github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

[Feature] 添加同步 LDAP/AD 用户的定时任务2(添加同步参数配置项)

Browse Source
pull/3295/head
BaiJiangJie 5 years ago
parent 8081a864da
commit 8b7c5b1545
4 changed files with 22 additions and 4 deletions
Show Stats Download Patch File Download Diff File

5
apps/jumpserver/conf.py
Unescape View File

@ -374,6 +374,10 @@ defaults = {
'RADIUS_SERVER': 'localhost', 'RADIUS_SERVER': 'localhost',
'RADIUS_PORT': 1812, 'RADIUS_PORT': 1812,
'RADIUS_SECRET': '', 'RADIUS_SECRET': '',
'AUTH_LDAP_SEARCH_PAGED_SIZE': 1000,
'AUTH_LDAP_SYNC_IS_PERIODIC': False,
'AUTH_LDAP_SYNC_INTERVAL': None,
'AUTH_LDAP_SYNC_CRONTAB': None,
'HTTP_BIND_HOST': '0.0.0.0', 'HTTP_BIND_HOST': '0.0.0.0',
'HTTP_LISTEN_PORT': 8080, 'HTTP_LISTEN_PORT': 8080,
'WS_LISTEN_PORT': 8070, 'WS_LISTEN_PORT': 8070,
@ -386,7 +390,6 @@ defaults = {
'PERM_SINGLE_ASSET_TO_UNGROUP_NODE': False, 'PERM_SINGLE_ASSET_TO_UNGROUP_NODE': False,
'WINDOWS_SSH_DEFAULT_SHELL': 'cmd', 'WINDOWS_SSH_DEFAULT_SHELL': 'cmd',
'FLOWER_URL': "127.0.0.1:5555", 'FLOWER_URL': "127.0.0.1:5555",
'AUTH_LDAP_SEARCH_PAGED_SIZE': 1000,
'DEFAULT_ORG_SHOW_ALL_USERS': True, 'DEFAULT_ORG_SHOW_ALL_USERS': True,
} }

4
apps/jumpserver/settings.py
Unescape View File

@ -425,6 +425,10 @@ OTP_VALID_WINDOW = CONFIG.OTP_VALID_WINDOW
# Auth LDAP settings # Auth LDAP settings
AUTH_LDAP = False AUTH_LDAP = False
AUTH_LDAP_SEARCH_PAGED_SIZE = CONFIG.AUTH_LDAP_SEARCH_PAGED_SIZE AUTH_LDAP_SEARCH_PAGED_SIZE = CONFIG.AUTH_LDAP_SEARCH_PAGED_SIZE
AUTH_LDAP_SYNC_IS_PERIODIC = CONFIG.AUTH_LDAP_SYNC_IS_PERIODIC
AUTH_LDAP_SYNC_INTERVAL = CONFIG.AUTH_LDAP_SYNC_INTERVAL
AUTH_LDAP_SYNC_CRONTAB = CONFIG.AUTH_LDAP_SYNC_CRONTAB
AUTH_LDAP_SERVER_URI = 'ldap://localhost:389' AUTH_LDAP_SERVER_URI = 'ldap://localhost:389'
AUTH_LDAP_BIND_DN = 'cn=admin,dc=jumpserver,dc=org' AUTH_LDAP_BIND_DN = 'cn=admin,dc=jumpserver,dc=org'
AUTH_LDAP_BIND_PASSWORD = '' AUTH_LDAP_BIND_PASSWORD = ''

3
apps/settings/utils.py
Unescape View File

@ -170,7 +170,7 @@ class LDAPUtil:
email = construct_user_email(username, email) email = construct_user_email(username, email)
return email return email
def create_or_update_users(self, user_items, force_update=True): def create_or_update_users(self, user_items):
succeed = failed = 0 succeed = failed = 0
for user_item in user_items: for user_item in user_items:
exist = user_item.pop('existing', False) exist = user_item.pop('existing', False)
@ -180,6 +180,7 @@ class LDAPUtil:
else: else:
ok, error = self.update_user(user_item) ok, error = self.update_user(user_item)
if not ok: if not ok:
logger.info("Failed User: {}".format(user_item))
failed += 1 failed += 1
else: else:
succeed += 1 succeed += 1

14
apps/users/tasks.py
Unescape View File

@ -82,11 +82,21 @@ def sync_ldap_user():
def sync_ldap_user_periodic(): def sync_ldap_user_periodic():
if not settings.AUTH_LDAP: if not settings.AUTH_LDAP:
return return
if not settings.AUTH_LDAP_SYNC_IS_PERIODIC:
return
interval = settings.AUTH_LDAP_SYNC_INTERVAL
if isinstance(interval, int):
interval = interval * 3600
else:
interval = None
crontab = settings.AUTH_LDAP_SYNC_CRONTAB
tasks = { tasks = {
'sync_ldap_user_periodic': { 'sync_ldap_user_periodic': {
'task': sync_ldap_user.name, 'task': sync_ldap_user.name,
'interval': None, 'interval': interval,
'crontab': '* * * * *', 'crontab': crontab,
'enabled': True, 'enabled': True,
} }
} }

Write Preview
Loading…
Cancel
Save