I would like to have all of our IT systems (computers, phones, printers, etc.) looking at our OD master for directory services and information.
For the systems that just need directory information, I would like them to look at the People container and not the Users container. I would like the People container to only contain basic contact information (ie givenName sn l st postalCode c mail street telephoneNumber mobile facsimileTelephoneNumber).
I was thinking it would be a good idea to automate the regular population of the People container using launchd, so it becomes a simple process that runs automatically. Maybe use launchd to do an ldapsearch to find all of our users with uidNumbers 2000-3999 (these are the only users we want) with just the attributes I want to publish.
Then use awk to change cn=Users to cn=People and using ldapadd to add the output back into LDAP. On the next run of the script I could use ldapsearch on the Users container + ldapdelete to clear the People container of the entries about to come over and then the ldapsearch + awk + ldapadd to populate the People container again.
From the look of it this is pretty simple to do. I’ve already done some initial trials with really simple scripts. But I do have two questions, I suppose:
One: Is this the easiest “quick and dirty”, “fire and forget solution” for automatically populating the People container?
Two: I am new to the ldapsearch command. I am trying to use the ldapsearch command to generate an ldif file that has a listing of all my users with a uid of 2000-3999. How do you set up an ldap filter to get a range for the desired uidNumber’s?
.
.
Comments are closed