module ROM::Plugins::Relation::LDAP::ActiveDirectory

Microsoft Active Directory specific extension.

@api public

Constants

ACCOUNT_DISABLED
ACCOUNT_NORMAL
ACCOUNT_TEMP_DUPLICATE
DOMAIN_CONTROLLER
ENCRYPTED_TEXT_PWD_ALLOWED
FLAG
GROUP
GROUP_GLOBAL
GROUP_LOCAL
GROUP_SECURITY_ENABLED
GROUP_UNIVERSAL
HOMEDIR_REQUIRED
INTERDOMAIN_TRUST_ACCOUNT
LOCKOUT
MEMBER
MNS_LOGON_ACCOUNT
NOT_DELEGATED
OPTS
PARTIAL_SECRETS_ACCOUNT
PASSWORD_CANT_CHANGE
PASSWORD_DONT_EXPIRE
PASSWORD_EXPIRED
PASSWORD_NOT_REQUIRED
PREAUTH_NOT_REQUIRED
RULE_BIT
RULE_CHAIN
SCRIPT
SERVER_TRUST_ACCOUNT
SMARTCARD_REQUIRED
TRUSTED_FOR_DELEGATION
TRUSTED_TO_AUTH_FOR_DELEGATION
UAC
USE_DES_KEY_ONLY
WORKSTATION_TRUST_ACCOUNT

Public Instance Methods

ad_accounts_all() click to toggle source

@return [Relation]

@api public

# File lib/rom/plugins/relation/ldap/active_directory.rb, line 73
def ad_accounts_all
  equal('sAMAccountType' => 805_306_368)
end
ad_accounts_control(oid) click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 102
def ad_accounts_control(oid)
  ad_accounts_all.equal(UAC => oid)
end
ad_accounts_disabled() click to toggle source

AD_USER_DISABLED = Filter::Builder.ex(“userAccountControl:1.2.840.113556.1.4.803”, “2”)

@return [Relation]

@api public

# File lib/rom/plugins/relation/ldap/active_directory.rb, line 82
def ad_accounts_disabled
  ad_accounts_all.equal(UAC => ACCOUNT_DISABLED)
end
ad_accounts_enabled() click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 86
def ad_accounts_enabled
  ad_accounts_all.unequal(UAC => ACCOUNT_DISABLED)
end
ad_accounts_expired_password() click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 94
def ad_accounts_expired_password
  ad_accounts_all.equal(UAC => PASSWORD_EXPIRED)
end
ad_accounts_hidden_email() click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 121
def ad_accounts_hidden_email
  unequal(objectclass: 'publicFolder').equal(msexchhidefromaddresslists: 'TRUE')
end
ad_accounts_insecure() click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 90
def ad_accounts_insecure
  ad_accounts_all.equal(UAC => PASSWORD_NOT_REQUIRED)
end
ad_accounts_membership(groupdn) click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 106
def ad_accounts_membership(groupdn)
  ad_accounts_all.equal(MEMBER => groupdn)
end
ad_accounts_permanent_password() click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 98
def ad_accounts_permanent_password
  ad_accounts_all.equal(UAC => PASSWORD_DONT_EXPIRE)
end
ad_accounts_with_email() click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 110
def ad_accounts_with_email
  ad_accounts_all.present(:mailnickname)
end
ad_accounts_with_fax() click to toggle source

FIXME: the attribute names should be original format? see for example ad_accounts_all

# File lib/rom/plugins/relation/ldap/active_directory.rb, line 117
def ad_accounts_with_fax
  ad_accounts_all.equal(proxyaddresses: 'FAX:*')
end
ad_catalog_global() click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 145
def ad_catalog_global
  equal(objectcategory: 'nTDSDSA', OPTS => SCRIPT)
end
ad_computers() click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 149
def ad_computers
  equal(objectcategory: 'computer')
end
ad_contacts() click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 161
def ad_contacts
  equal(objectcategory: 'contact')
end
ad_controllers() click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 153
def ad_controllers
  ad_computers.equal(UAC => SERVER_TRUST_ACCOUNT)
end
ad_exchanges() click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 157
def ad_exchanges
  equal(objectclass: 'msExchExchangeServer').unequal(objectclass: 'msExchExchangeServerPolicy')
end
ad_groups_empty() click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 141
def ad_groups_empty
  equal(objectclass: 'group').missing(:member)
end
ad_groups_security() click to toggle source

@return [Relation]

@api public

# File lib/rom/plugins/relation/ldap/active_directory.rb, line 132
def ad_groups_security
  equal(GROUP => GROUP_SECURITY_ENABLED)
  # equal(grouptype: GROUP_SECURITY_ENABLED)
end
ad_groups_universal() click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 137
def ad_groups_universal
  equal(GROUP => GROUP_UNIVERSAL)
end
ad_undeletable_object() click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 169
def ad_undeletable_object
  equal(FLAG => -GROUP_SECURITY_ENABLED)
end
ad_unrenamable_object() click to toggle source
# File lib/rom/plugins/relation/ldap/active_directory.rb, line 165
def ad_unrenamable_object
  equal(FLAG => 134_217_728)
end
ambiguous(value) click to toggle source

Ambiguous Name Resolution (ANR)

@return [Relation]

@api public

# File lib/rom/plugins/relation/ldap/active_directory.rb, line 59
def ambiguous(value)
  equal('anr' => value)
end