Date: Wed, 27 Jul 2005 14:13:25 +0200 From: Ruben de Groot <mail25@bzerk.org> To: martin@orbweavers.co.uk Cc: freebsd-questions@freebsd.org Subject: Re: LDAP/nss_ldap adduser script Message-ID: <20050727121325.GA29568@ei.bzerk.org> In-Reply-To: <3040.217.37.3.201.1122457154.squirrel@www.orbweavers.co.uk> References: <3040.217.37.3.201.1122457154.squirrel@www.orbweavers.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jul 27, 2005 at 10:39:14AM +0100, martin@orbweavers.co.uk typed: > Hi all, > > I've been using an ldap directory for quite a while now for my network > logins, and love it. Problem is, it can be quite cumbersome to work > with, any ldap clients I have looked at are either very sketchy or > overly cumbersome for simple tasks (adding/removing users etc.), and > ldif file format is a major pain to work with. > > My first question is - is anyone aware of a good light and stable ldap > client that is easy to setup and use. My own research suggests no, which > leads onto my proposal - > > I'm planning on writing a few basic scripts for working with the system > - a 'ldap_adduser', 'ldap_rmuser' etc. Nothing major, not a full suite > of utilities, just the basics to make life a little easier. > > I've had a look at the adduser script and it should be straight forward > enough to tailer to this purpose, and I can't see any difficulties in > writing them - check /etc/ldap.conf for the location of the users & > groups, pops the details into an ldif and runs it through the ldap > client. The one thing I am not sure about is getting the next available > uid number, but I'm sure the answer will become apparent. > > So before I get into the meat of this, I wanted to check if anyone has > any suggestions or comments. Well, how would you go about determining the default user's set of objectclasses and attributes? e.g. we have in our ldap users with different combinations of sambaSamAccount, posixAccount and courierMailAccount. If you want your script to be flexible enough to provide all possible options, you'll end up writing a very complex script. But good luck anyway ;-) Ruben
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050727121325.GA29568>