Create groups with ruby-net-ldap

rvd5star · May 12, 2008, 7:30am

hello all,

I would like to ask if it’s possible to add new groups in active
directory server
using ruby-net-ldap library.

thank you.

best regards,
rvd5star

rvd5star · May 12, 2008, 8:30am

I would like to add the ff. questions:

Is there a way to change the user’s group(“OU”) or assign to
another existing groups?
Is there a way to edit/delete existing groups using ruby-net-ldap?

Thanks,
rvd5star

rvd5star · May 12, 2008, 4:56pm

On Mon, May 12, 2008 at 12:30 AM, rvd5star [email protected] wrote:

hello all,

Yes you can create groups in AD with ruby-net-ldap.

I’m not sure what you mean by group(“OU”) but you can add users to a
group
by adding to the member property of the group.

Editing and deleting are also easy by setting attributes and using the
delete method.

–
“Hey brother Christian with your high and mighty errand, Your actions
speak
so loud, I can’t hear a word you’re saying.”

-Greg Graffin (Bad Religion)

rvd5star · May 13, 2008, 5:50am

I was able to create groups using ruby-net-ldap.
My only problem now is how to:

retrieve users from a group
assign users from one group to another

Any advice?

Thanks.

rvd5star · May 13, 2008, 4:36am

really? could you show me a code snippet on how to create
groups in AD with ruby-net-ldap?

Thanks in advance.

rvd5star · May 13, 2008, 10:16am

Hello. I was able to solve the latest two problems.
My only concern now is to assign user from one OU(Organizational Unit)
to another.
Any advice?

Thanks.

rvd5star · May 14, 2008, 3:33am

Hi,

2008/5/13 Glen H. [email protected]:

From my understanding there is no direct way to do that in the LDAP
protocol. You basically have to delete the object then re-create it in the
desired OU. You can change the left most part of the dn but not the rest.

Net::LDAP#rename.

Thanks,

rvd5star · May 13, 2008, 4:27pm

On Tue, May 13, 2008 at 2:15 AM, rvd5star [email protected] wrote:

retrieve users from a group

Is there a way to change the user’s group(“OU”) or assign to

I would like to ask if it’s possible to add new groups in active
I’m not sure what you mean by group(“OU”) but you can add users to a
so loud, I can’t hear a word you’re saying."

-Greg Graffin (Bad Religion)

From my understanding there is no direct way to do that in the LDAP
protocol. You basically have to delete the object then re-create it in
the
desired OU. You can change the left most part of the dn but not the
rest.

–
“Hey brother Christian with your high and mighty errand, Your actions
speak
so loud, I can’t hear a word you’re saying.”

-Greg Graffin (Bad Religion)

rvd5star · May 14, 2008, 3:08pm

On Tue, May 13, 2008 at 7:32 PM, Kouhei S. [email protected] wrote:

Net::LDAP#rename.

Thanks,

kou

That will only change the cn portion of the dn. You can’t change ou’s
with
rename.

–
“Hey brother Christian with your high and mighty errand, Your actions
speak
so loud, I can’t hear a word you’re saying.”

-Greg Graffin (Bad Religion)