Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [root@sserv !students]# mc
- [root@sserv !students]# cat ldap-useradd
- #!/bin/sh -e
- . alterator-kdc-princ-functions
- . alterator-openldap-functions
- [ -n "$DN_CONF" ] || fatal "DN_CONF not set"
- # !!!!!!!!!
- base_rootdn_rootpw
- # !!!!!!!!!!!
- [ "$#" -eq 2 ] || fatal "more arguments required"
- user="$1"; shift
- hm="$1"
- #check for name
- ldap-getent passwd "$user" > /dev/null && fatal "same name already exists"
- #calculate uid
- uid_avail="$(ldap-getent passwd| cut -f3 -d: |sort -unr|head -1)"
- uid=$(( $uid_avail + 1 ))
- [ "$uid" -le "$uid_max" ] || fatal "not free uid available"
- [ "$uid" -lt "$uid_min" ] && uid="$uid_min"
- #add group and calculate gid
- #ldap-getent group "$user" > /dev/null && fatal "same name in group database already exists"
- #ldap-groupadd "$user"
- #gid="$(ldap-getent group "$user"|cut -f3 -d:)"
- gid=5018
- # getting sid
- get_sid > /dev/null
- user_sid="$SID-$(($uid*2+1000))"
- #edit kdc
- [ -n "$ENABLE_KRB" ] &&
- addprinc "$user" > /dev/null 2>&1
- #edit ldap
- ldapadd -a -D "$rootdn" $rootpw -x -H "ldap://${host:-127.0.0.1}" >/dev/null<<EOF
- dn: uid=$user,ou=People,$base
- uid: $user
- cn: $user
- sn: $user
- objectClass: top
- objectClass: person
- objectClass: organizationalPerson
- objectClass: inetOrgPerson
- objectClass: posixAccount
- objectClass: sambaSamAccount
- loginShell: /bin/bash
- userPassword: {crypt}x
- uidNumber: $uid
- gidNumber: $gid
- homeDirectory: $hm
- #/home/$user
- sambaAcctFlags: [U ]
- sambaSID: $user_sid
- sambaPwdLastSet: 2147483647
- sambaLogonTime: 0
- sambaLogoffTime: 2147483647
- sambaKickoffTime: 2147483647
- sambaPwdCanChange: 0
- sambaPwdMustChange: 0
- EOF
Add Comment
Please, Sign In to add comment