Create LDAP Export
From Zarafa wiki
The script below needs to be run on the zarafa server. It parses the zarafa config files and creates an can create ldifs from the ldap server. This script makes searching in ldap easy for anyone who is running a Zarafa server and has little knowledge about the ldapsearch linux command. The script can create a complete ldap export or search for a single user (from the search base and downwards).
Prerequisites for the script
- On RedHat based systems you need the openldap-clients package
- On Debian based systems you need the ldap-utils package
- Run the script on a correctly configured Zarafa server
Usage:
- ldap_export.sh - Creates ldif of complete search_base
- ldap_export.sh -m [email address] - Queries ldap for ([$ldap_emailaddress_attribute]=[email address])
- ldap_export.sh -u [user] - Queries ldap for ([$ldap_loginname_attribute]=[user])
- ldap_export.sh -q "[custom query]" - Queries ldap with [custom query]
New Options:
- -s -> Shows used query at the end of the execution
- -i -> Ignore ldap_page_size config option in Zarafa ldap config
- -p -> Prompt on every ldap page when needed
- -o [value] -> Override ldap_page_size with [value]
- -w -> Disables ldapsearch default behavior of wrapping lines after 76 characters
- -d -> Find duplicate unique attributes
- -h -> Shows help text
The bash script:
#!/bin/bash
#
function trim () {
echo $(sed -e 's/^[[:space:]]*//' <<<"$1")
}
function get_config_value () {
CFG_FILE=$1
CFG_OPTION=$2
RETVAL=`grep ^${CFG_OPTION} ${CFG_FILE} | sed -e 's/=/#/' | awk -F"#" {'print $2'}`
echo `trim ${RETVAL}`
}
function print_help () {
echo "Start the script with no options to create a full ldap export from the"
echo "configured zarafa search base."
echo
echo "Options with extra parameters:"
echo
echo -e " -m [email address]\tQueries ldap for ([\$ldap_emailaddress_attribute]=[email address])"
echo -e " -u [user]\t\tQueries ldap for ([\$ldap_loginname_attribute]=[user])"
echo -e " -q [custom query]\tQueries ldap with [custom query]"
echo -e " -o [value]\t\tOverride ldap_page_size with [value]"
echo
echo "Options without parameters:"
echo -e " -i\tIgnore ldap_page_size config option in Zarafa ldap config"
echo -e " -p\tPrompt on every ldap page when needed"
echo -e " -s\tShows used ldapsearch command at the end of the execution"
echo -e " -w\tDisables ldapsearch default behavior of wrapping lines after 76 characters"
echo -e " -d\tFind duplicate unique attributes - (not tested very well)"
echo -e " -h\tShows this help text"
echo
}
LDAP_CFG=`get_config_value /etc/zarafa/server.cfg user_plugin_config`
LDAP_HOST=`get_config_value ${LDAP_CFG} ldap_host`
LDAP_PORT=`get_config_value ${LDAP_CFG} ldap_port`
LDAP_USER=`get_config_value ${LDAP_CFG} ldap_bind_user`
LDAP_PASS=`get_config_value ${LDAP_CFG} ldap_bind_passwd`
LDAP_BASE=`get_config_value ${LDAP_CFG} ldap_search_base`
if [ "$LDAP_BASE" == "" ]; then
LDAP_BASE=`get_config_value ${LDAP_CFG} ldap_user_search_base`
fi
LDAP_PAGESIZE=`get_config_value ${LDAP_CFG} ldap_page_size`
LDAP_UID=`get_config_value ${LDAP_CFG} ldap_loginname_attribute`
LDAP_MAIL=`get_config_value ${LDAP_CFG} ldap_emailaddress_attribute`
SHOW_QUERY=0
IGNORE_PAGESIZE=0
OVERRIDE_PAGESIZE=0
PAGE_PROMPT="noprompt"
WRAP=1
function gen_ldap_cmd () {
echo 'ldapsearch '${EXT}' -h '"${LDAP_HOST}"' -p '${LDAP_PORT}' -D '"${LDAP_USER}"' -x -w '"${LDAP_PASS}"' -b '"${LDAP_BASE}"
}
function find_dups () {
LDAP_OBJECT_TYPE=`get_config_value ${LDAP_CFG} ldap_object_type_attribute`
# Find duplicate unique user id's
LDAP_USER_TYPE=`get_config_value ${LDAP_CFG} ldap_user_type_attribute_value`
LDAP_USER_FILTER=`get_config_value ${LDAP_CFG} ldap_user_search_filter`
LDAP_UNIQUE_USER_ATTR=`get_config_value ${LDAP_CFG} ldap_user_unique_attribute`
CMD=`gen_ldap_cmd`' (&('${LDAP_OBJECT_TYPE}'='${LDAP_USER_TYPE}')'${LDAP_USER_FILTER}') '${LDAP_UNIQUE_USER_ATTR}
echo "Searching for duplicate unique user attributes --> ${LDAP_UNIQUE_USER_ATTR}:"
OUTPUT=`${CMD} | perl -p00e 's/\r?\n //g' | grep ^${LDAP_UNIQUE_USER_ATTR} | sort | uniq -c | grep -v "1 ${LDAP_UNIQUE_USE_ATTR}"`
if [ "${OUTPUT}" == "" ]; then
echo " None"
else
echo ${OUTPUT}
fi
echo
# Find duplicate unique group id's
LDAP_GROUP_TYPE=`get_config_value ${LDAP_CFG} ldap_group_type_attribute_value`
LDAP_GROUP_FILTER=`get_config_value ${LDAP_CFG} ldap_group_search_filter`
LDAP_UNIQUE_GROUP_ATTR=`get_config_value ${LDAP_CFG} ldap_group_unique_attribute`
CMD=`gen_ldap_cmd`' (&('${LDAP_OBJECT_TYPE}'='${LDAP_GROUP_TYPE}')'${LDAP_GROUP_FILTER}') '${LDAP_UNIQUE_GROUP_ATTR}
echo "Searching for duplicate unqiue group attributes --> ${LDAP_UNIQUE_GROUP_ATTR}:"
OUTPUT=`${CMD} | perl -p00e 's/\r?\n //g' | grep ^${LDAP_UNIQUE_GROUP_ATTR} | sort | uniq -c | grep -v "1 ${LDAP_UNIQUE_GROUP_ATTR}"`
if [ "${OUTPUT}" == "" ]; then
echo " None"
else
echo ${OUTPUT}
fi
echo
}
while (( "$#" )); do
case $1 in
"-u")
QUERY="($LDAP_UID=$2)"
shift
;;
"-m")
QUERY="($LDAP_MAIL=$2)"
shift
;;
"-q")
QUERY="$2"
shift
;;
"-s")
SHOW_QUERY=1
;;
"-i")
IGNORE_PAGESIZE=1
;;
"-p")
PAGE_PROMPT="prompt"
;;
"-o")
OVERRIDE_PAGESIZE=$2
shift
;;
"-w")
WRAP=0
shift
;;
"-h")
print_help
exit
;;
"-d")
find_dups
exit
;;
*)
QUERY=""
;;
esac
shift
done
if [ "$LDAP_PAGESIZE" != "" -a $IGNORE_PAGESIZE -eq 0 ]; then
EXT="-E pr=${LDAP_PAGESIZE}/${PAGE_PROMPT}"
fi
if [ $OVERRIDE_PAGESIZE -gt 0 ]; then
EXT="-E pr=${OVERRIDE_PAGESIZE}/${PAGE_PROMPT}"
fi
if [ "$QUERY" == "" ]; then
CMD=`gen_ldap_cmd`
else
CMD=`gen_ldap_cmd`' '${QUERY}
fi
if [ $WRAP -eq 1 ]; then
${CMD}
else
${CMD} | perl -p00e 's/\r?\n //g'
fi
if [ $SHOW_QUERY -eq 1 ]; then
echo
if [ "$QUERY" == "" ]; then
echo Command used: ${CMD}
else
echo Command used: ${CMD} | sed "s/${QUERY}$/\"${QUERY}\"/"
fi
fi
