set -e
set -u
+VERBOSE="n"
+DEBUG="n"
+QUIET='n'
+SIMULATE='n'
+
+VERSION="2.3"
+
+# console colors:
+RED=""
+YELLOW=""
+GREEN=""
+# BLUE=""
+CYAN=""
+NORMAL=""
+
+BASENAME=$(basename "${0}")
+BASE_DIR=$( dirname "$0" )
+cd "${BASE_DIR}" || exit 99
+BASE_DIR=$( readlink -f . )
+
LDAP_USR="cn=admin"
-# LDAP_URL="ldaps://dev-ldap2.pixelpark.com"
-LDAP_URL="ldap://ldap.pixelpark.com"
-# LDAP_PWD_FILE="${HOME}/.private/dirsrv-dpx-admin-pwd-wonl.txt"
-LDAP_PWD_FILE="${HOME}/.private/ldap-admin-wonl.txt"
+LDAP_URL="ldaps://dev-ldap2.pixelpark.com"
+# LDAP_URL="ldap://ldap.pixelpark.com"
+LDAP_PWD_FILE="${HOME}/.private/dirsrv-dpx-admin-pwd-wonl.txt"
+# LDAP_PWD_FILE="${HOME}/.private/ldap-admin-wonl.txt"
LDAP_BASE="o=isp"
GLOBAL_SEARCH_BASE="o=isp"
DPX_PEOPLE_SEARCH_BASE="ou=People,o=Pixelpark,o=isp"
0oE1ZAjFKrts2rFdMwmJvqM3BaPZTra8j03NhqA/Syl2CJ2du2wDfrhjRcAgsLGegV/gF/oti3GSsk9\
wnhNR1Db4nR5uCe2RCCyd+3guoTWVV6OzgUuYcM8QKhTeDzHPmKjWn+gPXH8VYHNdTMbJ"
-declare -a UIDS_NEW_IMAP=(
- 'robert.waffen'
- 'lutz.beier'
-)
-
LDIF_FILE=
-if [[ ! -f "${LDAP_PWD_FILE}" ]] ; then
- echo "Password file '${LDAP_PWD_FILE}' not found" >&2
- exit 3
-fi
+#-------------------------------------------------------------------
+detect_color() {
+
+ local safe_term="${TERM//[^[:alnum:]]/?}"
+ local match_lhs=""
+ local use_color="false"
+ local term=
+
+ if [[ -f ~/.dir_colors ]] ; then
+ match_lhs="${match_lhs}$( grep '^TERM ' ~/.dir_colors | sed -e 's/^TERM *//' -e 's/ .*//')"
+ fi
+ if [[ -f /etc/DIR_COLORS ]] ; then
+ match_lhs="${match_lhs}$( grep '^TERM ' /etc/DIR_COLORS | sed -e 's/^TERM *//' -e 's/ .*//')"
+ fi
+ if [[ -z ${match_lhs} ]] ; then
+ type -P dircolors >/dev/null && \
+ match_lhs=$(dircolors --print-database | grep '^TERM ' | sed -e 's/^TERM *//' -e 's/ .*//')
+ fi
+ for term in ${match_lhs} ; do
+ # shellcheck disable=SC2053
+ if [[ "${safe_term}" == ${term} || "${TERM}" == ${term} ]] ; then
+ use_color="true"
+ break
+ fi
+ done
+
+ # console colors:
+ if [ "${use_color}" = "true" ] ; then
+ RED="\\033[38;5;196m"
+ YELLOW="\\033[38;5;226m"
+ GREEN="\\033[38;5;46m"
+ # BLUE="\\033[38;5;27m"
+ CYAN="\\033[38;5;36m"
+ NORMAL="\\033[39m"
+ # HAS_COLORS="y"
+ else
+ RED=""
+ YELLOW=""
+ GREEN=""
+ # BLUE=""
+ CYAN=""
+ NORMAL=""
+ fi
+
+ local my_tty
-if [[ ! -r "${LDAP_PWD_FILE}" ]] ; then
- echo "Password file '${LDAP_PWD_FILE}' not readable" >&2
- exit 3
-fi
+ my_tty=$(tty)
+ if [[ "${my_tty}" =~ 'not a tty' ]] ; then
+ my_tty='-'
+ fi
+
+}
+detect_color
+
+#------------------------------------------------------------------------------
+my_date() {
+ date +'%F %T.%N %:::z'
+}
+
+#------------------------------------------------------------------------------
+debug() {
+ if [[ "${VERBOSE}" != "y" ]] ; then
+ return 0
+ fi
+ echo -e " * [$(my_date)] [${BASENAME}:${CYAN}DEBUG${NORMAL}]: $*" >&2
+}
+
+#------------------------------------------------------------------------------
+info() {
+ if [[ "${QUIET}" == "y" ]] ; then
+ return 0
+ fi
+ if [[ "${VERBOSE}" == "y" ]] ; then
+ echo -e " ${GREEN}*${NORMAL} [$(my_date)] [${BASENAME}:${GREEN}INFO${NORMAL}] : $*"
+ else
+ echo -e " ${GREEN}*${NORMAL} $*"
+ fi
+}
+
+#------------------------------------------------------------------------------
+warn() {
+ if [[ "${VERBOSE}" == "y" ]] ; then
+ echo -e " ${YELLOW}*${NORMAL} [$(my_date)] [${BASENAME}:${YELLOW}WARN${NORMAL}] : $*" >&2
+ else
+ echo -e " ${YELLOW}*${NORMAL} [${BASENAME}:${YELLOW}WARN${NORMAL}] : $*" >&2
+ fi
+}
+
+#------------------------------------------------------------------------------
+error() {
+ if [[ "${VERBOSE}" == "y" ]] ; then
+ echo -e " ${RED}*${NORMAL} [$(my_date)] [${BASENAME}:${RED}ERROR${NORMAL}]: $*" >&2
+ else
+ echo -e " ${RED}*${NORMAL} [${BASENAME}:${RED}ERROR${NORMAL}]: $*" >&2
+ fi
+}
+
+#------------------------------------------------------------------------------
+description() {
+ cat <<-EOF
+ Updates in NLAP the Password of Frank Brehm and moves the mailHost
+ from '${OLD_IMAP_SERVER}' to '${NEW_IMAP_SERVER}'.
+
+ EOF
+
+}
+
+#------------------------------------------------------------------------------
+draw_line() {
+ if [[ "${QUIET}" == "y" ]] ; then
+ return 0
+ fi
+ echo "---------------------------------------------------"
+}
+
+#------------------------------------------------------------------------------
+empty_line() {
+ if [[ "${QUIET}" == "y" ]] ; then
+ return 0
+ fi
+ echo
+}
+
+#------------------------------------------------------------------------------
+usage() {
+
+ cat <<-EOF
+ Usage: ${BASENAME} [-s|--simulate] [-d|--debug] [[-v|--verbose] | [-q|--quiet]] [--nocolor]
+ ${BASENAME} [-h|--help]
+ ${BASENAME} [-V|--version]
+
+ Options:
+ -s|--simulate Simulation mode, nothing is really done.
+ -d|--debug Debug output (bash -x).
+ -v|--verbose Set verbosity on.
+ -q|--quiet Quiet execution. Mutually exclusive to --verbose.
+ --nocolor Don't use colors on display.
+ -h|--help Show this output and exit.
+ -V|--version Prints out version number of the script and exit.
+
+ EOF
+
+}
+
+#------------------------------------------------------------------------------
+get_options() {
+
+ local tmp=
+ local short_options="sdvqhV"
+ local long_options="simulate,debug,verbose,quiet,help,version"
+ local py_version=
+ local py_found="n"
+ local ret=
+
+ set +e
+ tmp=$( getopt -o "${short_options}" --long "${long_options}" -n "${BASENAME}" -- "$@" )
+ ret="$?"
+ if [[ "${ret}" != 0 ]] ; then
+ echo "" >&2
+ usage >&2
+ exit 1
+ fi
+ set -e
+
+ # Note the quotes around `$TEMP': they are essential!
+ eval set -- "${tmp}"
+
+ while true ; do
+ case "$1" in
+ -s|--simulate)
+ SIMULATE="y"
+ shift
+ ;;
+ -d|--debug)
+ DEBUG="y"
+ shift
+ ;;
+ -v|--verbose)
+ VERBOSE="y"
+ shift
+ ;;
+ -q|--quiet)
+ QUIET="y"
+ RED=""
+ YELLOW=""
+ GREEN=""
+ # BLUE=""
+ CYAN=""
+ NORMAL=""
+ # HAS_COLORS="n"
+ shift
+ ;;
+ --nocolor)
+ RED=""
+ YELLOW=""
+ GREEN=""
+ # BLUE=""
+ CYAN=""
+ NORMAL=""
+ # HAS_COLORS="n"
+ shift
+ ;;
+ -h|--help)
+ description
+ echo
+ usage
+ exit 0
+ ;;
+ -V|--version)
+ echo "${BASENAME} version: ${VERSION}"
+ exit 0
+ ;;
+ --) shift
+ break
+ ;;
+ *) echo "Internal error!"
+ exit 1
+ ;;
+ esac
+ done
+
+ if [[ "${DEBUG}" = "y" ]] ; then
+ set -x
+ fi
+
+ if [[ "${VERBOSE}" == "y" && "${QUIET}" == "y" ]] ; then
+ error "Options '${RED}--verbose${NORMAL}' and '${RED}--quiet${NORMAL}' are mutually exclusive."
+ echo >&2
+ usage >&2
+ exit 1
+ fi
+
+ if [[ ! -f "${LDAP_PWD_FILE}" ]] ; then
+ error "Password file '${RED}${LDAP_PWD_FILE}${NORMAL}' not found" >&2
+ exit 3
+ fi
+
+ if [[ ! -r "${LDAP_PWD_FILE}" ]] ; then
+ error "Password file '${RED}${LDAP_PWD_FILE}${NORMAL}' not readable" >&2
+ exit 3
+ fi
+
+ if [[ "${SIMULATE}" == "y" ]] ; then
+ echo
+ echo -e "${CYAN}---------------------------------------------${NORMAL}"
+ echo -e " ${YELLOW}Simulation mode${NORMAL}"
+ echo -e " ${CYAN}Nothing will be done in real.${NORMAL}"
+ echo -e "${CYAN}---------------------------------------------${NORMAL}"
+ sleep 2
+ fi
+
+}
+
+#------------------------------------------------------------------------------
+RM() {
+
+ if [[ "${VERBOSE}" == "y" ]] ; then
+ rm --verbose "$@"
+ else
+ rm "$@"
+ fi
+
+}
#------------------------------------------------------------------------------
cleanup_tmp_file() {
if [[ -n "${LDIF_FILE}" ]] ; then
if [[ -e "${LDIF_FILE}" ]] ; then
- echo "Removing temporary file '${LDIF_FILE}' ..."
- rm -v --force --recursive "${LDIF_FILE}"
+ debug "Removing temporary file '${CYAN}${LDIF_FILE}${NORMAL}' ..."
+ RM --force --recursive "${LDIF_FILE}"
fi
fi
}
#------------------------------------------------
update_passwd_fbrehm() {
+ empty_line
+ draw_line
+
local usr='frank.brehm'
+ info "Changing LDAP password of user '${CYAN}${usr}${NORMAL}' ..."
+
local dn=
local filter="(&(objectClass=*)(|(mail=${usr})(mailAlternateAddress=${usr})"
filter+="(mailEquivalentAddress=${usr})(uid=${usr})))"
cmd+="-b \"${DPX_PEOPLE_SEARCH_BASE}\" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" "
cmd+="\"${filter}\" dn | grep '^dn:' | sed -e 's/^dn:[ ][ ]*//i' | head -n 1"
- echo
- echo "Executing: ${cmd}"
- echo
+ debug "Executing: ${cmd}"
dn=$( eval ${cmd} )
if [[ -z "${dn}" ]] ; then
- echo "Did not found user '${usr}'."
+ warn "Did not found user '${YELLOW}${usr}${NORMAL}'."
return
fi
+ debug "Found DN for user '${CYAN}${usr}${NORMAL}': ${CYAN}${dn}${NORMAL}'."
cat > "${LDIF_FILE}" <<-EOF
dn: ${dn}
changetype: modify
EOF
- echo "Searching for existing password ..."
+ debug "Searching for existing password of '${CYAN}${usr}${NORMAL}' ..."
cmd="ldapsearch -x -LLL -o ldif-wrap=no -H '${LDAP_URL}' "
cmd+="-b \"${dn}\" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" "
cmd+="'(objectClass=*)' userPassword | grep -i '^userPassword:'"
- echo
- echo "Executing: ${cmd}"
- echo
+ debug "Executing: ${cmd}"
local cur_pwd=$( eval $cmd )
if [[ -z "${cur_pwd}" ]] ; then
- echo "Adding attribute userPassword ..."
+ info "Adding attribute userPassword ..."
cat >> "${LDIF_FILE}" <<-EOF
add: userPassword
EOF
else
- echo "Modifying attribute userPassword ..."
+ info "Modifying attribute userPassword ..."
cat >> "${LDIF_FILE}" <<-EOF
replace: userPassword
EOF
echo "-" >> "${LDIF_FILE}"
echo '' >> "${LDIF_FILE}"
- echo
- echo "Resulting LDIF:"
- echo "---------------"
- echo
- cat "${LDIF_FILE}"
+ if [[ "${VERBOSE}" == "y" ]] ; then
+ debug "Resulting LDIF:"
+ cat "${LDIF_FILE}"
+ fi
cmd="ldapmodify -H \"${LDAP_URL}\" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\""
cmd+=" -f \"$( readlink -f "${LDIF_FILE}" )\""
- echo
- echo "Executing: ${cmd}"
- echo
- # eval $cmd
- echo
- echo "Done."
- echo
+ debug "Executing: ${cmd}"
+ if [[ "${SIMULATE}" != "y" ]] ; then
+ eval $cmd
+ fi
+ debug "Done."
}
# cmd+="\"(objectClass=*)\" mailHost | grep -i 'mailHost:' | sed 's/^mailHost:[ ]*//i'"
# old_mailhost=$( eval ${cmd} )
- echo " * '${dn}'"
- echo " '${OLD_IMAP_SERVER}' => '${NEW_IMAP_SERVER}'"
+ empty_line
+ info "Changing '${CYAN}${dn}${NORMAL}' ..."
cat > "${LDIF_FILE}" <<-EOF
dn: ${dn}
mailHost: ${NEW_IMAP_SERVER}
-
EOF
- # cat "${LDIF_FILE}"
+ if [[ "${VERBOSE}" == "y" ]] ; then
+ debug "Resulting LDIF:"
+ cat "${LDIF_FILE}"
+ fi
cmd="ldapmodify -H \"${LDAP_URL}\" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\""
cmd+=" -f \"$( readlink -f "${LDIF_FILE}" )\""
- # echo
- # echo "Executing: ${cmd}"
- # echo
-
- # eval $cmd
+ debug "Executing: ${cmd}"
+ if [[ "${SIMULATE}" != "y" ]] ; then
+ eval $cmd
+ fi
+ debug "Done."
}
#------------------------------------------------
update_all_mailhosts() {
+ empty_line
+ draw_line
+
+ info "Searching for all LDAP entries to change ${CYAN}mailHost${NORMAL} ..."
+
local -a dns=()
local dn=
local line=
cmd+="-b \"${GLOBAL_SEARCH_BASE}\" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" "
cmd+="\"${filter}\" dn | grep -i '^dn:' | sed -e 's/^dn:[ ][ ]*//i'"
- echo
- echo "Executing: ${cmd}"
- echo
+ debug "Executing: ${cmd}"
IFS="
"
- echo "Found DNs to modify:"
for line in $( eval ${cmd} ) ; do
if [[ "${line}" =~ ^dn:: ]] ; then
dn=$( echo "${line}" | sed -e 's/^dn::[ ]*//' | base64 -d )
dn=$( echo "${line}" | sed -e 's/^dn:[ ]*//' )
fi
dn=$( echo "${dn}" | sed -e 's/^[ ]*//' -e 's/[ ]*$//' )
- # echo " * ${dn}"
dns+=( "${dn}" )
done
#------------------------------------------------
main() {
- echo "Creating temporary LDIF file ..."
+ get_options "$@"
+
+ debug "Creating temporary LDIF file ..."
LDIF_FILE=$( mktemp after-migration.XXXXXXXX.ldif )
- echo "Temporary file is '${LDIF_FILE}'."
+ debug "Temporary file is '${CYAN}${LDIF_FILE}${NORMAL}'."
trap cleanup_tmp_file INT TERM EXIT ABRT
projects / pixelpark / ldap-migration.git / commitdiff