Date: Wed, 27 Jul 2005 13:23:40 +0100 (BST) From: martin@orbweavers.co.uk To: freebsd-questions@freebsd.org Subject: Re: LDAP/nss_ldap adduser script Message-ID: <1201.192.168.0.10.1122467020.squirrel@192.168.0.5> In-Reply-To: <20050727121325.GA29568@ei.bzerk.org> References: <3040.217.37.3.201.1122457154.squirrel@www.orbweavers.co.uk> <20050727121325.GA29568@ei.bzerk.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Wed, Jul 27, 2005 at 10:39:14AM +0100, martin@orbweavers.co.uk typed: >> Hi all, >> >> I've been using an ldap directory for quite a while now for my >> network >> logins, and love it. Problem is, it can be quite cumbersome to work >> with, any ldap clients I have looked at are either very sketchy or >> overly cumbersome for simple tasks (adding/removing users etc.), and >> ldif file format is a major pain to work with. >> >> My first question is - is anyone aware of a good light and stable ldap >> client that is easy to setup and use. My own research suggests no, which >> leads onto my proposal - >> >> I'm planning on writing a few basic scripts for working with the >> system >> - a 'ldap_adduser', 'ldap_rmuser' etc. Nothing major, not a full suite >> of utilities, just the basics to make life a little easier. >> >> I've had a look at the adduser script and it should be straight >> forward >> enough to tailer to this purpose, and I can't see any difficulties in >> writing them - check /etc/ldap.conf for the location of the users & >> groups, pops the details into an ldif and runs it through the ldap >> client. The one thing I am not sure about is getting the next available >> uid number, but I'm sure the answer will become apparent. >> >> So before I get into the meat of this, I wanted to check if anyone has >> any suggestions or comments. > > Well, how would you go about determining the default user's set of > objectclasses > and attributes? e.g. we have in our ldap users with different combinations > of > sambaSamAccount, posixAccount and courierMailAccount. > If you want your script to be flexible enough to provide all possible > options, > you'll end up writing a very complex script. But good luck anyway ;-) > > Ruben Primarily, my aim is to keep it simple, do the basics, thats the itch that needs scratching for me at the moment. It could be the base of a more encompassing management system, but that would be a different project.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1201.192.168.0.10.1122467020.squirrel>