diff --git a/lib/ldap_fluff/ad_member_service.rb b/lib/ldap_fluff/ad_member_service.rb index 3a12f70..8af1be5 100644 --- a/lib/ldap_fluff/ad_member_service.rb +++ b/lib/ldap_fluff/ad_member_service.rb @@ -15,7 +15,9 @@ def find_user_groups(uid) if _get_domain_func_level >= 6 user_dn = user_data[:distinguishedname].first search = @ldap.search(:base => user_dn, :scope => Net::LDAP::SearchScope_BaseObject, :attributes => ['msds-memberOfTransitive']) - if !search.nil? && !search.first.nil? + if search.nil? + raise Net::LDAP::Error, @ldap.get_operation_result[:error_message].to_s + elsif !search.first.nil? return get_groups(search.first['msds-memberoftransitive']) end end diff --git a/lib/ldap_fluff/freeipa_netgroup_member_service.rb b/lib/ldap_fluff/freeipa_netgroup_member_service.rb index 134fcbf..5d29e2a 100644 --- a/lib/ldap_fluff/freeipa_netgroup_member_service.rb +++ b/lib/ldap_fluff/freeipa_netgroup_member_service.rb @@ -3,10 +3,13 @@ class LdapFluff::FreeIPA::NetgroupMemberService < LdapFluff::FreeIPA::MemberService def find_user_groups(uid) groups = [] - @ldap.search(:filter => Net::LDAP::Filter.eq('objectClass', 'nisNetgroup'), :base => @group_base).each do |entry| + success = @ldap.search(:filter => Net::LDAP::Filter.eq('objectClass', 'nisNetgroup'), :base => @group_base, :return_result => false) do |entry| members = get_netgroup_users(entry[:nisnetgrouptriple]) groups << entry[:cn][0] if members.include? uid end + unless success + raise Net::LDAP::Error, @ldap.get_operation_result[:error_message].to_s + end groups end end diff --git a/lib/ldap_fluff/netiq_member_service.rb b/lib/ldap_fluff/netiq_member_service.rb index 7708ccb..c7fa52f 100644 --- a/lib/ldap_fluff/netiq_member_service.rb +++ b/lib/ldap_fluff/netiq_member_service.rb @@ -34,10 +34,15 @@ def find_user_groups(uid) # do nothing end - @ldap.search( + results = @ldap.search( :filter => filter, :base => @group_base, :attributes => ['cn'] - ).map { |entry| entry[:cn][0] } + ) + if results + results.map { |entry| entry[:cn][0] } + else + raise Net::LDAP::Error, @ldap.get_operation_result[:error_message].to_s + end end end diff --git a/lib/ldap_fluff/posix_member_service.rb b/lib/ldap_fluff/posix_member_service.rb index 72a099d..a9a2409 100644 --- a/lib/ldap_fluff/posix_member_service.rb +++ b/lib/ldap_fluff/posix_member_service.rb @@ -18,10 +18,16 @@ def find_user(uid, base_dn = @base) # note : this method is not particularly fast for large ldap systems def find_user_groups(uid) user = find_user(uid).first - @ldap.search( + results = @ldap.search( :filter => user_group_filter(uid, user[:dn].first), :base => @group_base, :attributes => ["cn"] - ).map { |entry| entry[:cn][0] } + ) + + if results + results.map { |entry| entry[:cn][0] } + else + raise Net::LDAP::Error, @ldap.get_operation_result[:error_message].to_s + end end class UIDNotFoundException < LdapFluff::Error diff --git a/lib/ldap_fluff/posix_netgroup_member_service.rb b/lib/ldap_fluff/posix_netgroup_member_service.rb index 17e3515..4ced119 100644 --- a/lib/ldap_fluff/posix_netgroup_member_service.rb +++ b/lib/ldap_fluff/posix_netgroup_member_service.rb @@ -5,10 +5,13 @@ class LdapFluff::Posix::NetgroupMemberService < LdapFluff::Posix::MemberService # return list of group CNs for a user def find_user_groups(uid) groups = [] - @ldap.search(:filter => Net::LDAP::Filter.eq('objectClass', 'nisNetgroup'), :base => @group_base).each do |entry| + success = @ldap.search(:filter => Net::LDAP::Filter.eq('objectClass', 'nisNetgroup'), :base => @group_base, :return_result => false) do |entry| members = get_netgroup_users(entry[:nisnetgrouptriple]) groups << entry[:cn][0] if members.include? uid end + unless success + raise Net::LDAP::Error, @ldap.get_operation_result[:error_message].to_s + end groups end end