How to Synchronize LDAP Users with Bweb Users

This sample script below must be customized to connect both to the LDAP server and the catalog (Postgres backend); it may be executed as a crontab task, for example, as bacula user.

#!/usr/bin/perl
  use Net::LDAP;
  use Data::Dumper;
  use DBI;

  my $driver = "Pg";
  my $database = "bacula";
  my $dsn = "DBI:Pg:database=$database";
#
# Or the longer form below
#  my $dsn = "DBI:$driver:dbname = $database;host = 192.168.1.28; port = 5432";
  my $userid = "bacula";
  my $password = "";
  my $dbh = DBI->connect($dsn, $userid, $password, { RaiseError => 1 })
   or die $DBI::errstr;

  print "Opened database successfully\n";

 my $ldapdomain = "dc=my-domain,dc=com";
 my $uid = "cn=admin,".$ldapdomain;
 my $bindPass = "password";
 my $ldapServer = "192.168.1.8";
 my $userLogin = "displayName"; # It may be sAMAccountName
 my $userPass = "sambaLMPassword";

# connect to ldap server
 $ldap = Net::LDAP -> new ($ldapServer) || die "Could not connect to server\n";
  # bind to ldap server
  $ldap -> bind($uid, password => $bindPass);

 $result = $ldap->search( # perform a search
  base => "ou=people,".$ldapdomain,
  filter => "(objectClass=*)"
  );

die $result->error if $result->code;

printf "COUNT: %s\n", $result->count;
foreach my $entry ($result->entries) {
# $entry->dump;
 my $l = $entry->get_value($userLogin);
 if ( ( length( $l ) > 2 ) && !( $l =~ /\s|\$/ ) ) {
    my $p = $entry->get_value($userPass);
    my $stmt = qq(INSERT INTO bweb_user (username,passwd) VALUES ('$l','$p'));
    my $rv = $dbh->do($stmt) or die $DBI::errstr;
 }
}
print "===============================================\n";

$ldap->unbind;

See also

Previous articles:

• LDAP/Active Directory - Authentication

• Authentication via Pam LDAP

Go back to: LDAP Authentication.