Example 1 with IAttributes
use of com.zimbra.cs.ldap.IAttributes in project zm-mailbox by Zimbra.
the class AutoProvision method searchAutoProvDirectory.
/*
* entries are returned in DirectoryEntryVisitor interface.
*/
static void searchAutoProvDirectory(LdapProv prov, Domain domain, String filter, String name, String createTimestampLaterThan, String[] returnAttrs, int maxResults, final DirectoryEntryVisitor visitor) throws ServiceException {
SearchLdapVisitor ldapVisitor = new SearchLdapVisitor() {
@Override
public void visit(String dn, Map<String, Object> attrs, IAttributes ldapAttrs) throws StopIteratingException {
visitor.visit(dn, attrs);
}
};
searchAutoProvDirectory(prov, domain, filter, name, createTimestampLaterThan, returnAttrs, maxResults, ldapVisitor, false);
}
Also used :
SearchLdapVisitor(com.zimbra.cs.ldap.SearchLdapOptions.SearchLdapVisitor)
IAttributes(com.zimbra.cs.ldap.IAttributes)
Map(java.util.Map)
HashMap(java.util.HashMap)
Example 2 with IAttributes
use of com.zimbra.cs.ldap.IAttributes in project zm-mailbox by Zimbra.
the class AutoProvisionEager method searchAccounts.
private boolean searchAccounts(final List<ExternalEntry> entries, int batchSize) throws ServiceException {
String lastPolledAt = domain.getAutoProvLastPolledTimestampAsString();
String[] returnAttrs = getAttrsToFetch();
SearchLdapVisitor visitor = new SearchLdapVisitor(false) {
@Override
public void visit(String dn, IAttributes ldapAttrs) throws StopIteratingException {
entries.add(new ExternalEntry(dn, (ZAttributes) ldapAttrs));
}
};
boolean hitSizeLimitExceededException = AutoProvision.searchAutoProvDirectory(prov, domain, null, null, lastPolledAt, returnAttrs, batchSize, visitor, true);
ZimbraLog.autoprov.debug("searched external LDAP source, hit size limit ? %s", hitSizeLimitExceededException);
return hitSizeLimitExceededException;
}
Also used :
SearchLdapVisitor(com.zimbra.cs.ldap.SearchLdapOptions.SearchLdapVisitor)
IAttributes(com.zimbra.cs.ldap.IAttributes)
ZAttributes(com.zimbra.cs.ldap.ZAttributes)
Example 3 with IAttributes
use of com.zimbra.cs.ldap.IAttributes in project zm-mailbox by Zimbra.
the class LdapProvisioning method deleteMemberOfOnAccounts.
// TODO: change to ldif and do in background
private void deleteMemberOfOnAccounts(ZLdapContext zlc, String dynGroupId) throws ServiceException {
final List<Account> accts = new ArrayList<Account>();
SearchLdapVisitor visitor = new SearchLdapVisitor(false) {
@Override
public void visit(String dn, IAttributes ldapAttrs) throws StopIteratingException {
Account acct;
try {
acct = makeAccountNoDefaults(dn, (ZAttributes) ldapAttrs);
accts.add(acct);
} catch (ServiceException e) {
ZimbraLog.account.warn("unable to make account " + dn, e);
}
}
};
searchDynamicGroupInternalMembers(zlc, dynGroupId, visitor);
// do in background?
for (Account acct : accts) {
Map<String, Object> attrs = new HashMap<String, Object>();
attrs.put("-" + Provisioning.A_zimbraMemberOf, dynGroupId);
modifyLdapAttrs(acct, zlc, attrs);
// remove the account from cache
// note: cannnot just removeFromCache(acct) because acct only
// contains the name, so id/alias/foreignPrincipal cached in NamedCache
// won't be cleared.
Account cached = getFromCache(AccountBy.name, acct.getName());
if (cached != null) {
removeFromCache(cached);
}
}
}
Also used :
Account(com.zimbra.cs.account.Account)
GuestAccount(com.zimbra.cs.account.GuestAccount)
LdapAccount(com.zimbra.cs.account.ldap.entry.LdapAccount)
SearchLdapVisitor(com.zimbra.cs.ldap.SearchLdapOptions.SearchLdapVisitor)
AccountServiceException(com.zimbra.cs.account.AccountServiceException)
AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)
ServiceException(com.zimbra.common.service.ServiceException)
HashMap(java.util.HashMap)
IAttributes(com.zimbra.cs.ldap.IAttributes)
ZAttributes(com.zimbra.cs.ldap.ZAttributes)
ArrayList(java.util.ArrayList)
Example 4 with IAttributes
use of com.zimbra.cs.ldap.IAttributes in project zm-mailbox by Zimbra.
the class LdapProvisioning method deleteDomainInternal.
public void deleteDomainInternal(ZLdapContext zlc, String zimbraId) throws ServiceException {
// TODO: should only allow a domain delete to succeed if there are no people
// if there aren't, we need to delete the people trees first, then delete the domain.
LdapDomain domain = null;
String acctBaseDn = null;
String dynGroupsBaseDn = null;
try {
domain = (LdapDomain) getDomainById(zimbraId, zlc);
if (domain == null) {
throw AccountServiceException.NO_SUCH_DOMAIN(zimbraId);
}
String name = domain.getName();
// delete account base DN
acctBaseDn = mDIT.domainDNToAccountBaseDN(domain.getDN());
if (!acctBaseDn.equals(domain.getDN())) {
try {
zlc.deleteEntry(acctBaseDn);
} catch (LdapEntryNotFoundException e) {
ZimbraLog.account.info("entry %s not found", acctBaseDn);
}
}
// delete dynamic groups base DN
dynGroupsBaseDn = mDIT.domainDNToDynamicGroupsBaseDN(domain.getDN());
if (!dynGroupsBaseDn.equals(domain.getDN())) {
try {
zlc.deleteEntry(dynGroupsBaseDn);
} catch (LdapEntryNotFoundException e) {
ZimbraLog.account.info("entry %s not found", dynGroupsBaseDn);
}
}
try {
zlc.deleteEntry(domain.getDN());
domainCache.remove(domain);
} catch (LdapContextNotEmptyException e) {
// remove from cache before nuking all attrs
domainCache.remove(domain);
// assume subdomains exist and turn into plain dc object
Map<String, String> attrs = new HashMap<String, String>();
attrs.put("-" + A_objectClass, "zimbraDomain");
// remove all zimbra attrs
for (String key : domain.getAttrs(false).keySet()) {
if (key.startsWith("zimbra"))
attrs.put(key, "");
}
// cannot invoke callback here. If another domain attr is added in a callback,
// e.g. zimbraDomainStatus would add zimbraMailStatus, then we will get a LDAP
// schema violation naming error(zimbraDomain is removed, thus there cannot be
// any zimbraAttrs left) and the modify will fail.
modifyAttrs(domain, attrs, false, false);
}
String defaultDomain = getConfig().getAttr(A_zimbraDefaultDomainName, null);
if (name.equalsIgnoreCase(defaultDomain)) {
try {
Map<String, String> attrs = new HashMap<String, String>();
attrs.put(A_zimbraDefaultDomainName, "");
modifyAttrs(getConfig(), attrs);
} catch (Exception e) {
ZimbraLog.account.warn("unable to remove config attr:" + A_zimbraDefaultDomainName, e);
}
}
} catch (LdapContextNotEmptyException e) {
// get a few entries to include in the error message
int maxEntriesToGet = 5;
final String doNotReportThisDN = acctBaseDn;
final StringBuilder sb = new StringBuilder();
sb.append(" (remaining entries: ");
SearchLdapOptions.SearchLdapVisitor visitor = new SearchLdapOptions.SearchLdapVisitor() {
@Override
public void visit(String dn, Map<String, Object> attrs, IAttributes ldapAttrs) {
if (!dn.equals(doNotReportThisDN)) {
sb.append("[" + dn + "] ");
}
}
};
SearchLdapOptions searchOptions = new SearchLdapOptions(acctBaseDn, filterFactory.anyEntry(), new String[] { Provisioning.A_objectClass }, maxEntriesToGet, null, ZSearchScope.SEARCH_SCOPE_SUBTREE, visitor);
try {
zlc.searchPaged(searchOptions);
} catch (LdapSizeLimitExceededException lslee) {
// quietly ignore
} catch (ServiceException se) {
ZimbraLog.account.warn("unable to get sample entries in non-empty domain " + domain.getName() + " for reporting", se);
}
sb.append("...)");
throw AccountServiceException.DOMAIN_NOT_EMPTY(domain.getName() + sb.toString(), e);
} catch (ServiceException e) {
throw ServiceException.FAILURE("unable to purge domain: " + zimbraId, e);
}
}
Also used :
HashMap(java.util.HashMap)
LdapDomain(com.zimbra.cs.account.ldap.entry.LdapDomain)
SearchLdapOptions(com.zimbra.cs.ldap.SearchLdapOptions)
LdapContextNotEmptyException(com.zimbra.cs.ldap.LdapException.LdapContextNotEmptyException)
AccountServiceException(com.zimbra.cs.account.AccountServiceException)
ZimletException(com.zimbra.cs.zimlet.ZimletException)
LdapEntryNotFoundException(com.zimbra.cs.ldap.LdapException.LdapEntryNotFoundException)
IOException(java.io.IOException)
LdapInvalidSearchFilterException(com.zimbra.cs.ldap.LdapException.LdapInvalidSearchFilterException)
StopIteratingException(com.zimbra.cs.ldap.SearchLdapOptions.StopIteratingException)
LdapInvalidAttrValueException(com.zimbra.cs.ldap.LdapException.LdapInvalidAttrValueException)
LdapContextNotEmptyException(com.zimbra.cs.ldap.LdapException.LdapContextNotEmptyException)
AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)
LdapEntryAlreadyExistException(com.zimbra.cs.ldap.LdapException.LdapEntryAlreadyExistException)
ServiceException(com.zimbra.common.service.ServiceException)
LdapException(com.zimbra.cs.ldap.LdapException)
LdapMultipleEntriesMatchedException(com.zimbra.cs.ldap.LdapException.LdapMultipleEntriesMatchedException)
PatternSyntaxException(java.util.regex.PatternSyntaxException)
LdapSizeLimitExceededException(com.zimbra.cs.ldap.LdapException.LdapSizeLimitExceededException)
LdapInvalidAttrNameException(com.zimbra.cs.ldap.LdapException.LdapInvalidAttrNameException)
SearchLdapVisitor(com.zimbra.cs.ldap.SearchLdapOptions.SearchLdapVisitor)
SearchLdapVisitor(com.zimbra.cs.ldap.SearchLdapOptions.SearchLdapVisitor)
AccountServiceException(com.zimbra.cs.account.AccountServiceException)
AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)
ServiceException(com.zimbra.common.service.ServiceException)
LdapEntryNotFoundException(com.zimbra.cs.ldap.LdapException.LdapEntryNotFoundException)
IAttributes(com.zimbra.cs.ldap.IAttributes)
LdapSizeLimitExceededException(com.zimbra.cs.ldap.LdapException.LdapSizeLimitExceededException)
Map(java.util.Map)
TreeMap(java.util.TreeMap)
HashMap(java.util.HashMap)
Example 5 with IAttributes
use of com.zimbra.cs.ldap.IAttributes in project zm-mailbox by Zimbra.
the class LdapProvisioning method getNamesForIds.
@Override
public Map<String, String> getNamesForIds(Set<String> ids, EntryType type) throws ServiceException {
final Map<String, String> result = new HashMap<String, String>();
Set<String> unresolvedIds;
NamedEntry entry;
final String nameAttr;
final EntryType entryType = type;
String base;
String objectClass;
switch(entryType) {
case account:
unresolvedIds = new HashSet<String>();
for (String id : ids) {
entry = accountCache.getById(id);
if (entry != null)
result.put(id, entry.getName());
else
unresolvedIds.add(id);
}
nameAttr = Provisioning.A_zimbraMailDeliveryAddress;
base = mDIT.mailBranchBaseDN();
objectClass = AttributeClass.OC_zimbraAccount;
break;
case group:
unresolvedIds = ids;
// see dnToEmail
nameAttr = Provisioning.A_uid;
base = mDIT.mailBranchBaseDN();
objectClass = AttributeClass.OC_zimbraDistributionList;
break;
case cos:
unresolvedIds = new HashSet<String>();
for (String id : ids) {
entry = cosCache.getById(id);
if (entry != null)
result.put(id, entry.getName());
else
unresolvedIds.add(id);
}
nameAttr = Provisioning.A_cn;
base = mDIT.cosBaseDN();
objectClass = AttributeClass.OC_zimbraCOS;
break;
case domain:
unresolvedIds = new HashSet<String>();
for (String id : ids) {
entry = getFromCache(Key.DomainBy.id, id, GetFromDomainCacheOption.POSITIVE);
if (entry != null)
result.put(id, entry.getName());
else
unresolvedIds.add(id);
}
nameAttr = Provisioning.A_zimbraDomainName;
base = mDIT.domainBaseDN();
objectClass = AttributeClass.OC_zimbraDomain;
break;
default:
throw ServiceException.FAILURE("unsupported entry type for getNamesForIds" + type.name(), null);
}
// we are done if all ids can be resolved in our cache
if (unresolvedIds.size() == 0)
return result;
SearchLdapVisitor visitor = new SearchLdapVisitor() {
@Override
public void visit(String dn, Map<String, Object> attrs, IAttributes ldapAttrs) {
String id = (String) attrs.get(Provisioning.A_zimbraId);
String name = null;
try {
switch(entryType) {
case account:
name = ldapAttrs.getAttrString(Provisioning.A_zimbraMailDeliveryAddress);
if (name == null)
name = mDIT.dnToEmail(dn, ldapAttrs);
break;
case group:
name = mDIT.dnToEmail(dn, ldapAttrs);
break;
case cos:
name = ldapAttrs.getAttrString(Provisioning.A_cn);
break;
case domain:
name = ldapAttrs.getAttrString(Provisioning.A_zimbraDomainName);
break;
}
} catch (ServiceException e) {
name = null;
}
if (name != null)
result.put(id, name);
}
};
String[] returnAttrs = new String[] { Provisioning.A_zimbraId, nameAttr };
searchNamesForIds(unresolvedIds, base, objectClass, returnAttrs, visitor);
return result;
}
Also used :
NamedEntry(com.zimbra.cs.account.NamedEntry)
SearchLdapVisitor(com.zimbra.cs.ldap.SearchLdapOptions.SearchLdapVisitor)
CacheEntryType(com.zimbra.soap.admin.type.CacheEntryType)
AccountServiceException(com.zimbra.cs.account.AccountServiceException)
AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)
ServiceException(com.zimbra.common.service.ServiceException)
HashMap(java.util.HashMap)
IAttributes(com.zimbra.cs.ldap.IAttributes)
Map(java.util.Map)
TreeMap(java.util.TreeMap)
HashMap(java.util.HashMap)
Aggregations
IAttributes (com.zimbra.cs.ldap.IAttributes)11
SearchLdapVisitor (com.zimbra.cs.ldap.SearchLdapOptions.SearchLdapVisitor)9
ServiceException (com.zimbra.common.service.ServiceException)8
AccountServiceException (com.zimbra.cs.account.AccountServiceException)6
SearchLdapOptions (com.zimbra.cs.ldap.SearchLdapOptions)6
AuthFailedServiceException (com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)5
HashMap (java.util.HashMap)5
Map (java.util.Map)5
ZLdapContext (com.zimbra.cs.ldap.ZLdapContext)4
Account (com.zimbra.cs.account.Account)3
ArrayList (java.util.ArrayList)3
HashSet (java.util.HashSet)3
LdapDIT (com.zimbra.cs.account.ldap.LdapDIT)2
LdapSizeLimitExceededException (com.zimbra.cs.ldap.LdapException.LdapSizeLimitExceededException)2
ZAttributes (com.zimbra.cs.ldap.ZAttributes)2
ZLdapFilter (com.zimbra.cs.ldap.ZLdapFilter)2
TreeMap (java.util.TreeMap)2
Domain (com.zimbra.cs.account.Domain)1
GuestAccount (com.zimbra.cs.account.GuestAccount)1
NamedEntry (com.zimbra.cs.account.NamedEntry)1
