[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Fedora-directory-users] admin command lines for Fedora DS



Ryan Braun wrote:
On Tuesday 18 December 2007 10:38 pm, dandantheitman wrote:
On 18/12/2007, Namachivayam <npurusothaman perisoftware com> wrote:
Hi Dan,
          For adding users (with Posix Attributes), changing the
userpassword, we are using these scripts :
_For creating users with Posix Attribute :_
create a file for example with the content :
<snip>

Hi Namachivayan,
Thanks for your help.  What I need to do is figure out a way to use
ldapadd rather than using the ldif file as I would like automate the
UID generation.

I found this objectClass in samba somewhere, it's basically just an object that holds a gidNumber and a uidNumber value. When my add_user script runs, it will first find this object, grab the values, create the user, then increment them as needed.

objectClasses: ( UnixIdPool-oid NAME 'UnixIdPool' SUP top STRUCTURAL MUST ( cn
  $ gidNumber $ uidNumber ) X-ORIGIN 'user defined' )

Ryan
Hi,

I would like to share with regard to this, in samba.schema, Below is the objectclass I found

objectclass ( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY
       DESC 'Pool for allocating UNIX uids/gids'
       MUST ( uidNumber $ gidNumber ) )

And from idealx scripts which you can download from samba.org You will see that it uses a piece of perl code to get the next uid. May be this can help,.

the logic is same as what Ryan described

<snip>
sub get_next_id($$) {
 my $ldap_base_dn = shift;
 my $attribute = shift;
 my $tries = 0;
 my $found=0;
 my $next_uid_mesg;
 my $nextuid;
 if ($ldap_base_dn =~ m/$config{usersdn}/i) {
# when adding a new user, we'll check if the uidNumber available is not
       # already used for a computer's account
       $ldap_base_dn=$config{suffix}
 }
 do {
       $next_uid_mesg = $ldap->search(
base => $config{sambaUnixIdPooldn}, filter => "(objectClass=sambaUnixIdPool)", scope => "base" );
       $next_uid_mesg->code && die "Error looking for next uid";
       if ($next_uid_mesg->count != 1) {
         die "Could not find base dn, to get next $attribute";
       }
       my $entry = $next_uid_mesg->entry(0);

       $nextuid = $entry->get_value($attribute);
       my $modify=$ldap->modify( "$config{sambaUnixIdPooldn}",
changes => [ replace => [ $attribute => $nextuid + 1 ] ]
                                                                  );
       $modify->code && die "Error: ", $modify->error;
# let's check if the id found is really free (in ou=Groups or ou=Users)... my $check_uid_mesg = $ldap->search( base => $ldap_base_dn, filter => "($attribute=$nextuid)", ); $check_uid_mesg->code && die "Cannot confirm $attribute $nextuid is free";
       if ($check_uid_mesg->count == 0) {
         $found=1;
         return $nextuid;
       }
       $tries++;
print "Cannot confirm $attribute $nextuid is free: checking for the next one\n"
 } while ($found != 1);
 die "Could not allocate $attribute!";
}


Regards
Niranjan
--
Fedora-directory-users mailing list
Fedora-directory-users redhat com
https://www.redhat.com/mailman/listinfo/fedora-directory-users


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]