Jim,
Do you know perl? I would try
open(LDAPADD,"|$ldapadd") || die "Didn't work: $!";
then you can print to LDAPADD.
Otherwise, I don't know what to do.
Sorry I can't be more helpful.
-Aaron
--- Jim C <jcllings@tsunamicomm.net> wrote:
I've already given this a try. Either the bash
"here" document isn't
working as described or I've got the syntax wrong
(always a possibility)
or ldapadd is not set up for it... Something makes
me think that ldapadd
might just be a wrapper for ldapmodify. If this
were true then perhaps
the correct route might be to go straight to
ldapmodify and not use
ldapadd at all. This also might help explain why
previous attempts to
write bash scripts for this purpose have not gone so
well.
Another idea might be that we can create (or
borrow?) a file descriptor
(without createing a file?) and thus fake the
existance of a file. If
we can do this and then store the ldif portion of
the script in it, we
might then be able to pass it to ldapadd. This is
essentially what the
here document does but I am implying that there
might be another way to
do it, i.e. that the here documents functionality
might be composed of
other functionalities that exist outside of the here
document.
Yet another idea is to create the ldif file in
memory instead of on
disk, if that were possible.
Lastly, I would like to mention that the script
below could be
re-enginered as an addendum to the /etc/init.d/ldap
startup script such
that the value of the next available user id could
be maintained in a
shell variable. Something to think about, although
I am not sure how
desireable it would be. There might be security
issues (i.e. Do users
have write access to root's shell varialbes?) or
perhaps locking issues
if things get dicey.
Jim C.
Aaron wrote:
It reads from standart input. Try:
ldapadd -x -D $binddn -w $pw4binddn << EOF
#stuff you want to do here
EOF
-Aaron
Try
--- Jim C <jcllings@tsunamicomm.net> wrote:
OK, I've gotten this far on the bash script I was
writing to add a
machine. It searches the base for uidNumbers, it
sorts the numbers from
largest to smallest, takes the first one and adds
one to it. No sweat
right?
Here is the kicker,how do you get the data to
ldapadd without creating
an ldif file? I've tried an assortment of
redirection techniques and
I've also tried the bash "here" document. In
theory, this should be
possible but I am having a really tough time
figureing out the syntax.
#!/bin/bash
binddn="cn=root,dc=microverse,dc=net"
pw4binddn="passwordgoeshere"
ldaphost="ldap://localhost"
base="ou=Computers,dc=microverse,dc=net"
minimumUID=500
groupnum=421
store=`ldapsearch -LLL -D $binddn -H $ldaphost
-b$base -x "(cn=*)"
uidNumber | \
grep uidNumber | \
sed -e 's/^uidNumber:
//' | sort -nr | head -n 1`
#It is best not to start at 0 or 1 as these could
be
privledged.
if [ "$store" = "" ]
then
store=$minimumUID
else
store=`expr $store + 1`
fi
#ldapadd -x -D $binddn -w $pw4binddn
line1="dn:
uid=$1,ou=Computers,dc=microverse,dc=net\n";
line2="objectClass: top\n"
line3="objectClass: account\n"
line4="objectClass: posixAccount\n"
line5="uidNumber: $store\n"
line6="uid: $1\n"
line7="cn: $1\n"
line8="gidNumber: $groupnum\n"
line9="homeDirectory: /dev/null\n"
line10="loginShell: /bin/false\n"
line11="gecos: Machine Account\n"
line12="description: Machine Account\n"
cat $line1 $line2 $line3 $line4 $line5 $line6
$line7
$line8 $line9
$line10 $line11 $line12 > ldapadd -x -D $binddn -w
$pw4binddn
echo -e
$line1$line2$line3$line4$line5$line6$line7$line8$line9$line10$line11$line12
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up
now.
http://mailplus.yahoo.com
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com