Search in sources :

Example 36 with ZLdapContext

use of com.zimbra.cs.ldap.ZLdapContext in project zm-mailbox by Zimbra.

the class LdapDynamicGroup method updateGroupMembershipForDynamicGroups.

public static GroupMembership updateGroupMembershipForDynamicGroups(LdapProvisioning prov, GroupMembership membership, Account acct, Collection<String> ids, boolean adminGroupsOnly, boolean customGroupsOnly, boolean nonCustomGroupsOnly) throws ServiceException {
    if (ids.size() == 0) {
        return membership;
    }
    String acctDN = prov.getDNforAccount(acct, null, false);
    if (acctDN == null) {
        return membership;
    }
    ZLdapFilter filter = ZLdapFilterFactory.getInstance().dynamicGroupByIds(ids.toArray(new String[0]));
    ZLdapContext zlcCompare = null;
    try {
        zlcCompare = LdapClient.getContext(LdapServerType.get(false), LdapUsage.COMPARE);
        BySearchResultEntrySearcher searcher = new BySearchResultEntrySearcher(prov, (ZLdapContext) null, (Domain) null, BASIC_ATTRS, new GroupMembershipUpdator(prov, zlcCompare, acctDN, membership, adminGroupsOnly, customGroupsOnly, nonCustomGroupsOnly));
        searcher.doSearch(filter, DYNAMIC_GROUPS_TYPE);
    } finally {
        LdapClient.closeContext(zlcCompare);
    }
    return membership;
}
Also used : ZLdapFilter(com.zimbra.cs.ldap.ZLdapFilter) ZLdapContext(com.zimbra.cs.ldap.ZLdapContext) BySearchResultEntrySearcher(com.zimbra.cs.account.ldap.BySearchResultEntrySearcher)

Example 37 with ZLdapContext

use of com.zimbra.cs.ldap.ZLdapContext in project zm-mailbox by Zimbra.

the class LdapProvisioning method dumpLdapSchema.

@Override
public void dumpLdapSchema(PrintWriter writer) throws ServiceException {
    ZLdapContext zlc = null;
    try {
        zlc = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.GET_SCHEMA);
        ZLdapSchema schema = zlc.getSchema();
        for (ZLdapSchema.ZObjectClassDefinition oc : schema.getObjectClasses()) {
            writer.println(oc.getName());
        }
    // TODO print more stuff
    } catch (ServiceException e) {
        ZimbraLog.account.warn("unable to get LDAP schema", e);
    } finally {
        LdapClient.closeContext(zlc);
    }
}
Also used : ZLdapSchema(com.zimbra.cs.ldap.ZLdapSchema) ZLdapContext(com.zimbra.cs.ldap.ZLdapContext) AccountServiceException(com.zimbra.cs.account.AccountServiceException) AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException) ServiceException(com.zimbra.common.service.ServiceException)

Example 38 with ZLdapContext

use of com.zimbra.cs.ldap.ZLdapContext in project zm-mailbox by Zimbra.

the class LdapProvisioning method createDistributionList.

private DistributionList createDistributionList(String listAddress, Map<String, Object> listAttrs, Account creator) throws ServiceException {
    SpecialAttrs specialAttrs = mDIT.handleSpecialAttrs(listAttrs);
    String baseDn = specialAttrs.getLdapBaseDn();
    listAddress = listAddress.toLowerCase().trim();
    String[] parts = listAddress.split("@");
    if (parts.length != 2)
        throw ServiceException.INVALID_REQUEST("must be valid list address: " + listAddress, null);
    String localPart = parts[0];
    String domain = parts[1];
    domain = IDNUtil.toAsciiDomainName(domain);
    listAddress = localPart + "@" + domain;
    validEmailAddress(listAddress);
    CallbackContext callbackContext = new CallbackContext(CallbackContext.Op.CREATE);
    callbackContext.setCreatingEntryName(listAddress);
    AttributeManager.getInstance().preModify(listAttrs, null, callbackContext, true);
    ZLdapContext zlc = null;
    try {
        zlc = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.CREATE_DISTRIBUTIONLIST);
        Domain d = getDomainByAsciiName(domain, zlc);
        if (d == null)
            throw AccountServiceException.NO_SUCH_DOMAIN(domain);
        if (!d.isLocal()) {
            throw ServiceException.INVALID_REQUEST("domain type must be local", null);
        }
        ZMutableEntry entry = LdapClient.createMutableEntry();
        entry.mapToAttrs(listAttrs);
        Set<String> ocs = LdapObjectClass.getDistributionListObjectClasses(this);
        entry.addAttr(A_objectClass, ocs);
        String zimbraIdStr = LdapUtil.generateUUID();
        entry.setAttr(A_zimbraId, zimbraIdStr);
        entry.setAttr(A_zimbraCreateTimestamp, LdapDateUtil.toGeneralizedTime(new Date()));
        entry.setAttr(A_mail, listAddress);
        // unlike accounts (which have a zimbraMailDeliveryAddress for the primary,
        // and zimbraMailAliases only for aliases), DLs use zibraMailAlias for both.
        // Postfix uses these two attributes to route mail, and zimbraMailDeliveryAddress
        // indicates that something has a physical mailbox, which DLs don't.
        entry.setAttr(A_zimbraMailAlias, listAddress);
        // by default a distribution list is always created enabled
        if (!entry.hasAttribute(Provisioning.A_zimbraMailStatus)) {
            entry.setAttr(A_zimbraMailStatus, MAIL_STATUS_ENABLED);
        }
        String displayName = entry.getAttrString(Provisioning.A_displayName);
        if (displayName != null) {
            entry.setAttr(A_cn, displayName);
        }
        entry.setAttr(A_uid, localPart);
        setGroupHomeServer(entry, creator);
        String dn = mDIT.distributionListDNCreate(baseDn, entry.getAttributes(), localPart, domain);
        entry.setDN(dn);
        zlc.createEntry(entry);
        DistributionList dlist = getDLBasic(DistributionListBy.id, zimbraIdStr, zlc);
        if (dlist != null) {
            AttributeManager.getInstance().postModify(listAttrs, dlist, callbackContext);
            removeExternalAddrsFromAllDynamicGroups(dlist.getAllAddrsSet(), zlc);
            allDLs.addGroup(dlist);
        } else {
            throw ServiceException.FAILURE("unable to get distribution list after creating LDAP entry: " + listAddress, null);
        }
        return dlist;
    } catch (LdapEntryAlreadyExistException nabe) {
        throw AccountServiceException.DISTRIBUTION_LIST_EXISTS(listAddress);
    } catch (LdapException e) {
        throw e;
    } catch (AccountServiceException e) {
        throw e;
    } catch (ServiceException e) {
        throw ServiceException.FAILURE("unable to create distribution list: " + listAddress, e);
    } finally {
        LdapClient.closeContext(zlc);
    }
}
Also used : ZMutableEntry(com.zimbra.cs.ldap.ZMutableEntry) LdapEntryAlreadyExistException(com.zimbra.cs.ldap.LdapException.LdapEntryAlreadyExistException) ZLdapContext(com.zimbra.cs.ldap.ZLdapContext) Date(java.util.Date) AccountServiceException(com.zimbra.cs.account.AccountServiceException) AccountServiceException(com.zimbra.cs.account.AccountServiceException) AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException) ServiceException(com.zimbra.common.service.ServiceException) CallbackContext(com.zimbra.cs.account.callback.CallbackContext) LdapDomain(com.zimbra.cs.account.ldap.entry.LdapDomain) Domain(com.zimbra.cs.account.Domain) LdapException(com.zimbra.cs.ldap.LdapException) LdapDistributionList(com.zimbra.cs.account.ldap.entry.LdapDistributionList) DistributionList(com.zimbra.cs.account.DistributionList)

Example 39 with ZLdapContext

use of com.zimbra.cs.ldap.ZLdapContext in project zm-mailbox by Zimbra.

the class LdapProvisioning method getNonDefaultDynamicGroupMembers.

public String[] getNonDefaultDynamicGroupMembers(DynamicGroup group) {
    final List<String> members = Lists.newArrayList();
    ZLdapContext zlc = null;
    try {
        zlc = LdapClient.getContext(LdapServerType.REPLICA, LdapUsage.GET_GROUP_MEMBER);
        /*
             * this DynamicGroup object must not be a basic group with minimum
             * attrs, we need the member attribute
             */
        String[] memberDNs = group.getMultiAttr(Provisioning.A_member);
        final String[] attrsToGet = new String[] { Provisioning.A_zimbraMailDeliveryAddress, Provisioning.A_zimbraIsExternalVirtualAccount };
        for (String memberDN : memberDNs) {
            ZAttributes memberAttrs = zlc.getAttributes(memberDN, attrsToGet);
            String memberAddr = memberAttrs.getAttrString(Provisioning.A_zimbraMailDeliveryAddress);
            boolean isVirtualAcct = memberAttrs.hasAttributeValue(Provisioning.A_zimbraIsExternalVirtualAccount, "TRUE");
            if (memberAddr != null && !isVirtualAcct) {
                members.add(memberAddr);
            }
        }
    } catch (ServiceException e) {
        ZimbraLog.account.warn("unable to get dynamic group members", e);
    } finally {
        LdapClient.closeContext(zlc);
    }
    return members.toArray(new String[members.size()]);
}
Also used : ZLdapContext(com.zimbra.cs.ldap.ZLdapContext) AccountServiceException(com.zimbra.cs.account.AccountServiceException) AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException) ServiceException(com.zimbra.common.service.ServiceException) ZAttributes(com.zimbra.cs.ldap.ZAttributes)

Example 40 with ZLdapContext

use of com.zimbra.cs.ldap.ZLdapContext in project zm-mailbox by Zimbra.

the class LdapProvisioning method searchDynamicGroupInternalMemberDeliveryAddresses.

private void searchDynamicGroupInternalMemberDeliveryAddresses(ZLdapContext initZlc, String dynGroupId, final Collection<String> result) {
    SearchLdapVisitor visitor = new SearchLdapVisitor(false) {

        @Override
        public void visit(String dn, IAttributes ldapAttrs) throws StopIteratingException {
            String addr = null;
            try {
                addr = ldapAttrs.getAttrString(Provisioning.A_zimbraMailDeliveryAddress);
            } catch (ServiceException e) {
                ZimbraLog.account.warn("unable to get attr", e);
            }
            if (addr != null) {
                result.add(addr);
            }
        }
    };
    ZLdapContext zlc = initZlc;
    try {
        if (zlc == null) {
            // always use master to search for dynamic group members
            zlc = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.SEARCH);
        }
        searchDynamicGroupInternalMembers(zlc, dynGroupId, visitor);
    } catch (ServiceException e) {
        ZimbraLog.account.warn("unable to search dynamic group members", e);
    } finally {
        if (initZlc == null) {
            LdapClient.closeContext(zlc);
        }
    }
}
Also used : SearchLdapVisitor(com.zimbra.cs.ldap.SearchLdapOptions.SearchLdapVisitor) AccountServiceException(com.zimbra.cs.account.AccountServiceException) AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException) ServiceException(com.zimbra.common.service.ServiceException) ZLdapContext(com.zimbra.cs.ldap.ZLdapContext) IAttributes(com.zimbra.cs.ldap.IAttributes)

Aggregations

ZLdapContext (com.zimbra.cs.ldap.ZLdapContext)112 ServiceException (com.zimbra.common.service.ServiceException)51 AccountServiceException (com.zimbra.cs.account.AccountServiceException)48 AuthFailedServiceException (com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)46 LdapEntryAlreadyExistException (com.zimbra.cs.ldap.LdapException.LdapEntryAlreadyExistException)21 LdapException (com.zimbra.cs.ldap.LdapException)20 ZMutableEntry (com.zimbra.cs.ldap.ZMutableEntry)18 Domain (com.zimbra.cs.account.Domain)17 CallbackContext (com.zimbra.cs.account.callback.CallbackContext)14 Date (java.util.Date)14 LdapDomain (com.zimbra.cs.account.ldap.entry.LdapDomain)12 HashMap (java.util.HashMap)12 LdapEntry (com.zimbra.cs.account.ldap.entry.LdapEntry)11 SearchLdapOptions (com.zimbra.cs.ldap.SearchLdapOptions)11 Account (com.zimbra.cs.account.Account)9 LdapDynamicGroup (com.zimbra.cs.account.ldap.entry.LdapDynamicGroup)8 ZLdapFilter (com.zimbra.cs.ldap.ZLdapFilter)8 GuestAccount (com.zimbra.cs.account.GuestAccount)7 LdapAccount (com.zimbra.cs.account.ldap.entry.LdapAccount)7 ZSearchResultEntry (com.zimbra.cs.ldap.ZSearchResultEntry)7