Here's the piece of code I've wrote. It's not complex, but have to
think about those ":" and "::".
USER_CITY2="$(ldapsearch -LLL -C -x \
-h $VAR_DC \
-b $VAR_SEARCHBASE \
-D $VAR_BINDER \
-w $VAR_PWBINDER \
'(mail='$USER')' \
l)"
if [[ $USER_CITY2== *l::* ]]
then
USER_CITY="$(echo "$USER_CITY2" | sed -n -e 's/^.*l:: //p' |
base64 --decode)";
else
USER_CITY="$(echo "$USER_CITY2" | sed -n -e 's/^.*l: //p')";
fi
This way, the first command will search the AD the $USER's city and
store it in $CITY2. If the result contains "::", then I have to
decode and if the result contains ":", I don't have to decode.
The final result is stored in $USER_CITY.
Thanks a lot to have helped me.
Nicolas
Le 26/05/2014 15:41, Nicolas a écrit :
To be more efficient, here's what I want to do :
I've made a script wich generates automatically disclaimers (or
signatures) using an AD database to search users attributes :
name, surname, telephone number...
I've made a command like this :
ldapsearch -LLL -C \
-h 'DC.DOMAIN.LAN' \
-b 'ou=OU_NAME,dc=DOMAIN,dc=lan' \
-D 'CN=binder,OU=OU_NAME,DC=DOMAIN,DC=lan' \
-w 'BINDER_PW' \
'(sAMAccountname='A_USER_NAME')' sn \
| sed -n -e 's/^.*sn: //p'
With this command, I catch the "sn" attribute of a user. This
command only works if the sn dosen't contain special caracters. If
it does, I had to use "sed" like this : sed -n -e 's/^.*sn::
//p'
With the "sed" command, I only take what is after the "sn:" or
"sn::" to only have data I want.
The result of this command is sent in a variable of my script I
use after to make html and txt signatures.
This scripts works perfectly, only when an attribute I catch have
a special caracter.
What you said is a good track for me. What I "only have to do" is
to search if the line contains one or two ":". If there's one ":",
I don't have decode, if there's two":", I have to decode.
Are you OK with me ?
Thanks a lot.
Nicolas
Le 26/05/2014 15:08, Matthias Apitz a
écrit :
El día Monday, May 26, 2014 a las 02:08:51PM +0200, Nicolas Cauchie escribió:
Hi Nicolas,
Are you sure that no results are returned? Can you show the output of a
ldapsearch cmd-line tool? I saw that in the result values are encoded if
they contain non ASCII chars.
matthias
Yes, I wrote it in a previous answer.
The result is base64 encoded if "-t" switch is not used, or sent to a
temp file if this switch is used. But in both cases, I can't use the
result "as is" without another manipulation, but i'm stuck..
Thanks
-----
I think, the encoded attributes have a double colon '::'; do a test like this:
$ /usr/bin/ldapsearch .... | fgrep ::
...
attributeMailText:: U29ycnksIEknbSBvdXQgb2Ygb2ZmaWNlIHVudGlsIEF1Z3VzdC
$ echo U29ycnksIEknbSBvdXQgb2Ygb2ZmaWNlIHVudGlsIEF1Z3VzdC | mmencode -u 2>/dev/null
Sorry, I'm out of office until Augus
HIH
matthias
|