Provide instructions to block LDAP users

[strk]

There are thousands of fake OSGeo users just waiting to start spam storms, it is useful as soon as they become active (or otherwise found spammy) to quickly put those accounts on hold/block. As I couldn't find information about doing that in ​https://wiki.osgeo.org/wiki/SAC:LDAP this ticket is to provide such info.

I know Martin and Alex recently both did some disabling, it would be useful to make more SAC members capable of doing so.

Another option would be to make the blacklist service-specific, but I personally hadn't found a way to do that for Trac, for example.

[wildintellect]

I managed to dump what I think is the last months worth of user registrations, with creation times. IP is not a stored attribute from what I can see. There does seem to be a spike the last few days, and I can easily make a list of the accounts (though no way to tell which are spam accounts). See attached plot of the trend over time (will share R code later if people want it).

ldapsearch -H ldaps://ldap.osgeo.org/ -b dc=osgeo,dc=org -x "(&(createTimestamp>=20160401100000Z))" + > osgeoldapsince040116.ldif

[strk]

I've added your query to the example queries at ​https://wiki.osgeo.org/wiki/SAC:LDAP (and restructured that page a little bit).

Now I think we need to add, in that page, a commandline to disable (or drop) those accounts. Maybe by moving them from osgeo.org dc to something else like "spammers" organization ?