#!/bin/bash aptitude install slapd ldap-utils pwgen samba-doc
if [ “$1” ]; then
HOST=$1
else
read -p "Name of host [profeda]: " HOST HOST=${HOST:-profeda}
fi if [ “$2” ]; then
PASSWD=$2
else
pass=$( pwgen -1 ) read -p "Password [$pass]: " PASSWD PASSWD=${PASSWD:-$pass}
fi
TLD=wifi
echo echo “Creating the ldap for host $HOST.$TLD with password '$PASSWD'” echo “Press <ENTER> to confirm” read
echo Preparing samba.ldif zcat /usr/share/doc/samba-doc/examples/LDAP/samba.schema.gz > /etc/ldap/schema/samba.schema cat > /tmp/samba.conf <<EOF include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/samba.schema EOF mkdir -p /tmp/slapd.d slaptest -f /tmp/samba.conf -F /tmp/slapd.d/ cp /tmp/slapd.d/cn=config/cn=schema/cn={4}samba.ldif /etc/ldap/schema/samba.ldif rm -rf /tmp/samba.conf /tmp/slapd.d
for a in cosine nis inetorgperson samba; do
if ls /etc/ldap/slapd.d/cn\=config/cn\=schema/*$a.ldif > /dev/null 2>&1; then echo $a does already exist else echo Installing schema $a sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/$a.ldif fi
done
exit echo Adding rights for admin $HOST $TLD cat > backend.ldif <<EOF dn: olcDatabase={2}hdb,cn=config objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {2}hdb olcSuffix: dc=$HOST,dc=$TLD olcDbDirectory: /var/lib/ldap olcRootDN: cn=admin,dc=$HOST,dc=$TLD olcRootPW: $PASSWD olcDbIndex: cn,sn,uid pres,eq,approx,sub olcDbIndex: objectClass eq olcAccess: to attrs=userPassword
by self write by anonymous auth by dn.base="cn=admin,dc=$HOST,dc=$TLD" write by * none
olcAccess: to *
by self write by dn.base="cn=admin,dc=$HOST,dc=$TLD" write by * read
EOF
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f backend.ldif rm backend.ldif
echo And populating database
cat > init.ldif <<EOF dn: ou=Users,dc=$HOST,dc=$TLD objectClass: organizationalUnit ou: Users
dn: ou=Groups,dc=$HOST,dc=$TLD objectClass: organizationalUnit ou: Groups EOF
sudo ldapadd -x -D cn=admin,dc=$HOST,dc=$TLD -w $PASSWD -f init.ldif rm init.ldif
echo Finally making the indexes a bit faster