Forums

Resolved
0 votes
Hello all,
i've a special request from a school to manage 300 accounts (the number of students). They have 2 computers room using freerdp to connect automatically at startup to the windows server with given username/passwords.
Once connected, a script is runnnig to request their username/password and map their personal folder (from ClearOS). The studends are in the school for 3 years and there are 70-90 studens per year. So we decided to create 300 users accournts : student_001 to student_099 for the first year, student_100 to student_199 for the second year and student_200 to student_299 for the 3rd year. Every account has a personnale folder. when new students come in the shool, we give them a student number so the will have their personnal accound and folder. Every year, I'll have to reset the passwords for a whole group (1 to 99 or 100 to 199 or 200 to 299) and empty their directories. So I'm trying to create a script to :
1. ask me to choose which group I've to empty
2. empty the folders of that group
3. reset the passwords and make a txt file with the given student_number and password.

Do you think I can do that with bash script ?
As I just know a little bit with bash script, any help is very welcomed :)

.. sorry for my english, don't hesitate if you have any question :)
Thursday, October 04 2018, 04:59 PM
Share this post:
Responses (4)
  • Accepted Answer

    Thursday, October 04 2018, 05:06 PM - #Permalink
    Resolved
    0 votes
    On a ClearOS 7, have a look at the user script /usr/sbin/clearos_user


    clearos_user -h
    usage: /usr/sbin/clearos_user -u <username> -p <new password>

    Common Options
    --------------

    -u=username
    -p=password (eg. set new password)
    -a (add account - requires -p, -f and -l flags to be set)
    -d (delete account)
    -f=first name
    -l=last name
    -o=output (json [default] or stdout)
    -h: help

    Examples
    ========

    Add a user:
    ./clearos_user -a -u bob -p mypassword -f William -l Shatner

    Update a user password:
    ./clearos_user -u bob -p mypassword

    Delete a user:
    ./clearos_user -d -u bob


    It should get you most of the way there.

    B.
    The reply is currently minimized Show
  • Accepted Answer

    Monday, October 08 2018, 12:12 PM - #Permalink
    Resolved
    0 votes
    Hello Ben,
    thanks very much for the help. I'm going to try that these next days ... keep you informed the way I used :)
    The reply is currently minimized Show
  • Accepted Answer

    Friday, January 04 2019, 09:40 AM - #Permalink
    Resolved
    0 votes
    Hello all,
    So, using Ben's post, I was able to create a script to create and modify 300 accounts. The only thing I can't achieve is attribuing users to a group. It seems that the cause of this issue is the ldap because when I'm trying to add user to a group, I always get the same answer : group unknown.
    Is there a way to solve it or should I manually add my users to a group ?
    Thanks for your help :)
    The reply is currently minimized Show
  • Accepted Answer

    Friday, January 04 2019, 06:55 PM - #Permalink
    Resolved
    0 votes
    The following is just a suggestion in hope to point you in somewhat of a good direction. Testing the procedure adds the members to the group when doing an ldapsearch, but it doesn't show up in the Webconfig, so something is missing. Additionally, the group the user was added to shows up when using 'id test1' at shell.

    With that said, perhaps start by creating an LDIF file (e.g. addmemberstogroup.ldif) where ldap operations could be performed to add multiple users to a group? You could somewhat mimic the snapshot.ldif file found in /var/clearos/openldap, but something way simpler to the effect of:

    # Script used to add members to an existing group

    dn: cn=yourgroupname,ou=Groups,ou=Accounts,dc=system,dc=lan
    changetype: modify
    add: memberUid
    memberUid: test1 (test1's username from the Webconfig)

    dn: cn=yourgroupname,ou=Groups,ou=Accounts,dc=system,dc=lan
    changetype: modify
    add: memberUid
    memberUid: test2 (test2's username from the Webconfig)


    or

    # Script used to add members to an existing group

    dn: cn=yourgroupname,ou=Groups,ou=Accounts,dc=system,dc=lan
    changetype: modify
    add: member
    member: cn=test 1 (test1's first name and last name from the Webconfig)

    dn: cn=yourgroupname,ou=Groups,ou=Accounts,dc=system,dc=lan
    changetype: modify
    add: member
    member: cn=test 2 (test2's first name and last name from the Webconfig


    Then a script to modify your ldap group:

    ldapmodify -xcD "cn=manager,ou=internal,dc=system,dc=lan" -f /var/clearos/openldap/addmemberstogroup.ldif -w XNuB7UJ7icqnKO2x (-w being your bind password as indicated in the directory server of your Webconfig or in /var/clearos/openldap/config.php)



    Note: Prior to and after the modification, you could see what the ldap directory looks like
    ldapsearch -h localhost -b "dc=system,dc=lan" -D "cn=manager,ou=internal,dc=system,dc=lan" -s sub "objectclass=*" -x -w XNuB7UJ7icqnKO2x


    You'll have to experiment, albeit gingerly, and see how well it works for you. Maybe one of the ClearOS gurus can add/takeway to/from this?
    The reply is currently minimized Show
Your Reply