I'd like to use CFLDAP to retrieve all the users in a certain distribution group used by Exchange. If this is possible, what do I use for the 'filter' attribute of CFLDAP? Also, if all I have is the email address for the group (e.g. 'sales#example.com'), can I still get the user information, or do I need the name of the group that uses that email address?
For example, what would I put in the block below?
<cfldap server = "foo.example.com"
action = "query"
name = "ldap2"
start = "dc=foo,dc=example,dc=com"
attributes = "givenName,sn,sAMAccountName,mail,employeeID,dn"
filter="?????????????"
username="BAR\eterps"
password="12345" >
To get the Group name from the email address, I used Active Directory Explorer. I'm sure there is a way to query for it as well.
Once I had the group name, I created my filter for CFLDAP: (&(objectClass=user)(memberOf=cn=Sales,ou=Email Distribution Groups,dc=foo,dc=example,dc=com))
So the resulting CFLDAP query looks like:
<cfldap server = "foo.example.com"
action = "query"
name = "ldap2"
start = "dc=foo,dc=example,dc=com"
attributes = "givenName,sn,sAMAccountName,mail,employeeID,dn"
filter="(&(objectClass=user)(memberOf=cn=Sales,ou=Email Distribution Groups,dc=foo,dc=example,dc=com))"
username="BAR\eterps"
password="12345" >
a filter is not required when using cfldap in my experience. What happens when you run the query without a filter?
If I understand your question correctly, you can modify the start attribute with the specific Group dn, and not just the Root dn, it should only return the info from that group. If there is an attribute that points to users that are members of that group, make sure you include that in the attribute list.
If you dont modify the start attribute, your filter would be something like (cn=groupname) that points to the group you want.
Related
I would like to find a list of dynamic thing groups. I can see the type of field when I go to one of the thing groups in AWS IoT Core. How do I search and find a list of thing groups which has a Type as Dynamic?
e.g.
When I visit one of the Thing Group present in IoT Core.
You do not have a description for the thing group yet.
Created
Jul 26, 2019 11:21:44 AM -0700
Type
Static
0 Attributes
I tried a few variants, but they did not work.
Type: Dynamic
attributes.Type: Dynamic
Type == Dynamic
Thanks in advance for any suggestions.
Configure a Thing Group index on Fleet Indexing.
For every dynamic Thing Group created, add an attribute to distinguish it as a dynamic thing group, i.e. attribute.dynamic: true
Call SearchIndex on the index with the query attributes.dynamic: true and that will return all dynamic Thing Groups.
It looks like it is not straight-forward. Thanks to my colleague, I created a script to get that list.
import boto3
client = boto3.client('iot')
list_thing_groups = client.list_thing_groups()
while True:
for thing_group in list_thing_groups['thingGroups']:
name = thing_group['groupName']
response = client.describe_thing_group(
thingGroupName=name
)
query = response.get('queryString')
if query:
print(name)
if list_thing_groups.get('nextToken'):
list_thing_groups = client.list_thing_groups(nextToken=list_thing_groups.get('nextToken'))
else:
break
The idea is queryString for dynamic Thing Group won't be null.
I'm attempting to figure out how to elegantly update a document's associations with existing documents with Mongoid.
If I have Users and Groups, and want to assign a User to an existing group, how could I do this via update_attributes ?
I want to be able to do something like this:
user.attributes = { groups: [{"_id":"existing group id here"}]}
user.save
When I try to do the above, Mongoid attempts to INSERT a new group, thereby causing a ID duplicate error.
I have tried doing the same via nested attributes:
user.groups_attributes = [{"_id":"existing group id here"}]
user.save
And the same error occurs. Is there anyway I can do this WITHOUT having to manually query the group id and push it into the array? The reason I'm asking is because lets say i have a model with many associations.. i dont want to have to have blocks of code to update each association manually
Assigning an an existing User to an existing Group with update_attributes is very simple (assuming you already added the Group/User relation).
user.update_attributes(:group_id => 'existing group id here')
How to verify email through link.
I have user edit profile and it is showing user email.I want to give one link to verify email.I do not what to do.
Add one column to your
User Model : email_verification and by default set to zero (0).
Then using persistence_token create a URL and sent to that specific email address. If you dnt have persistence_token as column in your User model then you can add custom column of your choice like verify_email_token as column name and stored 50 random string.
Using
o = [('a'..'z'),('A'..'Z'),('0'..'9')].map{|i| i.to_a}.flatten
string = (0...50).map{ o[rand(o.length)] }.join
URL example :
http://www.yoursitename.com/VerifyEmailAddress/?token=persistence_token ;
When user click on that link, internally call function like VerifyEmailAddress and in that method update email_verification column by one (1).
I am new to django/python and working my way through my webapp. I need assistance in solving one of my problems.
In my app, I am planning to assign each user (from auth_user) to one of the group ( from auth_group). Each group can have multiple users. I have entry in auth_group, auth_user and auth_user_groups. Here is my question:
At time of login I want to check that logging user belongs to which group?
I want to keep that group info in session/cache so all pages I can show information about that group only.
If you have any sample code will be great.
Giving support to the very well #trinchet's answer with an example of context_processor code.
Puts inside your webapp a new file called context_processors.py and writes this lines on it:
def user_groups(request):
"""
Add `groups` var to the context with all the
groups the logged in user has, so you can access
in your templates to this var as: {{ groups }}
"""
groups = None
if request.user.is_authenticated():
groups = user.groups
return {'groups': groups}
Finally on your settings.py add 'webbapp.context_processors.user_groups'to TEMPLATE_CONTEXT_PROCESSOR:
TEMPLATE_CONTEXT_PROCESSORS = (
'webbapp.context_processors.user_groups',
)
1) Be user an instance of auth.models.User, you can get all groups the user belong to, through user.groups. If you want to ask at time of login then you should do this in your login view.
2) You can use session or cache approaches to deal with, this is irrelevant, but once you have the group you need to render the pages having this value, i mean, you need to provide the group to the template rendering, to do this I suggest to you using a custom context processor.
I am trying to get the following connection to our LDAP working via ColdFusion, however, I can never get it to return any values (i.e. results.recordcount always equals 0). I assume my problem is with the "start" portion of the query so I did some research and have tried numerous values but nothing seems to work.
<cfldap
server = "adserver"
action = "query"
username = "DOMAIN\username"
password = "apassword"
name = "results"
scope="subtree"
start = "dc=domain.local"
attributes = "givenname,surname,uid,userid,groupMembership,mail,dn,roles,memberof,cn,samaccountName">
<cfoutput>
#results.recordcount#
</cfoutput>
The structure of the AD that I'm trying to access is as follows. I'm trying to get to the "Users" section at the bottom of the tree shown.
Active Directory Users and Computers
- Saved queries
- domain.local
- option1
- option2
- NAME1
- option1
- option2
- NAME2
- Computers
- Disabled Users
- Groups
- Users
If I right-click on "User" and view the properties it tells me the canonical name for it is domain.local/NAME1/NAME2/Users, which I assume is relevant to my problem.
Any ideas what I should be using for the "start" portion of cfldap?
Thanks in advance.
I highly recommend browsing your AD with a program like Softerra's LDAP Browser (http://www.ldapbrowser.com/) and then locating the distinguished name of the hierarchy where you want to start searching. Using this, I was able to find the exact DN of the LDAP structure to target.
Try somethign like this. I've had the best luck starting at a high level and then using the filter attribute to drill down.
<cfldap action="query" start="DC=server, DC=domain, DC=com" filter="OU=Users"
username = "DOMAIN\username" password = "apassword" name = "results"
scope="subtree" attributes = "givenname,surname,uid,userid,groupMembership,mail,dn,roles,memberof,cn,samaccountName">