github.com/vnforks/kid/v5@v5.22.1-0.20200408055009-b89d99c65676/scripts/ldap-check.sh

github.com/vnforks/kid/v5@v5.22.1-0.20200408055009-b89d99c65676/scripts/ldap-check.sh (about)

     1  #!/bin/bash
     2  
     3  jq_cmd=jq
     4  [[ $(type -P "$jq_cmd") ]] || { 
     5  	echo "'$jq_cmd' command line JSON processor not found";
     6  	echo "Please install on linux with 'sudo apt-get install jq'"
     7  	echo "Please install on mac with 'brew install jq'"
     8  	exit 1; 
     9  }
    10  
    11  ldapsearch_cmd=ldapsearch
    12  [[ $(type -P "$ldapsearch_cmd") ]] || { 
    13  	echo "'$ldapsearch_cmd' shell accessible interface to ldap not found";
    14  	echo "Please install on linux with 'sudo apt-get install ldap-utils'"
    15  	exit 1; 
    16  }
    17  
    18  if [[ -z ${1} ]]; then
    19  	echo "We could not find a username";
    20  	echo "usage: ./ldap-check.sh -u/-g [username/groupname]"
    21  	echo "example: ./ldap-check.sh -u john"
    22  	echo "example: ./ldap-check.sh -g admin-staff"
    23  	exit 1;
    24  fi
    25  
    26  echo "Looking for config.json"
    27  
    28  config_file=
    29  if [[ -e "./config.json" ]]; then
    30  	config_file="./config.json"
    31  	echo "Found config at $config_file";
    32  fi
    33  
    34  if [[ -z ${config_file} && -e "./config/config.json" ]]; then
    35  	config_file="./config/config.json"
    36  	echo "Found config at $config_file";
    37  fi
    38  
    39  if [[ -z ${config_file} && -e "../config/config.json" ]]; then
    40  	config_file="../config/config.json"
    41  	echo "Found config at $config_file";
    42  fi
    43  
    44  if [[ -z ${config_file} ]]; then
    45  	echo "We could not find config.json";
    46  	exit 1;
    47  fi
    48  
    49  LdapServer=`cat $config_file | jq -r .LdapSettings.LdapServer`
    50  LdapPort=`cat $config_file | jq -r .LdapSettings.LdapPort`
    51  BindUsername=`cat $config_file | jq -r .LdapSettings.BindUsername`
    52  BindPassword=`cat $config_file | jq -r .LdapSettings.BindPassword`
    53  BaseDN=`cat $config_file | jq -r .LdapSettings.BaseDN`
    54  UserFilter=`cat $config_file | jq -r .LdapSettings.UserFilter`
    55  EmailAttribute=`cat $config_file | jq -r .LdapSettings.EmailAttribute`
    56  UsernameAttribute=`cat $config_file | jq -r .LdapSettings.UsernameAttribute`
    57  IdAttribute=`cat $config_file | jq -r .LdapSettings.IdAttribute`
    58  GroupFilter=`cat $config_file | jq -r .LdapSettings.GroupFilter`
    59  GroupIdAttribute=`cat $config_file | jq -r .LdapSettings.GroupIdAttribute`
    60  
    61  if [[ -z ${UserFilter} ]]; then
    62  	UserFilter="($IdAttribute=$2)"
    63  else
    64  	UserFilter="(&($IdAttribute=$2)$UserFilter)"
    65  fi
    66  
    67  if [[ -z ${GroupFilter} ]]; then
    68  	GroupFilter="($GroupIdAttribute=$2)"
    69  else
    70  	GroupFilter="(&($GroupIdAttribute=$2)$GroupFilter)"
    71  fi
    72  
    73  if [[ $1 == '-u' ]]; then
    74  
    75  cmd_to_run="$ldapsearch_cmd -LLL -x -h $LdapServer -p $LdapPort -D \"$BindUsername\" -w \"$BindPassword\" -b \"$BaseDN\" \"$UserFilter\" $IdAttribute $UsernameAttribute $EmailAttribute"
    76  echo $cmd_to_run
    77  echo "-------------------------"
    78  eval $cmd_to_run
    79  
    80  elif [[ $1 == '-g' ]]; then
    81  
    82  cmd_to_run="$ldapsearch_cmd -LLL -x -h $LdapServer -p $LdapPort -D \"$BindUsername\" -w \"$BindPassword\" -b \"$BaseDN\" \"$GroupFilter\""
    83  echo $cmd_to_run
    84  echo "-------------------------"
    85  eval $cmd_to_run
    86  
    87  else 
    88  	echo "User or Group not specified"
    89  fi