I wrote a script to add groups to my ldap directory
--------------------------------- #!/bin/sh
# Get the latest gid gidlast="`ldapsearch -x "cn=*" -b "ou=Group,dc=mydomain,dc=com" -h myserver | grep gidNumber | awk '{ print $2 }' | sort -u | tail -n 1`" newgid="`echo "$gidlast + 1" | bc`"
echo "newgid: $newgid"
# Make the Mods echo "dn: cn=$1,ou=Group,dc=mydomain,dc=com" > /tmp/modify.ldap echo "changetype: add" >> /tmp/modify.ldap echo "objectClass: posixGroup" >> /tmp/modify.ldap echo "objectClass: top" >> /tmp/modify.ldap echo "cn: $1" >> /tmp/modify.ldap echo "gidNumber: $newgid" >> /tmp/modify.ldap
# Run the Update ldapmodify -x -f /tmp/modify.ldap -h myserver -D cn=Manager,dc=mydomain,dc=com -w mypasswd
----------------------------------
This correctly creates a new group eg.
./mkgroup.sh mygroup01
$ ldapsearch -x "cn=mygroup01" -h myserver
produces ->
# mygroup01, Group, mydomain.com dn: cn=mygroup01,ou=Group,dc=mydomain,dc=com objectClass: posixGroup objectClass: top cn: mygroup01 gidNumber: 7435 memberUid: dummyuser
The issue is the following:
$ ldapsearch -x "cn=mygroup*" -b "ou=Group,dc=mydomain,dc=com" -h myserver | grep gidNumber | awk '{ print $2 }' | sort -u | tail -n 1
returns the result 7435
$ ldapsearch -x "cn=*" -b "ou=Group,dc=mydomain,dc=com" -h myserver | grep gidNumber | awk '{ print $2 }' | sort -u | tail -n 1
returns the result 7434
In other words the wild card is not picking up the new group even though it is actually there. Perhaps someone can show me the error of my ways but I think both results should return the same value
I am running centos 5 with openldap-clients-2.3.27-8.el5_2.4 openldap-servers-2.3.27-8.el5_2.4 openldap-2.3.27-8.el5_2.4 openldap-devel-2.3.27-8.el5_2.4
The information contained in this email and any attachments is strictly confidential. If you are not the intended recipient you must not disclose or use the information contained in it. If you have received this email in error please notify us immediately by return email and delete the document. Domain Principal Pty Ltd accepts no liability for any loss or damage caused by this email or its attachments due to viruses interference interception corruption or unauthorised access.
--On Tuesday, March 10, 2009 11:10 AM +1000 Simon McGregor smcgregor@domainagedcare.com.au wrote:
I wrote a script to add groups to my ldap directory
Software usage questions should be directed to openldap-software@openldap.org or openldap-technical@openldap.org. Your question appears more suited for the latter. The openldap-bugs@openldap.org list is for discussing filed issues via the tracking system.
I'd also note that 2.3.27 is particularly ancient and part of an unsupported release series.
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
-
Quanah Gibson-Mount -
Simon McGregor