init
This commit is contained in:
commit
3cafd73a54
4
.gitignore
vendored
Normal file
4
.gitignore
vendored
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
*~
|
||||||
|
.*.sw[op]
|
||||||
|
|
||||||
|
basedn
|
43
00.root.ldif.sh
Executable file
43
00.root.ldif.sh
Executable file
|
@ -0,0 +1,43 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
|
||||||
|
basedn=$(cat basedn)
|
||||||
|
_x=${basedn%%,*}
|
||||||
|
dc=${_x#*=}
|
||||||
|
en=${_x%%=*}
|
||||||
|
if [ Xdc = "X$en" ]
|
||||||
|
then
|
||||||
|
en=""
|
||||||
|
else
|
||||||
|
en=`printf '\n%s' "$en: $dc"`
|
||||||
|
fi
|
||||||
|
pw=`pwgen 8 1`
|
||||||
|
echo "# Password for cn=root,$basedn: $pw" >&2
|
||||||
|
|
||||||
|
cat <<EOF
|
||||||
|
dn: $basedn
|
||||||
|
objectClass: top
|
||||||
|
objectClass: dcObject
|
||||||
|
objectClass: organization
|
||||||
|
dc: ${dc}${en}
|
||||||
|
structuralObjectClass: organization
|
||||||
|
|
||||||
|
dn: cn=root,$basedn
|
||||||
|
objectClass: simpleSecurityObject
|
||||||
|
objectClass: organizationalRole
|
||||||
|
cn: root
|
||||||
|
description: LDAP administrator
|
||||||
|
userPassword:: `echo "$pw" | base64`
|
||||||
|
structuralObjectClass: organizationalRole
|
||||||
|
|
||||||
|
dn: ou=People,$basedn
|
||||||
|
objectClass: top
|
||||||
|
objectClass: organizationalUnit
|
||||||
|
structuralObjectClass: organizationalUnit
|
||||||
|
ou: People
|
||||||
|
|
||||||
|
dn: ou=Groups,$basedn
|
||||||
|
objectClass: top
|
||||||
|
objectClass: organizationalUnit
|
||||||
|
structuralObjectClass: organizationalUnit
|
||||||
|
ou: Groups
|
||||||
|
EOF
|
12
10.acls.ldif
Normal file
12
10.acls.ldif
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
dn: olcDatabase={1}mdb,cn=config
|
||||||
|
changetype: modify
|
||||||
|
replace: olcAccess
|
||||||
|
olcAccess: {0}to attrs=userPassword,shadowLastChange
|
||||||
|
by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth write
|
||||||
|
by self write
|
||||||
|
by anonymous auth
|
||||||
|
by * none
|
||||||
|
olcAccess: {1}to dn.base="" by * read
|
||||||
|
olcAccess: {2}to *
|
||||||
|
by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth write
|
||||||
|
by * read
|
6
20.passwordhash.ldif
Normal file
6
20.passwordhash.ldif
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
dn: cn=config
|
||||||
|
add: olcPasswordHash
|
||||||
|
olcPasswordHash: {CRYPT}
|
||||||
|
-
|
||||||
|
add: olcPasswordCryptSaltFormat
|
||||||
|
olcPasswordCryptSaltFormat: $5$rounds=8000$%.16s
|
25
90.user.ldif.sh
Executable file
25
90.user.ldif.sh
Executable file
|
@ -0,0 +1,25 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
if ! [ 4 -eq $# ]
|
||||||
|
then
|
||||||
|
echo "Usage: $0 username givenname surname mailaddr" >&2
|
||||||
|
echo "random password will be printed. Use ldappasswd for changing it" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
pw=`pwgen 8 1`
|
||||||
|
echo "# Password: $pw" >&2
|
||||||
|
|
||||||
|
cat <<EOF
|
||||||
|
dn: cn=$1,ou=People,o=denkn,c=at
|
||||||
|
objectClass: top
|
||||||
|
objectClass: simpleSecurityObject
|
||||||
|
objectClass: organizationalPerson
|
||||||
|
objectClass: inetOrgPerson
|
||||||
|
cn: $1
|
||||||
|
uid: $1
|
||||||
|
givenName:: `echo "$2" | base64`
|
||||||
|
sn:: `echo "$3" | base64`
|
||||||
|
mail:: `echo "$4" | base64`
|
||||||
|
userPassword:: `echo "$pw" | base64`
|
||||||
|
EOF
|
7
README.md
Normal file
7
README.md
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
Add your basedn to basedn (eg: `echo o=denkn,c=at > basedn`).
|
||||||
|
For initialization, first shutdown slapd and delete `/var/lib/ldap/` (you will lost all your data!),
|
||||||
|
then use `./90.root.ldif | slapadd -b `cat basedn` -v`.
|
||||||
|
Now you can start slapd again.
|
||||||
|
Via `ldapadd -Y external` you can add any other ldif.
|
||||||
|
For adding user run `./90.user.ldif.sh | ldapadd -Y external`.
|
||||||
|
|
Loading…
Reference in a new issue