From: Stephen Gran <steve@lobefin.net>
Date: Sun, 20 Sep 2009 15:42:55 +0000 (+0100)
Subject: allow groups to be disabled but kept in ldap: addresses RT #977
X-Git-Tag: userdir-ldap-0.3.72~6
X-Git-Url: https://git.adam-barratt.org.uk/?p=mirror%2Fuserdir-ldap.git;a=commitdiff_plain;h=079b4a121083316102c0098a914d8c2d8c0aa5f2

allow groups to be disabled but kept in ldap: addresses RT #977

Signed-off-by: Stephen Gran <steve@lobefin.net>
---

diff --git a/ud-generate b/ud-generate
index 334af5d..386dce6 100755
--- a/ud-generate
+++ b/ud-generate
@@ -1046,6 +1046,8 @@ Attrs = l.search_s(BaseDn, ldap.SCOPE_ONELEVEL, "gid=*",\
 
 # Generate the SubGroupMap and GroupIDMap
 for x in Attrs:
+   if x[1].has_key("status") and x[1]['status'] == "disabled":
+      continue
    if x[1].has_key("gidNumber") == 0:
       continue
    GroupIDMap[x[1]["gid"][0]] = int(x[1]["gidNumber"][0])
diff --git a/userdir-ldap.schema b/userdir-ldap.schema
index de3b80a..ca2dc83 100644
--- a/userdir-ldap.schema
+++ b/userdir-ldap.schema
@@ -409,7 +409,7 @@ objectclass ( 1.3.6.1.4.1.9586.100.4.1.2
 	SUP top STRUCTURAL
 	DESC 'attributes used for Debian groups'
 	MUST ( gid $ gidNumber )
-	MAY ( description $ subGroup ) )
+	MAY ( description $ subGroup $ accountStatus ) )
 
 # Experimental attribute types