-
Notifications
You must be signed in to change notification settings - Fork 1
/
add_vlans2ldapuser.py
executable file
·74 lines (60 loc) · 1.91 KB
/
add_vlans2ldapuser.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#!/usr/bin/env python
# Script takes usename and vlan as arguments then inserts
# the following feilds to the person's LDAP entery:
#
# objectClass: radiusprofile
# radiusTunnelMediumType: "IPv4"
# radiusTunnelPrivateGroupId: 41
# radiusTunnelType: GRE
#
import os
import sys
import ldap
import ldap.modlist as modlist
#NEED REAL SETTINGS!
LDAP_SERVER_URL="ldap://ldap.example.net/"
BIND_PATH="cn=root,dc=example,dc=net"
def getUser(username):
searchScope = ldap.SCOPE_SUBTREE
retrieveAttributes = None
searchFilter = "cn="+username
if __name__ == '__main__':
if len(sys.argv) < 3:
print "Usage:\n\t %s username vlan\n" % sys.argv[0]
print "This will add the VLAN settings to the users LDAP entry."
sys.exit(1)
if "LDAP_PASS" not in os.environ:
print "You need the LDAP password in your environment"
print "Set with `LDAP_PASSWORD=changeme`"
sys.exit(1)
username = sys.argv[1]
vlan = sys.argv[2]
password = os.environ['LDAP_PASS']
# Open a connection
try:
directoryServer = ldap.initialize(LDAP_SERVER_URL)
directoryServer.start_tls_s()
directoryServer.simple_bind_s(BIND_PATH, password)
except ldap.INVALID_CREDENTIALS:
print "Username or Password incorrect."
except ldap.LDAPError, e:
print "Error connecting to LDAP server " + LDAP_SERVER_URL
if type(e.message) == dict and e.message.has_key('desc'):
print e.message['desc']
else:
print e
sys.exit()
dn="uid="+username+",ou=People,dc=base,dc=runtime-collective,dc=com"
extra_values = [
( ldap.MOD_ADD, 'objectClass', 'radiusProfile' ),
( ldap.MOD_ADD, 'radiusTunnelMediumType', 'IPv4' ),
( ldap.MOD_ADD, 'radiusTunnelPrivateGroupId', str(vlan) ),
( ldap.MOD_ADD, 'radiusTunnelType', 'GRE' )
]
try:
print "Applying change to " + dn
directoryServer.modify_s(dn, extra_values)
except ldap.LDAPError, e:
print "Error while appliying modification"
print e
directoryServer.unbind()