Subversion Repositories ALCASAR

Rev

Rev 2714 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2714 Rev 2715
Line 1... Line 1...
1 
#!/bin/bash
 1 
#!/bin/bash
2 
 
 2 
 
3 
# $Id: alcasar-ldap.sh 2714 2019-03-10 23:43:22Z tom.houdayer $
 3 
# $Id: alcasar-ldap.sh 2715 2019-03-10 23:53:44Z tom.houdayer $
4 
 
 4 
 
5 
# alcasar-ldap.sh
 5 
# alcasar-ldap.sh
6 
# by Rexy
 6 
# by Rexy
7 
# This script is distributed under the Gnu General Public License (GPL)
 7 
# This script is distributed under the Gnu General Public License (GPL)
8 
 
 8 
 
Line 22... Line 22...
22 
LDAP_UID=$(grep '^LDAP_UID=' $CONF_FILE | cut -d"=" -f2)                      # 'samaccountname' for A.D. - 'UID' for LDAP
 22 
LDAP_UID=$(grep '^LDAP_UID=' $CONF_FILE | cut -d"=" -f2)                      # 'samaccountname' for A.D. - 'UID' for LDAP
23 
LDAP_FILTER=$(grep '^LDAP_FILTER=' $CONF_FILE | cut -d"=" -f2-)               # LDAP filter
 23 
LDAP_FILTER=$(grep '^LDAP_FILTER=' $CONF_FILE | cut -d"=" -f2-)               # LDAP filter
24 
LDAP_SSL=$(grep '^LDAP_SSL=' $CONF_FILE | cut -d"=" -f2-)                     # LDAP SSL status
 24 
LDAP_SSL=$(grep '^LDAP_SSL=' $CONF_FILE | cut -d"=" -f2-)                     # LDAP SSL status
25 
LDAP_CERT_REQUIRED=$(grep '^LDAP_CERT_REQUIRED=' $CONF_FILE | cut -d"=" -f2-) # LDAP SSL certificate verifying
 25 
LDAP_CERT_REQUIRED=$(grep '^LDAP_CERT_REQUIRED=' $CONF_FILE | cut -d"=" -f2-) # LDAP SSL certificate verifying
26 
 
 26 
 
- 
 
 27 
add_ldap_server_to_static_dhcp() {
- 
 
 28 
	if [[ "$LDAP_SERVER" =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
- 
 
 29 
		ldap_server_ip="$LDAP_SERVER"
- 
 
 30 
	else
- 
 
 31 
		ldap_server_ip=$(dig +short $LDAP_SERVER)
- 
 
 32 
		[ -z "$ldap_server_ip" ] && return 1
- 
 
 33 
	fi
- 
 
 34 
 
- 
 
 35 
	if [ -z "$(cat /usr/local/etc/alcasar-ethers | awk -v ldap_server_ip="$ldap_server_ip" '($2==ldap_server_ip)')" ]; then
- 
 
 36 
		ldap_server_mac=$(chilli_query list | awk -v ldap_server_ip="$ldap_server_ip" '($2==ldap_server_ip) {print $1}')
- 
 
 37 
		[ -z "$ldap_server_mac" ] && return 1
- 
 
 38 
 
- 
 
 39 
		echo "$ldap_server_mac $ldap_server_ip" >> /usr/local/etc/alcasar-ethers
- 
 
 40 
		echo "$ldap_server_mac $ldap_server_ip #LDAP Server" >> /usr/local/etc/alcasar-ethers-info
- 
 
 41 
	fi
- 
 
 42 
}
- 
 
 43 
 
27 
nb_args=$#
 44 
nb_args=$#
28 
args=$1
 45 
args=$1
29 
if [ $nb_args -eq 0 ]; then
 46 
if [ $nb_args -eq 0 ]; then
30 
	nb_args=1
 47 
	nb_args=1
31 
	args="-h"
 48 
	args="-h"
Line 57... Line 74...
57 
		if [ ! -e /etc/raddb/mods-enabled/ldap ]; then
 74 
		if [ ! -e /etc/raddb/mods-enabled/ldap ]; then
58 
			ln -s $LDAP_MODULE /etc/raddb/mods-enabled/ldap
 75 
			ln -s $LDAP_MODULE /etc/raddb/mods-enabled/ldap
59 
		fi
 76 
		fi
60 
		[ -e /etc/raddb/sites-enabled/alcasar ] && rm /etc/raddb/sites-enabled/alcasar
 77 
		[ -e /etc/raddb/sites-enabled/alcasar ] && rm /etc/raddb/sites-enabled/alcasar
61 
		ln -s /etc/raddb/sites-available/alcasar-with-ldap /etc/raddb/sites-enabled/alcasar
 78 
		ln -s /etc/raddb/sites-available/alcasar-with-ldap /etc/raddb/sites-enabled/alcasar
- 
 
 79 
		add_ldap_server_to_static_dhcp
62 
		/usr/bin/systemctl restart radiusd.service
 80 
		/usr/bin/systemctl restart radiusd.service
63 
		;;
 81 
		;;
64 
	--off | -off)
 82 
	--off | -off)
65 
		$SED "s/^LDAP=.*/LDAP=off/g" $CONF_FILE
 83 
		$SED "s/^LDAP=.*/LDAP=off/g" $CONF_FILE
66 
		rm -f /etc/raddb/mods-enabled/ldap
 84 
		rm -f /etc/raddb/mods-enabled/ldap