[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: bash script for adding computers

To: Jim C <jcllings@tsunamicomm.net>, openldap-software@OpenLDAP.org
Subject: Re: bash script for adding computers
From: Aaron <chewy2426@yahoo.com>
Date: Tue, 14 Jan 2003 22:29:33 -0800 (PST)
In-reply-to: <3E22199F.9060204@tsunamicomm.net>

Jim,

Do you know perl? I would try
open(LDAPADD,"|$ldapadd") || die "Didn't work: $!";
then you can print to LDAPADD.

Otherwise, I don't know what to do.

Sorry I can't be more helpful.

-Aaron

--- Jim C <jcllings@tsunamicomm.net> wrote:
> I've already given this a try.  Either the bash
> "here" document isn't 
> working as described or I've got the syntax wrong
> (always a possibility) 
> or ldapadd is not set up for it... Something makes
> me think that ldapadd 
> might just be a wrapper for ldapmodify.  If this
> were true then perhaps 
> the correct route might be to go straight to
> ldapmodify and not use 
> ldapadd at all.  This also might help explain why
> previous attempts to 
> write bash scripts for this purpose have not gone so
> well.
> 
> Another idea might be that we can create (or
> borrow?) a file descriptor 
> (without createing a file?) and thus fake the
> existance of a file.  If 
> we can do this and then store the ldif portion of
> the script in it, we 
> might then be able to pass it to ldapadd.  This is
> essentially what the 
> here document does but I am implying that there
> might be another way to 
> do it, i.e. that the here documents functionality
> might be composed of 
> other functionalities that exist outside of the here
> document.
> 
> Yet another idea is to create the ldif file in
> memory instead of on 
> disk, if that were possible.
> 
> Lastly, I would like to mention that the script
> below could be 
> re-enginered as an addendum to the /etc/init.d/ldap
> startup script such 
> that the value of the next available user id could
> be maintained in a 
> shell variable.  Something to think about, although
> I am not sure how 
> desireable it would be.  There might be security
> issues (i.e. Do users 
> have write access to root's shell varialbes?) or
> perhaps locking issues 
> if things get dicey.
> 
> Jim C.
> 
> Aaron wrote:
> > It reads from standart input. Try:
> > ldapadd -x -D $binddn -w $pw4binddn << EOF
> > #stuff you want to do here
> > EOF
> > 
> > -Aaron
> > 
> > Try
> > --- Jim C <jcllings@tsunamicomm.net> wrote:
> > 
> >>OK, I've gotten this far on the bash script I was
> >>writing to add a
> >>machine.  It searches the base for uidNumbers, it
> >>sorts the numbers from
> >>largest to smallest, takes the first one and adds
> >>one to it.  No sweat
> >>right?
> >>
> >>Here is the kicker,how do you get the data to
> >>ldapadd without creating
> >>an ldif file?  I've tried an assortment of
> >>redirection techniques and 
> >>I've also tried the bash "here" document.  In
> >>theory, this should be 
> >>possible but I am having a really tough time
> >>figureing out the syntax.
> >>
> >>#!/bin/bash
> >>
> >>binddn="cn=root,dc=microverse,dc=net"
> >>pw4binddn="passwordgoeshere"
> >>ldaphost="ldap://localhost";
> >>base="ou=Computers,dc=microverse,dc=net"
> >>minimumUID=500
> >>groupnum=421
> >>
> >>store=`ldapsearch -LLL -D $binddn -H $ldaphost
> >>-b$base -x "(cn=*)"
> >>uidNumber | \
> >>                                                 
> >>grep uidNumber | \
> >>                                                 
> >>sed -e 's/^uidNumber:
> >>//' | sort -nr | head -n 1`
> >>
> >>#It is best not to start at 0 or 1 as these could
> be
> >>privledged.
> >>
> >>if [ "$store" = "" ]
> >>          then
> >>          store=$minimumUID
> >>else
> >>          store=`expr $store + 1`
> >>fi
> >>
> >>#ldapadd -x -D $binddn -w $pw4binddn
> >>line1="dn:
> >>uid=$1,ou=Computers,dc=microverse,dc=net\n";
> >>line2="objectClass: top\n"
> >>line3="objectClass: account\n"
> >>line4="objectClass: posixAccount\n"
> >>line5="uidNumber: $store\n"
> >>line6="uid: $1\n"
> >>line7="cn: $1\n"
> >>line8="gidNumber: $groupnum\n"
> >>line9="homeDirectory: /dev/null\n"
> >>line10="loginShell: /bin/false\n"
> >>line11="gecos: Machine Account\n"
> >>line12="description: Machine Account\n"
> >>
> >>cat $line1 $line2 $line3 $line4 $line5 $line6
> $line7
> >>$line8 $line9
> >>$line10 $line11 $line12 > ldapadd -x -D $binddn -w
> >>$pw4binddn
> >>
> >>echo -e
> >>
> > 
> >
>
$line1$line2$line3$line4$line5$line6$line7$line8$line9$line10$line11$line12
> > 
> >>
> >>
> > 
> > 
> > __________________________________________________
> > Do you Yahoo!?
> > Yahoo! Mail Plus - Powerful. Affordable. Sign up
> now.
> > http://mailplus.yahoo.com
> > 
> > 
> 
> 
> 


__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

Follow-Ups:
- Re: bash script for adding computers
  - From: Jim C <jcllings@tsunamicomm.net>

References:
- Re: bash script for adding computers
  - From: Jim C <jcllings@tsunamicomm.net>

Prev by Date: Re: Error to get LDAP_OPT_API_INFO
Next by Date: Re: how to check uniqueness of uidNumber ?
Index(es):
- Chronological
- Thread