LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-27-2011, 03:25 PM   #1
rcrook89
LQ Newbie
 
Registered: Jul 2009
Posts: 2

Rep: Reputation: 0
Trouble with ldapsearch and AD


Hi, I am fairly new to the Linux world and am trying to get my Active Directory to sync with Google Apps. I have used Google Apps Directory Sync tool to set this up, but I only want the sync to run when someone changes their password. So that I don't run the sync every five minutes unnecessarily.

To achieve this, I am trying to write a bash script that will use ldapsearch to query AD for all users and sort by the division attribute. Since that is where the hash password is being stored using the sha1hexfltr (http://code.google.com/p/sha1hexfltr/)

I then want this to be exported into a file and have the script always comparing the new exported file to the old one. Then if the script is different (having a different value in the division attribute, signifying a changed password), then it will run the sync.

I am planning on scheduling this as a chron job about every five minutes, and then the goal will be that it kicks off the ad -> google sync only when a password has changed.

The first part of this I am working on is the ldapsearch.

This is what I have so far...


ldapsearch -x -LLL -h "198.248.123.123" -p 389 -D "CN=John Smith,OU=admin,OU=example,DC=ldap,DC=acme,DC=com" -b "DC=ldap,DC=acme,DC=com" -w "password" -S division

This works with a "-W" and prompts for a password, but when I try to do a "-w", it gives an error that says

"bash: password: event not found"

Since I am trying to include this in a bash script, my goal is to not have to be prompted for a password. I also tried setting up SASSL, but was unsuccessful with this method as well. Any help would be greatly appreciated.

Please let me know if this all makes sense or if I need to include additional information with this.

Thanks,

Rachael
 
Old 05-27-2011, 04:30 PM   #2
spankbot
Member
 
Registered: Aug 2007
Posts: 131

Rep: Reputation: 16
Try removing the quotes.
 
Old 06-01-2011, 01:34 PM   #3
rcrook89
LQ Newbie
 
Registered: Jul 2009
Posts: 2

Original Poster
Rep: Reputation: 0
With or without the quotes it gives the same error "bash: password: event not found". It works when prompting for a password with the -W switch, but as soon as I try to include the password, it gives an error. Do you know if there is a way to include the password in a file? Any ideas would be helpful.
 
Old 06-01-2011, 08:26 PM   #4
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,066
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Remove the exclamation mark from the the password ;}


Alternatively, use a credentials file: -y ... much cleaner,
and people w/ access to the box won't see the password in
the process list.



Cheers,
Tink
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ldapsearch | ldapmodify eantoranz Linux - Software 1 01-28-2013 10:33 PM
ldapsearch:: how to use TLS connection? knockout_artist Linux - Newbie 1 09-29-2009 08:50 AM
ldapsearch query saravana_05 Linux - Newbie 1 07-09-2009 03:06 AM
script ,ldapsearch,sqlloader felosa_vb Linux - General 1 01-16-2008 08:48 PM
ldapsearch cmontr Programming 4 11-15-2007 05:19 PM


All times are GMT -5. The time now is 11:14 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration