Tuesday, April 19, 2016

Groovy LDAP access

Groovy script to access and modify LDAP or Active Directory using groovy ldap library.

Need following library:
groovy-ldap.jar

Class loading:
this.getClass().classLoader.rootLoader.addURL(new File("lib/groovy-ldap.jar").toURL()); import org.apache.directory.groovyldap.*;

Connecting LDAP:
LDAP = Class.forName("org.apache.directory.groovyldap.LDAP"); SearchScope = Class.forName("org.apache.directory.groovyldap.SearchScope"); host = "<ldap_host_addr>"; ad_user = "<ldap_priv_userid>"; ad_password = "<password>"; ldap = LDAP.newInstance(host, ad_user, ad_password); println "Connected to AD => $host";

Reading an entry:
search_str = "uid=<uid_info>*"; //* regex match entries = ldap.search(search_str, "<ldap_ou_path>", SearchScope.ONE); print "${entries.size} entries are found\n\n"; for (entry in entries) { print """ DN: ${entry.dn} Common name: ${entry.cn} uid: ${entry.uid} Object classes: ${entry.objectclass} """ }

Modify an entry:
//user dn is needed; it wont modify cn dn = "<dn_of_entry_to_be_modified>"; mods = [ ["REPLACE", [<field_name_1>: "<new_value_1>"]], ["REPLACE", [<field_name_2>: "<new_value_2>"]], ["ADD", [<new_field>: "<new_value>"]] ] ldap.modify(dn, mods); print "LDAP entry modified\n";


Posted by at No comments:

Groovy OIM Access

Groovy script to access Oracle Identity Management using OIM Client library.
Need following libraries:
spring.jar
oimclient.jar
wlfullclient.jar
authwl.conf file content:
xellerate{ weblogic.security.auth.login.UsernamePasswordLoginModule required debug=true; };

 Class loading:
#!/usr/bin/env groovy this.getClass().classLoader.rootLoader.addURL(new File("lib/spring.jar").toURL()); this.getClass().classLoader.rootLoader.addURL(new File("lib/oimclient.jar").toURL()); this.getClass().classLoader.rootLoader.addURL(new File("lib/wlfullclient.jar").toURL()); import oracle.iam.platform.*; import oracle.iam.identity.usermgmt.api.*;

Connecting OIM:
String oimUrl = "<server_url>"; String oimAdmin = "<privileged_user>"; String oimPasswd = "<password>"; String authwlFileName = "authwl.conf"; String authwl = getClass().getClassLoader().getResource(authwlFileName).toString(); System.setProperty("java.security.auth.login.config", authwl); System.setProperty("java.naming.factory.initial", "weblogic.jndi.WLInitialContextFactory"); System.setProperty("java.naming.provider.url", oimUrl); System.setProperty("OIM.AppServerType", "wls"); System.setProperty("APPSERVER_TYPE", "wls"); def OIMClient = Class.forName("oracle.iam.platform.OIMClient").newInstance(); Hashtable<String, String> env = new Hashtable<String, String>(); env.put("java.naming.factory.initial", "weblogic.jndi.WLInitialContextFactory"); env.put("java.naming.provider.url", oimUrl); OIMClient.login(oimAdmin, oimPasswd.toCharArray(), env); println "Connected to OIM => ${oimUrl}\n";

Read an entry:
usrMgr = OIMClient.getService(Class.forName("oracle.iam.identity.usermgmt.api.UserManager")); //Parameters to be read from OIM. Add additional fields based on need usrAttrs = new HashSet<String>(); usrAttrs.add("Common Name"); usrAttrs.add("Display Name"); usrAttrs.add("Email"); usrAttrs.add("First Name"); usrAttrs.add("Initials"); usrAttrs.add("Last Name"); usrAttrs.add("User Login"); user = usrMgr.getDetails("User Login", "<user_login_unique_value>", usrAttrs); //Print usrAttrs.each { println "$it \t\t=> ${user.getAttribute(it)}"; }

Modify an entry:
usrMgr = OIMClient.getService(Class.forName("oracle.iam.identity.usermgmt.api.UserManager")); //collect entityid HashSet<String> retAttrs = new HashSet<String>(); user = usrMgr.getDetails("User Login", "<user_login>", retAttrs); entityId = user.getEntityId(); //create user entry using entityid updateUser = Class.forName("oracle.iam.identity.usermgmt.vo.User").newInstance(entityId); //update the user updateUser.setAttribute("<field_name>", "<new_value>"); //refer OIM form mappings for attribute name usrMgr.modify(updateUser); println "User modified";
Posted by at No comments:
Subscribe to: Posts (Atom)