Description: There are two scripts,
the first script functions are: add a group, mapping between users, groups, and users
second script functions are: the ldap group created in sync to the hue
#!/usr/bin/env bash
:<<EOF
功能:添加组,用户,组和用户的映射关系
说明: 1)参数为:组,用户,add。则添加组,用户,依赖
2)参数为:组,用户,delete。则删除依赖
EOF
if [ $# != 3 ] ; then
echo '请输入三个值:'
echo './setLadpUserOrGroup.sh group user add/delete'
exit 1;
fi
user=$1
group=$2
operation=$3
fileName=$1_$2
rm -rf /opt/${fileName}.ldap
function addGroup(){
echo "########用户组方法开始########"
group=$1
echo "进入addGroup方法组名称为:【"${group}"】"
#linux中判断组是否存在:获取组的gid号,以及判断
da=`grep -E ${group}: /etc/group`
gid=`echo ${da} | tr -cd "[0-9]"`
if [ -z "${gid}" ]; then
echo "用户组:${group} 不存在于linux"
exit 1;
fi
#ldap中判断组是否存在:查询组是否存在
groupinfo=`ldapsearch -x -D "uid=hue,ou=people,dc=silentwolfyh,dc=com" -w hue -b "cn=${group},ou=group,dc=silentwolfyh,dc=com" | grep -E '0 Success' `;
echo 'groupinfo==>'${groupinfo}
if [ -z "${groupinfo}" ]; then
echo "用户组:${group} 不存在于ldap"
#ldap执行脚本
grep -E $1: /etc/group >/opt/group.txt
/usr/share/migrationtools/migrate_group.pl /opt/group.txt /opt/group.ldif
ldapadd -x -D "uid=hue,ou=people,dc=silentwolfyh,dc=com" -w hue -f /opt/group.ldif
#用户组插入mysql
/export/ldapshell/insertHueGroup.sh ${group}
echo "用户组:${group} 已经添加进入ldap中"
else
echo "用户组:${group} 存在于ldap"
fi
echo "########用户组方法结束########"
echo ""
}
function addUser(){
echo "########用户方法开始########"
user=$1
echo "进入addUser方法用户名称为:【"${user}"】"
#获取用户的gid号,以及判断
userinfo=`id ${user}`
if [ -z "${userinfo}" ]; then
echo "用户:${user} 不存在于linux"
exit 1;
fi
#查询组是否存在
userinfo=`ldapsearch -x -D "uid=hue,ou=people,dc=silentwolfyh,dc=com" -w hue -b "uid=${user},ou=people,dc=silentwolfyh,dc=com" | grep -E '0 Success' `;
echo 'userinfo==>'${userinfo}
if [ -z "${userinfo}" ]; then
echo "用户:${user} 不存在于ldap"
#ldap执行脚本
grep -E $1: /etc/passwd >/opt/passwd.txt
/usr/share/migrationtools/migrate_passwd.pl /opt/passwd.txt /opt/passwd.ldif
ldapadd -x -D "uid=hue,ou=people,dc=silentwolfyh,dc=com" -w hue -f /opt/passwd.ldif
echo "用户:【${user}】已经添加进入ldap中"
else
echo "用户:【${user}】在ldap中存在"
fi
echo "########用户方法结束########"
echo ""
}
function addGroupUserMapper(){
echo "########用户和用户组方法开始########"
user=$1
group=$2
operation=$3
fileName=${user}_${group}
echo "进入addGroupUserMapper方法组名称为:【"${group}"】," "用户名称为:【"${user}"】"
#用户和组的映射
echo dn: cn=${group},ou=group,dc=silentwolfyh,dc=com >> /opt/${fileName}.ldap
echo changetype: modify >> /opt/${fileName}.ldap
if [ ${operation} == 'add' ] ; then
echo add: memberUid >> /opt/${fileName}.ldap
fi
if [ ${operation} == 'delete' ] ; then
echo delete: memberUid >> /opt/${fileName}.ldap
fi
echo memberUid: ${user} >> /opt/${fileName}.ldap
ldapmodify -x -D "uid=hue,ou=people,dc=silentwolfyh,dc=com" -w hue -f /opt/${fileName}.ldap
echo "########用户和用户组方法开始########"
echo ""
}
addGroup ${group}
addUser ${user}
addGroupUserMapper ${user} ${group} ${operation}
#!/bin/bash
#连接MySQL数据库
Host=IP
User=root
PW=123456
valus=$1
#远程连接
mysql -h$Host -u$User -p$PW <<EOF #指定Host,其他不变
use hue;
INSERT INTO auth_group ( name) VALUES ('$valus');
insert into useradmin_ldapgroup(group_id) select id from auth_group where name =('$valus');
COMMIT;
EOF