Merge branch 'master' of https://git.johnhgaunt.com/jgaunt/seafile-ldap

2021-11-02 09:44:52 -04:00
parent 467b0a87b7 5d15c77cd5
commit f5af40883f
2 changed files with 27 additions and 13 deletions
--- a/seafile-ldap.py
+++ b/seafile-ldap.py
@@ -8,6 +8,7 @@ import argparse
 import os
 import requests
 import urllib3
+import json

 def request(resource, seafile, method='GET', data=None):
    if data is None:
@@ -33,10 +34,6 @@ def request(resource, seafile, method='GET', data=None):
            return {'ok': r.ok, 'status_code': r.status_code, 'response': r.text}
    raise ValueError(r)

-def checkIfUserHasEmail(user):
-    ldap.search(config['LDAP SERVER']['groupBaseDN'], '(&(mail=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(memberof={0}))'.format(config['LDAP SERVER']['seafileGroupDN']), attributes=['*'])
-
-
 parser = argparse.ArgumentParser(description='Sync LDAP with Seafile')
    #group = parser.add_mutually_exclusive_group()
    #group.add_argument('-e', '--encrypt', action='store_true', help='encrypt')
@@ -125,18 +122,34 @@ except core.exceptions.LDAPBindError as e:
    exit()
 logger.debug("Bind successful.")

+logger.debug("Searching for users that have a email address, are enabled, and in the {} group.".format(config['LDAP SERVER']['seafileGroupDN']))
+ldap.search(config['LDAP SERVER']['groupBaseDN'], '(&(mail=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(memberof={0}))'.format(config['LDAP SERVER']['seafileGroupDN']), attributes=['*'])
+logger.debug("Found {0} users.".format(len(ldap.entries)))
+ADusers = ldap.entries
+for user in ADusers:
+    logger.debug("User: {0} - Email: {1} - UserDN: {2}".format(user.name, user.mail, user.distinguishedName))
+    
+seafileUsers = request('admin/search-user/?query=@johnhgaunt.com', seafile)['response']['user_list']
+for user in seafileUsers:
+    logger.debug("User: {0} - Email: {1} - isActive: {2}".format(user['name'], user['email'], user['is_active']))
+#print(ldap.entries[0].distinguishedName)
+exit()
+#Create a connection object, and bind with the given DN and password.
+try: 
+    conn = Connection(server, bindAccount, bindPassword, auto_bind=True)
+    print('LDAP Bind Successful.')
+    # Perform a search for a pre-defined criteria.
+    # Mention the search filter / filter type and attributes.
+    conn.search('CN=Users,dc=home,dc=johnhgaunt,dc=com', '(&(mail=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(memberOf=CN=Seafile,CN=Users,DC=home,DC=johnhgaunt,DC=com))')
+    # Print the resulting entries.
+    for entry in conn.entries:
+            print(entry)
+except core.exceptions.LDAPBindError as e:
+    #If the LDAP bind failed for reasons such as authentication failure.
+    print('LDAP Bind Failed: ', e)

 # sync ad users with seafile, if disabled or deleted ad user, disable in seafile
-# I don't think this will work as saml/openid users are not listed with the admin/users/ nor the admin/search-users/ returns those users
-#logger.debug("Searching for users that have a email address, are enabled, and in the {} group.".format(config['LDAP SERVER']['seafileGroupDN']))
-#ldap.search(config['LDAP SERVER']['groupBaseDN'], '(&(mail=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(memberof={0}))'.format(config['LDAP SERVER']['seafileGroupDN']), attributes=['*'])
-#logger.debug("Found {0} users.".format(len(ldap.entries)))
-#for user in ldap.entries:
-#    logger.debug("User: {0} -- UserDN: {1}".format(user.name, user.distinguishedName))

-#seafileUsers = request('admin/search-user/?query=@', seafile)['response']
-
-#print(ldap.entries[0].distinguishedName)

 # get ad groups and import them into seafile
 # loop through each group and list members