akkounts/lib/tasks/ldap.rake

namespace :ldap do
  desc "Reset the LDAP directory and set up base entries and default org"
  task seed: :environment do |t, args|
    ldap = LdapService.new

    # Delete all existing entries and re-add base entries
    ldap.reset_directory!

    ldap.add_organization "kosmos.org", "Kosmos", true

    # add admin role
    ldap.add_entry "cn=admin_role,ou=kosmos.org,cn=users,dc=kosmos,dc=org", {
      objectClass: %w{top LDAPsubentry nsRoleDefinition nsComplexRoleDefinition nsFilteredRoleDefinition},
      cn: "admin_role",
      nsRoleFilter: "(&(objectclass=person)(admin=true))",
      description: "filtered role for admins"
    }, true
  end

  desc "List user domains/organizations"
  task list_organizations: :environment do |t, args|
    ldap = LdapService.new
    orgs = ldap.fetch_organizations
    puts orgs.inspect
  end
end