// List the LDAP users func (a Authorizer) ListExternalUsers() (users []models.User, err error) { url := GetUrl(a.directory.Address, a.directory.Port) Uid := "Uid" DisplayName := "DisplayName" FullName := "CN" if a.directory.Uid != "" { Uid = a.directory.Uid } if a.directory.DisplayName != "" { DisplayName = a.directory.DisplayName } if a.directory.FullName != "" { FullName = a.directory.FullName } ldap, err := openldap.Initialize(url) if err != nil { logger.Get().Error("failed to connect the LDAP/AD server. error: %v", err) return nil, err } if a.directory.DomainAdmin != "" { err = ldap.Bind(fmt.Sprintf("%s=%s,%s", Uid, a.directory.DomainAdmin, a.directory.Base), a.directory.Password) if err != nil { logger.Get().Error("Error binding to LDAP Server:%s. error: %v", url, err) return nil, err } } scope := openldap.LDAP_SCOPE_SUBTREE filter := "(objectclass=*)" attributes := []string{Uid, DisplayName, FullName, "Mail"} rv, err := ldap.SearchAll(a.directory.Base, scope, filter, attributes) if err != nil { logger.Get().Error("Failed to search LDAP/AD server. error: %v", err) return nil, err } for _, entry := range rv.Entries() { user := models.User{} fullName := "" for _, attr := range entry.Attributes() { switch attr.Name() { case Uid: user.Username = strings.Join(attr.Values(), ", ") case "Mail": user.Email = strings.Join(attr.Values(), ", ") case DisplayName: user.FirstName = strings.Join(attr.Values(), ", ") case FullName: fullName = strings.Join(attr.Values(), ", ") } if len(fullName) != 0 && len(user.FirstName) != 0 { lastName := strings.Split(fullName, user.FirstName) if len(lastName) > 1 { user.LastName = strings.TrimSpace(lastName[1]) } } } // Assiging the default roles user.Role = a.defaultRole user.Groups = append(user.Groups, a.defaultGroup) user.Type = authprovider.External if len(user.Username) != 0 { users = append(users, user) } } return users, nil }