Simon Adlem > OSS-LDAPops > OSS::LDAPops

Download:
OSS-LDAPops-1.033.tar.gz

Dependencies

Annotate this POD

CPAN RT

Open  0
View/Report Bugs
Module Version: 1.033   Source  

NAME ^

OSS::LDAPops - Perform operations on user accounts, groups and netgroups stored in an LDAP directory

SYSNOPSIS ^

        #Define config hash
        $GLOBAL::config = 
        {
                LDAPHOST        =>      'ldap01.mydomain.net',
                BINDDN          =>      'uid=webportal, ou=writeaccess, dc=auth, dc=mydomain,dc=net',
                BASEDN          =>      'dc=auth,dc=mydomain,dc=net',
                NISDOMAIN       =>      'auth.mydomain.net',
                PASSWORD        =>      'xyzzy',
        };
        #Instantiate new object and connect to server
        my($ldapopsobj) = OSS::LDAPops->new($GLOBAL::config);
        if (ref($ldapopsobj) !~ m/OSS::LDAPops/ ) {die("Error instantiating object: $ldapopsobj")}; 
        my($ret);
        my(@retu);
        
        #Bind server
        $ldapopsobj->bind;
        @retu = $ldapopsobj->searchuser($ARGV[1]);
        die($retu[0]) if (($retu[0] ne undef) and (ref($retu[0]) !~ m/Net::LDAP::Entry/) );
        foreach my $entry (@retu) {$entry->dump; }
        #if($ret) {die($ret);};
        exit;

DESCRIPTION ^

This module manipulates user, group and netgroup objects within an LDAP directory.

Also included is ldapops.pl. This script implements a command-line utility using OSS::LDAPops.

netgroupcache.pl is also included. This uses OSS::LDAPops to create a local cache of LDAP-backed netgroups in /etc/netgroup.

AUTHOR ^

Simon <simon@hacknix.net>

ASSUMPTIONS ABOUT THE DIRECTORY ^

This module and associated sripts make some assumptions about how your directory is configured. these include:

FILES TO HELP WITH SETTING UP A DIRECTORY ^

In the "examples" directory, there are several files to help you out, including:

USING THE DIRECTORY WITH *NIX SERVERS ^

The reader should consider looking at nss_ldap and pam_ldap, here:

http://www.padl.com/Contents/OpenSourceSoftware.html

METHODS ^

This section describes the methods that are implemented and their use.

new

        #Define config hash
        $GLOBAL::config = 
        {
                LDAPHOST        =>      'ldap01.mydomain.net',
                BINDDN          =>      'uid=webportal, ou=writeaccess, dc=auth, dc=lastminute,dc=com',
                BASEDN          =>      'dc=auth,dc=mydomain,dc=net',
                NISDOMAIN       =>      'auth.mydomain.net',
                PASSWORD        =>      'xyzzy',
        };
        #Instantiate new object and connect to server
        my($ldapopsobj) = OSS::LDAPops->new($GLOBAL::config);
        if (ref($ldapopsobj) !~ m/OSS::LDAPops/ ) {die("Error instantiating object: $ldapopsobj")}; 

Instantiates an object and connects to the LDAP server. Returns an object on success and false on error.

bind

Bind to LDAP server with supplied credentials.

No arguments are accepted as the pre-supplied config values are used.

groupexists

Check to see if a group exists.

        $obj->groupexists(<group>);

Returns 0 when the group does not exist. Returns 2 when the group does exists. Returns a text string on error.

userexists

Check if user exists.

        $obj->userexists(<user>);

Returns 0 when the group does not exist. Returns 2 when the group does exists. Returns a text string on error.

searchuser

Search for a users entry in the directory.

        $obj->searchuser(<userid>);

(the wildcard * can be used)

Returns an array of Net::LDAP:Entry objects on success Returns false on no results. Returns an error string on error.

searchnetgroup

Search for a netgroup entry in the directory.

        #$obj->searchnetgroup(<group>);

(the wildcard * can be used)

Returns an array of Net::LDAP:Entry objects on success Returns false on no results. Returns an error string on error.

searchunixgroup

Search for a unix (posix) group entry in the directory.

        #$obj->searchunixgroup(<group>);

(the wildcard * can be used)

Returns an array of Net::LDAP:Entry objects on success Returns false on no results. Returns an error string on error.

addhost

Add a host entry to the directory

        $obj->addhost(<hostname>);

Returns a text string on error Returns false on success

addhostgroup

Add a host group entry to the directory

        $obj->addhostgroup(<hostname>);

Returns a text string on error Returns false on success

addusergroup

Add a user group entry to the directory

        $obj->addusergroup(<groupname>);

Returns a text string on error Returns false on success

addunixgroup

Add a unix group to the directory

        $obj->addunixgroup(<groupname>,<gid>);

returns a text string on error returns false on success

adduser

Add a user entry to the directory

        $obj->adduser(<username>);

Returns a text string on error Returns false on success

updatepw

Add a user entry to the directory

        $obj->updatepw(<username>,<password>,<force reset on login [1|0]>);

Returns a text string on error Returns false on success

lockacct

Lock a user account by setting shadowExpire to 1

        $obj->lockacct(<uid>,<lock [1|0]>,<ppolicy [1|0]>);

addusertoug

Add a user entry to a user group

        $obj->addusertoug(<username>,<group>);

Returns a text string on error Returns false on success

deluserfromug

Del a user from a user gorup

        $obj->deluserfromug(<username>,<group>);

Returns a text string on error Returns false on success

addhosttohg

Add a host to a host group

        $obj->addhosttohg(<host>,<group>);

Returns a text string on error Returns false on success

delhostfromhg

Delete host from host group

        $obj->delhostfromhg(<host>,<group>);

Returns a text string on error Returns false on success

addusertohug

add user to host user group

        $obj->addusertohug(<host>,<group>);

Returns a text string on error Returns false on success

deluserfromhug

delete user from host user group

        $obj->deluserfromhug(<host>,<group>);

Returns a text string on error Returns false on success

addgrouptogroup

Add a group to a group

        $obj->addggrouptogroup(<ug|hg>,<host>,<group>);

Returns a text string on error Returns false on success

delgroupfromgroup

delete group from group

        $obj->delgroupfromgroup(<ug|hg>,<host>,<group>);

Returns a text string on error Returns false on success

addusertounixgroup

add user to a unix group

        $obj->addusertounixgroup(<user>,<unix group>);

Returns a text string on error Returns false on success

deluserfromunixgroup

delete user from a unix group

        $obj->deluserfromunixgroup(<user>,<unix group>);

Returns a text string on error Returns false on success

deletedn

Delete an entry by DN (use with caution)

Used to remove users and groups by DN

WARNING: it's possible to damage the tree stucture this way!!!! get it right!!

        $obj=>deletedn($dn);

Returns a text string on error. Returns false on success

syntax highlighting: