Initial legacy version

2021-07-12 12:43:11 +02:00 · 2021-07-12 12:43:11 +02:00 · 4991f6dc12
commit 4991f6dc12
3 changed files with 176 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,2 @@
+*~
+.*.swp
--- a/README.md
+++ b/README.md
@ -0,0 +1,48 @@
+# Update memberOf
+
+Tool to force update memberOf attributes of users on OpenLDAP directory using memberOf overlay.
+
+## Requirements
+
+  * [python-mylib](https://gogs.zionetrix.net/bn8/python-mylib) (legacy branch)
+
+## Installation
+
+```
+git clone https://gogs.zionetrix.net/bn8/updateMemberOf.git /usr/local/src/updateMemberOf
+ln -s /usr/local/src/updateMemberOf/updateMemberOf /usr/local/sbin/updateMemberOf
+```
+
+## Usage
+
+```
+usage: updateMemberOf [-h] [-d] [-H HOST] [-D DN] [-P PWD] [-f FILTER] [-b BASE] [--v2] [-a ATTR] [-p]
+
+Update memberOf attributes
+
+optional arguments:
+  -h, --help            show this help message and exit
+  -d, --debug           Enable debug mode
+  -H HOST, --host HOST  LDAP server URI (default: ldapi:///)
+  -D DN, --dn DN        LDAP bind DN
+  -P PWD, --password PWD
+                        LDAP bind password
+  -f FILTER, --filter FILTER
+                        LDAP groups filter (default: (objectClass=posixGroup))
+  -b BASE, --base BASE  LDAP group base DN
+  --v2                  Utiliser le protocole LDAP v2.
+  -a ATTR, --attr ATTR  Group members attribute (default: uniqueMember)
+  -p, --progress        Show progress bar
+```
+
+## Copyright
+
+Copyright (c) 2013-2021 Benjamin Renard <brenard@zionetrix.net>
+
+## License
+
+This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 3 as published by the Free Software Foundation.
+
+This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
--- a/126
+++ b/126
@ -0,0 +1,126 @@
+#!/usr/bin/python
+
+import argparse
+import getpass
+import logging
+import sys
+
+sys.path.insert(0,'/usr/local/src/python-mylib/')
+import LdapServer
+import Pbar
+
+default_host = 'ldapi:///'
+default_filter = '(objectClass=posixGroup)'
+default_attr = 'uniqueMember'
+
+parser = argparse.ArgumentParser(description="Update memberOf attributes")
+
+# options
+parser.add_argument(
+    '-d', '--debug',
+    action='store_true',
+    dest='debug',
+    help='Enable debug mode',
+    default=False
+)
+parser.add_argument(
+    '-H', '--host',
+    action="store",
+    type=str,
+    dest="host",
+    help="LDAP server URI (default: %s)" % default_host,
+    default=default_host
+)
+parser.add_argument(
+    '-D', '--dn',
+    action="store",
+    type=str,
+    dest="dn",
+    help="LDAP bind DN",
+    default=None
+)
+parser.add_argument(
+    '-P', '--password',
+    action="store",
+    type=str,
+    dest="pwd",
+    help="LDAP bind password",
+    default=None
+)
+parser.add_argument(
+    '-f', '--filter',
+    action="store",
+    type=str,
+    dest="filter",
+    help="LDAP groups filter (default: %s)" % default_filter,
+    default=default_filter
+)
+parser.add_argument(
+    '-b', '--base',
+    action="store",
+    type=str,
+    dest="base",
+    help="LDAP group base DN",
+    default=None
+)
+parser.add_argument(
+    '--v2',
+    action="store_true",
+    dest="ldapv2",
+    help="Utiliser le protocole LDAP v2.",
+    default=None
+)
+parser.add_argument(
+    '-a', '--attr',
+   action="store",
+   type=str,
+   dest="attr",
+   help="Group members attribute (default: %s)" % default_attr,
+   default=default_attr
+)
+parser.add_argument(
+   '-p', '--progress',
+   action='store_true',
+   dest='progress',
+   help='Show progress bar',
+   default=False
+)
+
+options = parser.parse_args()
+
+if options.debug:
+	logging.basicConfig(level=logging.DEBUG,format='%(asctime)s - %(levelname)s - %(message)s')
+else:
+	logging.basicConfig(level=logging.INFO,format='%(asctime)s - %(levelname)s - %(message)s')
+
+if options.base is None:
+	parser.error('You must specify base DN using --base parameter')
+
+if options.dn and not options.pwd:
+	options.pwd=getpass.getpass()
+
+# Start LDAP connection
+myldap = LdapServer.LdapServer(options.host, options.dn, options.pwd, options.ldapv2)
+myldap.connect()
+
+ldap_data=myldap.search(options.base, options.filter, [ options.attr ])
+
+logging.info('%s groups found', len(ldap_data))
+
+pbar = Pbar.Pbar('Update memberOf', len(ldap_data), enabled=options.progress)
+for dn in ldap_data:
+	old = myldap.get_attr(ldap_data[dn], options.attr, all=True)
+	if old is None:
+		continue
+
+	logging.debug('Update - remove values of %s', dn)
+	if myldap.update_object(
+        dn, {options.attr: old}, {options.attr: []}
+    ):
+		logging.debug('Update - restore values of %s', dn)
+		myldap.update_object(dn, {options.attr: []}, {options.attr: old})
+
+	pbar.increment()
+
+pbar.finish()
+