Adding ldap tools.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

2 files changed, 157 insertions, 0 deletions

diff --git a/ldap/Makefile b/ldap/Makefile
new file mode 100644
index 0000000..41e9755
--- /dev/null
+++ b/ldap/Makefile
@@ -0,0 +1,78 @@
+# Copyright (C) 2013-2022 Daniel Baumann <daniel@debian.org>
+#
+# SPDX-License-Identifier: GPL-3.0+
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+SHELL := sh -e
+
+SCRIPTS = bin/*
+
+all: build
+
+test:
+	@echo -n "Checking for syntax errors with sh... "
+	@for SCRIPT in $(SCRIPTS); \
+	do \
+		sh -n $${SCRIPT}; \
+		echo -n "."; \
+	done
+	@echo " done."
+
+	@echo -n "Checking for bashisms... "
+	@if [ -x /usr/bin/checkbashisms ]; \
+	then \
+		for SCRIPT in $(SCRIPTS); \
+		do \
+			checkbashisms -f -x $${SCRIPT}; \
+			echo -n "."; \
+		done; \
+	else \
+		echo "Note: devscripts not installed, skipping checkbashisms."; \
+	fi
+	@echo " done."
+
+	@echo -n "Checking with shellcheck... "
+	@if [ -x /usr/bin/shellcheck ]; \
+	then \
+		for SCRIPT in $(SCRIPTS); \
+		do \
+			shellcheck -e SC2039 $${SCRIPT}; \
+			echo -n "."; \
+		done; \
+	else \
+		echo "Note: shellcheck not installed, skipping shellcheck."; \
+	fi
+	@echo " done."
+
+build:
+
+install: build
+	mkdir -p $(DESTDIR)/usr/bin
+	cp -r bin/* $(DESTDIR)/usr/bin
+
+uninstall:
+	for FILE in bin/*; \
+	do \
+		rm -f $(DESTDIR)/usr/bin/$$(basename $${FILE}); \
+	done
+	rmdir --ignore-fail-on-non-empty --parents $(DESTDIR)/usr/bin || true
+
+	rmdir --ignore-fail-on-non-empty --parents $(DESTDIR) || true
+
+clean:
+
+distclean:
+
+reinstall: uninstall install
diff --git a/ldap/bin/bfh-ldapsearch b/ldap/bin/bfh-ldapsearch
new file mode 100755
index 0000000..4c190ca
--- /dev/null
+++ b/ldap/bin/bfh-ldapsearch
@@ -0,0 +1,79 @@
+#!/bin/sh
+
+set -e
+
+usage() {
+	echo "Usage: ${0} {tel|uid|uidNumber|cn|...} <STRING>"
+	echo "e.g. $0 uid dxk1"
+}
+
+#LDAP_SERVER="ldap.bfh.ch"
+#LDAP_SERVER="ldap-master.bfh.ch"
+
+#LDAP_SERVER="ldap1.bfh.ch"
+#LDAP_SERVER="ldap2.bfh.ch"
+#LDAP_SERVER="ldap3.bfh.ch"
+
+#LDAP_SERVER="ldapdmz1.bfh.ch"
+#LDAP_SERVER="ldapdmz2.bfh.ch"
+#LDAP_SERVER="ldapdmz3.bfh.ch"
+
+#LDAP_SERVER="ldap1.bfh.science"
+#LDAP_SERVER="ldap2.bfh.science"
+#LDAP_SERVER="ldap3.bfh.science"
+#LDAP_SERVER="ldap4.bfh.science"
+
+PASS="iPaw-e45zn"
+ACTION="${1}"
+PARAM="${2}"
+
+if [ $# -lt 1 ]
+then
+	echo "Missing ARG(s)"
+	usage
+	exit 1
+fi
+
+NAME=$(cat /etc/hostname)
+case "$NAME" in
+	*bfh.science)
+		LDAP_SERVER="ldap.bfh.science"
+		AUTHSTRING=""
+		DC="dc=bfh"
+		;;
+
+	*bfh.ch)
+		IP4=$(ip a | grep 147.87) || IP4=""
+		IP6=$(ip a | grep 2a07:6b47) || IP6=""
+		if [ -z "$IP4" ] && [ -z "$IP6" ];
+		then
+			LDAP_SERVER="ldapdmz.bfh.ch"
+		else
+			LDAP_SERVER="ldap.bfh.ch"
+		fi
+		AUTHSTRING="-D 'cn=unix-nss,ou=srv-account,dc=bfh,dc=ch' -w $PASS"
+		DC="dc=bfh,dc=ch"
+		;;
+
+	*)
+		LDAP_SERVER="ldapdmz.bfh.ch"
+		AUTHSTRING="-D 'cn=unix-nss,ou=srv-account,dc=bfh,dc=ch' -w $PASS"
+		DC="dc=bfh,dc=ch"
+		;;
+esac
+
+if [ -z "$PARAM" ]
+then
+	ldapsearch -LLL -x -s sub "$AUTHSTRING" -H ldaps://"${LDAP_SERVER}":636 -b "$DC" "$ACTION"
+else
+	case "${ACTION}" in
+		tel|telephoneNumber)
+			CMD="ldapsearch -LLL -x -s sub ${AUTHSTRING} -H ldaps://${LDAP_SERVER}:636 -b $DC telephoneNumber=*${PARAM} | grep --color=never -E '^(cn|telephoneNumber): '"
+			;;
+		*)
+			CMD="ldapsearch -LLL -x -s sub ${AUTHSTRING} -H ldaps://${LDAP_SERVER}:636 -b $DC $ACTION=${PARAM}"
+			;;
+	esac
+fi
+
+eval "$CMD"