Home Explore Help
Sign In
theo
/
ldap-utils
1
1
Fork 0
Files Issues 1 Pull Requests 0 Wiki
Browse Source

Fixed a fex things related to posixGroups

- Made group_exists work for posixGroups
- Automatically detect if user and groups are posix in addtogroups, and
  act accordingly
Théo Ertzscheid 2 years ago
parent
ae606d2477
commit
5ed1ba0819
3 changed files with 23 additions and 8 deletions
Split View Show Diff Stats
  1. 15 5
      addtogroups
  2. 7 2
      funcs
  3. 1 1
      removeperson

+ 15 - 5
addtogroups
View File 

@@ -12,22 +12,32 @@ else
 
 fi
 
 
 
-group="dn: cn=%GROUP%,$GROUPSDN
 
+group_ofnames="dn: cn=%GROUP%,$GROUPSDN
 
 changeType: modify
 
 add: member
 
 member: uid=%UID%,$PEOPLEDN"
 
 
+group_posix="dn: cn=%GROUP%,$GROUPSDN
 
+changeType: modify
 
+add: memberUid
 
+memberUid: %UID%"
 
+
 
 # remove uid ($1) from args so that only the list
 
 # of groups remains in $@
 
 shift
 
 
 # add user to each of the groups given
 
 for g in $@; do
 
-    echo $g
 
     if group_exists $g ; then
 
-        echo "$group" | sed \
 
-            -e "s/%GROUP%/$g/" \
 
-            -e "s/%UID%/$uid/" | ldapmodify $LDAPOPTS
 
+	if group_is_posix $g; then
 
+		user_is_posix $uid || echo "User $uid is not a posixAccount, skipping posixGroup $g..." && continue
 
+		group="$group_posix"
 
+	else
 
+		group="$group_ofnames"
 
+	fi
 
+	echo "$group" | sed \
 
+	    -e "s/%GROUP%/$g/" \
 
+	    -e "s/%UID%/$uid/" | ldapmodify $LDAPOPTS
 
     else
 
         echo "Group $g does not exist, skipping..."
 
     fi

+ 7 - 2
funcs
View File 

@@ -8,15 +8,20 @@ user_exists() {
 
 }
 
 
 group_exists() {
 
-	res=$(ldapsearch -x -LLL -b $GROUPSDN -D $BINDDN -w $BINDPW "(&(cn=$1)(objectClass=groupOfNames))" | grep cn: | cut -f2 -d' ')
 
+	res=$(ldapsearch -x -LLL -b $GROUPSDN -D $BINDDN -w $BINDPW "(cn=$1)" | grep cn: | cut -f2 -d' ')
 
 	[ -n "$res" ]
 
 }
 
 
-is_posix() {
 
+user_is_posix() {
 
 	res=$(ldapsearch -x -LLL -b $PEOPLEDN -D $BINDDN -w $BINDPW "(&(uid=$1)(objectClass=posixAccount))" | grep uid: | cut -f2 -d' ')
 
 	[ -n "$res" ]
 
 }
 
 
+group_is_posix() {
 
+	res=$(ldapsearch -x -LLL -b $GROUPSDN -D $BINDDN -w $BINDPW "(&(cn=$1)(objectClass=posixGroup))" | grep cn: | cut -f2 -d' ')
 
+	[ -n "$res" ]
 
+}
 
+
 
 get_posix_number() {
 
 	echo $(( $(ldapsearch -x -LLL -b $PEOPLEDN -D $BINDDN -w $BINDPW "(objectClass=posixAccount)" | grep 'uidNumber: 2' | cut -d' ' -f2 | sort -u | tail -n 1) +1))
 
 }

+ 1 - 1
removeperson
View File 

@@ -14,7 +14,7 @@ read -p "Are you sure you want to delete user $uid [o/N] " a
 
 
 case $a in
 
     y*|o* )
 
-	is_posix $uid && ldapdelete $LDAPOPTS cn=$uid,$GROUPSDN
 
+	user_is_posix $uid && ldapdelete $LDAPOPTS cn=$uid,$GROUPSDN
 
 	ldapdelete $LDAPOPTS uid=$uid,$PEOPLEDN ;;
 
     * )
 
         exit;;