We no longer offer ftp downloads. If there is a file you need referenced here, please contact me by email and I will get it to you.

Passwd to LDAP

This is a simple program that reads the Unix /etc/passwd and updates a LDAP server.

See LDAP Basics for an introduction to LDAP.

Once this server is running, browser clients with LDAP capability can use it as an alternate source for their address books. If it is run regularly as a cron job, or manually when user information is modified, the user community will always have fresh information about other users email addresses. Additional, we can use the comment field in /etc/passwd to provide other information if desired.

This server will use the following slapd.conf file:

include         /usr/local/etc/slapd.at.conf
include         /usr/local/etc/slapd.oc.conf
schemacheck     off
referral        ldap://ldap.itd.umich.edu

#######################################################################
# ldbm database definitions
#######################################################################

database        ldbm
suffix          "dc=unixorg.com"
directory       /ldap
rootdn          "cn=root, uid=0, dc=unixorg.com"
rootpw           2mny2b2ez
 

We'll initialize it with

ldif2ldbm -i ldif -f /usr/local/etc/slapd.conf
 

using this file as "ldif"

dn: dc=unixorg.com
dc: unixorg.com
objectclass: organization
 

Now, after starting the server with "slapd", we can use the actual program itself:

#!/usr/bin/perl
# passwd2ldap.pl
# Reads /etc/passwd and passes it to our LDAP server
# © January 2000 A.P. Lawrence
open(PASSWD,"</etc/passwd");
while(<PASSWD>) {
   ($login,$x, $uid,$group,$comment,$homedir)=split /\:/;
   next if  $uid < 200 ;
   # We only want real users
   ($name,$extension,$department)=split(/\;/,$comment);
   # we extend the comment field by allowing extra information
   # separated by ";"'s.
   $name=$login if not $name;
   $extension="unknown" if not $extension;
   $department="(unassigned)" if not $department;
   # now we need to see if this is a new or old entry so we add or modify as needed
   $isnotnew=qx(/usr/local/bin/ldapsearch -b "dc=unixorg.com" "(uid=$uid)");
   if ($isnotnew) {
       open(OUT, "|/usr/local/bin/ldapmodify -r -D \"cn=root, uid=0, dc=unixorg.com\" -w \"2mny2b2ez\"");
   }
   else {
       open(OUT, "|/usr/local/bin/ldapadd -D \"cn=root, uid=0, dc=unixorg.com\" -w \"2mny2b2ez\"");
   }
   print OUT "dn: uid:$uid, dc=unixorg.com\n";
   ($cn,$sn)=split(/ /,$name);
   $cn=$login if not $cn;
   $sn=$login if not $sn;
   print OUT "uid: $uid\n";
   print OUT "cn: $name\n";
   print OUT "sn: $sn\n";
   print OUT "extension: $extension\n";
   print OUT "department: $department\n";
   print OUT "mail:${login}\@unixorg.com\n";
   print OUT "objectclass: person\n";
   close OUT;
}
 

Download passwd2ldap.pl

Netscape

Open up your Netscape browser, and go to Address Book. Drag down file and tell it you want to add a New Directory . I called mine "Local LDAP". Enter the FQN (Fully Qualified Name- example: scobox.landc.com) of your server into the LDAP Server box. In the Server Root box, I'd enter "dc=unixorg.com", and you'd enter the equivalent for your server. You don't need to change anything else; no login, no secure connection, leave the port (389) alone. Click OK to save it. Now, "Local LDAP" appears in the list. Highlight it, and type "*" in the search box- you'll see your entries. Even better, double click on one of the entries and you'll get all of the information that your server got from /etc/passwd.

Now go to create a new Email message. Choose "Address Book", and notice that you can choose addresses from your "Local LDAP", and that if you highlight and choose "Properties", you get the full information as before.

Comments?

More Articles by Tony Lawrence - Find me on Google+

Jump to Comments

Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them. I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.

Specific links that take you to pages that allow you to purchase the item I reviewed are very likely to pay me a commission. Many of the books I review were given to me by the publishers specifically for the purpose of writing a review. These gifts and referral fees do not affect my opinions; I often give bad reviews anyway.

We use Google third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.