Get users list from LDAP group
This commit is contained in:
parent
825cf90ec0
commit
6dc5cd590d
GPG Key ID:
E759BAA22501AF32
|
|
@ -54,7 +54,7 @@ OPTIONS :
|
|||
|
||||
-g,--group LDAP_GROUP_CN
|
||||
Required.
|
||||
LDAP group to parse in order to get the list of homedir
|
||||
LDAP group to parse in order to get the list of homedir to create
|
||||
to create.
|
||||
|
||||
-h,--home,--home-base
|
||||
|
|
@ -142,6 +142,9 @@ define_vars() { # {{{
|
|||
fi
|
||||
# }}}
|
||||
|
||||
## Temp file vars {{{
|
||||
readonly ldap_user_list_path="/tmp/${PROGNAME}.ldap.user.list"
|
||||
## }}}
|
||||
}
|
||||
# }}}
|
||||
|
||||
|
|
@ -239,6 +242,36 @@ The directory ${RED}${local_directory_absent}${COLOR_DEBUG} doesn't exist."
|
|||
|
||||
return "${return_is_directory_absent}"
|
||||
|
||||
}
|
||||
# }}}
|
||||
get_ldap_user_list() { # {{{
|
||||
|
||||
## Return False by default
|
||||
return_get_ldap_user_list="1"
|
||||
|
||||
debug_message "get_ldap_user_list − \
|
||||
Create or empty ${RED}${ldap_user_list_path}${COLOR_DEBUG} file to store user list of ${RED}${ldap_group_cn}${COLOR_DEBUG} LDAP group."
|
||||
true > "${ldap_user_list_path}"
|
||||
|
||||
if command ldapsearch -ZZ -D "${ldap_user}" -w "${ldap_passwd}" -H "${ldap_server}" -s one -b "${ldap_group_base}" "(cn=${ldap_group_cn})" member | sed -n 's/\(^member: uid=\)\(.*\)\(,ou=.*\)/\2/p' > "${ldap_user_list_path}"; then
|
||||
if [ -s "${ldap_user_list_path}" ]; then
|
||||
debug_message "get_ldap_user_list − \
|
||||
${RED}${ldap_group_cn}${COLOR_DEBUG} users list successfully created (see ${ldap_user_list_path} file)."
|
||||
command chmod 0400 -- "${ldap_user_list_path}"
|
||||
return_get_ldap_user_list="0"
|
||||
else
|
||||
debug_message "get_ldap_user_list − \
|
||||
Error, the users list of ${ldap_group_cn} is empty (${ldap_user_list_path} file)."
|
||||
return_get_ldap_user_list="1"
|
||||
fi
|
||||
else
|
||||
debug_message "get_ldap_user_list − \
|
||||
Error in ${RED}ldapsearch${COLOR_DEBUG} command for ${ldap_group_cn} LDAP group."
|
||||
return_get_ldap_user_list="1"
|
||||
fi
|
||||
|
||||
return "${return_get_ldap_user_list}"
|
||||
|
||||
}
|
||||
# }}}
|
||||
main() { # {{{
|
||||
|
|
@ -266,17 +299,22 @@ main() { # {{{
|
|||
&& usage \
|
||||
&& error_message "LDAP user or password is empty. Please verify your configuration or the --user-cmd|--passwd-cmd options." 2
|
||||
## }}}
|
||||
|
||||
## If home_base directory doesn't exists {{{
|
||||
### AND exit with message and error
|
||||
is_directory_absent "${home_base}" \
|
||||
&& error_message "Home base directory (${home_base}) doesn't exists. Check your configuration or use -h|--home option." 3
|
||||
## }}}
|
||||
|
||||
## Try to get the user list of LDAP group {{{
|
||||
### OR Exit
|
||||
get_ldap_user_list \
|
||||
|| error_message "Can't get the user list of ${ldap_group_cn} LDAP group. Please use --debug option." 4
|
||||
## }}}
|
||||
|
||||
## Information message
|
||||
debug_message "Search for members in ${RED}${ldap_group_cn},${ldap_group_base}${COLOR_DEBUG} group \
|
||||
on ${RED}${ldap_server}${COLOR_DEBUG} LDAP server in ${RED}${home_base}${COLOR_DEBUG}."
|
||||
debug_message "Create home directory in ${RED}${home_base}${COLOR_DEBUG}, \
|
||||
for all members of ${RED}${ldap_group_cn},${ldap_group_base}${COLOR_DEBUG} LDAP group \
|
||||
from ${RED}${ldap_server}${COLOR_DEBUG} LDAP server ."
|
||||
|
||||
}
|
||||
# }}}
|
||||
|
|
|
|||
Loading…
Reference in New Issue