#!/bin/bash
for u in `ldapsearch -x -LLL ObjectClass=person | grep uid: | awk '{ print $2 }'`
do
rm -f /tmp/$u.ldif
touch /tmp/$u.ldif
echo "writing $u"
echo "dn: uid=$u,ou=People,dc=example,dc=com" >> /tmp/$u.ldif
echo "changetype: modify" >> /tmp/$u.ldif
echo "replace: loginshell" >> /tmp/$u.ldif
echo "loginshell: /bin/nologin" >> /tmp/$u.ldif
echo "" >> /tmp/$u.ldif
ldapmodify -x -D "cn=Directory Manager" -w 'REDACTEDPW' <
/tmp/$u.ldif
rm -f /tmp/$u.ldif
done
\o/
________________________________________
From: Kapetanakis Giannis <bilias(a)edu.physics.uoc.gr>
Sent: Monday, May 1, 2017 11:41 AM
To: 389-users(a)lists.fedoraproject.org
Subject: [389-users] Re: Bulk update loginShell for 100 users
On 01/05/17 19:52, Tus wrote:
Hello 389-users:
I'm looking for ideas to update ~100 uid's loginShell to /bin/nologin. For
the most part I use ADS to maintain the LDAP server but familiar with
modifying ONE entry using ldif file fed into ldapmodify.. What are some
good ways to bulk update?
Cheers.
ldif file fed to ldapmodify
dn: uid=user1,ou=People,dc=example,dc=com
changetype: modify
replace: loginshell
loginshell: /bin/nologin
-
dn: uid=user2,ou=People,dc=example,dc=com
changetype: modify
replace: loginshell
loginshell: /bin/nologin
-
I usually do first an ldapsearch to get all the DNs I need and then in
vi I add the rest of the details.
G
_______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC
and/or its subsidiaries and may contain proprietary, confidential or trade secret
information. This message is intended solely for the use of the addressee. If you are not
the intended recipient and have received this message in error, please delete this message
from your system. Any unauthorized reading, distribution, copying, or other use of this
message or its attachments is strictly prohibited.