Domů Procházet Nápověda
Přihlásit se
Troglodyne
/
ldapscanner
2
0
Rozštěpit 0
Soubory Úkoly 0 Pull Requesty 0 Wiki
Strom: 94882d45e6
Větve Značky
ldapscanner
/
ldapscanner

ldapscanner 3.3 KB
Historie Surový

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107 
  1. #!/usr/bin/env perl
    2. 

  2. 

  3. use strict;
    4. 

  4. use warnings;
    5. 

  5. 

  6. use Config::Tiny  ();
    7. 

  7. use File::Slurper ();
    8. 

  8. use Net::LDAP     ();
    9. 

  9. use JSON::XS      ();
    10. 

  10. 

  11. die "No config file!" if !-f 'ldapscanner.cfg';
    12. 

  12. my $cfg     = Config::Tiny->read('ldapscanner.cfg');
    13. 

  13. my @servers = split( ',', $cfg->{'server'}{'hosts'} );
    14. 

  14. my $proto = 'ldap';
    15. 

  15. my %extra_args = (
    16. 

  16.     'onerror' => ( $cfg->{'prefs'}{'loglevel'} eq 'warn' ) ? 'warn' : 'die',
    17. 

  17.     'debug'   => $cfg->{'prefs'}{'loglevel'} eq 'debug',
    18. 

  18.     'port'    => $cfg->{'server'}{'port'},
    19. 

  19.     'timeout' => $cfg->{'server'}{'timeout'},
    20. 

  20. );
    21. 

  21. if( $cfg->{'server'}{'ldaps'} ) {
    22. 

  22.     $proto = 'ldaps';
    23. 

  23.     $extra_args{'verify'} = 'no';
    24. 

  24. }
    25. 

  25. $extra_args{'scheme'} = $proto;
    26. 

  26. 

  27. _log( "info", "Connecting..." );
    28. 

  28. my $conn = Net::LDAP->new( \@servers, %extra_args ) or die $@;
    29. 

  29. 

  30. my @bind_args;
    31. 

  31. my $user = 'anonymous';
    32. 

  32. if( $cfg->{'creds'}{'dn'} && $cfg->{'creds'}{'pass'} ) {
    33. 

  33.     push @bind_args, $cfg->{'creds'}{'dn'}, 'password', $cfg->{'creds'}{'pass'};
    34. 

  34.     $user = "DN: $cfg->{'creds'}{'dn'}";
    35. 

  35. }
    36. 

  36. _log( "info", "Binding as $user..." );
    37. 

  37. my $result = $conn->bind(@bind_args);
    38. 

  38. $result->code and die $result->error;
    39. 

  39. 

  40. _log( "info", "Beginning search..." );
    41. 

  41. $result = $conn->search(
    42. 

  42.     base   => $cfg->{'search'}{'base'},
    43. 

  43.     filter => $cfg->{'search'}{'filter'},
    44. 

  44. );
    45. 

  45. $result->code and die $result->error;
    46. 

  46. 

  47. my $old_entries = {};
    48. 

  48. if( -f '.last.json' ) {
    49. 

  49.     _log( "info", "Stored run data found, will compare against previous run." );
    50. 

  50.     my $raw = File::Slurper::read_text('.last.json');
    51. 

  51.     $old_entries = JSON::XS->new->decode($raw);
    52. 

  52. } else {
    53. 

  53.     _log( "info", "No run data found. Storing current data and exiting." );
    54. 

  54. }
    55. 

  55. 

  56. my $new_entries = {};
    57. 

  57. foreach my $entry ($result->entries) {
    58. 

  58.     my $hr = {};
    59. 

  59.     foreach my $attr ($entry->attributes( 'nooptions' => 1 )) {
    60. 

  60.         $hr->{$attr} = $entry->get_value( $attr, 'nooptions' => 1 );
    61. 

  61.     }
    62. 

  62.     $new_entries->{$entry->dn} = $hr;
    63. 

  63. }
    64. 

  64. _log( "info", "Found " . scalar(keys(%$new_entries)) . " records total" );
    65. 

  65. 

  66. my $diff = {
    67. 

  67.     'added'   => { map { $_ => $new_entries->{$_} } grep { !exists($old_entries->{$_}) } keys(%$new_entries) },
    68. 

  68.     'removed' => { map { $_ => $old_entries->{$_} } grep { !exists($new_entries->{$_}) } keys(%$old_entries) },
    69. 

  69. };
    70. 

  70. 

  71. File::Slurper::write_text( '.current_diff.json', JSON::XS->new->pretty->encode($diff) );
    72. 

  72. File::Slurper::write_text( '.last.json', JSON::XS->new->pretty->encode($new_entries) );
    73. 

  73. 

  74. my @skip = split( ',', $cfg->{'display'}{'ignore_attrs'} );
    75. 

  75. _log( "warn", "Added records  : " . scalar(keys(%{$diff->{'added'}})) );
    76. 

  76. _print_records( $diff->{'added'}, @skip );
    77. 

  77. _log( "warn", "Removed records: " . scalar(keys(%{$diff->{'removed'}})) );
    78. 

  78. _print_records( $diff->{'removed'}, @skip );
    79. 

  79. 

  80. sub _print_records {
    81. 

  81.     my ( $hr, @skip ) = @_;
    82. 

  82.     foreach my $key ( keys(%$hr) ) {
    83. 

  83.         _log( "warn", "------------------------------------------------" );
    84. 

  84.         _log( "warn", "DN: " . $key );
    85. 

  85.         foreach my $attr ( keys(%{$hr->{$key}}) ) {
    86. 

  86.             next if grep { $_ eq $attr } @skip;
    87. 

  87.             _log( "warn", "  $attr: $hr->{$key}{$attr}" );
    88. 

  88.         }
    89. 

  89.     }
    90. 

  90.     return;
    91. 

  91. }
    92. 

  92. 

  93. sub _log {
    94. 

  94.     my ( $level, $msg ) = @_;
    95. 

  95.     my %levels = (
    96. 

  96.         'warn'  => 1,
    97. 

  97.         'error' => 2,
    98. 

  98.         'info'  => 3,
    99. 

  99.         'debug' => 4,
    100. 

  100.     );
    101. 

  101.     my $loglevel = $levels{$cfg->{'prefs'}{'loglevel'}};
    102. 

  102.     die "Bad log level" if !$loglevel;
    103. 

  103.     print "$msg\n" if $levels{$level} <= $loglevel;
    104. 

  104.     return;
    105. 

  105. }
    106. 

  106. 

  107. 0;
    108.