nohupped / adtoldap Goto Github PK

I am not using tls/ssl to talk to the source AD server. Aka, I am talking on port 389. As such, I have commented out UseTLS, etc. The program then says those values don't exist.

So, I then place UseTLS=false back into the config. I then get an error about CRTPath not being readable(I copied the example from the README). So I try to disable that option too, etc.

I can work around the CRTPath by setting it to /dev/null. But it'd be nice if the program was more forgiving on missing options(I don't need any of the certification/ssl stuff in my environment, all communication is sent over a secure tunnel).

Background

Module path is inconsistent with go import path.
GO111MODULE=on, run go get github.com/nohupped/ADtoLDAP:

go: downloading github.com/nohupped/ADtoLDAP v0.0.0-20200426135055-207bf29e0c6b
go: github.com/nohupped/ADtoLDAP upgrade => v0.0.0-20200426135055-207bf29e0c6b
go get: github.com/nohupped/[email protected]: parsing go.mod:
        module declares its path as: ADtoLDAP
                but was required as: github.com/nohupped/ADtoLDAP 

Solution

Fix the module path:

1. Rename the module path to "github.com/nohupped/ADtoLDAP": https://github.com/nohupped/ADtoLDAP/blob/master/go.mod#L1 :

module github.com/nohupped/ADtoLDAP
go 1.13
require (
	…
) 

2. Warning the users not to use the module, get "github.com/nohupped/ADtoLDAP" in GOPATH mode.

Hi There,

I am facing some trouble during installation. Could you please guide me what I might be doing wrong here?

❯ go get -f -u -v github.com/nohupped/ADtoLDAP

github.com/nohupped/ADtoLDAP (download)
github.com/nohupped/glog (download)
gopkg.in/ini.v1 (download)
gopkg.in/ldap.v2 (download)
gopkg.in/asn1-ber.v1 (download)
github.com/nohupped/ADtoLDAP/gosyncmodules
# github.com/nohupped/ADtoLDAP/gosyncmodules
src/github.com/nohupped/ADtoLDAP/gosyncmodules/logger.go:29:20: cannot use glog.DebugLevel (type uint) as type *uint in argument to logger.SetLogLevel
src/github.com/nohupped/ADtoLDAP/gosyncmodules/logger.go:36:21: cannot use glog.ErrorLevel (type uint) as type *uint in argument to logger.SetLogLevel
src/github.com/nohupped/ADtoLDAP/gosyncmodules/logger.go:39:21: cannot use glog.WarnLevel (type uint) as type *uint in argument to logger.SetLogLevel
src/github.com/nohupped/ADtoLDAP/gosyncmodules/logger.go:42:21: cannot use glog.InfoLevel (type uint) as type *uint in argument to logger.SetLogLevel
src/github.com/nohupped/ADtoLDAP/gosyncmodules/logger.go:45:21: cannot use glog.DebugLevel (type uint) as type *uint in argument to logger.SetLogLevel

Thanks

Hi,

I am running into an issue when I trying to run ./ADtoLDAP. I made sure the base schema of my AD is the same as the base schema of my LDAP instance.

main.go:104: DEBUG: Add : &{cn=Users,dc=myorg,dc=local [{objectClass [top container]} {cn [Users]}]}
main.go:107: ERROR: LDAP Result Code 21 "Invalid Attribute Syntax": objectClass: value #1 invalid per syntax
main.go:104: DEBUG: Add : &{cn=Computers,dc=myorg,dc=local [{objectClass [top container]} {cn [Computers]}]}
main.go:107: ERROR: LDAP Result Code 21 "Invalid Attribute Syntax": objectClass: value #1 invalid per syntax
main.go:104: DEBUG: Add : &{cn=System,dc=myorg,dc=local [{objectClass [top container]} {cn [System]}]}
main.go:107: ERROR: LDAP Result Code 21 "Invalid Attribute Syntax": objectClass: value #1 invalid per syntax
main.go:104: DEBUG: Add : &{cn=LostAndFound,dc=myorg,dc=local [{objectClass [top lostAndFound]} {cn [LostAndFound]}]}
main.go:107: ERROR: LDAP Result Code 21 "Invalid Attribute Syntax": objectClass: value #1 invalid per syntax
main.go:123: DEBUG: Done from func FindDels
main.go:104: DEBUG: Add : &{cn=Infrastructure,dc=myorg,dc=local [{objectClass [top infrastructureUpdate]} {cn [Infrastructure]}]}
main.go:107: ERROR: LDAP Result Code 21 "Invalid Attribute Syntax": objectClass: value #1 invalid per syntax

Could you please help me what could be wrong?

Thanks

This is because the log file is hard-coded to /var/log/ldapsync.log. Further complicated because the logging is started before the command line is parsed, and before the config file is loaded.

Nothing about this program requires root level access. Just a config file to read, and 2 remote servers to talk to.

12:10:40 -0500 adam@tooz:/srv/development/openldap$ sudo /srv/development/go/bin/ADtoLDAP
[sudo] password for adam:
/etc/ldapsync.ini file permission too broad, make it non-readable to groups and others.
12:14:14 -0500 adam@tooz:/srv/development/openldap$ ls /etc/ldapsync.ini
ls: cannot access /etc/ldapsync.ini: No such file or directory

12:19:53 -0500 adam@tooz:/srv/development/openldap$ sudo /srv/development/go/bin/ADtoLDAP -configfile test.ini
test.ini not owned by root. Make it owned by root, and make it non-readable to groups and others.

Please note, that test.ini exists in the current folder. I have to use sudo because of the previous requirement to access /var/log/ldapsync.log.

This program does not need to run as root, so shouldn't be forcing root ownership.

Hi,

The command below does not work, would you help me?

go get github.com/nohupped/ADtoLDAP

Return:

/root/workspace/src/github.com/nohupped/ADtoLDAP/gosyncmodules/CheckPerm.go:23: undefined: user.LookupGroupId

Is it possible to remap the basedn for eg: if we're syncing from basedn = ou=someOu,dc=ad-example,dc=com and sync to basedn = ou=someOu,dc=ldap-example,dc=com ?

build failures

➜  ADtoLDAP git:(master) $ GOOS=linux GOARCH=amd64 go build .
./main.go:56:3: undefined: gosyncmodules.CheckPerm

go version:
go version go1.11.4 darwin/amd64

ADtoLDAP version is master