..'z' , 'A'..'Z' , '0'..'9' , '.' , '/' ); + sub rebless { shift; } sub _export_insert { @@ -23,10 +64,9 @@ sub _export_insert { } } $crypt_password = ''; #surpress "used only once" warnings - $crypt_password = crypt( $svc_acct->_password, + $crypt_password = '{crypt}'. crypt( $svc_acct->_password, $saltset[int(rand(64))].$saltset[int(rand(64))] ); - my $username_attrib; my %attrib = map { /^\s*(\w+)\s+(.*\S)\s*$/; $username_attrib = $1 if $2 eq '$username'; @@ -201,22 +241,24 @@ sub ldap_queue { $self->machine, $self->option('dn'), $self->option('password'), + $self->option('userdn'), @_, ) or $queue; } sub ldap_insert { #subroutine, not method - my $ldap = ldap_connect(shift, (my $dn = shift), shift); - my( $username_attrib, %attrib ) = @_; + my $ldap = ldap_connect(shift, shift, shift); + my( $userdn, $username_attrib, %attrib ) = @_; - $dn = "$username_attrib=$attrib{$username_attrib}, $dn" if $username_attrib; + $userdn = "$username_attrib=$attrib{$username_attrib}, $userdn" + if $username_attrib; #icky hack, but should be unsurprising to the LDAPers foreach my $key ( grep { $attrib{$_} =~ /,/ } keys %attrib ) { $attrib{$key} = [ split(/,/, $attrib{$key}) ]; } - my $status = $ldap->add( $dn, attrs => [ %attrib ] ); - die $status->error if $status->is_error; + my $status = $ldap->add( $userdn, attrs => [ %attrib ] ); + die 'LDAP error: '. $status->error. "\n" if $status->is_error; $ldap->unbind; } @@ -243,8 +285,10 @@ sub ldap_connect { my $ldap = Net::LDAP->new($machine) or die $@; my $status = $ldap->bind( $dn, %bind_options ); - die $status->error if $status->is_error; + die 'LDAP error: '. $status->error. "\n" if $status->is_error; $ldap; } +1; +