Giters

alexarnoldy / 389-ds-LDAP-data-tools

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

This is a collection of very simple tools to search and update a 389-ds LDAP server container or K8s deployment

  • (Optional) Create a directory to contain these tools and the 389-ds LDAP server container: mkdir -p ~/389-ds-ldap-server && cd $_

  • Clone this repository: git clone git@github.com:alexarnoldy/389-ds-LDAP-data-tools.git && cd 389-ds-LDAP-data-tools

  • Use an editor to update the container_variables.txt file to fit your environment

  • Install LDAP client tools on a system that can access the LDAP server (the local system if INSTANCE_NAME is localhost): sudo zypper -n install openldap2-client

Note
 Sourcing the container_variables.txt file before each command ensures the correct variables are available for each command invocation
Note
 This section of the CaaS Platform administration guide contains examples for managing OU’s, users, and groups: https://documentation.suse.com/suse-caasp/4.0.2/single-html/caasp-admin/#_adding_a_new_organizational_unit
Caution
 These tools must be run in the same directory as the container_variable.txt file
Note
 The next update to this repo will move the container_variable.txt file to the ~/389-ds-ldap-server directory so both tools and server repos can point to the same file
To add a new Organizational Unit:

  • Create the update file(s) and place them in the updates-processing directory: add_ou.sh

    • Be prepared to provide the following information:

      • The name of the new Organizational Unit

  • Continue with more updates or move on to the "Apply all of the update file(s) in the updates-proccessing directory" section

To delete an Organizational Unit:

  • Create the update file(s) and place them in the updates-processing directory: delete_ou.sh

    • Be prepared to provide the following information:

      • The name of the existing Organizational Unit to delete

  • Continue with more updates or move on to the "Apply all of the update file(s) in the updates-proccessing directory" section

To add a new Group:

  • Create the update file(s) and place them in the updates-processing directory: add_group.sh

    • Be prepared to provide the following information:

      • The name of the new Group to create

      • The Organizational Unit to place the new group in

  • Continue with more updates or move on to the "Apply all of the update file(s) in the updates-proccessing directory" section

To delete a Group:

  • Create the update file(s) and place them in the updates-processing directory: delete_group.sh

    • Be prepared to provide the following information:

      • The name of the existing Group to delete

      • The Organizational Unit the group exists in

  • Continue with more updates or move on to the "Apply all of the update file(s) in the updates-proccessing directory" section

To add a new User:

  • Create the update file(s) and place them in the updates-processing directory: ./add_user.sh

    • Be prepared to provide the following information:

      • The login name for the new user (with no spaces)

      • The Organizational Unit to place the new user in

      • The SSHA hash of the user’s password (can use a website like https://www.mkpasswd.net/ and select the hash type of ldap ssha

      • The user’s first name

      • The users' last name

      • The user’s full name

      • The user’s email address

  • Continue with more updates or move on to the "Apply all of the update file(s) in the updates-proccessing directory" section

To delete a User:

  • Create the update file(s) and place them in the updates-processing directory: ./delete_user.sh

    • Be prepared to provide the following information:

      • The login name of the existing user (with no spaces)

      • The Organizational Unit the user exists in

  • Continue with more updates or move on to the "Apply all of the update file(s) in the updates-proccessing directory" section

To add a User to an existing group:

  • Create the update file(s) and place them in the updates-processing directory: add_user_to_group.sh

    • Be prepared to provide the following information:

      • The login name of the existing user (with no spaces)

      • The Organizational Unit the user exists in

      • The name of the existing group the user will added to

      • The Organizational Unit the group exists in

  • Continue with more updates or move on to the "Apply all of the update file(s) in the updates-proccessing directory" section

Apply all of the update file(s) in the updates-proccessing directory:

  • Review all of the files in the updates-proccessing directory before proceeding

  • Additional .ldif files can be added for batch processing if they fit the schema of the LDAP database

  • Apply the update files: apply_updates.sh

  • Review the output for any errors/failures

  • Check the updates-processing directory for any update files that were not applied

  • files in the updates-processing directory can be manually edited before attempting to apply them again

About

Languages

Language:Shell 100.0%