/usr/bin/ldap-add-user-to-group is in debian-edu-config 1.818+deb8u2.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 | #!/bin/bash
# $Id$
# This script takes 2 parameters
# The username and the group to add the user into
# use at own risk
UNAME=$1
GROUP=$2
if [ -z "$UNAME" -o -z "$GROUP" ] ; then
echo -e "usage:\n\t$0 <username> <group>"
echo
echo " Adds a user as a member in the given group."
exit 9
fi
# Locate the LDAP admin DN
admindn=$(ldapsearch -x "(&(cn=admin)(objectClass=simpleSecurityObject))" 2>/dev/null | perl -p0e 's/\n //g' | awk '/^dn: / {print $2}')
# Look up group DN
groupdn=$(ldapsearch -x "(&(cn=$GROUP)(objectClass=posixGroup))" 2>/dev/null | perl -p0e 's/\n //g' | awk '/^dn: / {print $2}')
if [ "$groupdn" ] ; then
cat << EOF | ldapmodify -ZZ -D "$admindn" -W -v -x
dn: $groupdn
changetype: modify
add: memberUid
memberUid: $UNAME
EOF
else
groupdn=$(ldapsearch -x "(&(cn=$GROUP)(objectClass=groupOfNames))" 2>/dev/null | perl -p0e 's/\n //g' | awk '/^dn: / {print $2}')
if [ "$groupdn" ] ; then
userdn=$(ldapsearch -x "(&(uid=$UNAME)(objectClass=posixAccount))" 2>/dev/null | perl -p0e 's/\n //g' | awk '/^dn: / {print $2}')
cat << EOF | ldapmodify -ZZ -D "$admindn" -W -v -x
dn: $groupdn
changetype: modify
add: member
member: $userdn
EOF
else
echo "error: unable to find group"
fi
fi
|