set -u
LDAP_USR="cn=admin"
-LDAP_URL="ldaps://dev-ldap2.pixelpark.com"
-# LDAP_URL="ldap://ldap.pixelpark.com"
-LDAP_PWD_FILE="${HOME}/.private/dirsrv-dpx-admin-pwd-wonl.txt"
-# LDAP_PWD_FILE="${HOME}/.private/ldap-admin-wonl.txt"
+# LDAP_URL="ldaps://dev-ldap2.pixelpark.com"
+LDAP_URL="ldap://ldap.pixelpark.com"
+# LDAP_PWD_FILE="${HOME}/.private/dirsrv-dpx-admin-pwd-wonl.txt"
+LDAP_PWD_FILE="${HOME}/.private/ldap-admin-wonl.txt"
LDAP_BASE="o=isp"
+GLOBAL_SEARCH_BASE="o=isp"
DPX_PEOPLE_SEARCH_BASE="ou=People,o=Pixelpark,o=isp"
+OLD_IMAP_SERVER='mail-brln-store02.pixelpark.com'
NEW_IMAP_SERVER='dev-imap01.pixelpark.com'
PWD_HASH_FBREHM="{PBKDF2_SHA256}AAAIACeyMif+rcXuIDhZvJLqcfH6ha1+JrZJeoMzkwvOWZg\
local filter="(&(objectClass=*)(|(mail=${usr})(mailAlternateAddress=${usr})"
filter+="(mailEquivalentAddress=${usr})(uid=${usr})))"
local cmd="ldapsearch -x -LLL -o ldif-wrap=no -H '${LDAP_URL}' "
- cmd+="-b \"${DPX_PEOPLE_SEARCH_BASE}\" -v -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" "
+ cmd+="-b \"${DPX_PEOPLE_SEARCH_BASE}\" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" "
cmd+="\"${filter}\" dn | grep '^dn:' | sed -e 's/^dn:[ ][ ]*//i' | head -n 1"
echo
echo "Searching for existing password ..."
cmd="ldapsearch -x -LLL -o ldif-wrap=no -H '${LDAP_URL}' "
- cmd+="-b \"${dn}\" -v -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" "
+ cmd+="-b \"${dn}\" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" "
cmd+="'(objectClass=*)' userPassword | grep -i '^userPassword:'"
echo
echo "Executing: ${cmd}"
echo
cat "${LDIF_FILE}"
- cmd="ldapmodify -H \"${LDAP_SERVER}\" -x -D \"${LDAP_BIND_DN}\" -y \"${LDAP_PWD_FILE}\""
+ cmd="ldapmodify -H \"${LDAP_URL}\" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\""
cmd+=" -f \"$( readlink -f "${LDIF_FILE}" )\""
echo
echo "Executing: ${cmd}"
echo
- eval $cmd
+ # eval $cmd
echo
echo "Done."
echo
}
+#------------------------------------------------
+update_mailhost() {
+
+ local dn="$1"
+ local old_mailhost=
+
+ local cmd="ldapsearch -x -LLL -o ldif-wrap=no -H '${LDAP_URL}' "
+ cmd+="-b \"${dn}\" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" "
+ cmd+="\"(objectClass=*)\" mailHost | grep -i 'mailHost:' | sed 's/^mailHost:[ ]*//i'"
+
+ old_mailhost=$( eval ${cmd} )
+ echo " * ${dn}"
+ echo " '${old_mailhost}' => '${NEW_IMAP_SERVER}'"
+
+}
+
+#------------------------------------------------
+update_all_mailhosts() {
+
+ local -a dns=()
+ local dn=
+ local line=
+ local oifs="${IFS}"
+ local filter="(&(|(objectClass=mailRecipient)(objectClass=mailGroup)(objectClass=inetLocalMailRecipient))(mailHost=${OLD_IMAP_SERVER}))"
+ local cmd="ldapsearch -x -LLL -o ldif-wrap=no -H '${LDAP_URL}' "
+ cmd+="-b \"${GLOBAL_SEARCH_BASE}\" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" "
+ cmd+="\"${filter}\" dn | grep -i '^dn:' | sed -e 's/^dn:[ ][ ]*//i'"
+
+ echo
+ echo "Executing: ${cmd}"
+ echo
+ IFS="
+"
+
+ echo "Found DNs to modify:"
+ for line in $( eval ${cmd} ) ; do
+ if [[ "${line}" =~ ^dn:: ]] ; then
+ dn=$( echo "${line}" | sed -e 's/^dn::[ ]*//' | base64 -d )
+ else
+ dn=$( echo "${line}" | sed -e 's/^dn:[ ]*//' )
+ fi
+ # echo " * ${dn}"
+ dns+=( " ${dn}" )
+ done
+
+ IFS="${oifs}"
+
+ for dn in "${dns[@]}" ; do
+ update_mailhost "${dn}"
+ done
+
+}
+
#------------------------------------------------
main() {
trap cleanup_tmp_file INT TERM EXIT ABRT
update_passwd_fbrehm
+ update_all_mailhosts
}
projects / pixelpark / ldap-migration.git / commitdiff