[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Programmatically creating users



2010/12/1 Juan Pablo Romero Méndez <jpablo.romero@gmail.com>:
> Hello,
>
> I'm trying to programmatically call useradd to create an ldap user on
> opensuse 11.2.
>


I will assume that your OS ham PAM configured in a way that LDAP users
are the OS users, and that you have no confusion between the local
box's users and the one in LDAP.

If so, all you need to do is talk LDAP directly using your favorite
lang, example Perl and Net::LDAP are very powerful. You can also use
something like LAM (LDAP Account manager) which is written in PHP
although it lacks some stuff such as moddn but it has a nice interface
for Unix users and groups.

The thing is that once your machine uses LDAP as it's DB for users,
from then one you should deal with the LDAP server directly and
affects all machines that are connected to that LDAP.


> The problem is that calling
>
> useradd -m --service ldap  -D "cn=Administrator,dc=tkm,dc=com,dc=mx"
> testuser
>
> requests the ldap admin password in a way which I find difficult to handle
> programmatically.
>
> I thought that setting rootbinddn in /etc/ldap.conf and the password in
> /etc/ldap.secret would prevent useradd to ask the password but this is not
> the case.
>
> Is it possible to accomplish this? (i.e. configure useradd/passswd to not to
> ask passwords in the command line?)
>
> Regards,
>
>   Juan Pablo
>