v1.0.0

README.md

@@ -12,12 +12,14 @@ Edit the `ldap.conf` and set the parameters according to your configuration (the
 |script|description|usage|
 |:-----|:----------|-----|
 |list_user.sh|List directory users|`./list_user.sh --help`|
+|manage_user.sh|List directory users|`./manage_user.sh --help`|
 
 ## Changelog
 #### [1.0.0] - 2024-12-27
 ##### Added
 - Config file ldap.conf.dist
 - Functions scripts
+- Manage_user script (v1.0.0)
 - List_user script (v1.0.0)
 - README.md
 - Initial version by [GMo](mailto:gilles.mouchet@gmail.com)

functions.sh

@@ -1,20 +1,52 @@
 #!/bin/bash
-
+#------------------------------------------------------------------------------
+# readConfig
 function readConfig {
   confDir=.
-  cfgFile=${confDir}/config.conf
+  cfgFile=${confDir}/ldap.conf
   if [ ! -f $cfgFile ]; then
       echo "The conf file '$cfgFile' does not exist !"
       exit 1
   fi
-
+# read config file
-  # Read config file
   . $cfgFile
 }
 
+#------------------------------------------------------------------------------
+# getNextuidNumber
+function getNextUidNumber {
+# read all uidNumber
+  ldapsearch -x -LLL -H $LDAP_SRV -b "$LDAP_BASE" -D "$LDAP_MANAGER_USER" -w $LDAP_MANAGER_PASS \
+  uidNumber | grep -v dn | grep -v '^$' > /tmp/ldap_uid.tmp #grep -v '^$' empty line
+# delete uidNumber form the file
+  sed -i -e 's/^uidNumber: //' /tmp/ldap_uid.tmp
+# create an array  
+  while IFS= read -r line; do
+      ldap_array=("${ldap_array[@]}" $line)
+  done < /tmp/ldap_uid.tmp
+# delete temporary file  
+  rm -rf /tmp/ldap_uid.tmp
+# sort the array to find the highest uidNumber
+  max=0
+  for uidNum in ${ldap_array[@]}; do
+      if (( $uidNum > $max )); then 
+         max=$uidNum
+      fi 
+  done
+# increases the max by 1 
+  next_uidNumber=`expr $max + 1` 
+}
+
+
 # check if ldapsearch exist
 ldapsearch_path=$(command -v ldapsearch)
 if [ "$?" == "1" ]; then
-    echo "ldapsearch doesn't exist. Please install openldap-client package"
+    echo "ldapsearch doesn't exist. Please install openldap-clients package"
+    exit 1
+fi
+
+slappasswd_path=$(command -v slappasswd )
+if [ "$?" == "1" ]; then
+    echo "ldapsearch doesn't exist. Please install openldap-servers package"
     exit 1
 fi

ldap.conf.dist

@@ -10,3 +10,6 @@ LDAP_SRV=ldap://kleenex.gmolab.net
 LDAP_MANAGER_USER="cn=Admin LDAP,ou=people,$LDAP_BASE"
 LDAP_MANAGER_PASS=secret
 
+# mail domain for user
+LDAP_USER_MAIL_DOMAIN=gmolab.net
+

list_user.sh

@@ -19,7 +19,7 @@
 #set -x
 
 # Function to print help
-function print_usage {
+function printUsage {
 
 /bin/cat << EOF
 
@@ -71,7 +71,7 @@ do
       if [[ $1 =~ cn= ]]; then
           _TAG="$(echo $1 | cut -f2 -d=)"
           if [ -z "${_TAG}" ]; then
-              print_usage
+              printUsage
               exit 1
           fi
           ldap_arg="cn=$_TAG"
@@ -80,7 +80,7 @@ do
       else
           # check if argument from -n exist
           if [ -z "$2" ]; then
-              print_usage
+              printUsage
               exit 1
            fi 
           _TAG="$2"
@@ -90,7 +90,7 @@ do
       fi
     ;;
     -h|--help|help)
-      print_usage
+      printUsage
       exit 0
     ;;
     -v|--version)
@@ -106,7 +106,7 @@ do
 done
 echo $ldap_arg
 if [ -z "${ldap_arg}" ]; then
-    print_usage
+    printUsage
 else
     #echo "ldapsearch -x -LLL -H $LDAP_SRV -b \"$LDAP_BASE\" -D \"$LDAP_MANAGER_USER\" -w $LDAP_MANAGER_PASS $ldap_arg"
     # check that the search result is not null

manage_user.sh

@@ -0,0 +1,176 @@
+#!/bin/bash
+############################################################
+# Decription: manage user in directory
+#             
+# Author: Gilles Mouchet (gilles.mouchet@gmail.com)
+# Creation Date: 27-Dec-2024
+# Version: 1.0
+# Install: 
+#   see README.md
+# Usage: ./manage_user.sh --help
+# Changelog:
+#    V1.0 - 28-Dec-2024 - GMo
+#      Added
+#      - Creation of script from scratch
+#
+############################################################ 
+
+# debug
+#set -x
+
+#------------------------------------------------------------------------------
+# printUsge
+function printUsage {
+    /bin/cat << EOF
+
+Usage: $progName [options]
+
+Options:
+  -a <user_cn>,--add <user_cn> Add user in the directory
+                               IMPORTANT: The first and last name are separated by a space. 
+                               Spaces in the first and last name must be replaced by hyphens. 
+                               Examples: Von Doe becomes Van-Doe
+  -d <user_cn>,--del=<user_cn> Deleted user from directory                 
+  -h,--help                    Show this help
+  -v,--version                 Show version
+
+Examples:
+  Add user
+    $progName -a "Yvan Descloux"
+    $progName --add="John Von-Doe"
+
+  Delete user John Von-Doe
+    $progName -d "John Von-Doe"
+
+ Delete user Yvan Descloux   
+    $progName --del="Yvan Descloux"
+
+EOF
+}
+
+#------------------------------------------------------------------------------
+# addUser
+function addUser {
+# check if the format is coorect
+  if [ $(echo $user_to_add | grep -o " " | wc -l) != "1" ]; then
+      echo "'$user_to_add' format is not correct"
+      echo "The first name and last name must be separated by at least one space"
+      exit 1
+  fi
+# parse cn 
+  first_name=$(echo $user_to_add | cut -d' ' -f1)
+  last_name=$(echo $user_to_add | cut -d' ' -f2)
+# get next uidNumber
+  getNextUidNumber
+# set password (lastname)  
+  user_pass=$(slappasswd -s $last_name)
+# set home dir
+  home_dir=${first_name:0:3}${last_name}
+  lhome_dir=$(echo "${home_dir,,}") #,, set lowercase
+# set mail address
+  email="${first_name,,}"."${last_name,,}"@$LDAP_USER_MAIL_DOMAIN
+# add user in directory
+  ldapadd -x -H $LDAP_SRV -D "$LDAP_MANAGER_USER" -w $LDAP_MANAGER_PASS <<EOF
+dn: cn=$first_name $last_name,ou=people,$LDAP_BASE
+cn: $first_name $last_name
+displayName: $first_name $last_name
+givenName: $first_name
+sn: $last_name
+objectClass: posixAccount
+objectClass: inetOrgPerson
+uid:  $first_name.$last_name
+uidNumber: $next_uidNumber
+gidNumber: $next_uidNumber
+userPassword: $user_pass
+mail: $email
+homeDirectory: /home/$lhome_dir
+EOF
+}
+#------------------------------------------------------------------------------
+# delUser
+function delUser {
+  #echo $user_to_del
+  ldapdelete -x -H $LDAP_SRV -D "$LDAP_MANAGER_USER" -w $LDAP_MANAGER_PASS \
+  "cn=$user_to_del,ou=people,$LDAP_BASE"
+  if [ "$?" == "0" ]; then
+      echo "$user_to_del successfully deleted from directory"
+  fi
+}
+#------------------------------------------------------------------------------
+# main
+# version
+version="v1.0.0"
+# script name
+progName="./$(/bin/basename $0)"
+# read all functios
+source functions.sh
+# read config
+readConfig
+# check that a parameter exists
+if [ -z "$1" ]; then
+    printUsage
+    exit 1
+fi 
+
+while test $# -gt 0
+do
+  case "$1" in
+    -a|--add*)
+      # --add parameter    
+      if [[ $1 =~ add= ]]; then
+          user_to_add="$(echo $1 | cut -f2 -d=)"
+          if [ -z "${user_to_add}" ]; then
+              printUsage
+              exit 1
+          fi
+          addUser
+          shift
+      # -a parameter
+      else
+          # check if argument from -a exist
+          if [ -z "$2" ]; then
+              printUsage
+              exit 1
+          fi 
+          user_to_add="$2"
+          addUser
+          shift 2
+      fi
+    ;;
+    -d|--del*)
+      # --del parameter    
+      if [[ $1 =~ del= ]]; then
+          user_to_del="$(echo $1 | cut -f2 -d=)"
+          if [ -z "${user_to_del}" ]; then
+              printUsage
+              exit 1
+          fi
+          delUser
+          shift
+      # -d parameter
+      else
+          # check if argument from -d exist
+          if [ -z "$2" ]; then
+              printUsage
+              exit 1
+           fi 
+          user_to_del="$2"
+          delUser
+          shift 2
+      fi
+    ;;
+    -h|--help|help)
+      printUsage
+      exit 0
+    ;;
+    -v|--version)
+      echo "2022-$(date +Y) $progName $version"
+      exit
+    ;; 
+    *)
+      echo "${progName}: invalid option -- '$1'!"
+      echo -e "Try '$progName --help' for more information.\n"
+      exit 1
+    ;;
+  esac
+done

toto.ldif

@@ -0,0 +1,13 @@
+dn: cn=Jean Mouchet,ou=people,dc=gmolab,dc=net
+cn: Jean Mouchet
+displayName: Jean Mouchet
+givenName: Jean
+sn: Mouchet
+objectClass: posixAccount
+objectClass: inetOrgPerson
+uid:  Jean.Mouchet
+uidNumber: 10006
+gidNumber: 10006
+userPassword: {SSHA}dtIqQYCEZrMbX3T7+1Z9y1urJXlSHMb8
+mail: Jean.Mouchet@gmolab.net
+homeDirectory: /home/Jean.Mouchet