[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: LDAP Documentation/Sample

From: Thomas Recloux <thomas.recloux_at_gmail.com>
Date: 2007-04-08 12:10:02 CEST

Hello markus

> but does somebody know, if there is a tool, to export my ldap-groups into an
> authz-file-[group]-format.

I use bash scripts launched hourly by the cron daemon for this.

Here is a sample :

#!/bin/bash
#
#
##############################################
# Constants
##############################################
BIND_DN=CN=xxxxxxxxxxxxx
BIND_PWD=xxxxxxxxxxxxxxx
AUTH_FILE=/etc/apache2/svn.authz

##############################################
# First group
# Search LDAP for first group members and keep only the
'sAmAccountName' attribute
#
SEARCH=`ldapsearch -D $BIND_DN -w $BIND_PWD -b
"OU=firstgroup,OU=users,DC=mycompagnny,DC=fr" -h ldap.mycompagny.fr -x
'(objectClass=user)' sAMAccountName | grep 'sAMAccountName:' | sed
s/'sAMAccountName: '//`
# Replace spaces by commas
SEARCH=`echo $SEARCH | sed s/' '/', '/g`
# Upcase dand lowcase
FOO_a=`echo $SEARCH | tr A-Z a-z`
FOO_b=`echo $SEARCH | tr a-z A-Z`
FOO=`echo $FOO_a, $FOO_b`

# Other groups

# Generate the file
DATE=`date`
echo "# File generated from LDAP directory, do not modify" > $AUTH_FILE
echo "# Generated on $DATE" >> $AUTH_FILE
echo "[groups]" >> $AUTH_FILE
echo "foo=$FOO" >> $AUTH_FILE

...other groups

...svn branches

echo "[/]" >> $AUTH_FILE
echo "@foo=rw" >> $AUTH_FILE
echo "[/branch]" >> $AUTH_FILE
echo "@bar=" >> $AUTH_FILE 

-- 
Thomas Recloux
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sun Apr 8 12:10:24 2007

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.