sheppy/no-secrets-athq-ansible
1
0
Fork 0
mirror of https://github.com/FAUSheppy/no-secrets-athq-ansible synced 2025-12-09 20:08:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
daaac805e93d5a22443e5db24e162927739ade91
no-secrets-athq-ansible/roles/usermanagement/templates/fix_ldap.py
Sheppy bb623ee0b2 fix: #! & search filter
2024-01-05 20:33:29 +00:00

46 lines
1.2 KiB
Python
Raw Blame History

#!/usr/bin/python3
from ldap3 import Server, Connection, MODIFY_ADD, MODIFY_DELETE
ldap_server = 'ldap://localhost'
ldap_user = '{{ ldap_bind_dn }}'
ldap_password = '{{ ldap_password }}'
base_dn = '{{ ldap_user_dn }}'
groups_base_dn = '{{ ldap_group_dn }}'
new_objectclass = 'verification'
# Connect to the LDAP server
server = Server(ldap_server)
conn = Connection(server, user=ldap_user, password=ldap_password)
if not conn.bind():
print(f"Failed to bind to LDAP server: {conn.last_error}")
exit(1)
# handle groups #
conn.search(groups_base_dn, '(objectClass=*)')
for entry in conn.entries:
dn = entry.entry_dn
# add verification class if it is missing #
conn.modify(dn, {'member': [(MODIFY_DELETE, [""])]})
# handle people #
conn.search(base_dn, '(objectClass=person)')
for entry in conn.entries:
dn = entry.entry_dn
# add verification class if it is missing #
conn.modify(dn, {'objectClass': [(MODIFY_ADD, ["verification"])]})
# set verification value if it is not set #
modifications = {
'emailVerified': [(MODIFY_ADD, ["false"])]
}
conn.modify(dn, modifications)
# Unbind from the LDAP server
conn.unbind()
Reference in New Issue View Git Blame Copy Permalink