From 556652cb23a1f7134aa3406c231e13187280916e Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Thu, 6 Oct 2022 13:11:18 +0200 Subject: Adding ldap tools. Signed-off-by: Daniel Baumann --- ldap/Makefile | 78 ++++++++++++++++++++++++++++++++++++++++++++++++ ldap/bin/bfh-ldapsearch | 79 +++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 157 insertions(+) create mode 100644 ldap/Makefile create mode 100755 ldap/bin/bfh-ldapsearch diff --git a/ldap/Makefile b/ldap/Makefile new file mode 100644 index 0000000..41e9755 --- /dev/null +++ b/ldap/Makefile @@ -0,0 +1,78 @@ +# Copyright (C) 2013-2022 Daniel Baumann +# +# SPDX-License-Identifier: GPL-3.0+ +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +SHELL := sh -e + +SCRIPTS = bin/* + +all: build + +test: + @echo -n "Checking for syntax errors with sh... " + @for SCRIPT in $(SCRIPTS); \ + do \ + sh -n $${SCRIPT}; \ + echo -n "."; \ + done + @echo " done." + + @echo -n "Checking for bashisms... " + @if [ -x /usr/bin/checkbashisms ]; \ + then \ + for SCRIPT in $(SCRIPTS); \ + do \ + checkbashisms -f -x $${SCRIPT}; \ + echo -n "."; \ + done; \ + else \ + echo "Note: devscripts not installed, skipping checkbashisms."; \ + fi + @echo " done." + + @echo -n "Checking with shellcheck... " + @if [ -x /usr/bin/shellcheck ]; \ + then \ + for SCRIPT in $(SCRIPTS); \ + do \ + shellcheck -e SC2039 $${SCRIPT}; \ + echo -n "."; \ + done; \ + else \ + echo "Note: shellcheck not installed, skipping shellcheck."; \ + fi + @echo " done." + +build: + +install: build + mkdir -p $(DESTDIR)/usr/bin + cp -r bin/* $(DESTDIR)/usr/bin + +uninstall: + for FILE in bin/*; \ + do \ + rm -f $(DESTDIR)/usr/bin/$$(basename $${FILE}); \ + done + rmdir --ignore-fail-on-non-empty --parents $(DESTDIR)/usr/bin || true + + rmdir --ignore-fail-on-non-empty --parents $(DESTDIR) || true + +clean: + +distclean: + +reinstall: uninstall install diff --git a/ldap/bin/bfh-ldapsearch b/ldap/bin/bfh-ldapsearch new file mode 100755 index 0000000..4c190ca --- /dev/null +++ b/ldap/bin/bfh-ldapsearch @@ -0,0 +1,79 @@ +#!/bin/sh + +set -e + +usage() { + echo "Usage: ${0} {tel|uid|uidNumber|cn|...} " + echo "e.g. $0 uid dxk1" +} + +#LDAP_SERVER="ldap.bfh.ch" +#LDAP_SERVER="ldap-master.bfh.ch" + +#LDAP_SERVER="ldap1.bfh.ch" +#LDAP_SERVER="ldap2.bfh.ch" +#LDAP_SERVER="ldap3.bfh.ch" + +#LDAP_SERVER="ldapdmz1.bfh.ch" +#LDAP_SERVER="ldapdmz2.bfh.ch" +#LDAP_SERVER="ldapdmz3.bfh.ch" + +#LDAP_SERVER="ldap1.bfh.science" +#LDAP_SERVER="ldap2.bfh.science" +#LDAP_SERVER="ldap3.bfh.science" +#LDAP_SERVER="ldap4.bfh.science" + +PASS="iPaw-e45zn" +ACTION="${1}" +PARAM="${2}" + +if [ $# -lt 1 ] +then + echo "Missing ARG(s)" + usage + exit 1 +fi + +NAME=$(cat /etc/hostname) +case "$NAME" in + *bfh.science) + LDAP_SERVER="ldap.bfh.science" + AUTHSTRING="" + DC="dc=bfh" + ;; + + *bfh.ch) + IP4=$(ip a | grep 147.87) || IP4="" + IP6=$(ip a | grep 2a07:6b47) || IP6="" + if [ -z "$IP4" ] && [ -z "$IP6" ]; + then + LDAP_SERVER="ldapdmz.bfh.ch" + else + LDAP_SERVER="ldap.bfh.ch" + fi + AUTHSTRING="-D 'cn=unix-nss,ou=srv-account,dc=bfh,dc=ch' -w $PASS" + DC="dc=bfh,dc=ch" + ;; + + *) + LDAP_SERVER="ldapdmz.bfh.ch" + AUTHSTRING="-D 'cn=unix-nss,ou=srv-account,dc=bfh,dc=ch' -w $PASS" + DC="dc=bfh,dc=ch" + ;; +esac + +if [ -z "$PARAM" ] +then + ldapsearch -LLL -x -s sub "$AUTHSTRING" -H ldaps://"${LDAP_SERVER}":636 -b "$DC" "$ACTION" +else + case "${ACTION}" in + tel|telephoneNumber) + CMD="ldapsearch -LLL -x -s sub ${AUTHSTRING} -H ldaps://${LDAP_SERVER}:636 -b $DC telephoneNumber=*${PARAM} | grep --color=never -E '^(cn|telephoneNumber): '" + ;; + *) + CMD="ldapsearch -LLL -x -s sub ${AUTHSTRING} -H ldaps://${LDAP_SERVER}:636 -b $DC $ACTION=${PARAM}" + ;; + esac +fi + +eval "$CMD" -- cgit v1.2.3