ActiveLDAP and variable sub scope object writing


#1

Anyone out there using ActiveLDAP have an idea how I can accomplish
creating an object one level below a known base where we have a variable
item in the middle?

That first sentence doesn’t even make sense to me. Here’s what I want
to do: I have a user class that I use for managing users. Each user
gets a ou called addressbook (which in turn will contain sub-entries,
but we’re not worried about that) like so:

dn: uid=removed_email_address@domain.invalid,ou=Users,ou=OxObjects,dc=example,dc=com
uid: removed_email_address@domain.invalid

dn: ou=addr,uid=removed_email_address@domain.invalid,ou=Users,ou=OxObjects,dc=example,dc=com
objectClass: top
objectClass: organizationalUnit
ou: addr

dn:
uid=135,ou=addr,uid=removed_email_address@domain.invalid,ou=Users,ou=OxObjects,dc=example,dc=com

I want to create the ou=addr,uid=removed_email_address@domain.invalid,PREFIX entry each time
I create a user, but I can’t figure out how to get ActiveLDAP to let me
do that. I had tried doing something like creating another model like
this:

class Addr < ActiveLDAP::Base
ldap_mapping :dnattr => ‘ou=addr,uid’, :prefix => USER_PREFIX,
:classes => [
‘top’, ‘organizationalUnit’ ]
end

And modifying the base.rb code for ActiveLDAP with a goofy hack to allow
setting this sort of :dnattr value, but it picks up all the methods and
attributes of a user object, so I can’t quite do that… Here’s the ex
from base.rb:

  # Break val apart if it is a dn
  if val.match(/^ou=addr.*/i)
    val = $1
  elsif val.match(/^#{dnattr()}=([^,=]+),#{base()}$/i)
    val = $1
  elsif val.match(/[=,]/)
    @@logger.info "initialize: Changing val from '#{val}' to '' 

because it doesn’t match the DN."
val = ‘’
end

And before I start breaking this any furthor, I was wondering if someone
has already done this sort of thing.


#2

On Sat, 2006-03-18 at 02:07 +0100, Leah C. wrote:

uid: removed_email_address@domain.invalid
I create a user, but I can’t figure out how to get ActiveLDAP to let me
setting this sort of :dnattr value, but it picks up all the methods and
because it doesn’t match the DN."
val = ‘’
end

And before I start breaking this any furthor, I was wondering if someone
has already done this sort of thing.


Leah,

I don’t know OxObjects - open-Xchange but I do subscribe to their mail
list as well as OGO and monitor a bit.

When I do personal address books, I don’t use a uid for the dn, I
actually use cn instead but perhaps OxObjects stores them as you are
trying.

Your notes at the top suggest a bit of confusion about the structure
itself which would probably help if you had clarity about how they were
to be stored…is it possible that you can get a response from your LDAP
server from a personal Address Book entry that was created by
open-Xchange? Something like this (not open-Xchange)

ldapsearch -x \

-h srv1.azapple.com
-D ‘cn=root,dc=azapple,dc=com’ -W
-b ‘uid=craig,ou=People,dc=azapple,dc=com’
‘(cn=test user)’
Enter LDAP Password:

extended LDIF

LDAPv3

base <uid=craig,ou=People,dc=azapple,dc=com> with scope sub

filter: (cn=test user)

requesting: ALL

Test User, AddressBook, craig, People, azapple.com

dn: cn=Test User,ou=AddressBook,uid=craig,ou=People,dc=azapple,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: Test User
sn: User
title: Clients
o: Test Company

search result

search: 2
result: 0 Success

numResponses: 2

numEntries: 1

I think that would help you figure out what the structure of entries are
supposed to be exactly. It’s important to note that each ‘objectclass’
has specific 'requirements of attributes such as above…objectclass
person requires ‘cn’ and objectclass inetOrgPerson requires ‘sn’
attributes - that is if memory serves me correctly but it would seem
strange that an ‘address book entry’ would use uid at all as that is
generally reserved for a system user.

As for fiddling…I haven’t started with LDAP / rails yet but that is in
my next scheduled phase so it won’t be long.

Craig


#3

I am just looking to put in the holding ou container for the address
book, not the actual address entries. I use uid style DN’s with
openxchange, and so these ou’s actually will look like:

ou=addr,uid=removed_email_address@domain.invalid,ou=Users,ou=OxObjects,dc=example,dc=com

I just need to understand how to add the ou=addr under the user’s DN of:

uid=removed_email_address@domain.invalid,ou=Users,ou=OxObjects,dc=example,dc=com

using the ActiveLDAP libraries. I did check all these values from a
working OX user.

Thanks,
Leah

Craig W. wrote:

On Sat, 2006-03-18 at 02:07 +0100, Leah C. wrote:
SNIP


#4

On Mon, 2006-03-20 at 19:46 +0100, Leah C. wrote:

I should also mention that as soon as my LDAP objects have sub entries,
the delete functions don’t work either as it seems that they do not
recursively delete.


I think if you have enough logging turned on for you LDAP, you would see
why. As I understand it, most LDAP systems don’t allow you to delete
containers with objects in them. Client applications would probably want
to obtain a list of all objects inside, delete them and then delete the
container.

Craig


#5

I should also mention that as soon as my LDAP objects have sub entries,
the delete functions don’t work either as it seems that they do not
recursively delete.

Leah C. wrote:

I am just looking to put in the holding ou container for the address
book, not the actual address entries. I use uid style DN’s with
openxchange, and so these ou’s actually will look like:

ou=addr,uid=removed_email_address@domain.invalid,ou=Users,ou=OxObjects,dc=example,dc=com

I just need to understand how to add the ou=addr under the user’s DN of:

uid=removed_email_address@domain.invalid,ou=Users,ou=OxObjects,dc=example,dc=com

using the ActiveLDAP libraries. I did check all these values from a
working OX user.

Thanks,
Leah

Craig W. wrote:

On Sat, 2006-03-18 at 02:07 +0100, Leah C. wrote:
SNIP


#6

Craig W. wrote:

On Mon, 2006-03-20 at 19:46 +0100, Leah C. wrote:

I should also mention that as soon as my LDAP objects have sub entries,
the delete functions don’t work either as it seems that they do not
recursively delete.


I think if you have enough logging turned on for you LDAP, you would see
why. As I understand it, most LDAP systems don’t allow you to delete
containers with objects in them. Client applications would probably want
to obtain a list of all objects inside, delete them and then delete the
container.

Yes, that is correct. So I need to understand how to correctly set the
PREFIX to uid=removed_email_address@domain.invalid,ou=Users,ou=OxObjects,dc=example,dc=com
in the Addr model for ActiveLDAP. Since the uid=removed_email_address@domain.invalid part
is dynamic, I think I need to somehow tell the Addr class what that is,
and I am not clear on how to do that…

class Addr < ActiveLDAP::Base

ldap_mapping :dnattr => ‘ou’, :prefix => PREFIX, :classes => [
‘top’, ‘organizationalUnit’ ]

end

If I could create a model like this, then I could easily remove the
ou=addr entries. I think.

Leah


#7

Leah C. wrote:

Yes, that is correct. So I need to understand how to correctly set the
PREFIX to uid=removed_email_address@domain.invalid,ou=Users,ou=OxObjects,dc=example,dc=com
in the Addr model for ActiveLDAP. Since the uid=removed_email_address@domain.invalid part
is dynamic, I think I need to somehow tell the Addr class what that is,
and I am not clear on how to do that…

class Addr < ActiveLDAP::Base

ldap_mapping :dnattr => ‘ou’, :prefix => PREFIX, :classes => [
‘top’, ‘organizationalUnit’ ]

end

If I could create a model like this, then I could easily remove the
ou=addr entries. I think.

One thing I was thinking of trying was something like this, does it make
sense? I’m a little new to working with Ruby objects:

class Addr < ActiveLDAP::Base

def initialize(val,uid)
super(val)
@uid = uid
@prefix = ‘uid=’ + @uid + ‘,’ + USER_PREFIX
end

ldap_mapping :dnattr => ‘ou=addr,uid’, :prefix => @prefix, :classes =>
[
‘top’, ‘organizationalUnit’ ]

end

And then calling Addr like:

def add_addr(user)
new_addr = Addr.new(‘addr’,user.uid.to_s)
new_addr.organizationalUnit = ‘addr’
new_addr.write
end