[Fedora-directory-users] admin command lines for Fedora DS
Niranjan M.R
niranjan.ashok at gmail.com
Wed Dec 19 16:01:56 UTC 2007
Ryan Braun wrote:
> On Tuesday 18 December 2007 10:38 pm, dandantheitman wrote:
>
>> On 18/12/2007, Namachivayam <npurusothaman at perisoftware.com> wrote:
>>
>>> Hi Dan,
>>> For adding users (with Posix Attributes), changing the
>>> userpassword, we are using these scripts :
>>> _For creating users with Posix Attribute :_
>>> create a file for example with the content :
>>>
>> <snip>
>>
>> Hi Namachivayan,
>> Thanks for your help. What I need to do is figure out a way to use
>> ldapadd rather than using the ldif file as I would like automate the
>> UID generation.
>>
>
> I found this objectClass in samba somewhere, it's basically just an object
> that holds a gidNumber and a uidNumber value. When my add_user script runs,
> it will first find this object, grab the values, create the user, then
> increment them as needed.
>
> objectClasses: ( UnixIdPool-oid NAME 'UnixIdPool' SUP top STRUCTURAL MUST ( cn
> $ gidNumber $ uidNumber ) X-ORIGIN 'user defined' )
>
> Ryan
>
Hi,
I would like to share with regard to this, in samba.schema, Below is
the objectclass I found
objectclass ( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' SUP top
AUXILIARY
DESC 'Pool for allocating UNIX uids/gids'
MUST ( uidNumber $ gidNumber ) )
And from idealx scripts which you can download from samba.org You will
see that it uses a piece of perl code to get the next uid. May be this
can help,.
the logic is same as what Ryan described
<snip>
sub get_next_id($$) {
my $ldap_base_dn = shift;
my $attribute = shift;
my $tries = 0;
my $found=0;
my $next_uid_mesg;
my $nextuid;
if ($ldap_base_dn =~ m/$config{usersdn}/i) {
# when adding a new user, we'll check if the uidNumber available
is not
# already used for a computer's account
$ldap_base_dn=$config{suffix}
}
do {
$next_uid_mesg = $ldap->search(
base => $config{sambaUnixIdPooldn},
filter => "(objectClass=sambaUnixIdPool)",
scope => "base"
);
$next_uid_mesg->code && die "Error looking for next uid";
if ($next_uid_mesg->count != 1) {
die "Could not find base dn, to get next $attribute";
}
my $entry = $next_uid_mesg->entry(0);
$nextuid = $entry->get_value($attribute);
my $modify=$ldap->modify( "$config{sambaUnixIdPooldn}",
changes => [
replace => [ $attribute => $nextuid + 1 ]
]
);
$modify->code && die "Error: ", $modify->error;
# let's check if the id found is really free (in ou=Groups or
ou=Users)...
my $check_uid_mesg = $ldap->search(
base => $ldap_base_dn,
filter => "($attribute=$nextuid)",
);
$check_uid_mesg->code && die "Cannot confirm $attribute $nextuid
is free";
if ($check_uid_mesg->count == 0) {
$found=1;
return $nextuid;
}
$tries++;
print "Cannot confirm $attribute $nextuid is free: checking for
the next one\n"
} while ($found != 1);
die "Could not allocate $attribute!";
}
Regards
Niranjan
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
More information about the 389-users
mailing list