I need to create a report for the list of users and related groups present in my ldap directory.
I need a script which does the following and give out a final script as specified. Any help is appreciated.
1)pdadmin -a sec_master -p <passwd> group show-members <groupname> >> groupmembers.txt
2)select each entry in groupmembers.txt and do the following commands in order:
2a)pdadmin -a sec_master -p <passwd> user show-groups <each entry in groupmembers.txt> >> user&group.txt
2b)pdadmin -a sec_master -p <passwd> user show <each entry in groupmembers.txt> |grep cn= , sn= >> user&group.txt (cn=firstname sn =lastname)
so finally the user&group.txt should contain something like this:
userid's groups firstname lastname
1)pdadmin -a sec_master -p <passwd> group show-members <groupname>
output: user1
user2
user3 ....
2a)pdadmin -a sec_master -p <passwd> user show-groups <user1>
group1
group2
group3...
2b) pdadmin -a sec_master -p <passwd> user show <each entry in groupmembers.txt> |grep cn= , sn=
LDAP DN: cn=user1ou=people,o=uhg,c=us
LDAP CN: first
LDAP SN: user
Description:
Is SecUser: Yes
Is GSO user: No
Account valid: Yes
Password valid: Yes
pdadmin -a sec_master -p <passwd> group show-members <groupname> |
while read user ; do
groups=$( pdadmin -a sec_master -p <passwd> user show-groups $user )
pdadmin -a sec_master -p <passwd> user show $user |
awk '/LDAP CN:/{ print $3; }' |
read first
pdadmin -a sec_master -p <passwd> user show $user |
awk '/LDAP SN:/{ print $3; }' |
read last
echo $user $groups $first $last
done |
tee this_script.log
what's the 'audit.pl'? I don't see any mention of the perl module in the posted solution.
and what's the "test" file? Don't call your script 'test' - there's a shell builtin utility called 'test' - call your script something else (preferably with the .sh extension).
#!/bin/ksh
pdadmin -a sec_master -p <passwd> group show-members <groupname> |
while read user ; do
groups=$( pdadmin -a sec_master -p <passwd> user show-groups $user )
pdadmin -a sec_master -p <passwd> user show $user |
awk '/LDAP CN:/{ print $3; }' |
read first
pdadmin -a sec_master -p <passwd> user show $user |
awk '/LDAP SN:/{ print $3; }' |
read last
echo $user $groups $first $last
done |
tee this_script.log