samba - Oct 2005 - roll-yer-own ldapadd operations for scipt options?

I'm currently using the suse ldapsmb utility for all the script
operations, but I want to do some custom script work for creating user and
machine accounts. For example, I want to manipulate the default object
classes and directory placement for new machines--putting them into
ou=Devices instead of ou=Users, and giving them the parent objectClasses
of account and ipHost [for NIS and DHCP work]. I want to do similar kinds
of stuff to new user accounts--giving them objectClass of person and
inetOrgPerson and posixAccount all at once.

So I need to have a script that will fill in some blanks in a template
file and then call ldapadd (or something) that will import the completed
template. Technically I could probably do all of that with the variables
available in the smb.conf, except that ldapdd needs multi-line input when
it is reading from stdin. Is that possible? If not, I'll have to create a
template file, store it in a temp file, and do it that way. Anybody got
anything done here that I can copy?

Thanks

-- 
Eric A. Hall                                        http://www.ehsco.com/
Internet Core Protocols          http://www.oreilly.com/catalog/coreprot/

On Tue, 2005-10-18 at 19:05 -0400, Eric A. Hall wrote:
> I'm currently using the suse ldapsmb utility for all the script
> operations, but I want to do some custom script work for creating user and
> machine accounts. For example, I want to manipulate the default object
> classes and directory placement for new machines--putting them into
> ou=Devices instead of ou=Users, and giving them the parent objectClasses
> of account and ipHost [for NIS and DHCP work]. I want to do similar kinds
> of stuff to new user accounts--giving them objectClass of person and
> inetOrgPerson and posixAccount all at once.
> 
> So I need to have a script that will fill in some blanks in a template
> file and then call ldapadd (or something) that will import the completed
> template. Technically I could probably do all of that with the variables
> available in the smb.conf, except that ldapdd needs multi-line input when
> it is reading from stdin. Is that possible? If not, I'll have to create
a
> template file, store it in a temp file, and do it that way. Anybody got
> anything done here that I can copy?
----
I personally use webmin to create/edit accounts (LDAP Users & Groups
module + a few shell scripts) but I'm sure that LAM (LDAP Account
Manager) can do what you want to do and of course. Included with most
samba packaging is smbldap which will give you the framework where you
can sort of do what you want.

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

On 10/18/2005 7:15 PM, Craig White wrote:
> On Tue, 2005-10-18 at 19:05 -0400, Eric A. Hall wrote:
>>So I need to have a script that will fill in some blanks in a template
> samba packaging is smbldap which will give you the framework where you
> can sort of do what you want.
I was hoping to avoid perl scripting, but it might make sense to just add
the additional options to the existing ldapsmb tool. Maybe add options for
something like --oc for "parent objectClass hierarchy", and so forth.

-- 
Eric A. Hall                                        http://www.ehsco.com/
Internet Core Protocols          http://www.oreilly.com/catalog/coreprot/