LDAP/nss_ldap adduser script

[martin at orbweavers.co.uk]

> On Wed, Jul 27, 2005 at 10:39:14AM +0100, martin at orbweavers.co.uk typed:
>> Hi all,
>>
>>    I've been using an ldap directory for quite a while now for my
>> network
>> logins, and love it. Problem is, it can be quite cumbersome to work
>> with, any ldap clients I have looked at are either very sketchy or
>> overly cumbersome for simple tasks (adding/removing users etc.), and
>> ldif file format is a major pain to work with.
>>
>>   My first question is - is anyone aware of a good light and stable ldap
>> client that is easy to setup and use. My own research suggests no, which
>> leads onto my proposal -
>>
>>   I'm planning on writing a few basic scripts for working with the
>> system
>> - a 'ldap_adduser', 'ldap_rmuser' etc. Nothing major, not a full suite
>> of utilities, just the basics to make life a little easier.
>>
>>   I've had a look at the adduser script and it should be straight
>> forward
>> enough to tailer to this purpose, and I can't see any difficulties in
>> writing them - check /etc/ldap.conf for the location of the users &
>> groups, pops the details into an ldif and runs it through the ldap
>> client. The one thing I am not sure about is getting the next available
>> uid number, but I'm sure the answer will become apparent.
>>
>>   So before I get into the meat of this, I wanted to check if anyone has
>> any suggestions or comments.
>
> Well, how would you go about determining the default user's set of
> objectclasses
> and attributes? e.g. we have in our ldap users with different combinations
> of
> sambaSamAccount, posixAccount and courierMailAccount.
> If you want your script to be flexible enough to provide all possible
> options,
> you'll end up writing a very complex script. But good luck anyway ;-)
>
> Ruben

Primarily, my aim is to keep it simple, do the basics, thats the itch that
needs scratching for me at the moment. It could be the base of a more
encompassing management system, but that would be a different project.