https://www.redmine.org/https://www.redmine.org/favicon.ico?16793021292008-09-01T09:35:40ZRedmineRedmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=45892008-09-01T09:35:40Zpaul k
<ul><li><strong>File</strong> <a href="/attachments/909">bulk_import_ldap2.patch</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/909/bulk_import_ldap2.patch">bulk_import_ldap2.patch</a> added</li></ul><p>Grmpf, wrong patch. Please ignore the first one</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=85332009-04-06T22:45:49ZJustin Grevich
<ul></ul><p>Is there any interest in merging this into Redmine? I think it's a great feature. I would like to expand upon it in that the user is given a "bulk import" dialogue box which allows the admin to select which users to import.</p>
<p>Thanks</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=89002009-04-29T18:34:21ZA G
<ul></ul><p>Does not work for me. I receive an error when trying to access an LDAP entry.</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=89122009-04-30T07:19:12ZJens Goldhammer
<ul></ul><p>+100!</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=89922009-05-05T19:59:48ZThomas D
<ul></ul><p>A G wrote:</p>
<blockquote>
<p>Does not work for me. I receive an error when trying to access an LDAP entry.</p>
</blockquote>
<p>Same for me here. I don't know much about Ruby, so unfortunately I can't be of much help</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=116572009-10-27T17:04:17ZThimios Dimopulos
<ul></ul><p>We are also very interested in this feature, any chance that it reaches the trunk?</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=119182009-11-10T19:52:12ZThimios Dimopulos
<ul><li><strong>File</strong> <a href="/attachments/2750">ldapimport.rb</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/2750/ldapimport.rb">ldapimport.rb</a> added</li></ul><p>I didn't want to patch Redmine in order to get this feature, so based on the patch by paul k, i created the attached script that i call through a cron job using the runner script:</p>
<p>*/5 * * * * /var/www/RedmineInstallations/development/0.8-stable/script/runner /var/www/RedmineInstallations/indice/ldapimport.rb > /var/log/redmine/development/ldapimport.log 2>&1</p>
<p>I wrote a blog entry about it at: <a class="external" href="http://blog.indice.gr/2009/11/redmine-bulk-import-for-ldap-users.html">http://blog.indice.gr/2009/11/redmine-bulk-import-for-ldap-users.html</a></p>
<p>regards</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=120382009-11-13T08:42:02ZStanislav German-Evtushenko
<ul></ul><p>Greate work man! Thank you!<br />I made small improvement (login is always to lowcase)<br /><pre>
--- ldapimport.rb.orig 2009-11-13 11:31:29.000000000 +0300
+++ ldapimport.rb 2009-11-13 11:42:42.000000000 +0300
@@ -21,7 +21,7 @@
:mail => AuthSourceLdap.get_attr(entry, self.attr_mail),
:auth_source_id => self.id ]
#sanity checking (all the above attributes are required)
- login = AuthSourceLdap.get_attr(entry, self.attr_login)
+ login = AuthSourceLdap.get_attr(entry, self.attr_login).downcase
catch :SKIP do
skip = false
attrs.each { |e|
</pre></p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=120452009-11-13T10:35:56ZStanislav German-Evtushenko
<ul></ul><p>One else improvement is update email if changed.<br /><pre>
--- ldapimport.rb.orig 2009-11-13 11:31:29.000000000 +0300
+++ ldapimport.rb 2009-11-13 13:36:18.000000000 +0300
@@ -37,7 +37,14 @@
}
end
next if skip
- if User.find(:first, :conditions => ["login=?", login])
+ if u = User.find(:first, :conditions => ["login=?", login])
+ # Update email if changed
+ if u.mail != attrs[0][:mail]
+ u.mail = attrs[0][:mail]
+ if u.save
+ logger.debug("Email for user #{login} was updated") if logger
+ end
+ end
logger.debug("User #{login} already there, skipping...") if logger
skipped.push(login+'(exists)')
next
</pre></p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=120532009-11-13T14:43:23ZThimios Dimopulos
<ul></ul><p>Thanks for the improvements. In case you also need it, i added a method that removes users that are no longer present in the LDAP database:</p>
<pre>
def remove_non_existing_users
ldap_con = initialize_ldap_con(self.account, self.account_password)
found = 0
logger.info("Removing users that do not exist in LDAP authentication source: #{self.name}.")
@users = User.all
@users.each { |user|
search_filter = Net::LDAP::Filter.eq("sAMAccountName", user.login)
entry = ldap_con.search(
:base => self.base_dn,
:filter => search_filter,
:attributes => ['dn', self.attr_firstname, self.attr_lastname, self.attr_mail, self.attr_login]
)
# ignore anonymous (empty login name and instance of AnonymousUser) and admin users
if entry.empty? && !user.login.empty? && user.class != AnonymousUser && user.login != "admin"
logger.info("The user with login name: #{user.login} does not exist any more in LDAP and will be removed")
found += 1
User.delete(user.id)
end
}
logger.info("Removed #{found} users that did not exist in LDAP authentication source: #{self.name}.")
end
</pre> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=120552009-11-13T15:02:40ZStanislav German-Evtushenko
<ul></ul><p>Thimios Dimopulos wrote:</p>
<blockquote>
<p>Thanks for the improvements. In case you also need it, i added a method that removes users that are no longer present in the LDAP database:</p>
<p>[...]</p>
</blockquote>
<p>Hm.. I think it's not so good thing, because:<br />1. Users are using in a history (I mean tasks, projects, wiki edit history, etc).<br />2. I have one special user (for example "admin") who aren't using LDAP. It used for administration and support (if LDAP DB have down).<br />3. If LDAP DB will accidentally be corrupted you can remove your active users.</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=120762009-11-13T20:14:41ZThimios Dimopulos
<ul></ul><p>You are absolutely right, deleting users just like that would lead to database corruption.</p>
<p>About the admin and anonymous users, i take that into account and do not manipulate them:<br /><pre>
if entry.empty? && !user.login.empty? && user.class != AnonymousUser && user.login != "admin"
</pre></p>
<p>I updated the method so that it just locks users that do not exist in LDAP any more:</p>
<pre>
def lock_non_existing
ldap_con = initialize_ldap_con(self.account, self.account_password)
found = 0
logger.info("Removing users that do not exist in LDAP authentication source: #{self.name}.")
@users = User.all
@users.each { |user|
search_filter = Net::LDAP::Filter.eq("sAMAccountName", user.login)
entry = ldap_con.search(
:base => self.base_dn,
:filter => search_filter,
:attributes => ['dn', self.attr_firstname, self.attr_lastname, self.attr_mail, self.attr_login]
)
# ignore anonymous (empty login name and instance of AnonymousUser) and admin users
if entry.empty? && !user.login.empty? && user.class != AnonymousUser && user.login != "admin"
logger.info("The user with login name: #{user.login} does not exist any more in LDAP and will be locked")
found += 1
user.status=User::STATUS_LOCKED
user.save
end
}
logger.info("Locked #{found} users that did not exist in LDAP authentication source: #{self.name}.")
end
</pre> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=120772009-11-13T20:22:25ZStanislav German-Evtushenko
<ul></ul><p>Thimios Dimopulos wrote:</p>
<blockquote>
<p>You are absolutely right, deleting users just like that would lead to database corruption.</p>
<p>About the admin and anonymous users, i take that into account and do not manipulate them:<br />[...]</p>
<p>I updated the method so that it just locks users that do not exist in LDAP any more:</p>
<p>[...]</p>
</blockquote>
<p>It's better way.<br />PS: LDAP doesn't have sAMAccountName. sAMAccountName is just Microsoft's thing.</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=121282009-11-16T14:23:03ZIgor Kalashnikov
<ul></ul><p>Unable to import (undefined method `+' for nil:NilClass)</p>
<p>When I try to "bulk import"</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=200372010-09-06T10:49:33ZRitesh Sutaria
<ul><li><strong>File</strong> <a href="/attachments/4434">import.php</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/4434/import.php">import.php</a> added</li></ul><p>PHP script to Bulk Import LDAP users in Redmine.</p>
<p>You may add in crontab to execute every 24 hours.</p>
<p>0 0 * * * * root /user/bin/php /path/phpscript >> /var/log/logfile</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=200382010-09-06T11:18:19ZStanislav German-Evtushenko
<ul></ul><p>Ritesh Sutaria wrote:</p>
<blockquote>
<p>PHP script to Bulk Import LDAP users in Redmine.</p>
<p>You may add in crontab to execute every 24 hours.</p>
<p>0 0 * * * * root /user/bin/php /path/phpscript >> /var/log/logfile</p>
</blockquote>
This script works with PostgreSQL only. I think ldapimport.rb quite better because:
<ul>
<li>it uses own redmine engine for adding accounts</li>
<li>it isn't depend of database engine</li>
</ul> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=201202010-09-09T15:41:26ZSamu Tuomisto
<ul></ul><p>Stanislav German-Evtushenko wrote:</p>
<blockquote>
<p>Ritesh Sutaria wrote:</p>
<blockquote>
<p>PHP script to Bulk Import LDAP users in Redmine.</p>
<p>You may add in crontab to execute every 24 hours.</p>
<p>0 0 * * * * root /user/bin/php /path/phpscript >> /var/log/logfile</p>
</blockquote>
This script works with PostgreSQL only. I think ldapimport.rb quite better because:
<ul>
<li>it uses own redmine engine for adding accounts</li>
<li>it isn't depend of database engine</li>
</ul>
</blockquote>
<p>Seems to work ok also with redmine 1.01 - thanks!</p>
<p>I wonder why this user population feature is not in redmine core - I don't see any point using LDAP with redmine without populating user base and setting access rights for users before hand.</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=205432010-09-20T14:36:09Zrain man
<ul><li><strong>File</strong> <a href="/attachments/4513">ldapimport</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/4513/ldapimport">ldapimport</a> added</li><li><strong>File</strong> <a href="/attachments/4514">ldapimport.rb</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/4514/ldapimport.rb">ldapimport.rb</a> added</li></ul><p>Hi, I made some modifications to make this work in Active directory. It handled disabled accounts and additional logic to handle locking of accounts in redmine.</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=226882010-11-25T11:36:35ZSamu Tuomisto
<ul></ul><p>rain man wrote:</p>
<blockquote>
<p>Hi, I made some modifications to make this work in Active directory. It handled disabled accounts and additional logic to handle locking of accounts in redmine.</p>
</blockquote>
<p>I tested the script but faced some errors. Could you advice me - how to solve following problem. Error messages from ldaplog.txt:</p>
<pre>
/opt/redmine-1.0.1-0/apps/redmine/script/../config/../vendor/rails/railties/lib/rails/gem_dependency.rb:119:Warning: Gem::Dependency#version_requirements is deprecated and will be removed on or after August 2010. Use #requirement
/opt/redmine-1.0.1-0/apps/redmine/vendor/rails/railties/lib/commands/runner.rb:48: (eval):1: compile error (SyntaxError)
(eval):1: unknown regexp options - rd
(eval):1: no .<digit> floating literal anymore; put 0 before dot
/opt/redmine-1.0.1-0/apps/redmine/ldapimport.rb
^
(eval):1: syntax error, unexpected tINTEGER
/opt/redmine-1.0.1-0/apps/redmine/ldapimport.rb
^
from /opt/redmine-1.0.1-0/ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `eval'
from /opt/redmine-1.0.1-0/apps/redmine/vendor/rails/railties/lib/commands/runner.rb:48
from /opt/redmine-1.0.1-0/ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `gem_original_require'
from /opt/redmine-1.0.1-0/ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `require'
from /opt/redmine-1.0.1-0/apps/redmine/script/runner:3
</pre>
<p>My ruby on rails skills are unfortunately very limited.</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=227352010-11-26T18:59:35ZSamu Tuomisto
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Resolved</i></li></ul><p>Samu Tuomisto wrote:</p>
<blockquote>
<p>rain man wrote:</p>
<blockquote>
<p>Hi, I made some modifications to make this work in Active directory. It handled disabled accounts and additional logic to handle locking of accounts in redmine.</p>
</blockquote>
<p>I tested the script but faced some errors. Could you advice me - how to solve following problem. Error messages from ldaplog.txt:</p>
<p>[...]</p>
<p>My ruby on rails skills are unfortunately very limited.</p>
</blockquote>
<p>This problem resolved - reasons were: <br />1) problem with gem mysql; solved by: <a class="external" href="http://oracleabc.com/b/archives/339">http://oracleabc.com/b/archives/339</a><br />2) bitnami stack that I am not familiar with</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=229552010-12-03T09:18:28ZFelix Schäfer
<ul><li><strong>Status</strong> changed from <i>Resolved</i> to <i>New</i></li></ul><p>Samu Tuomisto wrote:</p>
<blockquote>
<p>This problem resolved</p>
</blockquote>
<p>Yours yes, but the original request isn't resolved yet, reopening.</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=233232010-12-20T09:59:02ZAnonymous
<ul></ul><p>Hi there,</p>
<p>I have tried the ldapimport.rb within a bash file with redmine-1.0.4 and i have got this error :<br /><pre>
/services/redmine/script/ldapimport.rb:25:in `import': undefined method `include?' for nil:NilClass (NoMethodError)
from /services/redmine-trunk/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb:642:in `search'
from /services/redmine-trunk/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb:1175:in `search'
from /services/redmine-trunk/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb:1144:in `loop'
from /services/redmine-trunk/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb:1144:in `search'
from /services/redmine-trunk/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb:640:in `search'
from /services/redmine/script/ldapimport.rb:15:in `import'
from /services/redmine/script/ldapimport.rb:104
from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `eval'
from /usr/lib/ruby/gems/1.8/gems/rails-2.3.5/lib/commands/runner.rb:46
from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `gem_original_require'
from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `require'
from /services/redmine/script/runner:3
</pre></p>
<p>My knowledge of Ruby language are very limited...</p>
<p>Thanks for any help,<br />Patrice</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=280002011-04-15T20:51:44ZAlexandre Lissy
<ul></ul><p>I've been able to run this ldapimport.rb script with success on my redmine 1.1.2 instance, only had to change the id of the AuthSourceLdap in find() at the first line, because our LDAP server is id=2.</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=307562011-07-15T07:10:53ZTerence Mill
<ul></ul><p>Since redmine 1.2.1 there is a possibility to delete users, i think also exported to redmine api.<br />Would be nice to implement optional auto deletion this way.<br />Also there is a new plugin for <a href="https://github.com/thorin/redmine_ldap_sync/blob/master/README.md" class="external">ldap sync</a></p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=320842011-09-08T13:51:11Zyannick quenec'hdu
<ul></ul><p>Terence Mill wrote:</p>
<blockquote>
<p>Since redmine 1.2.1 there is a possibility to delete users, i think also exported to redmine api.</p>
</blockquote>
<p>How is possible to delete user in Rdmine and LDAP since 1.2.1 ? <br />I don't see this feature in roadmap. I tested with a redmine 1.2.1, if you delete a user in Redmine, this user isn't delete in LDAP. <br />If you delete user in LDAP, isn't delete in LDAP.</p>
<p>LDAP sync imposes a particular LDAP structure. It's not very generic.</p>
<p>Yannick</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=320852011-09-08T14:31:10ZTerence Mill
<ul></ul><p>You can delete user in redmine via gui and i think via api too. I never said that the ldap plugin does sync that back to ldap.<br />For my understanding of ldap i would be not wished to sync application side user cache back to ldap more the other way round.<br />LDAP is central user service and the appluication (like redmine) will sync from ldap but never too.<br />Why don't u use plain redmine user base without ldap then?</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=320862011-09-08T14:32:41ZTerence Mill
<ul></ul><p>You can delete user in redmine via gui and i think via api too. I never said that the ldap plugin does sync that back to ldap.<br />For my understanding of ldap it wouldn't be wished to sync application side user cache back to ldap more the other way round.<br />LDAP is central user service and the appluication (like redmine) will sync from ldap but never to ldap.<br />Why don't u use plain redmine user base without ldap then?</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=321612011-09-12T13:17:55Zyannick quenec'hdu
<ul></ul><p>Terence Mill wrote:</p>
<blockquote>
<p>You can delete user in redmine via gui and i think via api too. I never said that the ldap plugin does sync that back to ldap.</p>
</blockquote>
<p>Because, this topics speak about LDAP sync. The feature "user delete" has existed for a long time, long before version 1.2.1.</p>
<blockquote>
<p>For my understanding of ldap i would be not wished to sync application side user cache back to ldap more the other way round.<br />LDAP is central user service and the appluication (like redmine) will sync from ldap but never too.<br />Why don't u use plain redmine user base without ldap then?</p>
</blockquote>
<p>I use a SSO with LDAP, We have centralized the creation of users with LDAP. When I delete an account, I delete in LDAP. <br />When I use Redmin, I use authentication with LDAP. Redmine work well to create a new account with LDAP authentication. But, when I delete user in my LDAP, This user is always present in Redmine. I think the feature (ldap authentication) is half-developed</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=354572012-01-19T09:40:05ZJérôme BATAILLE
<ul></ul><p>You can check :<br /><a class="external" href="https://github.com/Utopism/redmine_ldap_sync">https://github.com/Utopism/redmine_ldap_sync</a></p>
<p>a plugin that brings a few of these features.</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=657502015-09-01T09:25:19ZSebastian Paluch
<ul></ul><p>+1</p> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=760632017-01-18T01:30:31ZMischa The Evil
<ul><li><strong>Has duplicate</strong> <i><a class="issue tracker-1 status-5 priority-4 priority-default closed" href="/issues/24840">Defect #24840</a>: LDAP: Users who didn't login yet, are not accesible (and groups where no user has logged in yet aren't available as well) to assign to a project</i> added</li></ul> Redmine - Feature #1838: Bulk import for LDAP usershttps://www.redmine.org/issues/1838?journal_id=763192017-01-26T18:03:15ZSvetly Minev
<ul></ul><p>Is this patch working under Redmine 3.3.2 / 3.3.X ???</p>
<p>Or is there any other solution how to import all AD users in Redmine?</p>
<p>I will appreciate every help</p>
<p>Thank you in advance</p>