#1 2018-01-16 18:15:23

jeffrozica
Member
Registered: 2017-08-17

LDAP Questions

QUESTION #1:
I need to schedule the ldapimport.groovy script to run at least weekly or more. From what I understand you use the schedulescript command to do this, but all of the examples show a *.rs script.  Can I schedule a *.groovy script using this command or does it have to be a *.rs script. Do I need to rename the script? Your thoughts?
HERE IS WHAT IT SAYS ON THE WEBSITE
Using the scheduler to refresh users periodically To keep ReportServer's user database in sync with your company directory you would probably like to run the script automatically from time to time. To do this, you can use the scheduleScript terminal command.

QUESTION #2:
On the LDAP instructions page on your website it says the following (see below).. Do you have any examples of how to do this in the hookldappam.groovy script. I could not find any searching the internet. Any help you could give would greatly be appreciated.
HERE IS WHAT IT SAYS ON THE WEBSITE
Automatically fetch/refresh a user's corresponding user object on login Additionally to periodic updates you might want to refresh a user's object whenever s/he tries to log in. This can easily be achieved by modifying the hookldappam script and adding the required functionality.

QUESTION #3:
What log does the output go (log file name and path) from all of these groovy scripts. I cannot find it anywhere. That would be really helpful to us to make sure these groovy scripts are running properly that are in the onstartup.d folder (i.e. Add support for databases, hookldappam, et….

Offline

#2 2018-01-23 14:10:36

eduardo
Administrator
Registered: 2016-11-01
Website

Re: LDAP Questions

Hi jeffrozica,

1. yes, you can schedule .groovy scripts using this command.
2. what you have to do in order to achieve this is the following:
in the hookldappam.groovy script, before the authentication of the user (i.e. before User u = authenticate(credentials.getUsername(), credentials.getPassword()); ), you should connect to the ldap server, filter on your user, and create/update/delete the user, depending on the ldap answer. You can take the ldapimport.groovy as a guideline on how to connect to ldap/filter/create users. E.g. the ldapFilter variable: here you should write a filter that returns only your user. You can test the filter with the ldapsearch program (https://linux.die.net/man/1/ldapsearch). In my case, this is the command I use when connecting to my LDAP server in Jumpcloud and searching for users with the given objectClasses with the following filter: "(|(objectClass=organizationalUnit)(objectClass=person)(objectClass=group))"

ldapsearch -x -b "ou=Users,o=58b57552f9,dc=jumpcloud,dc=com" -D "uid=danna,ou=Users,o=58b57552f9,dc=jumpcloud,dc=com" -w "myPassword" -H ldap://ldap.jumpcloud.com:389 "(|(objectClass=organizationalUnit)(objectClass=person)(objectClass=group))"

We don't actually have a script that achieves this, but this should be doable with the steps I noted above.

3. To log from groovy scripts you can use the following:

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

Logger logger = LoggerFactory.getLogger(getClass().getName());

logger.error("my log message");

You should then see "my log message" in your reportserver logs.

Regards,
Eduardo

Offline

Board footer

Powered by FluxBB