octopus oc srv jobs ldap user locker
1.3.0
通过某种原因自动锁定LDAP用户帐户。用作计划任务。
取决于OC_LDAP_CLIENT ,因此其所有限制都是实际的。
写下saimatley并提供- config的论点。是一个JSON文件。例子:
{
"LDAP": {
"url": "ldap://ldap-test.example.local",
"user_cert": "/home/user/ssl/test/user.pem",
"user_key": "/home/user/ssl/test/user.priv.key",
"ca_chain": "/home/user/ssl/test/CA.chain.pem",
"baseDn": "dc=domain,dc=example,dc=local"
},
"SMTP": {
"url": "smtp://test.smtp.example.com:25",
"user": "TEST_USER",
"password": "TEST_PASSWORD",
"from": "[email protected]",
"subject": "default e-mail subject"
},
"users": [
{
"days_valid": 730,
"time_attributes": ["authTimestamp", "modifyTimeStamp", "createTimestamp"],
"condition_attributes": {
"memberOf.businessCategory": {
"values": [
"Vendor"
]
}
},
"lock_notifications": [
{
"days_before": 30,
"template": {
"file": "default_en.html.template",
"type": "html",
"signature": "signature.png"
}
},
{
"days_before": 10,
"template": {
"file": "default_en.html.template",
"type": "html",
"signature": "signature.png"
}
}
]
},
{
"days_valid": 90,
"time_attributes": ["authTimestamp", "modifyTimeStamp", "createTimestamp"],
"lock_notifications": [
{
"days_before": 30,
"template": {
"file": "default_en.html.template",
"type": "html",
"signature": "signature.png"
}
},
{
"days_before": 10,
"template": {
"file": "default_en.html.template",
"type": "html",
"signature": "signature.png"
}
}
]
},
{
"days_valid": 0,
"time_attributes": ["modifyTimeStamp", "createTimestamp"],
"condition_attributes":
{
"mail": {
"comparison": {
"type": "regexp",
"condition": "any"
},
"values": [
".*@gmail\.[a-z]+",
".*@mail\.[a-z]+",
".*@inbox\.ru",
".*@yandex\.ru",
".*@yahoo(mail|\-inc)?\.[a-z]+",
".*@ymail\.[a-z]+",
".*@rocketmail\.[a-z]+",
".*@hotmail\.[a-z]+",
".*@rambler\.ru",
".*@qip\.ru",
".*@bigmir\.net",
".*@ukr\.net",
".*@usa\.net",
".*@live\.[a-z]+",
".*@msn\.[a-z]+",
".*@googlemail\.[a-z]+"
]
}
}
}
]
}
可能的值比较子参数: *类型: REGEXP , PLAIN (默认) *条件: ALL (默认),任何
如果类型为REGEXP ,则在值部分中需要Python正则表达式。不支持非弦属性比较。所有比较都是不敏感的。
- from notification configuration
- from global **SMTP** section if missing in template settings
- "Account lock warning" by default if both above missing
* *cn* - user login
* *givenName* - user first name
* *sn* - user last name
* *displayName* - user display name
* *lockDate* - locking date ('YYYY-MM-DD')
* *lockDays* - days before locking
最多v。1.1.0:具有较小days_valid值的那个。自从v。1.2.0:一个WHICN具有更严格的过滤对应关系。如果匹配的属性数量相等,则首先使用配置。
