Revision 8356
Added by ben leinfelder over 10 years ago
| ldapweb.cgi | ||
|---|---|---|
| 335 | 335 |
my $dt = DateTime->now; |
| 336 | 336 |
$dt->subtract( hours => $orgExpiration ); |
| 337 | 337 |
my $expirationDate = $dt->ymd("") . $dt->hms("") . "Z";
|
| 338 |
my $filter = "(createTimestamp <= " . $expirationDate . ")";
|
|
| 339 |
debug("Clearing expired accounts with filter: " . $filter);
|
|
| 338 |
my $filter = "(&(objectClass=inetOrgPerson)(createTimestamp<=" . $expirationDate . "))";
|
|
| 339 |
debug("Clearing expired accounts with filter: " . $filter . ", base: " . $tmpSearchBase);
|
|
| 340 | 340 |
my @attrs = [ 'uid', 'o', 'ou', 'cn', 'mail', 'telephoneNumber', 'title' ]; |
| 341 | 341 |
|
| 342 | 342 |
my $ldap; |
| ... | ... | |
| 345 | 345 |
my $dn; |
| 346 | 346 |
|
| 347 | 347 |
#if main ldap server is down, a html file containing warning message will be returned |
| 348 |
debug("clearTempAccounts: connecting to $ldapurl, $timeout");
|
|
| 348 |
debug("clearTemporaryAccounts: connecting to $ldapurl, $timeout");
|
|
| 349 | 349 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
| 350 | 350 |
if ($ldap) {
|
| 351 | 351 |
$ldap->start_tls( verify => 'none'); |
| 352 | 352 |
$ldap->bind( version => 3, dn => $ldapUsername, password => $ldapPassword ); |
| 353 | 353 |
$mesg = $ldap->search ( |
| 354 |
base => $orgAuthBase,
|
|
| 354 |
base => $tmpSearchBase,
|
|
| 355 | 355 |
filter => $filter, |
| 356 | 356 |
attrs => \@attrs, |
| 357 | 357 |
); |
| 358 |
|
|
| 359 | 358 |
if ($mesg->count() > 0) {
|
| 360 | 359 |
my $entry; |
| 361 | 360 |
foreach $entry ($mesg->all_entries) {
|
Also available in: Unified diff
correct the createTimestamp filter and search base -- only remove inetOrgPerson entries, not any underlying structure that was added to store these temporary accounts. https://projects.ecoinformatics.org/ecoinfo/issues/6099