forked from stove/dataset
130 lines
4.4 KiB
Text
130 lines
4.4 KiB
Text
{% set add_test = True %}
|
|
{% set username="rougail_test@silique.fr" %}
|
|
{% set username_family="rougail_test@gnunux.info" %}
|
|
{% set name_family="gnunux" %}
|
|
# BaseDN
|
|
{% set groups = {} %}
|
|
dn: {{ general.ldap.ldap_base_dn }}
|
|
{% set attribute, organization = ldap_base_dn.split(',', 1)[0].split('=') %}
|
|
{{ attribute }}: {{ organization }}
|
|
objectClass: top
|
|
{% if attribute == 'o' %}
|
|
objectClass: organization
|
|
{% else %}
|
|
objectClass: organizationalUnit
|
|
{% endif %}
|
|
|
|
# Remote
|
|
{% set acc = [] %}
|
|
{% for idx in range(3) %}
|
|
{% set name = 'remote_test' + idx|string %}
|
|
{{ acc.append(('cn=' + name + ',' + ldap_base_dn, name, name|get_password(server_name=domain_name_eth0, description="remote account", type="cleartext", hide=hide_secret, temporary=True))) }}
|
|
{% endfor %}
|
|
{% for remote in accounts.remotes %}
|
|
{% set name = remote|normalize_family %}
|
|
{{ acc.append((accounts['remote_' + name]['dn_' + name], remote, accounts['remote_' + name]['password_' + name])) }}
|
|
{% endfor %}
|
|
{% for dn, remote, password in acc %}
|
|
dn: {{ dn }}
|
|
cn: {{ remote }}
|
|
sn: {{ remote }}
|
|
uid: {{ remote }}
|
|
userPassword:: {{ password|ssha_encode }}
|
|
objectClass: top
|
|
objectClass: inetOrgPerson
|
|
|
|
{% endfor %}
|
|
# Accounts
|
|
dn: {{ ldap_account_dn }}
|
|
ou: accounts
|
|
objectClass: top
|
|
objectClass: organizationalUnit
|
|
|
|
## Accounts users
|
|
{% set users = ldap_user_dn %}
|
|
dn: {{ users }}
|
|
ou: users
|
|
objectClass: top
|
|
objectClass: organizationalUnit
|
|
|
|
{% set userdn = 'cn=' + username + ',' + ldap_base_dn|calc_ldapclient_base_dn %}
|
|
{% set userfamilydn = 'cn=' + username_family + ',' + ldap_base_dn|calc_ldapclient_base_dn(family_name=name_family) %}
|
|
{% set acc = [(userdn, username, username|get_password(server_name='test', description="test", type="cleartext", hide=hide_secret, temporary=True), 'Rougail', 'Test', 'rougail_test', [], 'users'),
|
|
(userfamilydn, username_family, username_family|get_password(server_name='test', description='test', type="cleartext", hide=hide_secret, temporary=True), 'Rougail', 'Test', 'rougail_test_gnunux', [], name_family),
|
|
] %}
|
|
{% set x=groups.__setitem__('users', [userdn]) %}
|
|
{% set x=groups.__setitem__(name_family, [userfamilydn]) %}
|
|
{% for user in accounts.users.ldap_user_mail %}
|
|
{% set userdn = "cn=" + user + "," + users %}
|
|
{{ acc.append((userdn, user, user.ldap_user_password, user.ldap_user_sn, user.ldap_user_gn, user.ldap_user_uid, user.ldap_user_aliases, 'users')) }}
|
|
{{ groups.setdefault('users', []).append(userdn) }}
|
|
{% endfor %}
|
|
## Families
|
|
dn: {{ ldap_base_dn|calc_ldapclient_base_dn(family_name='-') }}
|
|
ou: families
|
|
objectClass: top
|
|
objectClass: organizationalUnit
|
|
|
|
{% macro add_family(family, families) %}
|
|
dn: {{ families }}
|
|
ou: {{ family }}
|
|
objectClass: top
|
|
objectClass: organizationalUnit
|
|
{% endmacro %}
|
|
{% if add_test and 'gnunux' not in accounts.families %}
|
|
{% set families = ldap_base_dn|calc_ldapclient_base_dn(family_name='gnunux') %}
|
|
{{ add_family('gnunux', families) }}
|
|
{% endif %}
|
|
{% for family in accounts.families %}
|
|
{% set families = ldap_base_dn|calc_ldapclient_base_dn(family_name=family) %}
|
|
{{ add_family(family, families) }}
|
|
{% for user in accounts['family_' + family]['users_' + family]['ldap_user_mail_' + family] %}
|
|
{% set userdn = "cn=" + user + "," + families %}
|
|
{{ groups.setdefault(family, []).append(userdn) }}
|
|
{{ acc.append((userdn, user, user['ldap_user_password_' + family], user['ldap_user_sn_' + family], user['ldap_user_gn_' + family], user['ldap_user_uid_' + family], user['ldap_user_aliases_' + family], family)) }}
|
|
{% endfor %}
|
|
{% endfor %}
|
|
{% for userdn, user, password, sn, gn, uid, aliases, family in acc %}
|
|
dn: {{ userdn }}
|
|
cn: {{ user }}
|
|
mail: {{ user }}
|
|
sn: {{ sn }}
|
|
givenName: {{ gn }}
|
|
uid: {{ uid }}
|
|
userPassword:: {{ password|ssha_encode }}
|
|
{% if family == 'users' %}
|
|
homeDirectory: /srv/home/users/{{ user }}
|
|
{% else %}
|
|
homeDirectory: /srv/home/families/{{ family }}/{{ user }}
|
|
{% endif %}
|
|
mailLocalAddress: {{ user }}
|
|
{% if aliases %}
|
|
{% for alias in aliases %}
|
|
mailLocalAddress: {{ alias }}
|
|
{% endfor %}
|
|
{% endif %}
|
|
uidNumber: 0
|
|
gidNumber: 0
|
|
objectClass: top
|
|
objectClass: inetOrgPerson
|
|
objectClass: posixAccount
|
|
objectClass: inetLocalMailRecipient
|
|
|
|
{% endfor %}
|
|
## Groups
|
|
{% set groupdn = ldap_group_dn %}
|
|
dn: {{ groupdn }}
|
|
ou: groups
|
|
objectClass: top
|
|
objectClass: organizationalUnit
|
|
|
|
{% for group, members in groups.items() %}
|
|
dn: cn={{ group }},{{ groupdn }}
|
|
cn: {{ group }}
|
|
objectclass: top
|
|
objectclass: groupOfNames
|
|
{% for member in members %}
|
|
member: {{ member }}
|
|
{% endfor %}
|
|
|
|
{% endfor %}
|