Merge branch 'adobe-apiplatform:v2' into v2

Author: mbonish

.changelog/changelog.md

@@ -1,3 +1,19 @@
+| tag | date | title |
+|---|---|---|
+| v2.6.3 | 2021-07-15 | User Sync Tool v2.6.3 |
+
+# Bug Fixes
+
+\#700 - Fix some issues with SSL verification
+\#623 - Fix Adobe-only list with post-sync
+
+# Misc
+
+\#591 - Document Two-Step Lookup
+\#676 - Introduce Changelog
+
+---
+
 | tag | date | title |
 |---|---|---|
 | v2.6.2 | 2020-12-04 | User Sync Tool v2.6.2 |

.changelog/latest.md

@@ -1,11 +1,9 @@
-v2.6.2 - 2020-12-04
-
-# New Features
+# Bug Fixes
 
-\#598 - Add logging for user actions and umapi progress
-\#596 - Add info about platform and test mode
+\#700 - Fix some issues with SSL verification
+\#623 - Fix Adobe-only list with post-sync
 
-# Bug Fixes
+# Misc
 
-\#659 - Support Specifying Domain Name for Kerberos Authentication
-\#663 - Prevent start_tls before Bind on LDAPS Connection
+\#591 - Document Two-Step Lookup
+\#676 - Introduce Changelog

.github/workflows/build.yml

@@ -13,7 +13,7 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest, windows-latest]
-   
+        extension_support: [0, 1]
 
     steps:
     - uses: actions/checkout@v2
@@ -37,7 +37,9 @@ jobs:
         pip install -e .
         pip install -e .[test]
         pip install -e .[setup]
-    - run: |
-       make standalone
+    - name: Create build
+      env:
+        UST_EXTENSION: ${{ matrix.extension_support }}
+      run: make
     - name: Test with pytest
       run: pytest

docs/Gemfile.lock

@@ -4,7 +4,7 @@ GEM
     activesupport (3.2.22.5)
       i18n (~> 0.6, >= 0.6.4)
       multi_json (~> 1.0)
-    addressable (2.7.0)
+    addressable (2.8.0)
       public_suffix (>= 2.0.2, < 5.0)
     coffee-script (2.4.1)
       coffee-script-source

docs/en/success-guide/index.md

@@ -8,7 +8,7 @@ nav_level: 1
 nav_order: 100
 ---
 
-Version 2.6.2, released 2020-12-04
+Version 2.6.3, released 2020-12-04
 
 This document walks you through the steps needed to understand
 and setup the User Sync Tool.

docs/en/success-guide/test_run.md

@@ -27,7 +27,7 @@ These commands ought to produce an output similar to the following:
 
 ```
 >  .\user-sync.exe -v
-user-sync.exe 2.6.2
+user-sync.exe 2.6.3
 ```
 
 ```

docs/en/user-manual/advanced_configuration.md

@@ -860,6 +860,28 @@ created on those organizations if `auto_create` is enabled.
 Refer to [Accessing Users in Other Organizations](https://adobe-apiplatform.github.io/user-sync.py/en/user-manual/advanced_configuration.html#accessing-users-in-other-organizations)
 for more information.
 
+## Two-Step Lookup
+
+Some LDAP systems may not support a `memberOf` overlay the way other systems like Active Directory do. This can make it
+impossible for the LDAP connector to use its group-based queries to get members for particular groups in an LDAP system.
+
+The `two_steps_lookup` option in `connector-ldap.yml` can be used to overcome this limitation. With two-step lookup
+enabled and configured, the sync tool will retrieve group membership from the specified `group_member_attribute_name`
+attribute. User metadata from these queries is then verified to be part of the `base_dn` and the full user record is retrieved.
+
+Example:
+
+```yaml
+two_steps_lookup:
+  group_member_attribute_name: "member"
+  nested_group: False
+```
+
+`group_member_attribute_name` defines the user attribute to use for group membership information. `nested_group` will
+recursively query nested group memberships.
+
+**NOTE:** `group_member_filter_format` may not be defined when two-step lookup is enabled.
+
 ---
 
 [Previous Section](usage_scenarios.md)  \| [Next Section](deployment_best_practices.md)

docs/en/user-manual/index.md

@@ -8,7 +8,7 @@ nav_level: 1
 nav_order: 10
 ---
 
-Version 2.6.2, released 2020-09-16
+Version 2.6.3, released 2020-09-16
 
 This document has all the information you need to get up and
 running with User Sync. It presumes familiarity with the use of

user_sync/version.py

@@ -18,4 +18,4 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 # SOFTWARE.
 
-__version__ = '2.6.2'
+__version__ = '2.6.3'