cancel
Showing results for 
Search instead for 
Did you mean: 

Example script to sync an LDAP group with a Collab group

Highlighted
Moderator

Example script to sync an LDAP group with a Collab group

Larger organizations that want to reduce administrative overhead will sometimes want to syncchronize their Active Directory groups with Collaborator's internal groups. Here's an example script to get you started.

 

Save this as groupsync.vbs

 

' Create a file system object. We will write to this file, and then pass it to
' "ccollab admin group sync" later, outside of this script
set objFSO=CreateObject("Scripting.FileSystemObject")
set objFile = objFSO.CreateTextFile("groupsync.xml",True)

' Get an LDAP connection object
set conn = createobject("ADODB.Connection")
' Get the Root DSE, which means use our local domain and local DC
set iAdRootDSE = GetObject("LDAP://RootDSE")
' Get the default naming context for the local domain, e.g. DC=smartbear, DC=local
strDefaultNamingContext = iAdRootDSE.Get("defaultNamingContext")

' Set a filter to only display groups that are within a specific Outlook.Application
ouFilter = "OU=Test OU,"

' Open the connection to the directory server
Conn.Provider = "ADsDSOObject"
Conn.Open "ADs Provider"

' Build the query string
strQueryDL = "<LDAP://" & ouFilter & strDefaultNamingContext & ">;(&(objectCategory=group)(objectClass=group));distinguishedName,member,adspath;subtree"

' Build a command object
set objCmd = createobject("ADODB.Command")
objCmd.ActiveConnection = Conn
' We want to search everything
objCmd.Properties("SearchScope") = 2 

' Set the command text to our search string from above
objCmd.CommandText = strQueryDL

' Send the quest, store the results
Set objRs = objCmd.Execute

' Echo out the opening <groups> XML tag
objFile.Write "<groups>" & vbCrLf

' Iterate through the results
While Not objRS.eof
		printGroup (objRS.Fields("distinguishedName"))
	objRS.MoveNext
Wend

' Echo out the closing </groups> XML tag
objFile.Write "</groups>" & vbCrLf

' Close the groupsync.xml file
objFile.Close


' ---------------------- Begin Utility Methods ------------------------

function printGroup (groupDN)
	Set group = GetObject("LDAP://" & groupDN)
	
	' Echo out the opening <group> XML tag
	' Set the groups guid to the distinguished name, the title to the common name, and copy the description field from LDAP to Collab
	objFile.Write "<group guid=""" & group.distinguishedName & """ title=""" & group.CN & """ description=""" & group.description & """>" & vbCrLf

	For Each memberDN In group.member
		printGroupMember(memberDN)
	Next
	
	' Echo out the closing </group> XML tag
	objFile.Write "</group>" & vbCrLf
end function

Sub printGroupMember (memberDN)
	' Get the LDAP object passed as memberDN
	Set member = GetObject("LDAP://" & memberDN)
	
	' Figure out if this is an actual user, or a sub group
	For Each objClass In member.objectClass
		If objClass = "group" Then
			' If we get here, this is a group, not a user!
			' Echo out the <member-group> XML tag. A groups GUID is it's distinguished name
			objFile.Write "<member-group guid=""" & member.distinguishedName & """ />" & vbCrLf
			' and then exit this sub routine
			Exit Sub
		End If
	Next
	
	' If we got here, then this is a regular user object, print it out	
	' Echo out the <member-user> XML tag. A user's sAMAccountName should be their Collab login
	objFile.Write "<member-user login=""" & member.sAMAccountName & """ />" & vbCrLf
End Sub

Modify the ouFilter to point to an Active Directory OU that contains the security groups that you want to mirror in Collaborator. This is currently set to Test OU. Once you've done that, create the groupsync.xml output file like this:

 

cscript groupsync.vbs

 

Now, import this XML file using the Collaborator command line client, like this:

 

ccollab admin group sync --create-users --delete-groups groupsync.xml

That's it! You'll see the members of those security groups created in the same group in Collaborator.

 

The group sync command line is documented here: http://codecollaborator.smartbear.com/docs/manual/9.0/ccollab_admin_group_sync.html

 

New Here?
Join us and watch the welcome video:
Building with the Collaborator API

Help Documenation
The Collaborator API is a JSON-RPC API that lets you integrate with Collaborator 9.0 and above. For more information about how the API works, check out the API description here:


Sample Plugins
For an example of an add-in that uses the API, take a look at the Microsoft Word Add-in for Collaborator:


We list all the great plugins our network has already built on this page on the SmartBear website.

Description
SBC2020