Important
This repo has been moved to Gitlab, and this version is now read-only.
UC Berkeley LDAP
UCB::LDAP is a wrapper module around Net::LDAP intended to simplify searching the UC Berkeley LDAP directory: http://directory.berkeley.edu
Introduction to LDAP
If you are blissfully ignorant of LDAP, you should familiarize yourself with some of the basics. Here is a great online resource: http://www.zytrax.com/books/ldap
The RDoc for the ruby-net-ldap Gem (http://rubyfurnace.com/docs/ruby-net-ldap-0.16.1/classes/Net/LDAP.html) also has a good introduction to LDAP.
Upgrading To Version 3
Version 3 and higher of this gem support changes made to LDAP in 2017 as described here. This involved a substantial reduction of data that had been available in older versions.
To upgrade, point your Gemfile to the latest version of ucb-ldap, run your test suite and look for deprecation warnings. All of the methods that wrapped deprecated LDAP attributes are still in place, but they will emit warnings and will be remove in version 4.
Most of the Person
attributes are still in place, but the following classes have been deprecated completely:
Address
JobAppointment
Namespace
Service
StudentTerm
If you need access to any data that used to be in these modules, check with other campus resources (e.g. HCM)
Examples
General Search
Search the directory specifying tree base and filter, getting back generic UCB::LDAP::Entry
instances:
entries = UCB::LDAP::Entry.search(:base => "ou=people,dc=berkeley,dc=edu", :filter => {:uid => 123})
entries.class #=> Array
entries[0].class #=> UCB::LDAP::Entry
entries[0].uid #=> '123'
entries[0].givenname #=> 'John'
entries[0].sn #=> 'Doe'
See UCB::LDAP::Entry
for more information.
Person Search
Search the Person tree getting back UCB::LDAP::Person instances:
person = UCB::LDAP::Person.find_by_uid("123")
person.firstname #=> "John"
person.affiliations #=> ['EMPLOYEE-TYPE-STAFF']
person.employee? #=> true
person.employee_staff? #=> true
person.employee_academic? #=> false
person.student? #=> false
See UCB::LDAP::Person
for more information.
Org Unit Search
Search the Org Unit tree getting back UCB::LDAP::Org
instances:
dept = UCB::LDAP::Org.org_by_ou('jkasd')
dept.deptid #=> "JKASD"
dept.name #=> "Administrative Systems Dept"
See UCB::LDAP::Org
for more information.
Privileged Binds
If you want access the directory anonymously, no credentials are required. If you want to access via a privileged bind, authenticate before querying:
p = UCB::LDAP::Person.find_by_uid("123")
p.non_public_attr #=> NoMethodError
UCB::LDAP.authenticate("mybind", "mypassword")
p = UCB::LDAP::Person.find_by_uid("123")
p.non_public_attr #=> "some value"
Dependencies
- Net::LDAP
- Ruby 2.2 or higher
Maintainers
- Steven Hansen
- Steve Downey
- Darin Wilson