Revision 8356
Added by ben leinfelder about 11 years ago
ldapweb.cgi | ||
---|---|---|
335 | 335 |
my $dt = DateTime->now; |
336 | 336 |
$dt->subtract( hours => $orgExpiration ); |
337 | 337 |
my $expirationDate = $dt->ymd("") . $dt->hms("") . "Z"; |
338 |
my $filter = "(createTimestamp <= " . $expirationDate . ")";
|
|
339 |
debug("Clearing expired accounts with filter: " . $filter);
|
|
338 |
my $filter = "(&(objectClass=inetOrgPerson)(createTimestamp<=" . $expirationDate . "))";
|
|
339 |
debug("Clearing expired accounts with filter: " . $filter . ", base: " . $tmpSearchBase);
|
|
340 | 340 |
my @attrs = [ 'uid', 'o', 'ou', 'cn', 'mail', 'telephoneNumber', 'title' ]; |
341 | 341 |
|
342 | 342 |
my $ldap; |
... | ... | |
345 | 345 |
my $dn; |
346 | 346 |
|
347 | 347 |
#if main ldap server is down, a html file containing warning message will be returned |
348 |
debug("clearTempAccounts: connecting to $ldapurl, $timeout"); |
|
348 |
debug("clearTemporaryAccounts: connecting to $ldapurl, $timeout");
|
|
349 | 349 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
350 | 350 |
if ($ldap) { |
351 | 351 |
$ldap->start_tls( verify => 'none'); |
352 | 352 |
$ldap->bind( version => 3, dn => $ldapUsername, password => $ldapPassword ); |
353 | 353 |
$mesg = $ldap->search ( |
354 |
base => $orgAuthBase,
|
|
354 |
base => $tmpSearchBase,
|
|
355 | 355 |
filter => $filter, |
356 | 356 |
attrs => \@attrs, |
357 | 357 |
); |
358 |
|
|
359 | 358 |
if ($mesg->count() > 0) { |
360 | 359 |
my $entry; |
361 | 360 |
foreach $entry ($mesg->all_entries) { |
Also available in: Unified diff
correct the createTimestamp filter and search base -- only remove inetOrgPerson entries, not any underlying structure that was added to store these temporary accounts. https://projects.ecoinformatics.org/ecoinfo/issues/6099