精华内容
下载资源
问答
  • LDAP脚本

    2017-05-02 21:44:24
    #!/bin/bash echo "install packages....echo "/home/guests /etc/auto.ldap" >>/etc/auto.master echo "* 172.25.254.254:/home/guests/&">>/etc/auto.ldap systemctl restart autofs echo "ok!!"

    #!/bin/bash
    echo "install packages..."
    yum install sssd krb5-workstation autofs -y &> /dev/null
    echo "config authconfig..."
    authconfig \
    --enableldap \
    --enablekrb5 \
    --disableldapauth \
    --enableldaptls \
    --ldapserver="classroom.example.com" \
    --ldapbasedn="dc=example,dc=com" \
    --ldaploadcacert=http://172.25.254.254/pub/example-ca.crt \
    --krb5realm="EXAMPLE.COM" \
    --krb5kdc="classroom.example.com" \
    --krb5adminserver="classroom.example.com" \
    --update
    echo "config autofs..."
    echo "/home/guests /etc/auto.ldap" >>/etc/auto.master
    echo "* 172.25.254.254:/home/guests/&">>/etc/auto.ldap
    systemctl restart autofs
    echo "ok!!"


    展开全文
  • 请问 KubeSphere2.1 LDAP 脚本 inject-ks-account.sh 如何指定Search Filter 例子如下: (&(objectclass=organizationalPerson)(memberOf=cn=BJ,ou=groups,dc=test,dc=com)) 还有...
  • or die ("ldap search failed: ".ldap_error($ad)); </code></pre> <p>Which I had suspected given the error I was getting is present in this line. So I am assuming one of those defined variables is the ...
  • 第二个脚本功能是:将ldap中创建的组同步到hue中 #!/usr/bin/env bash :<<EOF 功能:添加组,用户,组和用户的映射关系 说明: 1)参数为:组,用户,add。则添加组,用户,依赖 2)参数为:组,用户...

    说明:脚本有两个,
    第一个脚本功能是:添加组,用户,组和用户的映射关系
    第二个脚本功能是:将ldap中创建的组同步到hue中

    #!/usr/bin/env bash
    
    :<<EOF
    功能:添加组,用户,组和用户的映射关系
    说明: 1)参数为:组,用户,add。则添加组,用户,依赖
          2)参数为:组,用户,delete。则删除依赖
    EOF
    
    
    if [ $# != 3 ] ; then
        echo '请输入三个值:'
        echo './setLadpUserOrGroup.sh group user add/delete'
        exit 1;
    fi
    
    user=$1
    group=$2
    operation=$3
    fileName=$1_$2
    rm -rf /opt/${fileName}.ldap
    
    function addGroup(){
        echo "########用户组方法开始########"
        group=$1
        echo "进入addGroup方法组名称为:【"${group}"】"
    
        #linux中判断组是否存在:获取组的gid号,以及判断
        da=`grep -E ${group}: /etc/group`
        gid=`echo ${da} | tr -cd "[0-9]"`
        if [ -z "${gid}" ]; then
            echo "用户组:${group} 不存在于linux"
            exit 1;
        fi
    
        #ldap中判断组是否存在:查询组是否存在
        groupinfo=`ldapsearch -x -D "uid=hue,ou=people,dc=silentwolfyh,dc=com" -w hue -b "cn=${group},ou=group,dc=silentwolfyh,dc=com" | grep -E '0 Success' `;
        echo 'groupinfo==>'${groupinfo}
        if [ -z "${groupinfo}" ]; then
            echo "用户组:${group} 不存在于ldap"
    
            #ldap执行脚本
            grep -E $1: /etc/group  >/opt/group.txt
            /usr/share/migrationtools/migrate_group.pl /opt/group.txt /opt/group.ldif
            ldapadd -x -D "uid=hue,ou=people,dc=silentwolfyh,dc=com" -w hue -f /opt/group.ldif
    
            #用户组插入mysql
            /export/ldapshell/insertHueGroup.sh ${group}
            echo "用户组:${group} 已经添加进入ldap中"
        else
            echo "用户组:${group} 存在于ldap"
        fi
        echo "########用户组方法结束########"
        echo ""
    }
    
    function addUser(){
        echo "########用户方法开始########"
        user=$1
        echo "进入addUser方法用户名称为:【"${user}"】"
        #获取用户的gid号,以及判断
        userinfo=`id ${user}`
        if [ -z "${userinfo}" ]; then
            echo "用户:${user} 不存在于linux"
            exit 1;
        fi
    
        #查询组是否存在
        userinfo=`ldapsearch -x -D "uid=hue,ou=people,dc=silentwolfyh,dc=com" -w hue -b "uid=${user},ou=people,dc=silentwolfyh,dc=com" | grep -E '0 Success' `;
        echo 'userinfo==>'${userinfo}
        if [ -z "${userinfo}" ]; then
            echo "用户:${user} 不存在于ldap"
            #ldap执行脚本
            grep -E $1: /etc/passwd  >/opt/passwd.txt
            /usr/share/migrationtools/migrate_passwd.pl /opt/passwd.txt /opt/passwd.ldif
            ldapadd -x -D "uid=hue,ou=people,dc=silentwolfyh,dc=com" -w hue -f /opt/passwd.ldif
            echo "用户:【${user}】已经添加进入ldap中"
        else
            echo "用户:【${user}】在ldap中存在"
        fi
        echo "########用户方法结束########"
        echo ""
    }
    
    function addGroupUserMapper(){
        echo "########用户和用户组方法开始########"
        user=$1
        group=$2
        operation=$3
        fileName=${user}_${group}
        echo "进入addGroupUserMapper方法组名称为:【"${group}"】," "用户名称为:【"${user}"】"
        #用户和组的映射
        echo dn: cn=${group},ou=group,dc=silentwolfyh,dc=com >> /opt/${fileName}.ldap
        echo changetype: modify >> /opt/${fileName}.ldap
    
        if [ ${operation} == 'add' ] ; then
            echo add: memberUid >> /opt/${fileName}.ldap
        fi
    
        if [ ${operation} == 'delete' ] ; then
            echo delete: memberUid >> /opt/${fileName}.ldap
        fi
    
        echo memberUid: ${user} >> /opt/${fileName}.ldap
        ldapmodify -x -D "uid=hue,ou=people,dc=silentwolfyh,dc=com" -w hue -f /opt/${fileName}.ldap
        echo "########用户和用户组方法开始########"
        echo ""
    }
    
    addGroup ${group}
    addUser ${user}
    addGroupUserMapper ${user} ${group} ${operation}
    
    #!/bin/bash
    #连接MySQL数据库
    Host=IP
    User=root
    PW=123456
    
    valus=$1
    
    #远程连接
    mysql -h$Host -u$User -p$PW <<EOF #指定Host,其他不变
    use hue;
    INSERT INTO auth_group ( name) VALUES  ('$valus');
    insert into useradmin_ldapgroup(group_id) select id from auth_group where name =('$valus');
    COMMIT;
    EOF
    
    
    
    
    北京小辉微信公众号

    在这里插入图片描述

    大数据资料分享请关注
    展开全文
  • PHP LDAP登录脚本

    2018-10-22 17:50:01
    <p>I'm new to LDAP binding script, I'm trying to check if the script I found is correct to be able to use it back on my company as LDAP authentication script, for this I'm using this ...
  • MiediwWiki LDAP配置脚本

    2014-07-28 15:24:21
    # LDAP require_once 'extensions/LdapAuthentication/LdapAuthentication.php'; require_once 'includes/AuthPlugin.php'; $wgLDAPDomainNames = array( 'phicomm-networks');

    # LDAP

    require_once 'extensions/LdapAuthentication/LdapAuthentication.php';

    require_once 'includes/AuthPlugin.php';

    $wgLDAPDomainNames = array( 'phicomm-networks');

    $wgLDAPServerNames = array( 'phicomm-networks'=> '172.16.100.8');

    $wgLDAPEncryptionType = array('phicomm-networks'=> 'SSL');

    $wgLDAPProxyAgent =  array('phicomm-networks' => 'CN=admini,OU=freecomm,DC=freecomm-networks,DC=com');

    $wgLDAPProxyAgentPassword = array('phicomm-networks' => 'freecommfreecomm');

    $wgLDAPUseLocal = true;

    $wgMinimalPasswordLength = 1;

    $wgLDAPBaseDNs = array ('phicomm-networks'=> 'OU=freecomm,DC=freecomm-networks,DC=com');

    $wgLDAPSearchAttributes = array ('phicomm-networks'=> 'sAMAccountName');

    $wgLDAPDebug = 5;

    $wgFileExtensions = array('pdf','png','jpg','jpeg','ogg','doc','xls','ppt','mp3','sxc','nse','mmp','docx','xlsx','txt','et','wps','dps');

    #以新窗口打开外部链接
    $wgExternalLinkTarget='_blank';

    $wgUseImageResize = true;
    $wgUseImageMagick = true;

    $wgImageMagickConvertCommand = "/usr/bin/convert"



    展开全文
  • 1、界面配置ldap验证(略) 2、mysql导入ldap帐号信息 #!/usr/bin/env python# -*- coding:utf-8 -*- import pymysqlimport commandsimport base64import sysfrom datetime import datetime reload(sys)sys....

    1、界面配置ldap验证(略)

     

    2、mysql导入ldap帐号信息

    #!/usr/bin/env python
    # -*- coding:utf-8 -*-

    import pymysql
    import commands
    import base64
    import sys
    from datetime import datetime

    reload(sys)
    sys.setdefaultencoding('utf-8')

    mysql_host='xxx.internal.xxx.com'
    mysql_port=3306
    mysql_user='zabbix'
    mysql_passwd='zabbix'
    mysql_db='zabbix'

    def get_user_from_ldap ():
    ldap_users=commands.getoutput("ldapsearch -x -LLL -H ldap://xxx.xxx.xxx.xxx-b dc=xx,dc=com givenName|sed '1,12'd|sed '/^$/d'|egrep -v 'ou=Group|ou=machines'").strip().splitlines()
    return ldap_users


    def get_value():
    values = {}
    lines = get_user_from_ldap()
    for index,line in enumerate(lines):
    if line.startswith("dn: cn="):
    if (index+1)<len(lines) and lines[index+1].startswith("givenName:"):
    strcount = lines[index+1].strip().split()[0].count(':')
    if strcount == 2:
    sourcename = lines[index+1].strip().split()[1]
    name = base64.b64decode(sourcename)
    else:
    name = lines[index+1].strip().split()[1]
    alias = lines[index].strip().split('=')[1].split(',')[0]
    values[alias] = name
    else:
    print "The user [%s] set error on ldap server !" % line
    return values


    def get_id():
    conn = pymysql.connect(host=mysql_host, port=mysql_port, user=mysql_user, passwd=mysql_passwd, db=mysql_db, charset='utf8')
    cur = conn.cursor(cursor=pymysql.cursors.DictCursor)
    cur.execute("select userid from users order by userid desc limit 1")
    id = cur.fetchone().values()[0]
    cur.close()
    conn.close()
    return id

    def get_mysql_data():
    conn = pymysql.connect(host=mysql_host, port=mysql_port, user=mysql_user, passwd=mysql_passwd, db=mysql_db, charset='utf8')
    cur = conn.cursor(cursor=pymysql.cursors.DictCursor)
    cur.execute("select userid from users order by userid desc limit 1")
    id = cur.fetchone().values()[0]
    cur.close()
    cur_user = conn.cursor(cursor=pymysql.cursors.DictCursor)
    cur_user.execute("select alias from users")
    user_data = cur_user.fetchall()
    user_name = [name['alias'] for name in user_data]
    cur_user.close()
    conn.close()
    return id,user_name


    def insert_data():
    conn = pymysql.connect(host=mysql_host, port=mysql_port, user=mysql_user, passwd=mysql_passwd, db=mysql_db, charset='utf8')
    cur = conn.cursor()
    n, zabbix_user = get_mysql_data()
    # del_name = []
    data = get_value()
    ldap_name = data.keys()
    for alias, name in data.items():
    search = cur.execute("select * from users where alias = %s", (alias, ))
    if not search:
    n += 1
    sql = "insert into users(userid,name,alias) values ('%s','%s','%s');" % (n,name,alias)
    insert = cur.execute(sql)
    if insert:
    with open ('/opt/ldap.log', 'a') as log:
    time = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
    str = "User %s Name's %s and Userid's %s Add Succeed at %s" % (alias,name,n,time)
    log.write(str+'\n')
    del_cur = conn.cursor()
    for name in zabbix_user:
    if name not in ldap_name:
    if name.lower() != 'zabbix' or name.lower() != 'guest':
    # del_name.append(name)
    try:
    del_data = del_cur.execute("delete from users where alias = %s", (name,))
    if del_data:
    with open ('/opt/ldap.log', 'a') as del_log:
    del_time = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
    del_str = "User %s del succeed at %s" % (name, del_time)
    del_log.write(del_str+'\n')
    except (Exception), error_str:
    print error_str
    print "when del %s failed" % name
    # print del_name
    conn.commit()
    cur.close()
    conn.close()

    if __name__ == '__main__':
    insert_data()

    转载于:https://www.cnblogs.com/Qing-840/p/9267910.html

    展开全文
  • ldap迁移脚本group

    2013-03-28 14:54:22
    my $ldap_data = "ldapinfo.txt"; my $sn = " "; my $cn = " "; my $ordered = " "; my $created = " "; my $modified = " "; #connect to mysql; my $sql = " "; my $rows = " "; my $conn;...
  • ldap匿名访问测试脚本

    千次阅读 2016-07-26 10:18:00
    #!/usr/bin/env python # encoding: utf-8 # http://ldap3.readthedocs.io/tutorial.html#accessing-an-ldap-server import ldap3 from fileutils import FileUtils ...from ldap3 import Connection...
  • 脚本自动创建ldap账号

    2019-09-21 14:09:41
    背景:客服那边人员流动性大,经常需要配置... 配置脚本: ldapadduser.sh #!/bin/bash # add ldap user if [ $# -ne 3 ] || [[ $2 -ne "cn" || $2 -ne "eu" ]] || [[ $3 -ne "dev" || $2 -ne "cs" ]];the...
  • 一个简单的php LDAP认证脚本

    千次阅读 2008-01-22 21:08:00
    php$ldapconfig[host] = localhost;$ldapconfig[port] = NULL;$ldapconfig[basedn] = dc=localhost,dc=com;$ldapconfig[authrealm] = My Realm;function ldap_authenticate() { global $ldapconf
  • 需要首先创建用户 #!/bin/sh myDomain="hadoop"#用户名 passwd="111111"#密码 net="eth0"#网络 ldapuser=$myDomain netip=`ifconfig$net|grep"inetaddr"|awk'{print$2}'|cut-d":"-f2` echo$ne...
  • Oracle向LDAP同步数据,事先要先解决ACL的问题,及LDAP协议中账号密码端口创建,根目录创建,对应导入数组的定义,等工作,才能成功执行以下脚本,不然均会报错。为了保证LDAP的读取效率,在配置文件中,还需要定义...
  • <pre><code>ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7); </code></pre> <p>And it is necessary to run the from command line. Otherwise you wont get the debug output. In a reqeust this debug output ...
  • LDAPSEARCH=$LDAPDIR/bin/ldapsearch #使用slapcat备份 SLAPCAT=/usr/sbin/slapcat BACKDIR=/home/backup/ldap/DATEFORMATTYPE1 #若不存在则创建目录 [ -d ${BACKDIR} ] || mkdir -p ${BACKDIR} echo...
  • Linux下载部署安装LDAP

    2019-10-15 10:59:47
    下载LDAP:wgethttp://directory.apache.org/apacheds/downloads.html 创建一个文件夹存放LDAP相关 mkdir apacheds-2.0.0.AM25-64bit 进行安装LDAP脚本命令: chmod +x apacheds-2.0.0.AM25-64bit.bin ./a...
  • 需求: 用户密码即将到期,邮件提醒更改密码 用户密码过期,直接强制...以下操作均在ldap服务器上进行 #!/bin/bash if [ ! -d /tmp/ldap ];then mkdir /tmp/ldap fi if [ $(date +%k) = 10 ];then rm -rf /tmp/...
  • $ldap_conn = ldap_connect($ldap_url) or die("Could not connect to LDAP server ($ldap_url)"); ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($ldap_conn, LDAP_OPT_REFERRALS, ...
  • 查询用户aeon4ever的最后修改时间./ldapsearch -h 172.21.34.68 -p 13389 -D "... -w 12345678 -b "... "(uid=aeon4ever)"...导出所有系统权限的脚本语句./ldapsearch -h 172.21.34.68 -p 5...
  • --ldapserver="classroom.example.com" \ --ldapbasedn="dc=example,dc=com" \ --ldaploadcacert=http://172.25.254.254/pub/example-ca.crt \ --krb5realm="EXAMPLE.COM" \ --krb5kdc="classroom.example....
  • 从win客户端操作用python-ldap大规模的导入用户 主要参考文章https://www.cnblogs.com/littlehb/p/9379851.html 先用交互界面进行原型测试 >>> import hashlib >>> hashlib.md5("ysk")....
  • 这个是LDAP认证客户端与自动挂载家目录shell脚本配置,使用“authconfig-tui”图形化配置简单,但是后面需要手动操作,自动写入配置文件还没有研究透彻。以后完善#!/bin/bash yuminstall-ynss-pam-ldapdnfs-...
  • echo "Start to define $data options:" #define the function named ldap() fun () { echo "Please input the include directory of $data:[/usr/local/include]" read data_include if [ "$data_include" = "" ];...
  • 以下为脚本内容 #!/bin/bash echo "install packages..." yum install sssd krb5-workstation -y &> /dev/null echo "config authconfig..." authconfig \ - -enableldap \ - -enablekrb5 \ - -disableldapauth...
  • JMeter建立一个扩展LDAP服务器的性能测试脚本开发 附:LDAP学习资料以及“LDAP的特定错误” 一、概述 什么是LDAP? 轻量级目录访问协议: 所述轻量级目录访问协议,或LDAP,是一种应用协议用于查询和修...
  • 最近两周由于要学习测试LDAP,所以对于用脚本操作LDAP很感兴趣,所以就做了一些脚本,都是比较简单的脚本吧。废话不多说了哈。直接上教程首先声明:我使用的是JLDAP操作LDAP,所以需要从官网下载一个JAR包,这里你们...

空空如也

空空如也

1 2 3 4 5 ... 14
收藏数 275
精华内容 110
关键字:

ldap脚本