%set %%username="rougail_test@silique.fr" %set %%username_family="rougail_test@gnunux.info" %set %%name_family="gnunux" # BaseDN %set groups = {} dn: %%ldapclient_base_dn %set %%attribute, %%organization = %%ldapclient_base_dn.split(',', 1)[0].split('=') %%attribute: %%organization objectClass: top %if %%attribute == 'o' objectClass: organization %else objectClass: organizationalUnit %end if # Remote %set %%acc = [] %for %%idx in %%range(3) %set %%name = 'remote_test' + %%str(%%idx) %%acc.append(('cn=' + %%name + ',' + %%ldapclient_base_dn, %%name, %%get_password(server_name=%%domain_name_eth0, username=%%name, description="remote account", type="cleartext", hide=%%hide_secret, temporary=True)))%slurp %end for %for %%remote in %%accounts.remotes %set %%name = %%normalize_family(%%remote) %%acc.append((%%accounts['remote_' + %%name]['dn_' + %%name], %%remote, %%accounts['remote_' + %%name]['password_' + %%name]))%slurp %end for %for %%dn, %%remote, %%password in %%acc dn: %%dn cn: %%remote sn: %%remote uid: %%remote userPassword:: %%ssha_encode(%%password) objectClass: top objectClass: inetOrgPerson %end for # Accounts dn: %%ldap_account_dn ou: accounts objectClass: top objectClass: organizationalUnit ## Accounts users %set %%users = %%ldapclient_user_dn dn: %%users ou: users objectClass: top objectClass: organizationalUnit %set %%userdn = 'cn=' + %%username + ',' + %%calc_ldapclient_base_dn(%%ldapclient_base_dn) %set %%userfamilydn = 'cn=' + %%username_family + ',' + %%calc_ldapclient_base_dn(%%ldapclient_base_dn, family_name=%%name_family) %set %%acc = [(%%userdn, %%username, %%get_password(server_name='test', username=%%username, description="test", type="cleartext", hide=%%hide_secret, temporary=True), 'Rougail', 'Test', 'rougail_test', [], 'users'), (%%userfamilydn, %%username_family, %%get_password(server_name='test', username=%%username_family, description='test', type="cleartext", hide=%%hide_secret, temporary=True), 'Rougail', 'Test', 'rougail_test_gnunux', [], %%name_family), ] %set %%groups['users'] = [%%userdn] %set %%groups[%%name_family] = [%%userfamilydn] %for %%user in %%accounts.users.ldap_user_mail %set %%userdn = "cn=" + %%user + "," + %%users %%acc.append((%%userdn, %%user, %%user.ldap_user_password, %%user.ldap_user_sn, %%user.ldap_user_gn, %%user.ldap_user_uid, %%user.ldap_user_aliases, 'users'))%slurp %%groups.setdefault('users', []).append(%%userdn)%slurp %end for ## Families dn: %%calc_ldapclient_base_dn(%%ldapclient_base_dn, family_name='-') ou: families objectClass: top objectClass: organizationalUnit %for %%family in %%accounts.families %set %%families = %%calc_ldapclient_base_dn(%%ldapclient_base_dn, family_name=%%family) dn: %%families ou: %%family objectClass: top objectClass: organizationalUnit %for %%user in %%accounts['family_' + %%family]['users_' + %%family]['ldap_user_mail_' + %%family] %set %%userdn = "cn=" + %%user + "," + %%families %%groups.setdefault(%%family, []).append(%%userdn)%slurp %%acc.append((%%userdn, %%user, %%user['ldap_user_password_' + %%family], %%user['ldap_user_sn_' + %%family], %%user['ldap_user_gn_' + %%family], %%user['ldap_user_uid_' + %%family], %%user['ldap_user_aliases_' + %%family], %%family))%slurp #pouet #dn: %%userdn #cn: %%user #mail: %%user #sn: #givenName: #uid: #userPassword:: %%ssha_encode() #homeDirectory: /srv/home/families/%%family/%%user #mailLocalAddress: %%user # %if %%user['ldap_user_aliases_' + %%family] # %for %%alias in #mailLocalAddress: %%alias # %end for # %end if #uidNumber: 0 #gidNumber: 0 #objectClass: top #objectClass: inetOrgPerson #objectClass: posixAccount #objectClass: inetLocalMailRecipient # # %end for #%end for %end for %end for %for %%userdn, %%user, %%password, %%sn, %%gn, %%uid, %%aliases, %%family in %%acc dn: %%userdn cn: %%user mail: %%user sn: %%sn givenName: %%gn uid: %%uid userPassword:: %%ssha_encode(%%password) %if %%family == 'users' homeDirectory: /srv/home/users/%%user %else homeDirectory: /srv/home/families/%%family/%%user %end if mailLocalAddress: %%user %if %%aliases %for %%alias in %%aliases mailLocalAddress: %%alias %end for %end if uidNumber: 0 gidNumber: 0 objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: inetLocalMailRecipient %end for ## Groups %set %%groupdn = %%ldapclient_group_dn dn: %%groupdn ou: groups objectClass: top objectClass: organizationalUnit %for %%group, %%members in %%groups.items() dn: cn=%%group,%%groupdn cn: %%group objectclass: top objectclass: groupOfNames %for %%member in %%members member: %%member %end for %end for