| 1234567891011121314151617181920212223242526272829303132333435 |
- #!/bin/bash -e
- # Usage :
- # ./add-readonly-user.sh LDAP_DOMAIN LDAP_ADMIN_PASSWORD LDAP_READONLY_USERNAME LDAP_READONLY_PASSWORD
- # Example :
- # ./add-readonly-user.sh example.org admin readonly readonly-password
- LDAP_DOMAIN=$1
- LDAP_ADMIN_PASSWORD=$2
- LDAP_READONLY_USERNAME=$3
- LDAP_READONLY_PASSWORD=$4
- function get_ldap_base_dn() {
- LDAP_BASE_DN=""
- IFS='.' read -ra LDAP_BASE_DN_TABLE <<< "$LDAP_DOMAIN"
- for i in "${LDAP_BASE_DN_TABLE[@]}"; do
- EXT="dc=$i,"
- LDAP_BASE_DN=$LDAP_BASE_DN$EXT
- done
- LDAP_BASE_DN=${LDAP_BASE_DN::-1}
- }
- get_ldap_base_dn
- LDAP_READONLY_PASSWORD_ENCRYPTED=$(slappasswd -s $LDAP_READONLY_PASSWORD)
- sed -i "s|{{ LDAP_READONLY_USERNAME }}|${LDAP_READONLY_USERNAME}|g" /container/service/slapd/assets/config/readonly-user/readonly-user.ldif
- sed -i "s|{{ LDAP_READONLY_PASSWORD_ENCRYPTED }}|${LDAP_READONLY_PASSWORD_ENCRYPTED}|g" /container/service/slapd/assets/config/readonly-user/readonly-user.ldif
- sed -i "s|{{ LDAP_BASE_DN }}|${LDAP_BASE_DN}|g" /container/service/slapd/assets/config/readonly-user/readonly-user.ldif
- sed -i "s|{{ LDAP_READONLY_USERNAME }}|${LDAP_READONLY_USERNAME}|g" /container/service/slapd/assets/config/readonly-user/readonly-user-acl.ldif
- sed -i "s|{{ LDAP_BASE_DN }}|${LDAP_BASE_DN}|g" /container/service/slapd/assets/config/readonly-user/readonly-user-acl.ldif
- ldapmodify -h localhost -p 389 -D cn=admin,$LDAP_BASE_DN -w $LDAP_ADMIN_PASSWORD -f /container/service/slapd/assets/config/readonly-user/readonly-user.ldif
- ldapmodify -Y EXTERNAL -Q -H ldapi:/// -f /container/service/slapd/assets/config/readonly-user/readonly-user-acl.ldif
|
