LDAP be killing me. I need a good step by step

[Brian Millett]

Ric Moore escribío:
> On Tue, 2008-01-08 at 13:30 +0800, Ed Greshko wrote:
>> Ric Moore wrote:
>>> >From the examples I've found, there seems to be "just something
>>> missing"(tm) in them. Someone please direct me to "something that just
>>> works."(tm) as it's making me blind, crazy, old and cranky. Ric
>> Maybe you could start by tell folks what you need/want?  I think your 
>> request is way to general.  I know you are blind, crazy, and cranky...but 
>> stop and think for a moment.
> 
> 
> Just a really good tried and true website reference for setting up ldap.
> I've googled, went to various sites which all are a bit different from
> each other, in procedure, and none has resulted in a working ldap
> server. Even after trying to mentally diff them and come up with
> something in the middle. Ergo, my appeal is to someone/anyone that has
> used a webpage reference that works, step by step, I'd dearly love to
> have it. I'm trying to use openldap. I thought sendmail was difficult.
> It's a cakewalk compared to ldap/openldap. :) Ric
> 

Rick.  There really is not much out there.  Here is a simple way of setting up 
the ldap.  The configuration of the server is pretty well documented, but I 
always found setting up the database to be a bit difficult.

This is ONE way to skin the cat.  There are many ways.  This worked for me.

I have a file of names, phone numbers, etc. that has the following format that 
is used at my work:
Name|Email|Ext.|Home #|Cellular #|Pager|Title

sample data:

Baker, Steve B.|sbb|15|314-215-4141|314-591-8181|| Director of Technology
Bowland, Chris|cyb|33|314-835-1216||314-663-3132|Java Developer



I wrote a perl script to parse this and put it into a valid ldif format:

#!/usr/bin/perl

#Here it checks if there are 3 command line arguments.
if (scalar(@ARGV) < 3)
	#Next print the usage if the command line arguments are < 3
	{
		print "Usage: ascii2ldif {asciifile} {organization name} {emaildomain}\n";
		print "Example: ascii2ldif phonelist \"ace.com\"\n";
		print "\nThis will create a ldif file with the same name of the asciifile.\n";
		print "The email domain, is the emaildomain name of your organization.\n";
		print "\nFormat of entries:.\n";
		print "Lastname, Firstname|userid|Ext.|Home Phone|Cellular|Pager|Title\n";
		exit 1;
	}

my $debug=0;

#This is the variable for the 1st command line arg. (filename of asciifile)
my $phonelist = shift (@ARGV);
print "phonelist=$phonelist\n" if $debug;

#This is the variable for creating the .ldif file
my $ldiflist = ">".$phonelist.".ldif";
print "=\n" if $debug;

#This is the variable for the 2rd command line arg. (Name of email domain)
my $orgName = shift (@ARGV);
print "=\n" if $debug;
#This is the variable for the 3rd command line arg. (Name of email domain)
my $emaildomain = shift (@ARGV);
print "=\n" if $debug;
#This is the variable for the Organization name and type of org)
my ($org, $orgType) = split(/\./,$emaildomain);
print "=\n" if $debug;

sub print_header {
	#This prints the top of the tree of format:
	#dn: dc=ec-group,dc=com
	#dc: ec-group
	#o: Enterprise Consulting Group
	#objectClass: top
	#objectclass: organization
	#objectClass: dcObject

     print OUT "dn: dc=$org, dc=$orgType\n";
     print OUT "dc: $org\n";
     print OUT "o: $orgName\n";
     print OUT "objectClass: top\n";
     print OUT "objectclass: organization\n";
     print OUT "objectclass: dcObject\n\n";
}

sub print_entry {
     my($givenName,$surName,$uid,$title,$officeNumber,$homeNumber,$mobil,$pager) 
= @_;

	# This creates an entry of format:
	#
	#dn: cn=Bill Ackermann, dc=ace, dc=com
	#cn: Bill Ackermann
	#sn: Ackermann
	#givenName: Bill
	#mail: wackerma at ace.com
	#title: Systems Engineer
	#homeTelephoneNumber: 1.212.836.4886
	#telephoneNumber: 1.212.836.4886
	#mobileTelephoneNumber: 1.212.836.4886
	#pagerTelephoneNumber: 1.212.836.4886
	#objectclass: top
	#objectclass: person
	#objectclass: organizationalPerson
	#objectclass: inetOrgPerson
	#

	$cn = $givenName." ".$surName;
     print OUT "dn: cn=$cn, dc=$org, dc=$orgType\n";
     print OUT "cn: $cn\n";
     print OUT "sn: $surName\n";
     print OUT "givenName: $givenName\n" if $givenName ne "";
     print OUT "initials: $initials\n" if $initials ne "";
     print OUT "mail: $uid\@$emaildomain\n" if $uid ne "";
     print OUT "title: $title\n" if $title ne "";
     print OUT "telephoneNumber: $officeNumber\n" if $officeNumber ne "";
     print OUT "homeTelephoneNumber: $homeNumber\n" if $homeNumber ne "";
     print OUT "mobileTelephoneNumber: $mobil\n" if $mobil ne "";
     print OUT "pagerTelephoneNumber: $pager\n" if $pager ne "";
     print OUT "objectClass: top\n";
     print OUT "objectClass: person\n";
     print OUT "objectClass: organizationalPerson\n";
     print OUT "objectClass: inetOrgPerson\n\n";
}


my($given, $surname, $initials, $email, $telephone, $home, $mobil, $pager, $title);
$given = $surname = $initials = $email = "";
$telephone = $home = $mobil = $pager = $title = "";

open(ENTRY, $phonelist);
# better be this form: Name|Email|Ext.|Home #|Cellular  |Pager|Title
open(OUT, $ldiflist);

print_header;

while (<ENTRY>) {
	chomp;
	if ( $_ =~ /^\s*$/ ) {
	    next;					#ignore blank lines
	}
	($initials,$email,$telephone,$home,$mobil,$pager,$title) = split /\|/;
	($surname, $given) = split(/,/,$initials);
	$given =~ s/^\s*|\s*$//g;
	$surname =~ s/^\s*|\s*$//g;
	$email =~ s/^\s*|\s*$//g;
	$title =~ s/^\s*|\s*$//g;
	$telephone =~ s/^\s*|\s*$//g;
	$home =~ s/^\s*|\s*$//g;
	$mobil =~ s/^\s*|\s*$//g;
	$pager =~ s/^\s*|\s*$//g;

	printf 
"given=%s,surname=%s,email=%s,title=%s,telephone=%s,home=%s,mobil=%s,pager=%s\n",
		$given,$surname,$email,$title,$telephone,$home,$mobil,$pager
			if $debug;
	
	print_entry($given,$surname,$email,$title,$telephone,$home,$mobil,$pager);
}

close(ENTRY);
close(OUT);
exit;

So when I run it as:

ascii2ldif phoneList "Enterprise Consulting Group" "ec-group.com"

I get a phoneList.ldif that looks like:
dn: dc=ec-group, dc=com
dc: ec-group
o: Enterprise Consulting Group
description: Top level LDAP for EC-GROUP.COM
objectClass: top
objectclass: organization
objectclass: dcObject

dn: ou=group,dc=ec-group,dc=com
ou: group
objectClass: top
objectClass: organizationalUnit

dn: ou=people,dc=ec-group,dc=com
ou: people
objectClass: top
objectClass: organizationalUnit

dn: ou=sales,dc=ec-group,dc=com
ou: sales
objectClass: top
objectClass: organizationalUnit

dn: cn=Steve B. Baker, ou=people, dc=ec-group, dc=com
cn: Steve B. Baker
sn: Baker
givenName: Steve B.
mail: sbb at ec-group.com
telephoneNumber: 15
homeTelephoneNumber: 314-215-4141
mobileTelephoneNumber: 314-591-8181
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson

dn: cn=Chris Bowland, ou=people, dc=ec-group, dc=com
cn: Chris Bowland
sn: Bowland
givenName: Chris
mail: cyb at ec-group.com
title: 314-663-3132
telephoneNumber: 33
homeTelephoneNumber: 314-835-1216
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson



Then I feed it to openldap with

slapadd -l phoneList.ldif

-- 
Brian Millett - [ Garibaldi, "The Gathering"]
"Commander, this little breach of security isn't going to affect my
  Christmas bonus, is it?"