5.7.190. Bugzilla::Extension::RedHat::bin::ldap-audit¶
5.7.190.1. NAME¶
ldap-audit.pl
5.7.190.2. SYNOPSIS¶
ldap-audit.pl <options>
--help|h Display help text
--man Display man page
--force Force LDAP caches to be refreshed.
--nomail Do not send any email
--user Limit report to a specific user. Can be supplied multiple times
--keep Keep the LDAP cache files
--purity Automatically remove partner users from inappropriate groups
5.7.190.3. DESCRIPTION¶
This command audits all open Red Hat user Bugzilla accounts looking for records that do not match the expected states.
The breach report for users is sent to the “mail_errors_to” contact point.
5.7.190.4. EXAMPLES¶
$ ldap-audit.pl --force
5.7.190.5. METHODS¶
check_mail¶
Given an email address determine it’s state and category and process accordingly.
proc_unverified¶
Process a current user as unverified.
proc_sa¶
Process a service account.
proc_user¶
Process a current user and audit their groups Vs their LDAP values.
TODO
Post Bugzilla 5 group clean up this needs changing.
get_user¶
Get a Bugzilla::User object for an email address.
remove_groups¶
Remove an account from an array of groups.
ensure_in_groups¶
Check to see if an account is in an array of groups.
proc_ex_user¶
Process an Ex-user account.
If terminate is set it will set disabled text, disable bug mail, remove it from all groups, and remove all product responsibilities.
get_users¶
Cache and load the user LDAP records.
