diff options
| author | Steve Kemp <steve@steve.org.uk> | 2013-02-13 10:35:17 +0000 |
|---|---|---|
| committer | Steve Kemp <steve@steve.org.uk> | 2013-02-13 10:35:17 +0000 |
| commit | ad9f35019beee93d08c5ddc2fad1170782363f9e (patch) | |
| tree | e42a5750588b288e4a1ddcb5e8978543a6d476d8 | |
| parent | 8d5485569705d7380c921e65fa99b728bff20010 (diff) | |
LDAP probe complete.
| -rw-r--r-- | cfg/sample.cfg | 2 | ||||
| -rw-r--r-- | lib/custodian/protocoltest/ldap.rb | 41 |
2 files changed, 40 insertions, 3 deletions
diff --git a/cfg/sample.cfg b/cfg/sample.cfg index a455f6b..d407b17 100644 --- a/cfg/sample.cfg +++ b/cfg/sample.cfg @@ -1,3 +1,3 @@ -http://secure.servoshop.co.uk/ must run http with status 404 otherwise "Failure - this site is https only #524771'. +auth.bytemark.co.uk must run ldap on 389 with username 'uid=apache,ou=systems,dc=bytemark,dc=co,dc=uk' with password 'binding' otherwise 'LDAP failure'. diff --git a/lib/custodian/protocoltest/ldap.rb b/lib/custodian/protocoltest/ldap.rb index 8ec42b6..49b9b41 100644 --- a/lib/custodian/protocoltest/ldap.rb +++ b/lib/custodian/protocoltest/ldap.rb @@ -1,5 +1,6 @@ require 'custodian/protocoltest/tcp' +require 'ldap' # # The LDAP-protocol test. @@ -67,7 +68,7 @@ module Custodian # Save the port # if ( line =~ /on\s+([0-9]+)/ ) - @port = $1.dup + @port = $1.dup.to_i else @port = 389 end @@ -94,7 +95,43 @@ module Custodian # reset the error, in case we were previously executed. @error = nil - run_test_internal( @host, @port, nil, false ) + begin + # + # Connect. + # + ldap = LDAP::Conn.new( @host, @port ) + ldap.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3) + + # + # Hardwired search is bad.. + # + base = 'ou=groups,dc=bytemark,dc=co,dc=uk' + scope = LDAP::LDAP_SCOPE_SUBTREE + filter = '(cn=vpn*)' + attrs = ['sn', 'cn'] + + # + # Bind. + # + ldap.bind( @ldap_user, @ldap_pass ) + if ( ldap.bound? ) + + # + # Search + # + ldap.search(base,scope,filter,attrs) { |entry| + puts entry.vals('cn') + } + ldap.unbind + return true + else + @error "failed to bind to LDAP server '#{@host}' with username '#{@ldap_user}' and password '#{@ldap_pass}'" + return false. + end + rescue LDAP::ResultError => ex + @error = "LDAP exception: #{ex} when talkign to LDAP server '#{@host}' with username '#{@ldap_user}' and password '#{@ldap_pass}'" + return false + end end |