From 4c356a950b3c64322533bdd7073163e3a4c15228 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Thu, 3 Nov 2022 15:12:14 +0100 Subject: [PATCH] Finished scripts/fix-memberof --- scripts/fix-memberof | 68 +++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 67 insertions(+), 1 deletion(-) diff --git a/scripts/fix-memberof b/scripts/fix-memberof index 10854da..026835f 100755 --- a/scripts/fix-memberof +++ b/scripts/fix-memberof @@ -22,6 +22,7 @@ fi declare -a DNS=() declare -a PEOPLE_OUS=() declare -a GROUPS_OUS=() +TOTAL=0 detect_color @@ -123,7 +124,7 @@ eval_people_ous() { local cmd="ldapsearch -LLL -o ldif-wrap=no " cmd+="-H \"${LDAP_URL}\" -b \"${LDAP_BASE}\"" cmd+=" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" " - cmd+="'(&(objectClass=organizationalUnit)(ou=*People))' dn | grep '^dn:'" + cmd+="'(&(objectClass=organizationalUnit)(|(ou=*People)(ou=user)))' dn | grep '^dn:'" empty_line info "Evaluating of all OUs for people ..." >&2 @@ -253,6 +254,7 @@ fix_users() { cmd="ldapmodify -H \"${LDAP_URL}\" -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" " cmd+="-f \"${TMP_LDIF_FILE}\"" debug "Executing: ${cmd}" + TOTAL=$(( TOTAL + 1 )) if [[ "${SIMULATE}" != "y" ]] ; then eval ${cmd} fi @@ -320,6 +322,68 @@ fix_groups() { cmd="ldapmodify -H \"${LDAP_URL}\" -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" " cmd+="-f \"${TMP_LDIF_FILE}\"" debug "Executing: ${cmd}" + TOTAL=$(( TOTAL + 1 )) + if [[ "${SIMULATE}" != "y" ]] ; then + eval ${cmd} + fi + i=$(( i + 1 )) + sleep 0.1 + done + +} + +#------------------------------------------------------------------------------ +fix_others() { + + local -a others_dns=() + local line= + local dn= + local cmd= + + local oifs="${IFS}" + IFS=" +" + + empty_line + info "Fixing objectClasses of all others ..." + empty_line + + cmd="ldapsearch -LLL -o ldif-wrap=no -H \"${LDAP_URL}\" -b \"${LDAP_BASE}\"" + cmd+=" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" " + cmd+="'(&(|(objectClass=groupOfNames)(objectClass=groupOfUniqueNames)(uid=*))" + cmd+="(!(|(objectClass=extensibleObject)(objectClass=inetAdmin)(objectClass=inetUser)" + cmd+="(objectClass=nsManagedPerson)(objectClass=nsMemberOf))))' dn | grep '^dn:'" + + # debug "Executing: ${cmd}" + for line in $( eval ${cmd} ) ; do + if echo "${line}" | grep -q '^dn: ' ; then + dn=$( echo "${line}" | sed -e 's/^dn: *//' ) + elif echo "${line}" | grep -q '^dn:: ' ; then + dn=$( echo "${line}" | sed -e 's/^dn:: *//' | base64 -d ) + fi + others_dns+=("${dn}") + done + + info "Found ${CYAN}${#others_dns[*]} other objects${NORMAL} to fix." + + IFS="${oifs}" + + local i=0 + for dn in "${others_dns[@]}" ; do + info "Fixing user '${CYAN}${dn}${NORMAL}' ..." + echo "dn: ${dn}" >"${TMP_LDIF_FILE}" + echo "changetype: modify" >>"${TMP_LDIF_FILE}" + echo "add: objectClass" >>"${TMP_LDIF_FILE}" + echo "objectClass: nsMemberOf" >>"${TMP_LDIF_FILE}" + echo "-" >>"${TMP_LDIF_FILE}" + echo "" >>"${TMP_LDIF_FILE}" + if [[ "$i" -lt "2" && "${VERBOSE}" == "y" ]] ; then + cat "${TMP_LDIF_FILE}" + fi + cmd="ldapmodify -H \"${LDAP_URL}\" -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" " + cmd+="-f \"${TMP_LDIF_FILE}\"" + debug "Executing: ${cmd}" + TOTAL=$(( TOTAL + 1 )) if [[ "${SIMULATE}" != "y" ]] ; then eval ${cmd} fi @@ -342,9 +406,11 @@ main() { fix_users fix_groups + fix_others empty_line info "${CYAN}Finished${NORMAL}." + info "${CYAN}Fixed total ${TOTAL} enries.${NORMAL}." } -- 2.39.5