Documentation
¶
Index ¶
- Constants
- Variables
- func GetSchemaFieldRegistry(cfg *Config, newPassword string) (map[*Field][]string, error)
- func SupportedSchemas() []string
- func ValidSchema(schema string) bool
- type Client
- func (c *Client) Execute(cfg *Config, entries []*ldif.Entry, continueOnFailure bool) (err error)
- func (c *Client) Search(cfg *Config, baseDN string, scope int, filters map[*Field][]string) ([]*Entry, error)
- func (c *Client) UpdateEntry(cfg *Config, baseDN string, scope int, filters map[*Field][]string, ...) error
- func (c *Client) UpdatePassword(cfg *Config, baseDN string, scope int, newValues map[*Field][]string, ...) error
- type Config
- type CredentialType
- type Entry
- type Field
Constants ¶
const ( SchemaOpenLDAP = "openldap" SchemaAD = "ad" SchemaRACF = "racf" )
const DefaultCredentialType = CredentialType(CredentialTypePassword)
Variables ¶
var FieldRegistry = newFieldRegistry()
FieldRegistry is designed to look and feel like an enum from another language like Python.
Example: Accessing constants
FieldRegistry.AccountExpires FieldRegistry.BadPasswordCount
Example: Utility methods
FieldRegistry.List()
FieldRegistry.Parse("givenName")
Functions ¶
func GetSchemaFieldRegistry ¶ added in v0.1.1
GetSchemaFieldRegistry type switches field registries depending on the configured schema. For example, IBM RACF has a custom LDAP schema so the password is stored in a different attribute.
func SupportedSchemas ¶ added in v0.1.1
func SupportedSchemas() []string
SupportedSchemas returns a slice of different LDAP schemas supported by the plugin. This is used to change the FieldRegistry when modifying user passwords and to set the default user attribute (userattr).
func ValidSchema ¶ added in v0.1.1
ValidSchema checks if the configured schema is supported by the plugin.
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
func NewWithClient ¶ added in v0.11.3
func (*Client) UpdateEntry ¶
func (*Client) UpdatePassword ¶
func (c *Client) UpdatePassword(cfg *Config, baseDN string, scope int, newValues map[*Field][]string, filters map[*Field][]string) error
UpdatePassword uses a Modify call under the hood instead of LDAP change password function. This allows AD and OpenLDAP schemas to use the same api without changes to the interface.
type Config ¶
type Config struct {
*ldaputil.ConfigEntry
LastBindPassword string `json:"last_bind_password"`
LastBindPasswordRotation time.Time `json:"last_bind_password_rotation"`
Schema string `json:"schema"`
// CredentialType is used to customize the Schema. Currently only used for type racf.
CredentialType CredentialType `json:"credential_type"`
}
func (*Config) SetCredentialType ¶ added in v0.14.7
SetCredentialType sets the credential type for the LDAP config given its string form. Returns an error if the given credential type string is unknown.
type CredentialType ¶ added in v0.14.7
type CredentialType int
CredentialType is a custom type of LDAP credential.
const ( CredentialTypeUnknown CredentialType = iota // CredentialTypePassword is the default for all LDAP implementations CredentialTypePassword // CredentialTypePhrase is used for to customize the RACF schema to support // password phrases CredentialTypePhrase )
func (CredentialType) String ¶ added in v0.14.7
func (c CredentialType) String() string
Source Files
Directories