Guest User

Jack Wallen, Writer

a guest
Aug 31st, 2010
9,102
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/sh
  2. passwd=pleaseeditme
  3. dc1=pleaseeditme
  4. dc2=pleaseeditme
  5. hash_pw=`slappasswd -s $passwd`
  6. tmpdir=/tmp
  7. #--------------------------------------------------------------#
  8. ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
  9. ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif
  10. ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif
  11. ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/misc.ldif
  12. #——————————————————————-#
  13. # database.ldif
  14. #——————————————————————-#
  15. cat <<EOF > $tmpdir/database.ldif
  16. # Load dynamic backend modules
  17. dn: cn=module{0},cn=config
  18. objectClass: olcModuleList
  19. cn: module{0}
  20. olcModulePath: /usr/lib/ldap
  21. olcModuleLoad: {0}back_hdb
  22.  
  23. # Create directory database
  24. dn: olcDatabase={1}hdb,cn=config
  25. objectClass: olcDatabaseConfig
  26. objectClass: olcHdbConfig
  27. olcDatabase: {1}hdb
  28. olcDbDirectory: /var/lib/ldap
  29. olcSuffix: dc=$dc1,dc=$dc2
  30. olcRootDN: cn=admin,dc=$dc1,dc=$dc2
  31. olcRootPW: $hash_pw
  32. olcAccess: {0}to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=$dc1,dc=$dc2" write by anonymous auth by self write by * none
  33. olcAccess: {1}to dn.base="" by * read
  34. olcAccess: {2}to * by dn="cn=admin,dc=$dc1,dc=$dc2" write by * read
  35. olcLastMod: TRUE
  36. olcDbCheckpoint: 512 30
  37. olcDbConfig: {0}set_cachesize 0 2097152 0
  38. olcDbConfig: {1}set_lk_max_objects 1500
  39. olcDbConfig: {2}set_lk_max_locks 1500
  40. olcDbConfig: {3}set_lk_max_lockers 1500
  41. olcDbIndex: uid pres,eq
  42. olcDbIndex: cn,sn,mail pres,eq,approx,sub
  43. olcDbIndex: objectClass eq
  44. ################################
  45. #        Modifications
  46. ################################
  47.  
  48. dn: cn=config
  49. changetype: modify
  50.  
  51. dn: olcDatabase={-1}frontend,cn=config
  52. changetype: modify
  53. delete: olcAccess
  54.  
  55. dn: olcDatabase={0}config,cn=config
  56. changetype: modify
  57. add: olcRootDN
  58. olcRootDN: cn=admin,cn=config
  59.  
  60. dn: olcDatabase={0}config,cn=config
  61. changetype: modify
  62. add: olcRootPW
  63. olcRootPW: $hash_pw
  64.  
  65. dn: olcDatabase={0}config,cn=config
  66. changetype: modify
  67. delete: olcAccess
  68. EOF
  69. sudo ldapadd -Y EXTERNAL -H ldapi:/// -f $tmpdir/database.ldif
  70. ####################################
  71. #         Mini DIT
  72. ####################################
  73. cat <<EOF> $tmpdir/dit.ldif
  74. # Tree root
  75.  
  76. dn: dc=$dc1,dc=$dc2
  77. objectClass: dcObject
  78. objectclass: organization
  79. o: $dc1.$dc2
  80. dc: $dc1
  81. description: Tree root
  82.  
  83. # Populating
  84. dn: cn=admin,dc=$dc1,dc=$dc2
  85. objectClass: simpleSecurityObject
  86. objectClass: organizationalRole
  87. cn: admin
  88. userPassword: $hash_pw
  89. description: LDAP administrator
  90.  
  91. dn: cn=aw,dc=$dc1,dc=$dc2
  92. objectClass: simpleSecurityObject
  93. objectClass: organizationalRole
  94. cn: aw
  95. userPassword: $hash_pw
  96. description: LDAP aw
  97.  
  98. dn: ou=people,dc=$dc1,dc=$dc2
  99. ou: people
  100. objectClass: organizationalUnit
  101. objectClass: top
  102.  
  103. dn: ou=groups,dc=$dc1,dc=$dc2
  104. ou: groups
  105. objectClass: organizationalUnit
  106. objectClass: top
  107.  
  108. dn: ou=addressbook,dc=$dc1,dc=$dc2
  109. ou: addressbook
  110. objectClass: top
  111. objectClass: organizationalUnit
  112.  
  113. #Adding user
  114. dn: uid=ldap1,ou=people,dc=$dc1,dc=$dc2
  115. objectClass: inetOrgPerson
  116. objectClass: posixAccount
  117. objectClass: shadowAccount
  118. uid: ldap1
  119. sn: Asdasd
  120. givenName: ldap1
  121. cn: ldap1 Asdasd
  122. displayName: ldap1 asdasd
  123. uidNumber: 1002
  124. gidNumber: 1000
  125. userPassword: $hash_pw
  126. gecos: ldap1 asdasd
  127. loginShell: /bin/bash
  128. homeDirectory: /home/ldap1
  129. shadowExpire: -1
  130. shadowFlag: 0
  131. shadowWarning: 7
  132. shadowMin: 8
  133. shadowMax: 999999
  134. shadowLastChange: 10877
  135. mail: aw@$dc1.$dc2
  136. postalCode: 31000
  137. l: Mysity
  138. o: $dc1
  139. mobile: +33 (0)6 22 22 22 22 22
  140. homePhone: +33 (0)5 33 22 33 22
  141. title: System Administrator
  142. postalAddress:
  143. initials: LP
  144. EOF
  145.  
  146. sudo ldapadd -x -D cn=admin,dc=$dc1,dc=$dc2 -W -f $tmpdir/dit.ldif
RAW Paste Data