Ruby on Rails - Are you a Member?

Send to friend

Large Enterprises that use Windows are typically in a Domain environment.
Often application access is controlled by group membership in ActiveDirectory.

The easy and fast way of finding this out, is via ruby-net-ldap, a native ruby implmenation.

So first install ruby-net-ldap
gem install ruby-net-ldap

You will get:

C:\>gem install ruby-net-ldap
Successfully installed ruby-net-ldap-0.0.4
1 gem installed
Installing ri documentation for ruby-net-ldap-0.0.4...
Installing RDoc documentation for ruby-net-ldap-0.0.4...

Example:
ad = ActiveDirectory.new('user','password','server','dc=company,dc=com')
pp ad.GetMembers('user1')
pp ad.GetMembers('user2')
if ad.MemberOf?("user1","myappgroup")
puts "YES We can do work"
end

You will need the following library:

#lib\active_directory.rb
require 'rubygems'
require 'net/ldap'
require 'pp'

class ActiveDirectory

#server has to be full name.domain.com
#treebase is dc=domain,dc=com
def initialize(username,password,server,treebase)
@username = username
@password = password
@server = server
@treebase = treebase
@ldap_con = Net::LDAP.new( {:host => @server, :port => 389, :auth =>
{ :method => :simple, :username => @username, :password => @password}})
end

def cleanup_members(members)
mymembers = Array.new
mymembers << '-none'
members.each do |member|
cmc = member[3,64]
cmcs = cmc.split(',')
mymembers << String.new(cmcs[0].delete(' '))
end
return(mymembers)
end

def GetEmail(username)
op_filter = Net::LDAP::Filter.eq( "samaccountname", username)

entries = @ldap_con.search( :base => @treebase, :filter => op_filter,:attributes=>
['samaccountname','mail'])
entry = entries[0]
emailaddress = entry.mail
return(emailaddress)
end

def GetMembers(username)
op_filter = Net::LDAP::Filter.eq( "samaccountname", username)

entries = @ldap_con.search( :base => @treebase, :filter => op_filter,:attributes=>
['samaccountname','memberof'])
entry = entries[0]
begin
themembers = entry.memberof
rescue
themembers = Array.new
end
membership = cleanup_members(themembers)
return(membership)
end

def MemberOf?(username,thegroup)
groups = GetMembers(username)
return groups.include?(thegroup)
end
end #ActiveDirectory

Images: