Get users list from LDAP group
This commit is contained in:
parent
825cf90ec0
commit
6dc5cd590d
|
@ -54,7 +54,7 @@ OPTIONS :
|
||||||
|
|
||||||
-g,--group LDAP_GROUP_CN
|
-g,--group LDAP_GROUP_CN
|
||||||
Required.
|
Required.
|
||||||
LDAP group to parse in order to get the list of homedir
|
LDAP group to parse in order to get the list of homedir to create
|
||||||
to create.
|
to create.
|
||||||
|
|
||||||
-h,--home,--home-base
|
-h,--home,--home-base
|
||||||
|
@ -142,6 +142,9 @@ define_vars() { # {{{
|
||||||
fi
|
fi
|
||||||
# }}}
|
# }}}
|
||||||
|
|
||||||
|
## Temp file vars {{{
|
||||||
|
readonly ldap_user_list_path="/tmp/${PROGNAME}.ldap.user.list"
|
||||||
|
## }}}
|
||||||
}
|
}
|
||||||
# }}}
|
# }}}
|
||||||
|
|
||||||
|
@ -239,6 +242,36 @@ The directory ${RED}${local_directory_absent}${COLOR_DEBUG} doesn't exist."
|
||||||
|
|
||||||
return "${return_is_directory_absent}"
|
return "${return_is_directory_absent}"
|
||||||
|
|
||||||
|
}
|
||||||
|
# }}}
|
||||||
|
get_ldap_user_list() { # {{{
|
||||||
|
|
||||||
|
## Return False by default
|
||||||
|
return_get_ldap_user_list="1"
|
||||||
|
|
||||||
|
debug_message "get_ldap_user_list − \
|
||||||
|
Create or empty ${RED}${ldap_user_list_path}${COLOR_DEBUG} file to store user list of ${RED}${ldap_group_cn}${COLOR_DEBUG} LDAP group."
|
||||||
|
true > "${ldap_user_list_path}"
|
||||||
|
|
||||||
|
if command ldapsearch -ZZ -D "${ldap_user}" -w "${ldap_passwd}" -H "${ldap_server}" -s one -b "${ldap_group_base}" "(cn=${ldap_group_cn})" member | sed -n 's/\(^member: uid=\)\(.*\)\(,ou=.*\)/\2/p' > "${ldap_user_list_path}"; then
|
||||||
|
if [ -s "${ldap_user_list_path}" ]; then
|
||||||
|
debug_message "get_ldap_user_list − \
|
||||||
|
${RED}${ldap_group_cn}${COLOR_DEBUG} users list successfully created (see ${ldap_user_list_path} file)."
|
||||||
|
command chmod 0400 -- "${ldap_user_list_path}"
|
||||||
|
return_get_ldap_user_list="0"
|
||||||
|
else
|
||||||
|
debug_message "get_ldap_user_list − \
|
||||||
|
Error, the users list of ${ldap_group_cn} is empty (${ldap_user_list_path} file)."
|
||||||
|
return_get_ldap_user_list="1"
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
debug_message "get_ldap_user_list − \
|
||||||
|
Error in ${RED}ldapsearch${COLOR_DEBUG} command for ${ldap_group_cn} LDAP group."
|
||||||
|
return_get_ldap_user_list="1"
|
||||||
|
fi
|
||||||
|
|
||||||
|
return "${return_get_ldap_user_list}"
|
||||||
|
|
||||||
}
|
}
|
||||||
# }}}
|
# }}}
|
||||||
main() { # {{{
|
main() { # {{{
|
||||||
|
@ -266,17 +299,22 @@ main() { # {{{
|
||||||
&& usage \
|
&& usage \
|
||||||
&& error_message "LDAP user or password is empty. Please verify your configuration or the --user-cmd|--passwd-cmd options." 2
|
&& error_message "LDAP user or password is empty. Please verify your configuration or the --user-cmd|--passwd-cmd options." 2
|
||||||
## }}}
|
## }}}
|
||||||
|
|
||||||
## If home_base directory doesn't exists {{{
|
## If home_base directory doesn't exists {{{
|
||||||
### AND exit with message and error
|
### AND exit with message and error
|
||||||
is_directory_absent "${home_base}" \
|
is_directory_absent "${home_base}" \
|
||||||
&& error_message "Home base directory (${home_base}) doesn't exists. Check your configuration or use -h|--home option." 3
|
&& error_message "Home base directory (${home_base}) doesn't exists. Check your configuration or use -h|--home option." 3
|
||||||
## }}}
|
## }}}
|
||||||
|
|
||||||
|
## Try to get the user list of LDAP group {{{
|
||||||
|
### OR Exit
|
||||||
|
get_ldap_user_list \
|
||||||
|
|| error_message "Can't get the user list of ${ldap_group_cn} LDAP group. Please use --debug option." 4
|
||||||
|
## }}}
|
||||||
|
|
||||||
## Information message
|
## Information message
|
||||||
debug_message "Search for members in ${RED}${ldap_group_cn},${ldap_group_base}${COLOR_DEBUG} group \
|
debug_message "Create home directory in ${RED}${home_base}${COLOR_DEBUG}, \
|
||||||
on ${RED}${ldap_server}${COLOR_DEBUG} LDAP server in ${RED}${home_base}${COLOR_DEBUG}."
|
for all members of ${RED}${ldap_group_cn},${ldap_group_base}${COLOR_DEBUG} LDAP group \
|
||||||
|
from ${RED}${ldap_server}${COLOR_DEBUG} LDAP server ."
|
||||||
|
|
||||||
}
|
}
|
||||||
# }}}
|
# }}}
|
||||||
|
|
Loading…
Reference in New Issue