From owner-freebsd-questions@FreeBSD.ORG Tue Aug 2 12:36:21 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 06D0016A41F for ; Tue, 2 Aug 2005 12:36:21 +0000 (GMT) (envelope-from Joerg.Pulz@frm2.tum.de) Received: from mailhost.frm2.tum.de (mailhost.frm2.tum.de [129.187.179.12]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6D7EA43D49 for ; Tue, 2 Aug 2005 12:36:15 +0000 (GMT) (envelope-from Joerg.Pulz@frm2.tum.de) Received: from localhost (mailhost.frm2.tum.de [129.187.179.12]) by mailhost.frm2.tum.de (8.13.3/8.13.1) with ESMTP id j72COVmk036472; Tue, 2 Aug 2005 14:24:31 +0200 (CEST) (envelope-from jpulz@frm2.tum.de) Received: from hades.admin.frm2 (hades.admin.frm2 [172.25.1.10]) by mailhost.frm2.tum.de (8.13.3/8.13.1) with ESMTP id j72COUkW036468 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 2 Aug 2005 14:24:30 +0200 (CEST) (envelope-from jpulz@frm2.tum.de) Received: from hades.admin.frm2 (localhost [127.0.0.1]) by hades.admin.frm2 (8.13.3/8.13.3) with ESMTP id j72COUl5088643; Tue, 2 Aug 2005 14:24:30 +0200 (CEST) (envelope-from jpulz@frm2.tum.de) Received: (from jpulz@localhost) by hades.admin.frm2 (8.13.3/8.13.3/Submit) id j72COSkl088642; Tue, 2 Aug 2005 14:24:28 +0200 (CEST) (envelope-from jpulz) Date: Tue, 2 Aug 2005 14:24:26 +0200 (CEST) From: Joerg Pulz To: martin@orbweavers.co.uk In-Reply-To: <3930.217.37.3.201.1122984256.squirrel@www.orbweavers.co.uk> Message-ID: <20050802141953.K72944@hades.admin.frm2> References: <3040.217.37.3.201.1122457154.squirrel@www.orbweavers.co.uk> <20050802111343.GA1545@pm514-9.comsys.ntu-kpi.kiev.ua> <3930.217.37.3.201.1122984256.squirrel@www.orbweavers.co.uk> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: at mailhost.frm2.tum.de Cc: Andrey Simonenko , freebsd-questions@freebsd.org Subject: Re: LDAP/nss_ldap adduser script X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Aug 2005 12:36:21 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 2 Aug 2005, martin@orbweavers.co.uk wrote: >> On Wed, Jul 27, 2005 at 10:39:14AM +0100, martin@orbweavers.co.uk wrote: >> >>> I've had a look at the adduser script and it should be straight >>> forward >>> enough to tailer to this purpose, and I can't see any difficulties in >>> writing them - check /etc/ldap.conf for the location of the users & >>> groups, pops the details into an ldif and runs it through the ldap >> >> I'm not sure that such utilities exist, because each environment is >> very different. On my systems, I'm planning to write own scripts for >> creating, deleting users, etc. I will be much easier than adaption >> someone's scripts for own purpose. > > Each to their own, but most of the stuff is fairly generic. I've written > the scripts to read the ldap settings from the relevent files (the admin > user, and the user & group context). > >> >>> client. The one thing I am not sure about is getting the next available >>> uid number, but I'm sure the answer will become apparent. >> >> From my point of view the easiest solution is some directory with files, >> a name of each file is equal to UID of user. A script should find non- >> existent file with name from UID_min to UID_max and create it. As an >> optimization it possible to keep list of unused numbers (in file). > > Yuch! And what happens if the information gets out of sync. I've come up > with a solution, which was much easier than I had thought - > > user_base=`awk '/nss_base_passwd/ {print $2}' /etc/ldap.conf | cut -f1 -d?` > get_next_uid() { > > lastuid=`ldapsearch -LLL -b "$user_base" > "objectclass=posixAccount" |\ > awk '/uidNumber/ {print $2}' | sort | tail -n1` > if [ -z "$lastuid" ]; then > uid=$startuid > else > uid=`expr $lastuid + 1` > fi > } > > it pulls out all the uids already assigned, sorts them, takes the last > one, and adds one on (or sets it to startuid if none found). It might fall > over if huge numbers of users are in there, but should work for most. > > >> >>> So before I get into the meat of this, I wanted to check if anyone has >>> any suggestions or comments. >> >> How do you export user home directories? > > Thats another task - I'm just interested in easily adding and removing > users easily. > > If you are interested, I can send you the full scripts - they are pretty > sparse and general, so should be easy to adapt. Hi so, why all this scripting?? you could simply use the following line to get the next free uid (as long as the system is configured to use LDAP accounts) pw usernext | cut -f1 -d: the 'cut' is necessary as 'pw usernext' reports the next free uid:gid in combination (is this a bug??) pw groupnext reports only the next free gid regards Joerg - -- The beginning is the most important part of the work. -Plato -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQFC72X8SPOsGF+KA+MRAquVAKCv3jjm4V8INAEuHbAEY2kGk0heYgCfSYaX yhF36rOl+da279CW6IsGAco= =czue -----END PGP SIGNATURE-----