[Date Prev][Date Next] [Chronological] [Thread] [Top]

User/group account management scripts



Hi,

Before I whip something up to handle this, I am wondering if someone is
using a set of scripts to manage users and groups on an LDAP server for
use with UNIX systems.  I don't particularly feel like reinventing the
wheel but I need to come up with something that willmodify an LDAP
directory instead of the /etc/passwd and /etc/group file, like useradd and
groupadd do.

I haven't yet thought of a clever way to recycle group or user id numbers
- I'm open to suggestions.  I have thought of storing a dn somewhere that
holds the value of the NEXT uid and gid that are free but I haven't
figured out a way to quickly figure out what is unused.  For example, if I
added 65536 to my system (never will happen but as an example), at some
point, I would want to reuse gid and uid from various places because those
users have been deleted.  Perhaps I could create a dn something like 

dn: cn=Available UID,dc=elanco,dc=k12,dc=pa,dc=us
uid: XXX
uid: XXX
etc.

and populate it with all the available UID's that aren't in use and do the
same with GID in another dn.  Then, before I add a user, I attempt to bind
to that dn - if it succeeds, I've got an unused UID and GID, if it fails,
it means its in use and I need to increment by one.

Anyone have thoughts or a quick way to keep track of whats free and whats
in use?

Thanks,

Kevin

-- 
     ~        Kevin M. Myer
    . .       Network/System Administrator
    /V\       ELANCO School District
   // \
  /(   )\
   ^`~'^