Hi to all,
I'm trying write a script shell to simplifies the change of pass of users. Then I write
function verificaSenha(){ whoAmI=`whoami` param=`echo "ldapsearch -x -W -D "uid=$whoAmI,ou=People,dc=ifce,dc=edu,dc=br" -b "dc=ifce,dc=edu,dc=br" "(uid=$whoAmI)""` exec `echo "$param"` }
the line param=... produces a command line that when I write directly in the term it works, however in the line exec "$param" I am solicitated my LDAP pass (like in directly term) but when I type I get
ldapsearch -x -W -D "uid=inacio,ou=People,dc=ifce,dc=edu,dc=br" -b "dc=ifce,dc=edu,dc=br" "(uid=inacio)" Enter LDAP Password: ldap_bind: Invalid DN syntax (34) additional info: invalid DN
what is wrong?
Best regards!!
Em 25 de abril de 2011 21:30, Inácio Alves inacioc.alves@gmail.comescreveu:
Hi to all,
I'm trying write a script shell to simplifies the change of pass of users. Then I write
function verificaSenha(){ whoAmI=`whoami` param=`echo "ldapsearch -x -W -D "uid=$whoAmI,ou=People,dc=ifce,dc=edu,dc=br" -b "dc=ifce,dc=edu,dc=br" "(uid=$whoAmI)""` exec `echo "$param"` }
You may use directly : $param without exec.
the line param=... produces a command line that when I write directly in the term it works, however in the line exec "$param" I am solicitated my LDAP pass (like in directly term) but when I type I get
ldapsearch -x -W -D "uid=inacio,ou=People,dc=ifce,dc=edu,dc=br" -b "dc=ifce,dc=edu,dc=br" "(uid=inacio)" Enter LDAP Password: ldap_bind: Invalid DN syntax (34) additional info: invalid DN
what is wrong?
Another way is use the command "ldapwhoami" directly. Se above:
$ ldapwhoami -x -W -D uid=jarbas.peixoto,ou=pessoas,ou=usuarios,dc=teste,dc=br -H ldap://ip-of-ldap-server Enter LDAP Password: dn:uid=jarbas.peixoto,ou=Pessoas,ou=Usuarios,dc=teste,dc=br
Best regards!!
-- Atenciosamente,
prof. Inácio Alves IFCE/Campus Maracanaú Bacharel em Matemática (UFC)/ Técnico em Conectividade(IFCE) http://www.polluxweb.com/inacioalves/site/
On 2011.04.25 21.30, Inácio Alves wrote: function verificaSenha(){
whoAmI=`whoami` param=`echo "ldapsearch -x -W -D "uid=$whoAmI,ou=People,dc=ifce,dc=edu,dc=br" -b "dc=ifce,dc=edu,dc=br" "(uid=$whoAmI)""` exec `echo "$param"` }
i'm not sure what the goal is here, but it seems convoluted. if the goal is simply to run ldapsearch and print the output:
#!/bin/bash
function verify_user(){ user=$(whoami) base_dn='dc=ifce,dc=edu,dc=br' ldapsearch -xWD "uid=${user},ou=people,${base_dn}" -b "${base_dn}" "(uid=${user})" }
verify_user
exit 0
----- Original Message -----
Hi to all,
I'm trying write a script shell to simplifies the change of pass of users.
You may prefer to look for some existing scripts/tools. For example, I have: http://staff.telkomsa.net/~bgmilne/ldap/ldap-passwd.pl
which can work as a shell command or as a CGI. I currently use it in conjunction with the script: http://staff.telkomsa.net/~bgmilne/ldap/find-ldap-expired.pl
which notifies my users by email that their passwords will expire.
Run 'perldoc xxx.pl' to see the documentation for each script.
Then I write
function verificaSenha(){ whoAmI=`whoami` param=`echo "ldapsearch -x -W -D "uid=$whoAmI,ou=People,dc=ifce,dc=edu,dc=br" -b "dc=ifce,dc=edu,dc=br" "(uid=$whoAmI)""` exec `echo "$param"` }
the line param=... produces a command line that when I write directly in the term it works, however in the line exec "$param" I am solicitated my LDAP pass (like in directly term) but when I type I get
ldapsearch -x -W -D "uid=inacio,ou=People,dc=ifce,dc=edu,dc=br" -b "dc=ifce,dc=edu,dc=br" "(uid=inacio)" Enter LDAP Password: ldap_bind: Invalid DN syntax (34) additional info: invalid DN
You should probably compare the logs on the LDAP server for the two binds, and see if they differ. I suspect a difference introduced by shell quoting. I wouldn't use exec, but rather just call ldapsearch directly.
But, then, shell quoting, handling of spaces etc. are reasons to avoid shell scripting for serious LDAP work.
Regards, Buchan
openldap-technical@openldap.org
-
btb@bitrate.net -
Buchan Milne -
Inácio Alves -
Jarbas Peixoto Júnior