No commit activity in last 3 years
No release in over 3 years
ldap/active directory instructions for Lita
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

Runtime

~> 0.5
>= 4.7
 Project Readme

lita-activedirectory

Build Status MIT License Gem Version Code Climate

A Lita handler plugin for basic interactions with Active Directory.

Installation

Add lita-activedirectory to your Lita instance's Gemfile:

gem "lita-activedirectory"

Configuration

  • config.handlers.activedirectory.host - LDAP host to query
  • config.handlers.activedirectory.port - LDAP port used to connect to the host
  • config.handlers.activedirectory.basedn - The basedn for the LDAP search
  • config.handlers.activedirectory.user_basedn - the basedn for LDAP user searches
  • config.handlers.activedirectory.username - User for connecting to LDAP
  • config.handlers.activedirectory.password - Password for connecting to LDAP

Usage

username expects the samaccount name

Check if a user account is locked out

is <username> locked?

Unlock a user account

unlock <username>

Requires membership in ad_admins authorization group.

The user account specified in config.handlers.activedirectory.username must have permission to write the lockouttime attribute for unlocking to succeed. We leave it up to you to secure this account accordingly.

List a User's Group Memberships

<username> groups>

List a Group's Members

group <groupname> members

Add a User to a Group

add <username> to <groupname>

Requires membership in ad_admins authorization group.

The user account specified in config.handlers.activedirectory.username must have permission to write the member attribute on groups for the membership change to succeed. We leave it up to you to secure this account accordingly.

Remove a User from a Group

remove <username> from <groupname>

Requires membership in ad_admins authorization group.

The user account specified in config.handlers.activedirectory.username must have permission to write the member attribute on groups for the membership change to succeed. We leave it up to you to secure this account accordingly.

Disable a User

disable user <username>

Requires membership in ad_admins authorization group.

The user account specified in config.handlers.activedirectory.username must have permission to write the userAccountControl attribute on groups for the change to succeed. We leave it up to you to secure this account accordingly.

Enable a User

enable user <username>

Requires membership in ad_admins authorization group.

The user account specified in config.handlers.activedirectory.username must have permission to write the userAccountControl attribute on groups for the change to succeed. We leave it up to you to secure this account accordingly.