LdapNgPlugin

This plugin provides an interface to query an LDAP directory and display the results in a WikiApplication It is a complete rewrite of the Foswiki:Extensions/LdapPlugin by Gerard Hickey to provide greater flexibility and performance based on the Foswiki:Extensions/LdapContrib package.

Syntax Rules

LDAP

%LDAP{(filter=)"filter" ...}%
Query an LDAP directrory.

Parameters:
  • filter: the LDAP query string
  • host: host IP or name to connect to
  • port: port to of the host
  • version: protocol version; possible values: 2,3
  • ssl: use ssl to bind to the server; possible values 0,1
  • base: base dn of the (sub)tree to search in; if base is written in brackets (e.g. 'base="(ou=people)"') then it is prepended to the default base of the LdapContrib
  • scope: scope of search; possible values: sub, base, one
  • format: format string used to display a database record
  • header: header to prepend the output; default: '$dn'
  • footer: footer to appended to the output
  • separator: separator between database records; default: '$n'
  • sort: name of attributes to sort the output (this feature is currently disabled)
  • reverse: reverse the result set; possible values: on, off; default: off
  • limit: maximum number of records to return; default: 0 (unlimited)
  • skip: number of records in the hit set to skip before displaying them; default: 0
  • exclude: regular expression matched against the dn of a returned record. the record will be skipped if it matches.
  • casesensitive: switch this to off for the exclude and include parameter to operate in case-insensitive mode
  • include: regular expression matched against the dn of a returned record. not matching record will be skipped.
  • hidenull: wether to hide any output on an empty hit set; possible values: on, off; default: off
  • clear: comma separated list of attributes to be removed from the output if they are not resolved
  • cache: time in seconds the result of the ldap query will be cached and not fetched anew; defaults to $Foswiki::cfg{Ldap}{DefaultCacheExpire}, or 0 if not set.
  • blob: comma separated list of attributes to be handled as blobs, like images stored in your LDAP directory.

Cgi Parameters:
  • refresh: refresh the cache of blobs (i.e. jpegPhotos); possible values: on, off, ldap; default: off;

The header, format and footer format strings may contain the following variables:
  • $percnt: % sign
  • $dollar: $ sign
  • $n: newline
  • $count: the number of hits
  • $index: the record number
  • $<attr-name>: the value of the record attribute <attr-name>

LDAPUSERS

%LDAPUSERS{...}%
List all LDAP userinformation. Information is drawn from cache and not from the LDAP server. Use ?refreshldap=on to update.

Parameters:
  • format: format string used to display a user record
  • header: header to prepend the output
  • footer: footer to appended to the output
  • sep: separator between database records; default: '$n'
  • limit: maximum number of records to return; default: 0 (unlimited)
  • skip: number of records in the hit set to skip before displaying them; default: 0
  • include: regular expression a user's WikiName must match to be included in the output
  • exclude: regular expression a user's WikiName must not match
  • casesensitive: switch this to off for the exclude and include parameter to operate in case-insensitive mode
  • hideunknown: on/off, enable/disable filtering out users that did not log in yet and thus have no hometopic (e.g. created by Foswiki:Extensions/NewUserPlugin), defaults to 'on'

The format string may contain the following variables:
  • $percnt: % sign
  • $dollar: $ sign
  • $n: newline
  • $index: the record number
  • $wikiName: the user's WikiName
  • $loginName: the user's login name
  • $displayName: a link pointing to the users hometopic in the Main web, if it exists, and '<nop>$wikiName' otherwise
  • $emails: the list of all known email addresses

Examples

Query user accounts

%LDAP{"(objectClass=posixAccount)" 
  base="(ou=people)"
  limit="100" 
  cache="3600"
  header="| *Nr* | *Name* | *Mail* | *Telephone* |$n" 
  format="| $index | $cn | $mail | $telephoneNumber  |" 
  sort="cn"
  clear="$mail,$telephoneNumber, $cn"
}%

Query user groups

%LDAP{"(objectClass=posixGroup)" 
  base="(ou=group)" 
  limit="100" 
  cache="3600"
  header="| *Nr* | *Group* | *Members* |$n" 
  format="| $index | $cn | $memberUid |" 
  clear="$mail,$memberUid"
  sort="cn"
}%

Display cached users records

%LDAPUSERS{limit="10"}%

Plugin Settings

The LdapNgPlugin will use the default configuration of the LdapContrib in your LocalSite.cfg file, that is
  • $Foswiki::cfg{Ldap}{Host} (overridable per query)
  • $Foswiki::cfg{Ldap}{Port} (overridable per query)
  • $Foswiki::cfg{Ldap}{Base} (overridable per query)
  • $Foswiki::cfg{Ldap}{Version} (overridable per query)
  • $Foswiki::cfg{Ldap}{SSL} (overridable per query)
  • $Foswiki::cfg{Ldap}{BindDN}
  • $Foswiki::cfg{Ldap}{BindPasswd}

Plugin Installation Instructions

You do not need to install anything in the browser to use this extension. The following instructions are for the administrator who installs the extension on the server.

Open configure, and open the "Extensions" section. Use "Find More Extensions" to get a list of available extensions. Select "Install".

If you have any problems, or if the extension isn't available in configure, then you can still install manually from the command-line. See http://foswiki.org/Support/ManuallyInstallingExtensions for more help.

If you are using LdapNgPlugin together with LdapContrib to integrate LDAP users to Foswiki you might also want to display an according list of all Main.WikiUsers. Therefore LdapNgPlugin comes with a view template that you have to apply to the WikiUsers topic. Do so either by adding

   * Set VIEW_TEMPLATE = LdapWikiUsersView

or by adding

$Foswiki::cfg{Plugins}{AutoTemplatePlugin}{ViewTemplateRules} = {
...
    'WikiUsers' => 'LdapWikiUsersView',
...
};

to your LocalSite.cfg in case Foswiki:Extensions/AutoTemplatePlugin is installed as well.

Please do not use the LdapWikiUsersView template in case your are running Foswiki:Extensions/SolrPlugin as well which implements a fast solr-based person search with a different SolrWikiUsersView template.

Dependencies

NameVersionDescription
Foswiki::Contrib::LdapContrib>=5.03Required
Cache::Cache>=1.05Required

Plugin Info

Plugin Author: Michael Daum
Copyright ©: 2006-2014 Michael Daum http://michaeldaumconsulting.com
License: GPL (GNU General Public License)
Release: 6.00
Version: 6.00
Change History:  
16 Dec 2014: added view template for Main.WikiUsers; more robust extraction of user information while indexing profiles with Foswiki:Extensions/SolrPlugin; wrapping examples into verbatim sections not to expose usernames by default
18 Mar 2014: disable sorting temporarily as Net::LDAP::Search::sorted() destroys the result set on directories with references; added IgnoreViewRightsInSearch feature when indexing UserTopics using SolrPlugin; properly recode strings coming from the directory
29 Nov 2012: fixed performance problem for simple queries; fixes due to the latest changes in LdapContrib; fixed too many open file handles on long running solrindexing; don't index empty email fields using SolrPlugin
21 Nov 2012: fixed switching off the %LDAP cache when there's a global default; rewrite of formatting code; fixed fetching referrenced objects
19 Nov 2012: added casesensitive include/excluding
09 Nov 2012: added integration into SolrPlugin's index process by augmenting user profiles with ldap attributes
20 Dec 2011: added cache paremeter to %LDAP
17 Nov 2010: added exclude and include parameter to %LDAP
17 Nov 2009: renamed sep parameter to separator for consistency
27 Jan 2009: syncing version number with LdapContrib
08 Jan 2009: ported to foswiki
12 Jun 2008: fixed yet another "sep" problem
13 Nov 2007: fixed $nop
01 Oct 2007: added LDAPUSERS, lined up to changes in LdapContrib-2.0
04 June 2007: don't convert from/to utf8 if the site charset is already utf8
18 Dec 2006: added support for addresses as specified in RFC4517
04 Dec 2006: map utf8 strings from LDAP to the site's encoding and vice versa
30 Nov 2006: replaced commonTagsHandler with a properly registered LDAP tag
31 Aug 2006: added NO_PREFS_IN_TOPIC
19 Jul 2006: public release
25 April 2006: Initial (internal) version
Plugin Home: Foswiki:Extensions/LdapNgPlugin
Support: Foswiki:Support/LdapNgPlugin

I Attachment Action Size Date Who Comment
LdapNgPlugin.md5md5 LdapNgPlugin.md5 manage 0.2 K 16 Dec 2014 - 13:53 MichaelDaum  
LdapNgPlugin.sha1sha1 LdapNgPlugin.sha1 manage 0.2 K 16 Dec 2014 - 13:53 MichaelDaum  
LdapNgPlugin.tgztgz LdapNgPlugin.tgz manage 10.9 K 16 Dec 2014 - 13:52 MichaelDaum  
LdapNgPlugin.zipzip LdapNgPlugin.zip manage 14.4 K 16 Dec 2014 - 13:52 MichaelDaum  
LdapNgPlugin_installerEXT LdapNgPlugin_installer manage 4.5 K 16 Dec 2014 - 13:52 MichaelDaum  
Topic revision: r17 - 16 Dec 2014, MichaelDaum
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License