[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: bash script for adding computers
Jim,
Do you know perl? I would try
open(LDAPADD,"|$ldapadd") || die "Didn't work: $!";
then you can print to LDAPADD.
Otherwise, I don't know what to do.
Sorry I can't be more helpful.
-Aaron
--- Jim C <jcllings@tsunamicomm.net> wrote:
> I've already given this a try. Either the bash
> "here" document isn't
> working as described or I've got the syntax wrong
> (always a possibility)
> or ldapadd is not set up for it... Something makes
> me think that ldapadd
> might just be a wrapper for ldapmodify. If this
> were true then perhaps
> the correct route might be to go straight to
> ldapmodify and not use
> ldapadd at all. This also might help explain why
> previous attempts to
> write bash scripts for this purpose have not gone so
> well.
>
> Another idea might be that we can create (or
> borrow?) a file descriptor
> (without createing a file?) and thus fake the
> existance of a file. If
> we can do this and then store the ldif portion of
> the script in it, we
> might then be able to pass it to ldapadd. This is
> essentially what the
> here document does but I am implying that there
> might be another way to
> do it, i.e. that the here documents functionality
> might be composed of
> other functionalities that exist outside of the here
> document.
>
> Yet another idea is to create the ldif file in
> memory instead of on
> disk, if that were possible.
>
> Lastly, I would like to mention that the script
> below could be
> re-enginered as an addendum to the /etc/init.d/ldap
> startup script such
> that the value of the next available user id could
> be maintained in a
> shell variable. Something to think about, although
> I am not sure how
> desireable it would be. There might be security
> issues (i.e. Do users
> have write access to root's shell varialbes?) or
> perhaps locking issues
> if things get dicey.
>
> Jim C.
>
> Aaron wrote:
> > It reads from standart input. Try:
> > ldapadd -x -D $binddn -w $pw4binddn << EOF
> > #stuff you want to do here
> > EOF
> >
> > -Aaron
> >
> > Try
> > --- Jim C <jcllings@tsunamicomm.net> wrote:
> >
> >>OK, I've gotten this far on the bash script I was
> >>writing to add a
> >>machine. It searches the base for uidNumbers, it
> >>sorts the numbers from
> >>largest to smallest, takes the first one and adds
> >>one to it. No sweat
> >>right?
> >>
> >>Here is the kicker,how do you get the data to
> >>ldapadd without creating
> >>an ldif file? I've tried an assortment of
> >>redirection techniques and
> >>I've also tried the bash "here" document. In
> >>theory, this should be
> >>possible but I am having a really tough time
> >>figureing out the syntax.
> >>
> >>#!/bin/bash
> >>
> >>binddn="cn=root,dc=microverse,dc=net"
> >>pw4binddn="passwordgoeshere"
> >>ldaphost="ldap://localhost"
> >>base="ou=Computers,dc=microverse,dc=net"
> >>minimumUID=500
> >>groupnum=421
> >>
> >>store=`ldapsearch -LLL -D $binddn -H $ldaphost
> >>-b$base -x "(cn=*)"
> >>uidNumber | \
> >>
> >>grep uidNumber | \
> >>
> >>sed -e 's/^uidNumber:
> >>//' | sort -nr | head -n 1`
> >>
> >>#It is best not to start at 0 or 1 as these could
> be
> >>privledged.
> >>
> >>if [ "$store" = "" ]
> >> then
> >> store=$minimumUID
> >>else
> >> store=`expr $store + 1`
> >>fi
> >>
> >>#ldapadd -x -D $binddn -w $pw4binddn
> >>line1="dn:
> >>uid=$1,ou=Computers,dc=microverse,dc=net\n";
> >>line2="objectClass: top\n"
> >>line3="objectClass: account\n"
> >>line4="objectClass: posixAccount\n"
> >>line5="uidNumber: $store\n"
> >>line6="uid: $1\n"
> >>line7="cn: $1\n"
> >>line8="gidNumber: $groupnum\n"
> >>line9="homeDirectory: /dev/null\n"
> >>line10="loginShell: /bin/false\n"
> >>line11="gecos: Machine Account\n"
> >>line12="description: Machine Account\n"
> >>
> >>cat $line1 $line2 $line3 $line4 $line5 $line6
> $line7
> >>$line8 $line9
> >>$line10 $line11 $line12 > ldapadd -x -D $binddn -w
> >>$pw4binddn
> >>
> >>echo -e
> >>
> >
> >
>
$line1$line2$line3$line4$line5$line6$line7$line8$line9$line10$line11$line12
> >
> >>
> >>
> >
> >
> > __________________________________________________
> > Do you Yahoo!?
> > Yahoo! Mail Plus - Powerful. Affordable. Sign up
> now.
> > http://mailplus.yahoo.com
> >
> >
>
>
>
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com