Skip to content
/ stackstorm-ldap Public

Stackstorm pack to create users over LDAP and send their credentials to given mail addresses.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

INSRapperswil/stackstorm-ldap

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

actions

actions

 
 

rules

rules

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

config.schema.yaml

config.schema.yaml

 
 

icon.png

icon.png

 
 

ldap.yaml.example

ldap.yaml.example

 
 

pack.yaml

pack.yaml

 
 

requirements.txt

requirements.txt

 
 

Repository files navigation

LDAP (Microsoft AD) pack

This pack consists of Microsoft Active Directory LDAP actions. Based on python-ldap lib.

Installation

Dependencies

  • sudo apt-get install libsasl2-dev python-dev libldap2-dev libssl-dev

Configuration

Interactive wizard

st2 pack config ldap

Manual configuration

Copy the example configuration in ldap.yaml.example to /opt/stackstorm/configs/ldap.yaml and edit as required.

  • ldap_address - IP Address or FQDN of your LDAP server (e.g. example.ad.local)
  • ldap_domain - Domainname (e.g. example.ad.local)
  • ldap_admin_username - Admin User with CRUD rights
  • ldap_admin_password - Admin User secret
  • ldap_base_dn - OU where a user is created and searched
  • ldap_group_dn - Group to which a user gets assigned
  • mail_sender_address - Sender mail address
  • mail_text - Mail content text as jinja syntax with username and password variable
  • mail_subject - Mail Subject
  • mail_server - FQDN or IP of the SMTP mail server

You can also use dynamic values from the datastore. See the docs for more info.

Workflows

Orquesta

orquesta_add_user

Adds a LDAP user to the active directory.

Input:

  • mail - required
  • password - optional
    • if not set a random password will be generated
  • expires_in - optional
    • default: never
  • expires_in_dimension - optional
    • has to be used if expires_in is set
  • username - optional

orquesta_delete_user

Deletes a LDAP user from the active directory.

Input:

  • username - required
    • sAMAccountName is required
    • Regex values are allowed
  • only_expired_users - optional
    • boolean: deletes only expired users if set to true
    • default: false

Actions

  • get_user - Action which retrieves details for a particular user.
  • create_user - Action which creates a new LDAP user.
  • delete_user - Action which deletes a particular user.
  • enable_user - Action which enables a particular user.
  • disable_user - Action which disables a particular user.
  • generate_password - Action which creates a XKCD like password.
  • set_user_password - Action which sets the password for a particular user.
  • set_user_group - Action which adds a given user to the group defined in the ldap_group_dn config.
  • send_mail - Action to send a mail with a given jinja template as content

Aliases

  • orquesta_add_user - only useful in combination with Slack
  • orquesta_delete_user - only useful in combination with Slack

Policies

None

Rules

  • notify_on_user_deletion - Makes a notification to your ChatOps-Bot if user deletion workflow is executed
  • remove_expired_users_daily - Cronjob which removes all expired users

Sensors

None

About

Stackstorm pack to create users over LDAP and send their credentials to given mail addresses.

Topics

ldap automation stackstorm user-management

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

7 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages