diff options
| author |   Damien NOZAY <damien.nozay@gmail.com> | 2014-05-06 17:43:01 -0700 |
|---|---|---|
| committer |   Sitaram Chamarty <sitaram@atc.tcs.com> | 2014-05-07 19:09:55 +0530 |
| commit | 6d71af741f5db17e4d9380c1be8dc0da0c2d77ad (patch) | |
| tree | 54bd815e2121e7e9777a195f3a728efc965489e1 /contrib | |
| parent | mirroring: allow 'nosync' option for slaves (diff) | |
| download | gitolite-gentoo-6d71af741f5db17e4d9380c1be8dc0da0c2d77ad.tar.gz gitolite-gentoo-6d71af741f5db17e4d9380c1be8dc0da0c2d77ad.tar.bz2 gitolite-gentoo-6d71af741f5db17e4d9380c1be8dc0da0c2d77ad.zip | |
get ldap groups
Add sample script for getting group membership from LDAP.
based on ldapsearch.
(committer added author name as comment in case of questions)
Diffstat (limited to 'contrib')
| -rwxr-xr-x | contrib/utils/ldap_groups.sh | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/contrib/utils/ldap_groups.sh b/contrib/utils/ldap_groups.sh new file mode 100755 index 0000000..0192565 --- /dev/null +++ b/contrib/utils/ldap_groups.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +# author: damien.nozay@gmail.com + +# Given a username, +# Provides a space-separated list of groups that the user is a member of. +# +# see http://gitolite.com/gitolite/auth.html#ldap +# GROUPLIST_PGM => /path/to/ldap_groups.sh + +ldap_groups() { + username=$1; + # this relies on openldap / pam_ldap to be configured properly on your + # system. my system allows anonymous search. + echo $( + ldapsearch -x -LLL "(&(objectClass=posixGroup)(memberUid=${username}))" cn \ + | grep "^cn" \ + | cut -d' ' -f2 + ); +} + +ldap_groups $@ |