LdapNgPlugin

This plugin provides an interface to query an LDAP directory and display the results in a WikiApplication It is a complete rewrite of the Foswiki:Extensions/LdapPlugin by Gerard Hickey to provide greater flexibility and performance based on the Foswiki:Extensions/LdapContrib package.

Syntax Rules

LDAP

%LDAP{(filter=)"filter" ...}%
Query an LDAP directrory.

Parameters:
  • filter: the LDAP query string
  • host: host IP or name to connect to
  • port: port to of the host
  • version: protocol version; possible values: 2,3
  • ssl: use ssl to bind to the server; possible values 0,1
  • base: base dn of the (sub)tree to search in; if base is written in brackets (e.g. 'base="(ou=people)"') then it is prepended to the default base of the LdapContrib
  • scope: scope of search; possible values: sub, base, one
  • format: format string used to display a database record
  • header: header to prepend the output; default: '$dn'
  • footer: footer to appended to the output
  • separator: separator between database records; default: '$n'
  • sort: name of attributes to sort the output (this feature is currently disabled)
  • reverse: reverse the result set; possible values: on, off; default: off
  • limit: maximum number of records to return; default: 0 (unlimited)
  • skip: number of records in the hit set to skip before displaying them; default: 0
  • exclude: regular expression matched against the dn of a returned record. the record will be skipped if it matches.
  • casesensitive: switch this to off for the exclude and include parameter to operate in case-insensitive mode
  • include: regular expression matched against the dn of a returned record. not matching record will be skipped.
  • hidenull: wether to hide any output on an empty hit set; possible values: on, off; default: off
  • clear: comma separated list of attributes to be removed from the output if they are not resolved
  • cache: time in seconds the result of the ldap query will be cached and not fetched anew; defaults to $Foswiki::cfg{Ldap}{DefaultCacheExpire}, or 0 if not set.
  • blob: comma separated list of attributes to be handled as blobs, like images stored in your LDAP directory.

Cgi Parameters:
  • refresh: refresh the cache of blobs (i.e. jpegPhotos); possible values: on, off, ldap; default: off;

The header, format and footer format strings may contain the following variables:
  • $percnt: % sign
  • $dollar: $ sign
  • $n: newline
  • $count: the number of hits
  • $index: the record number
  • $<attr-name>: the value of the record attribute <attr-name>

LDAPUSERS

%LDAPUSERS{...}%
List all LDAP userinformation. Information is drawn from cache and not from the LDAP server. Use ?refreshldap=on to update.

Parameters:
  • format: format string used to display a user record
  • header: header to prepend the output
  • footer: footer to appended to the output
  • sep: separator between database records; default: '$n'
  • limit: maximum number of records to return; default: 0 (unlimited)
  • skip: number of records in the hit set to skip before displaying them; default: 0
  • include: regular expression a user's WikiName must match to be included in the output
  • exclude: regular expression a user's WikiName must not match
  • casesensitive: switch this to off for the exclude and include parameter to operate in case-insensitive mode
  • hideunknown: on/off, enable/disable filtering out users that did not log in yet and thus have no hometopic (e.g. created by Foswiki:Extensions/NewUserPlugin), defaults to 'on'

The format string may contain the following variables:
  • $percnt: % sign
  • $dollar: $ sign
  • $n: newline
  • $index: the record number
  • $wikiName: the user's WikiName
  • $loginName: the user's login name
  • $displayName: a link pointing to the users hometopic in the Main web, if it exists, and '<nop>$wikiName' otherwise
  • $emails: the list of all known email addresses

Examples

%LDAP{"(objectClass=posixAccount)" base="(ou=people)" limit="100" cache="3600" header="| Nr | Name | Mail | Telephone |$n" format="| $index | $cn | $mail | $telephoneNumber |" sort="cn" clear="$mail,$telephoneNumber, $cn" }%

%LDAP{"(objectClass=posixGroup)" base="(ou=group)" limit="100" cache="3600" header="| Nr | Group | Members |$n" format="| $index | $cn | $memberUid |" clear="$mail,$memberUid" sort="cn" }%

%LDAPUSERS{limit="10"}%

Plugin Settings

The LdapNgPlugin will use the default configuration of the LdapContrib in your LocalSite.cfg file, that is
  • $Foswiki::cfg{Ldap}{Host} (overridable per query)
  • $Foswiki::cfg{Ldap}{Port} (overridable per query)
  • $Foswiki::cfg{Ldap}{Base} (overridable per query)
  • $Foswiki::cfg{Ldap}{Version} (overridable per query)
  • $Foswiki::cfg{Ldap}{SSL} (overridable per query)
  • $Foswiki::cfg{Ldap}{BindDN}
  • $Foswiki::cfg{Ldap}{BindPasswd}

Plugin Installation Instructions

You do not need to install anything in the browser to use this extension. The following instructions are for the administrator who installs the extension on the server.

Open configure, and open the "Extensions" section. Use "Find More Extensions" to get a list of available extensions. Select "Install".

If you have any problems, or if the extension isn't available in configure, then you can still install manually from the command-line. See http://foswiki.org/Support/ManuallyInstallingExtensions for more help.

Dependencies

NameVersionDescription
Foswiki::Contrib::LdapContrib>=5.03Required
Cache::Cache>=1.05Required

Plugin Info

Plugin Author: Michael Daum
Copyright ©: 2006-2014 Michael Daum http://michaeldaumconsulting.com
License: GPL (GNU General Public License)
Release: 5.04
Version: 5.04
Change History:  
18 Mar 2014: disable sorting temporarily as Net::LDAP::Search::sorted() destroys the result set on directories with references; added IgnoreViewRightsInSearch feature when indexing UserTopics using SolrPlugin; properly recode strings coming from the directory
29 Nov 2012: fixed performance problem for simple queries; fixes due to the latest changes in LdapContrib; fixed too many open file handles on long running solrindexing; don't index empty email fields using SolrPlugin
21 Nov 2012: fixed switching off the %LDAP cache when there's a global default; rewrite of formatting code; fixed fetching referrenced objects
19 Nov 2012: added casesensitive include/excluding
09 Nov 2012: added integration into SolrPlugin's index process by augmenting user profiles with ldap attributes
20 Dec 2011: added cache paremeter to %LDAP
17 Nov 2010: added exclude and include parameter to %LDAP
17 Nov 2009: renamed sep parameter to separator for consistency
27 Jan 2009: syncing version number with LdapContrib
08 Jan 2009: ported to foswiki
12 Jun 2008: fixed yet another "sep" problem
13 Nov 2007: fixed $nop
01 Oct 2007: added LDAPUSERS, lined up to changes in LdapContrib-2.0
04 June 2007: don't convert from/to utf8 if the site charset is already utf8
18 Dec 2006: added support for addresses as specified in RFC4517
04 Dec 2006: map utf8 strings from LDAP to the site's encoding and vice versa
30 Nov 2006: replaced commonTagsHandler with a properly registered LDAP tag
31 Aug 2006: added NO_PREFS_IN_TOPIC
19 Jul 2006: public release
25 April 2006: Initial (internal) version
Plugin Home: Foswiki:Extensions/LdapNgPlugin
Support: Foswiki:Support/LdapNgPlugin
Topic revision: r15 - 18 Mar 2014, MichaelDaum
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License