kanidm_ldap_sync/
config.rs
1use kanidm_proto::constants::{ATTR_UID, LDAP_ATTR_CN, LDAP_CLASS_GROUPOFNAMES};
2use kanidmd_lib::prelude::{Attribute, EntryClass};
3use serde::Deserialize;
4use std::collections::BTreeMap;
5use url::Url;
6use uuid::Uuid;
7
8use ldap3_client::proto::LdapFilter;
9
10fn person_objectclass() -> String {
11 EntryClass::Person.to_string()
12}
13
14fn person_attr_user_name() -> String {
15 ATTR_UID.to_string()
16}
17
18fn person_attr_display_name() -> String {
19 LDAP_ATTR_CN.to_string()
20}
21
22fn person_attr_gidnumber() -> String {
23 Attribute::UidNumber.to_string()
24}
25
26fn person_attr_password() -> String {
27 Attribute::UserPassword.to_string()
28}
29
30fn person_attr_login_shell() -> String {
31 Attribute::LoginShell.to_string()
32}
33
34fn person_attr_mail() -> String {
35 Attribute::Mail.to_string()
36}
37
38fn person_attr_ssh_public_key() -> String {
39 Attribute::LdapSshPublicKey.to_string()
40}
41
42fn group_objectclass() -> String {
43 LDAP_CLASS_GROUPOFNAMES.to_string()
44}
45
46fn group_attr_name() -> String {
47 Attribute::Cn.to_string()
48}
49
50fn group_attr_description() -> String {
51 Attribute::Description.to_string()
52}
53
54fn group_attr_member() -> String {
55 Attribute::Member.to_string()
56}
57
58fn group_attr_gidnumber() -> String {
59 Attribute::GidNumber.to_string()
60}
61
62#[derive(Debug, Deserialize, Default)]
63#[serde(rename_all = "lowercase")]
64pub enum GroupAttrSchema {
65 Rfc2307,
66 #[default]
67 Rfc2307Bis,
68}
69
70#[derive(Debug, Deserialize)]
71pub struct Config {
72 pub sync_token: String,
73 pub schedule: Option<String>,
74 pub status_bind: Option<String>,
75 pub ldap_uri: Url,
76 pub ldap_ca: String,
77 pub ldap_sync_dn: String,
78 pub ldap_sync_pw: String,
79 pub ldap_sync_base_dn: String,
80
81 pub ldap_filter: LdapFilter,
82
83 pub sync_password_as_unix_password: Option<bool>,
84
85 #[serde(default = "person_objectclass")]
86 pub person_objectclass: String,
87 #[serde(default = "person_attr_user_name")]
88 pub person_attr_user_name: String,
89 #[serde(default = "person_attr_display_name")]
90 pub person_attr_display_name: String,
91 #[serde(default = "person_attr_gidnumber")]
92 pub person_attr_gidnumber: String,
93 #[serde(default = "person_attr_password")]
94 pub person_attr_password: String,
95 pub person_password_prefix: Option<String>,
96 #[serde(default = "person_attr_login_shell")]
97 pub person_attr_login_shell: String,
98 #[serde(default = "person_attr_mail")]
99 pub person_attr_mail: String,
100 #[serde(default = "person_attr_ssh_public_key")]
101 pub person_attr_ssh_public_key: String,
102
103 #[serde(default = "group_objectclass")]
104 pub group_objectclass: String,
105 #[serde(default = "group_attr_name")]
106 pub group_attr_name: String,
107 #[serde(default = "group_attr_description")]
108 pub group_attr_description: String,
109 #[serde(default = "group_attr_gidnumber")]
110 pub group_attr_gidnumber: String,
111 #[serde(default = "group_attr_member")]
112 pub group_attr_member: String,
113 #[serde(default)]
114 pub group_attr_schema: GroupAttrSchema,
115
116 pub max_ber_size: Option<usize>,
118
119 #[serde(flatten)]
120 pub entry_map: BTreeMap<Uuid, EntryConfig>,
121}
122
123#[derive(Debug, Deserialize, Default, Clone)]
124pub struct EntryConfig {
125 #[serde(default)]
127 pub exclude: bool,
128
129 pub map_uuid: Option<Uuid>,
130 pub map_name: Option<String>,
131 pub map_gidnumber: Option<u32>,
132}