Advertisement
eyelessfade

vcenter_replaceldapcert.sh

Dec 9th, 2022
944
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 0.90 KB | None | 0 0
  1. #!/bin/bash
  2.  
  3. replacedate=$(cat /tmp/adcertexpiration)
  4. datenow=$(/usr/bin/date +"%s")
  5.  
  6. identity_source_name=
  7. baseUserDN=
  8. baseGroupDN=
  9. domain=
  10. alias=
  11. username=
  12. password=
  13. adserver=
  14. adport=
  15. sslCert="/tmp/adcert.cer"
  16.  
  17. if [ ${datenow} -gt ${replacedate} ]; then
  18.   echo "" | openssl s_client -connect ${adserver}:${adport} -prexit 2 > /dev/null | /usr/bin/sed -n -e '/BEGIN\ CERTIFICATE/,/END\ CERTIFICATE/ p' > ${sslCert}
  19.  
  20.   /opt/vmware/bin/sso-config.sh -delete_identity_source -i ${identity_source_name}
  21.  
  22.   /opt/vmware/bin/sso-config.sh -add_identity_source -type adldap -i ${identity_source_name} -baseUserDN ${baseUserDN} -baseGroupDN ${baseGroupDN} -domain ${domain} -alias ${alias} -username ${username} -password ${password} -primaryURL "ldaps://${adserver}:${adport}" -useSSL true -sslCert ${sslCert}
  23.  
  24.   /opt/vmware/bin/sso-config.sh -set_default_identity_sources -i ${identity_source_name}
  25. fi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement