Friday, November 5, 2010

Big News...Coming Soon

For months now, I have been working with a group of awesome folks on something.  Lots of leaving my job, getting home, and going back to work.  I am pretty proud about what we've come up with.  In a few days, I'll be sharing it.  Fingers crossed.  Exciting times ahead...make or break as they say.

Stay Tuned.
Posted by Kirk Gray at 7:46 PM View Comments
Labels:

Wednesday, November 3, 2010

Generating .ldif Files using Groovy

I recently needed to do a bulk update of an openLDAP directory to add a password for a really big batch of test users.  I wrote a little Groovy script to do it.  Thought it might be helpful.  First things first, generate a password for the test users using the slappasswd command.  Using the defaults will give a you password with SSHA encryption.  Now we need an .ldif file that describes the change to make.  For more information on ldapmodify commands, head here.  The script here will loop through a group of sequentially id'd users in a couple of ous and assign them our nicely hashed password:



        File newFile = new File('modify-script.ldif')
        String username = ''
        String toAdd = ""

        def stuCount = 80000
        def admCount = 2000
        def teachCount = 18000

        StringBuilder sb = new StringBuilder()

        def ous = [ 'ou1', 'ou2' ]

        for ( ouname in ous ) {

            for ( i in 1..stuCount ) {
                username = "user_${epname}_${i}"

                toAdd = """
dn: uid=${username},ou=people,ou=${ouname},dc=yourdc,dc=com
changetype: modify
add: userPassword
userPassword: {SSHA}zW7Q/yQQ8IKZiX8ANJIGugi0deNebN1o
                    
"""
                sb.append( toAdd )
            }

            sb.append( "\n\n" )

            newFile << sb.toString()
        }

This will produce a file (modify-script.ldif) with a bunch of entries like these:


dn: uid=user_ou1_1,ou=people,ou=ou1,dc=yourdc,dc=com
changetype: modify
add: userPassword
userPassword: {SSHA}zW7Q/yQQ8IKZiX8ANJIGugi0deNebN1o
                    

dn: uid=user_ou1_2,ou=people,ou=ou1,dc=yourdc,dc=com
changetype: modify
add: userPassword
userPassword: {SSHA}zW7Q/yQQ8IKZiX8ANJIGugi0deNebN1o

...

Now you can simply run the ldapmodify command to update the users:

ldapmodify -x -D "cn=admin,dc=yourdc,dc=com" -w yourpass -f modify-script.ldif

I've been able to use derivatives of this script for a few different tasks.  Hope it helps someone else.
Posted by Kirk Gray at 5:44 PM View Comments
Labels: ,
Subscribe to: Posts (Atom)