#!/bin/sh # eval "$(ucr shell)" GRPNAME="grp1" GRPNAME2="grp2" GRPNAME3="grp3" USRNAME="testuser1" declare -i ERROR=0 cleanup () { # undo all changes trap - EXIT udm users/user remove --dn "uid=${USRNAME},cn=users,$ldap_base" udm groups/group remove --dn "cn=${GRPNAME3},cn=groups,$ldap_base" udm groups/group remove --dn "cn=${GRPNAME2},cn=groups,$ldap_base" udm groups/group remove --dn "cn=${GRPNAME},cn=groups,$ldap_base" } trap cleanup EXIT pkill -f '/usr/bin/python... /usr/share/univention-directory-manager-tools/univention-cli-server' echo "*** creating group $GRPNAME and user $USRNAME" udm groups/group create --position "cn=groups,$ldap_base" --set name="$GRPNAME" udm users/user create --position "cn=users,$ldap_base" --set username="$USRNAME" --set password=univention --set lastname=Foobar --append groups=cn="${GRPNAME},cn=groups,$ldap_base" echo "*** testing if user is member in its additional group" if [ -z "$(ldapsearch -LLLx "(&(objectclass=univentionGroup)(cn=$GRPNAME)(uniqueMember=uid=${USRNAME},cn=users,$ldap_base))" uniqueMember)" ] ; then echo "ERROR: user '$USRNAME' is no uniqueMember of group '$GRPNAME'" ERROR+=1 fi if [ -z "$(ldapsearch -LLLx "(&(objectclass=univentionGroup)(cn=$GRPNAME)(memberUid=${USRNAME}))" memberUid)" ] ; then echo "ERROR: group '$GRPNAME' contains no memberUid of user '$USRNAME'" ERROR+=1 fi echo "*** testing if user is member in its primary group" primaryGroup="$(udm users/user list --filter="uid=${USRNAME}" | sed -rne 's/^.*primaryGroup: //p')" if [ -z "$(ldapsearch -LLLx -b "$primaryGroup" "(&(objectclass=univentionGroup)(uniqueMember=uid=${USRNAME},cn=users,$ldap_base))" uniqueMember)" ] ; then echo "ERROR: user '$USRNAME' is no uniqueMember of group '$primaryGroup'" ERROR+=1 fi if [ -z "$(ldapsearch -LLLx -b "$primaryGroup" "(&(objectclass=univentionGroup)(memberUid=${USRNAME}))" memberUid)" ] ; then echo "ERROR: group '$primaryGroup' contains no memberUid of user '$USRNAME'" ERROR+=1 fi echo "*** creating group $GRPNAME2 and adding user $USRNAME" udm groups/group create --position "cn=groups,$ldap_base" --set name="$GRPNAME2" udm users/user modify --dn "uid=${USRNAME},cn=users,$ldap_base" --append groups=cn="${GRPNAME2},cn=groups,$ldap_base" echo "*** testing if user is member in its new group" if [ -z "$(ldapsearch -LLLx "(&(objectclass=univentionGroup)(cn=$GRPNAME2)(uniqueMember=uid=${USRNAME},cn=users,$ldap_base))" uniqueMember)" ] ; then echo "ERROR: user '$USRNAME' is no uniqueMember of group '$GRPNAME2'" ERROR+=1 fi if [ -z "$(ldapsearch -LLLx "(&(objectclass=univentionGroup)(cn=$GRPNAME2)(memberUid=${USRNAME}))" memberUid)" ] ; then echo "ERROR: group '$GRPNAME2' contains no memberUid of user '$USRNAME'" ERROR+=1 fi echo "*** testing if user is still member in its additional group" if [ -z "$(ldapsearch -LLLx "(&(objectclass=univentionGroup)(cn=$GRPNAME)(uniqueMember=uid=${USRNAME},cn=users,$ldap_base))" uniqueMember)" ] ; then echo "ERROR: user '$USRNAME' is no uniqueMember of group '$GRPNAME'" ERROR+=1 fi if [ -z "$(ldapsearch -LLLx "(&(objectclass=univentionGroup)(cn=$GRPNAME)(memberUid=${USRNAME}))" memberUid)" ] ; then echo "ERROR: group '$GRPNAME' contains no memberUid of user '$USRNAME'" ERROR+=1 fi echo "*** testing if user is still member in its primary group" primaryGroup="$(udm users/user list --filter="uid=${USRNAME}" | sed -rne 's/^.*primaryGroup: //p')" if [ -z "$(ldapsearch -LLLx -b "$primaryGroup" "(&(objectclass=univentionGroup)(uniqueMember=uid=${USRNAME},cn=users,$ldap_base))" uniqueMember)" ] ; then echo "ERROR: user '$USRNAME' is no uniqueMember of group '$primaryGroup'" ERROR+=1 fi if [ -z "$(ldapsearch -LLLx -b "$primaryGroup" "(&(objectclass=univentionGroup)(memberUid=${USRNAME}))" memberUid)" ] ; then echo "ERROR: group '$primaryGroup' contains no memberUid of user '$USRNAME'" ERROR+=1 fi echo "*** renaming user" udm users/user modify --dn "uid=${USRNAME},cn=users,$ldap_base" --set username="new${USRNAME}" echo "*** testing if old user has been removed from its groups" if [ -n "$(ldapsearch -LLLx "(&(objectclass=univentionGroup)(cn=$GRPNAME)(uniqueMember=uid=${USRNAME},cn=users,$ldap_base))" uniqueMember)" ] ; then echo "ERROR: user '$USRNAME' is no uniqueMember of group '$GRPNAME'" ERROR+=1 fi if [ -n "$(ldapsearch -LLLx "(&(objectclass=univentionGroup)(cn=$GRPNAME)(memberUid=${USRNAME}))" memberUid)" ] ; then echo "ERROR: group '$GRPNAME' contains no memberUid of user '$USRNAME'" ERROR+=1 fi if [ -n "$(ldapsearch -LLLx "(&(objectclass=univentionGroup)(cn=$GRPNAME2)(uniqueMember=uid=${USRNAME},cn=users,$ldap_base))" uniqueMember)" ] ; then echo "ERROR: user '$USRNAME' is no uniqueMember of group '$GRPNAME2'" ERROR+=1 fi if [ -n "$(ldapsearch -LLLx "(&(objectclass=univentionGroup)(cn=$GRPNAME2)(memberUid=${USRNAME}))" memberUid)" ] ; then echo "ERROR: group '$GRPNAME2' contains no memberUid of user '$USRNAME'" ERROR+=1 fi echo "*** testing if old user has been removed from primary group" primaryGroup="$(udm users/user list --filter="uid=${USRNAME}" | sed -rne 's/^.*primaryGroup: //p')" if [ -n "$(ldapsearch -LLLx -b "$primaryGroup" "(&(objectclass=univentionGroup)(uniqueMember=uid=${USRNAME},cn=users,$ldap_base))" uniqueMember)" ] ; then echo "ERROR: user '$USRNAME' is no uniqueMember of group '$primaryGroup'" ERROR+=1 fi if [ -n "$(ldapsearch -LLLx -b "$primaryGroup" "(&(objectclass=univentionGroup)(memberUid=${USRNAME}))" memberUid)" ] ; then echo "ERROR: group '$primaryGroup' contains no memberUid of user '$USRNAME'" ERROR+=1 fi USRNAME="new$USRNAME" echo "*** testing if changed user is member of its groups" if [ -z "$(ldapsearch -LLLx "(&(objectclass=univentionGroup)(cn=$GRPNAME)(uniqueMember=uid=${USRNAME},cn=users,$ldap_base))" uniqueMember)" ] ; then echo "ERROR: user '$USRNAME' is no uniqueMember of group '$GRPNAME'" ERROR+=1 fi if [ -z "$(ldapsearch -LLLx "(&(objectclass=univentionGroup)(cn=$GRPNAME)(memberUid=${USRNAME}))" memberUid)" ] ; then echo "ERROR: group '$GRPNAME' contains no memberUid of user '$USRNAME'" ERROR+=1 fi if [ -z "$(ldapsearch -LLLx "(&(objectclass=univentionGroup)(cn=$GRPNAME2)(uniqueMember=uid=${USRNAME},cn=users,$ldap_base))" uniqueMember)" ] ; then echo "ERROR: user '$USRNAME' is no uniqueMember of group '$GRPNAME2'" ERROR+=1 fi if [ -z "$(ldapsearch -LLLx "(&(objectclass=univentionGroup)(cn=$GRPNAME2)(memberUid=${USRNAME}))" memberUid)" ] ; then echo "ERROR: group '$GRPNAME2' contains no memberUid of user '$USRNAME'" ERROR+=1 fi primaryGroup="$(udm users/user list --filter="uid=${USRNAME}" | sed -rne 's/^.*primaryGroup: //p')" echo "*** testing if changed user is member of its primary group" if [ -z "$(ldapsearch -LLLx -b "$primaryGroup" "(&(objectclass=univentionGroup)(uniqueMember=uid=${USRNAME},cn=users,$ldap_base))" uniqueMember)" ] ; then echo "ERROR: user '$USRNAME' is no uniqueMember of group '$primaryGroup'" ERROR+=1 fi if [ -z "$(ldapsearch -LLLx -b "$primaryGroup" "(&(objectclass=univentionGroup)(memberUid=${USRNAME}))" memberUid)" ] ; then echo "ERROR: group '$primaryGroup' contains no memberUid of user '$USRNAME'" ERROR+=1 fi echo "*** set new primary group" udm groups/group create --position "cn=groups,$ldap_base" --set name="$GRPNAME3" udm users/user modify --dn "uid=${USRNAME},cn=users,$ldap_base" --set primaryGroup="cn=$GRPNAME3,cn=groups,$ldap_base" echo "*** testing new primary group name" udm users/user list --filter="uid=${USRNAME}" | sed -rne 's/^.*primaryGroup: //p' # echo "*** testing if user has been removed from old primary group" # # if [ -n "$(ldapsearch -LLLx -b "$primaryGroup" "(&(objectclass=univentionGroup)(uniqueMember=uid=${USRNAME},cn=users,$ldap_base))" uniqueMember)" ] ; then # echo "ERROR: user '$USRNAME' is still uniqueMember of group '$primaryGroup'" # ERROR+=1 # ldapsearch -LLLx -b "$primaryGroup" "(&(objectclass=univentionGroup)(uniqueMember=uid=${USRNAME},cn=users,$ldap_base))" uniqueMember # fi # # if [ -n "$(ldapsearch -LLLx -b "$primaryGroup" "(&(objectclass=univentionGroup)(memberUid=${USRNAME}))" memberUid)" ] ; then # echo "ERROR: group '$primaryGroup' still contains memberUid of user '$USRNAME'" # ERROR+=1 # ldapsearch -LLLx -b "$primaryGroup" "(&(objectclass=univentionGroup)(memberUid=${USRNAME}))" memberUid # fi echo "*** testing if user has been added to new primary group" primaryGroup="$(udm users/user list --filter="uid=${USRNAME}" | sed -rne 's/^.*primaryGroup: //p')" if [ -z "$(ldapsearch -LLLx -b "$primaryGroup" "(&(objectclass=univentionGroup)(uniqueMember=uid=${USRNAME},cn=users,$ldap_base))" uniqueMember)" ] ; then echo "ERROR: user '$USRNAME' is no uniqueMember of group '$primaryGroup'" ERROR+=1 fi if [ -z "$(ldapsearch -LLLx -b "$primaryGroup" "(&(objectclass=univentionGroup)(memberUid=${USRNAME}))" memberUid)" ] ; then echo "ERROR: group '$primaryGroup' contains no memberUid of user '$USRNAME'" ERROR+=1 fi echo echo "------------------------------------------------------------" if [[ $ERROR = 0 ]] ; then echo "RESULT: everything is fine" else echo "RESULT: $ERROR error(s) occured" fi echo "------------------------------------------------------------" echo echo "*** calling cleanup"