A Lita handler plugin for basic interactions with Active Directory.
Add lita-activedirectory to your Lita instance's Gemfile:
gem "lita-activedirectory"
config.handlers.activedirectory.host
- LDAP host to queryconfig.handlers.activedirectory.port
- LDAP port used to connect to the hostconfig.handlers.activedirectory.basedn
- The basedn for the LDAP searchconfig.handlers.activedirectory.user_basedn
- the basedn for LDAP user searchesconfig.handlers.activedirectory.username
- User for connecting to LDAPconfig.handlers.activedirectory.password
- Password for connecting to LDAP
username expects the samaccount name
is <username> locked?
unlock <username>
Requires membership in ad_admins
authorization group.
The user account specified in config.handlers.activedirectory.username
must have permission to write the lockouttime
attribute for unlocking to succeed. We leave it up to you to secure this account accordingly.
<username> groups>
group <groupname> members
add <username> to <groupname>
Requires membership in ad_admins
authorization group.
The user account specified in config.handlers.activedirectory.username
must have permission to write the member
attribute on groups for the membership change to succeed. We leave it up to you to secure this account accordingly.
remove <username> from <groupname>
Requires membership in ad_admins
authorization group.
The user account specified in config.handlers.activedirectory.username
must have permission to write the member
attribute on groups for the membership change to succeed. We leave it up to you to secure this account accordingly.
disable user <username>
Requires membership in ad_admins
authorization group.
The user account specified in config.handlers.activedirectory.username
must have permission to write the userAccountControl
attribute on groups for the change to succeed. We leave it up to you to secure this account accordingly.
enable user <username>
Requires membership in ad_admins
authorization group.
The user account specified in config.handlers.activedirectory.username
must have permission to write the userAccountControl
attribute on groups for the change to succeed. We leave it up to you to secure this account accordingly.