From 18ab4e9026c3e4f05687e393aa2a00e3176cf2ee Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20P=C3=A9ters?= <fpeters@entrouvert.com>
Date: Mon, 31 Mar 2014 17:18:51 +0200
Subject: [PATCH] restrict ldap search scope

---
 generate-ldap-users.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/generate-ldap-users.py b/generate-ldap-users.py
index 548a7bf..f9c3b38 100644
--- a/generate-ldap-users.py
+++ b/generate-ldap-users.py
@@ -24,7 +24,8 @@ ldap_conn.simple_bind_s(cfg.get('general', 'bind_dn'), options.bindpw)
 
 users = []
 
-for entry in ldap_conn.search_s("dc=win,dc=info,dc=pcf", ldap.SCOPE_SUBTREE, "objectclass=user"):
+for entry in ldap_conn.search_s("ou=ouGED,ou=ouPCF,ou=ouUsers,dc=win,dc=info,dc=pcf",
+        ldap.SCOPE_SUBTREE, "objectclass=user"):
     if not entry[0]:
         continue
     if not entry[1].get('profilePath'):
@@ -46,6 +47,7 @@ for user in users:
             'mail': user.get('mail'),
             }
     vars.update(dict(cfg.items('variables')))
+    print username
     print >> fd, '''[ged-gen-%(mail)s]
 default_type = dmsdocument
 default_directory = Members/%(username)s