Add shell script for creating LDAP user accounts
This commit is contained in:
parent
be4d1ca7f4
commit
41319fc5bc
|
@ -14,3 +14,9 @@ $ knife data bag show credentials dirsrv --secret-file .chef/encrypted_data_bag_
|
|||
```
|
||||
$ ldapsearch -x -W -D 'cn=Directory Manager' -b "ou=users,dc=kosmos,dc=org" -H "ldaps://ldap.kosmos.org" -v
|
||||
```
|
||||
|
||||
## Shell scripts
|
||||
|
||||
Adding a new user account (requires username, email, password):
|
||||
|
||||
./scripts/ldap/add_user.sh username user@example.com changeme
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
#!/bin/bash
|
||||
set -xe;
|
||||
|
||||
password=$(ruby -r base64 -r digest -r securerandom -e "salt = SecureRandom.hex(32); password = '$3'; puts '{SSHA512}' + Base64.strict_encode64(Digest::SHA512.digest(password + salt) + salt)");
|
||||
|
||||
ldapadd -x -W -D 'cn=Directory Manager' -H "ldaps://ldap.kosmos.org" << EOF
|
||||
dn: cn=$1,ou=kosmos.org,cn=users,dc=kosmos,dc=org
|
||||
objectClass: top
|
||||
objectClass: account
|
||||
objectClass: person
|
||||
objectClass: extensibleObject
|
||||
cn: $1
|
||||
sn: $1
|
||||
uid: $1
|
||||
mail: $2
|
||||
userPassword: $password
|
||||
EOF
|
Loading…
Reference in New Issue