| (mm) | search, create, modify, delete entries in LDAP server | ||||||||||
| Home | Software | Count | |||||||||||
|
Software: GWT GWTOAuthLogin X/Motif ansi xterm grabc mdgclock miv mplaymidi mppp mxascii mcmap mxcmap mxconsole mxkill mxshowfont qtip xmastm yrolo Web mhttpd web counter upload.pl TimeTrack.pl mod_auth_ldap Games fltkmm iphonemm Java cdcl cdclgwt jdgclock Libraries libcalen libmcfg libsll libmsock Misc bangla font dpr genmake hod smtp.pl vhtml phones_ldap showpic_ldap mbasecalc fluid_hack kdialppp strip2csv googlecode-upload MS Windows mwinclip.pl mbasecalc mailsend wiv |
phones_ldap - search, create, modify and delete entries
in a Lightweight Directory Access Protocol (LDAP) server
SYNOPSIS
phones_ldap [options]
where the options include:
-c Show the command set
-S server LDAP server
-P port Port on LDAP server
-b basedn Base DN for search
-h Shows this help
-s Simple menu
-v Print version
-V Verbose
OPTIONS
-c Show the command set available after binding to the
LDAP server. The command sets are used for manipu-
lating records in the LDAP server offline.
-S server
Specify an alternamte hostname where a LDAP server
is running.
-P port
Specify an alternate TCP port where the LDAP server
is listening.
-b basedn
Use an alternate base Distinguised Name (DN) for
example: o=Fox Chase Cancer Center,c=US as the
starting point for the search.
-h Show the options.
-s After binding to the LDAP server, if the Enter key
is pressed, the command set available is shown. If
the number of command sets cloud your head, use
this flag.
-v Print the version number of the program.
-V Show some verbose information.
After connecting to the LDAP server, the following com-
mands can be used:
add add a record to LDAP server
cls clear screen
delete [item] query and delete a record from LDAP server
delete search number delete record by matching from search buffer
help show the help file
free search [number] free content of search buffer
edit [search] number edit the record number in search buffer
edit [modified] number edit the record number in modify buffer
edit [new] number edit the record number in new buffer
vedit [search] number same as edit [search] number, but use your editor
vedit [modified] number same as edit [modified] number,but use editor
vedit [new] number same as edit [new] number, but use your editor
print search show content of search buffer
print modify show content of modify buffer
print new show content of new buffer
save save new/modified entries to LDAP server
show [item] query and show a record from LDAP server
modify [item] query and modify a record in LDAP server
vmodify [item] same as modify but use your editor
open open connection to a new LDAP server
exit leave the program
The program phones_ldap program has reasonable hard-coded defaults for all command line options. It also can read the default values from a configuration file if it exists. Please read the section CONFIGURATION FILE for details. The command line options take precedence over all. DESCRIPTIONThe phones_ldap is a program to search, create, modify and delete entries in a LDAP server. As this program talks to LDAP server, many people can run the program at the same time without worrying about data being getting corrupted. LDAP server is responsible for maintaining the data integrity.BACKGROUNDLDAP is a specification for a client-server protocol to retrieve and manage directory information. LDAP runs over TCP/IP. It is essentially a directory web in much the same way that http and html are used to define and implement the global hypertext web. Before modifying anything in a LDAP server, it is necessary to "bind" to the LDAP server as a user. Binding to LDAP server is similar to log-in to a system with a username and password. LDAP has very gran- ular access control mechanism based on who is binding to the server.In Fox Chase Cancer Center LDAP server, any user can bind to the LDAP server but currently a user is allowed to mod- ify the following items of his/her own entry: Phone num- ber, Fax number, Room number, Title, Postal address and WWW homepage link. If you bind to the LDAP server as phone administrator, currently you will be able to create a new card or modify any existing card, but will not be able to delete any existing card. If you bind to the ldap server as LDAP administrator, you will have full access to the database, that is you can search, modify, create and ify any entries but will not be able to delete any entries. Although it is not necessary but will be useful to under- stand the way the program phones_ldap works. The program has three buffers called "Search Buffer", "Modify Buffer" and "New Buffer". The buffers are nothing but distinct memory areas to hold information. When a search is per- formed and if any result is returned from the LDAP server, the program stores the result in the "Search Buffer". The entries in the "Search Buffer" can be manipulated. If any entries are modified (from search buffer or directly querying the LDAP server), they are stored in the "Modify Buffer" and if new entries are added, they are stored in the "New Buffer". If a entry from "Modify Buffer" is modi- fied, it remains in the same buffer. It is also true for the entries in the "New Buffer". The modified and new entries can be saved in the LDAP server. There are lots of commands to manipulate buffers which are available from menu items. Please refer to the section MENU ITEMS for details. Note, users may choose not to use the buffer commands, but they increase the functionality of the pro- gram a great deal. BINDING TO LDAPWhen the program starts up, it prompts for a user name to bind to the LDAP server. Then it will prompt for the user's password. The LDAP server will allow to bind to the LDAP server without password, but the user will only be able to perform searches. Right now, in Fox Chase Cancer Center LDAP server, only the "admin" user or the member of the admin group have full access to the LDAP server. The "phones" user and the members of the "Phones Manger" group can search, create, modify any existing card, but are not allowed to delete any card. A normal user can search and modify his/her own Phone number, Fax number, Room number, Title, Postal address and WWW homepage link.CONFIGURATION FILEFirst the program looks for the file .phones.cfg in the home directory of the person. It it does not exist or not readable, the program looks for the file phones.cfg in the directory /usr/local/etc. The format of this file is [sec- tion] followed by value in the next line.
##
## config file for phones ldap program
## muhammad a muquit
## August 17, 1998
## updated: Nov-01-1998
##
##
1.2
##
# full path of the help file
[Help File]
/usr/local/etc/phones_ldap.hlp
##
# show search routine in terse or normal
#[Search Result]
# Terse
[Search Result]
Normal
##
# name of LDAP server
[LDAP server]
ldapmaster.muquit.com
##
# LDAP server port number
[LDAP port]
389
##
# base distinguished name
[base dn]
o=Fox Chase Cancer Center,c=US
##
# users have full (read/write/delete/add) access to LDAP server
[admin user]
admin
MENU ITEMSThe menu items of the program phones_ldap is shown below:$ phones_ldap -V =========================================== LDAP server: ldap.muquit.com LDAP port: 389 Search root: o=Fox Chase Cancer Center,c=US =========================================== [Connected to LDAP server: ldapmaster.muquit.com, Port: 389, bound as: admin] Command: Commands are: add add a record to LDAP server cls clear screen delete [item] query and delete a record from LDAP server delete search number delete record by matching from search buffer help show the help file free search [number] free content of search buffer edit [search] number edit the record number in search buffer edit [modified] number edit the record number in modify buffer edit [new] number edit the record number in new buffer vedit [search] number same as edit [search] number, but use your editor vedit [modified] number same as edit [modified] number, but use your editor vedit [new] number same as edit [new] number, but use your editor print search show content of search buffer print modify show content of modify buffer print new show content of new buffer save save new/modified entries to LDAP server show [item] query and show a record from LDAP server modify [item] query and modify a record in LDAP server vmodify [item] same as modify but use your editor open open connection to a new LDAP server exit leave the program [Connected to LDAP server: ldapmaster.muquit.com, Port: 389, bound as: admin] Command:The menu items are described in details below: add Adds a record to the LDAP server. To add a new card, type "a" or "add" in the Command: prompt and press Enter. It will prompt for the entries as shown below:
[Connected to LDAP server: ldapmaster.muquit.com, Port: 389, bound as: admin]
Command> a
---------------------------------------------------------------
Please Enter the values for the card
NOTE: * indicates a required field
---------------------------------------------------------------
Last name: [*] Doe
First name: [*] John
Middle Initial: J
Full name [John J Doe]:
User id [doe]: jdoe
Honorific (Dr. etc):
Family rank (Jr., Sr. etc):
Phone: 3660
Fax: 2513
Title:
Room: C119
Email alias [jj_doe@muquit.com]:
Email drop: doe@aquila.muquit.com
List by owner [n]:
List by self [y]:
Web page: http://www.foo.com/
Photo:
{crypt}cypted_password: {crypt}nuZnljIuEuvAQ
Unix user_id number: 6037
Unix group_id number: 345
Gecos: John J. Doe
Unix home directory: /home/jdoe
Note, in the Photo field above, you can provide full path of a GIF or JPEG file. You also can specify path using ~, it will will be expanded. Be reasonable while adding pic- ture in the LDAP server, try to add small images. The crypted password is a Unix crypted password. It is crypted with the function call crypt(char *key,char *salt). Do a "man 3 crypt" for details. The cypted password must start with a string {crypt}. It is a hint to the LDAP server that the password is a Unix crypt password. Netscape LDAP server also understands password encrypted with Secure Hash Algorithm {sha} for exampple. To create a crypted password, the following perl script can be used:
#!/usr/bin/perl
#
# encrypt a word with crypt algorithm.
# muquit, 1997
use strict;
my $me=$0;
my @saltset=('a'..'z' , 'A'..'Z' , '0'..'9' , '.' , '/');
$me =~ s/.*//g;
if ($#ARGV+1 != 1)
{
print STDERR "usage: $me <word>0;
exit;
}
my $word=$ARGV[0];
my $salt=$ARGV[1];
my $pass='';
my $salt=$saltset[int(rand(64))].$saltset[int(rand(64))];
$pass=crypt($word,$salt);
print "word -> $pass0;
In Fox Chase Cancer Center RCS Unix machines, just type "mcrypt.pl password" to create a crypted password. The Unix user id number, group id number, gecos, home direc- tory and login shell are the same entities as they appear in Unix /etc/passwd file. At this time the program does not check uid collision, so be carefull when you specify user id and group id number. As it is possible to create the passowd file from LDAP and we may do in future. After filling out the card, it will be added to the "New Buffer". If you made a typo, the card can be modified by editing the entry from new buffer. To modify, first type "p n" or "print new" to see what is in the "New Buffer". In the upper left corner of each card, you will see a label line [n1/n2] when n1 and n2 are two numbers. n1 you see the label as [5/6], then the card number is 5, and there are 6 cards in the buffer. To edit the card, type: "edit new 5" or "e n 5", meaning edit card number 5 from "New Buffer". cls Type "cls" or "c" to clear the screen. delete [item] First query for a card in the LDAP server, if the card exists, it will prompt for confirmation to delete it from the LDAP server. Note, if you answer yes to the confirmation, the operation can not be undone. If no argument to the delete is supplied, it will ask interactively. Also note, if you do not any authority to delete entries from LDAP, the commnd will fail and the error message will be written on the screen. delete search number If a card exists in the "Search Buffer", it will prompt for the confirmation to delete it from the LDAP server. Note, if you answer yes to the con- firmation, the operation can not be undone. help Shows the content of the online help file if the file exists. free search [number] Frees the content of "Search Buffer" If a number is supplied, the specific card number from the buffer will be deleted. For example, "free search" or "f s" will free entire "Search Buffer", "f s 2" will remove the card number 2 from "Search Buffer". Note, "free" only frees the memory con- tent of the buffer, it does not delete the card/s from LDAP server. To delete a card from LDAP server, use "delete". free modify [number] Frees the content of "Modify Buffer". free new [number] Frees the content of "New Buffer". edit [search] number Edit a card from "Search Buffer". If no number is specified, it will edit the card from "Search Buffer" by default. If an attribute has a value it is show inside a pair of square brackets. Press Enter to accept the value. If you want to remove an attribute, just type -none- or -null- as the value. Edit a card from "Modify Buffer". If no number is specified, it will edit the card from "Search Buffer" by default. If an attribute has a value it is show inside a pair of square brackets. Press Enter to accept the value. If you want to remove an attribute, just type -none- or -null- as the value. edit [new] number Edit a card from "New Buffer". If no number is specified, it will edit the card from "Search Buffer" by default. If an attribute has a value it is show inside a pair of square brackets. Press Enter to accept the value. If you want to remove an attribute, just type -none- or -null- as the value. vedit [search] number Edits a card from "Search Buffer" but it uses your text editor to do that. Please look at "vmodify" command for details how the editor works. edit [modified] number Edits a card from "Modify Buffer" but it uses your text editor to do that. Please look at "vmodify" command for details how the editor works. edit [new] number Edits a card from "New Buffer" but it uses your text editor to do that. Please look at "vmodify" command for details how the editor works. print search Print the content of "Search Buffer" to standard out. The content is piped through the pager. To change the pager, set the PAGER environment vari- able. print modify Print the content of "Modify Buffer" to standard out. The content is piped through the pager. To change the pager, set the environment variable print new Print the content of "New Buffer" to standard out. The content is piped through the pager. To change the pager, set the PAGER environment variable. print Show the contents of all the buffers. A title will identify each buffer. save If anything is in the "Modify" or "New" buffer, show [item] Query the LDAP server for the card and shows the content to standard out. The content is piped through the pager. To change the pager, set the PAGER environment variable. modify [item] First query for a card in the LDAP server and a match is found in the LDAP server, prompt will be displayed for confirmation to edit the card. If more than one match is found, prompt will be cycled through all the found cards. If an attribute has a value it is show inside a pair of square brackets. Press Enter to accept the value. If you want to remove an attribute, just type -none- or -null- as the value. vmodify [item] This command is same as modify [item], only dif- ference is that you can use your text editor to edit entries. It detects the editor first by checking the environment variable EDITOR. If the variable is not set it will use vi. If more than one entries are matched, you will be prompted to select a entry for editing. Example:
[Connected to LDAP server: cygnus, Port: 489, bound as: admin]
Command: vmod muh
2 names matched.
1. Muhammad A Muquit (muquit)
2. Robert R Muhlhauser
Enter the number of the name you want or Q to quit: 1
After typing 1 and pressing Enter, you will be
inside your editor (in this example, it is vi).
The screen will look like below:
##--------------------------------------------------------------------------
## Directory entry of: muquit
## Syntax is:
## <attribute-name>
## <TAB> <value>
## Lines beginning with a hash mark are comments.
##
## Syntax adapted from ud utility comes with
## Umich LDAP server, but the code is written from scratch
## ma_muquit@muquit.com, Research Computing Services
##--------------------------------------------------------------------------
sn
Muquit
givenname
A
cn
Muhammad A Muquit
uid
muquit
honorific
familyrank
telephonenumber
3660
roomnumber
C119
mail
MA_Muquit@muquit.com
emaildrop
muquit@muquit.com
listbyowner
n
listbyself
y
labeleduri
http://www.muquit.com/
jpegphoto
NOT ASCII
Please read the comments (starts with # at the top) for the format. In any event, do not edit the attribute name, only the edit the value (starts with a tab or space). In the jpegphoto attribute, specify the path of the picture in the next line. Note, if the person already has a picture in the server, it will show up as "NOT ASCII". If you want remove an entry, specify the value as -null- or -none-. If you change anything, it will be added in the "Modify Buffer". Look at the buffer using command 'print modify'. open Close the active TCP connection and a open a new connection to an alternate LDAP server. The prompt will be displayed for new ldap server, the ldap port and base Distinguised Name. Warning: Data in all buffers will be freed after this command is typed. exit Leave the program. If anything is in "Modify" or "New Buffer", the user will be prompted to save them to LDAP server before exiting the program.
SEE ALSOhttp://www.umich.edu/~dirsvcs/ldap/index.htmlhttp://www.kingsmountain.com/ldapRoadmap.shtml /usr/local/etc/phones.cfg COMMENTSIf you look at the code, it is one of the ugliest programs I've ever written. This program is very hard to modify, even my own head spins when I want to modify something! Follow the README file for steps if you want to add and delete any attributes. The Coding does not have any design, it just grew and grew and grew, very much like most of the M$ software. Well it differs with M$ software is that it works well. Note again: The code is badly designed IMHO, the functionality of the program is just fine. It never core dumped on me :) It works well for the purpose I wrote it.AUTHORSMuhammad A Muquitemail: muquit@muquit.com www: http://www.muquit.com/
Before compiling, go to the libs directory and make a link to the LDAP directory, for example:
cd libs
ln -s /usr/local/lib/mozilla_ldap ldap
Type: ./Build pristine to build everything from scratch
If you use this program, please let me know. |
||||||||||
| back | Page updated: Sun Mar 31 01:59:56 2013 GMT Copyright © 2013 muquit@muquit.com. | ||||||||||