first commit

2018-12-18 09:39:17 +01:00 · 2018-12-18 09:39:17 +01:00 · 3864d5e98f
commit 3864d5e98f
9 changed files with 640 additions and 0 deletions
--- a/26
+++ b/26
@ -0,0 +1,26 @@
+################################
+# Makefile pour cadolesldap
+################################
+
+SOURCE=cadolesldap
+VERSION=1.0
+EOLE_VERSION=2.6
+EOLE_RELEASE=2.6.2
+PKGAPPS=web
+
+################################
+# Début de zone à ne pas éditer
+################################
+
+include eole.mk
+include apps.mk
+
+################################
+# Fin de zone à ne pas éditer
+################################
+
+# Makefile rules dedicated to application
+# if exists
+ifneq (, $(strip $(wildcard $(SOURCE).mk)))
+include $(SOURCE).mk
+endif
--- a/apps.mk
+++ b/apps.mk
@ -0,0 +1,64 @@
+# 
+# NE PAS EDITER CE FICHIER
+#
+# Voir Makefile
+
+
+##########################
+# Application web envole #
+##########################
+ifneq (, $(filter oui web, $(PKGAPPS)))
+#
+# Sanity check
+#
+ifeq (, $(filter-out X.X, $(strip $(VERSION))))
+$(error $$(VERSION) variable has incorrect value '$(VERSION)')
+endif
+
+# Where to store web application files
+WEB_PATH				:= $(DESTDIR)/var/www/html
+
+# Envole
+sharenvole_PROG_DIR			:= $(DESTDIR)/usr/share/envole/$(SOURCE)
+
+src_$(SOURCE)-$(VERSION)_REC_DIR	:= $(WEB_PATH)/$(SOURCE)
+src_plugins-$(VERSION)_REC_DIR		:= $(WEB_PATH)/$(SOURCE)/plugin
+src_lang-$(VERSION)_REC_DIR		:= $(WEB_PATH)/$(SOURCE)/lang
+
+endif
+
+##########################
+# Application EOLE flask #
+##########################
+ifneq (, $(filter flask, $(PKGAPPS)))
+#
+# Sanity check
+#
+ifeq (, $(filter-out XXX, $(strip $(FLASK_MODULE))))
+$(error $$(FLASK_MODULE) variable has incorrect value '$(FLASK_MODULE)')
+endif
+
+ifeq (, $(strip $(wildcard src/$(FLASK_MODULE).conf)))
+$(error missing eoleflask configuration file 'src/$(FLASK_MODULE).conf')
+endif
+
+# Everything is related to mount point
+APPS_MOUNT_POINT	:= $(shell sed -ne 's|^"MOUNT_POINT"[[:space:]]*:[[:space:]]*"/\([^"]*\)",|\1|p' \
+	src/$(FLASK_MODULE).conf)
+
+ifeq (, $(strip $(APPS_MOUNT_POINT)))
+$(error no "MOUNT_POINT" in eoleflask configuration file 'src/$(FLASK_MODULE).conf')
+endif
+
+# eole-flask configuration
+src_DATA_DIR		:= $(DESTDIR)/etc/eole/flask/available
+
+# Where to store flask application files
+FLASK_PATH		:= $(eole_DIR)/flask/$(APPS_MOUNT_POINT)
+
+# static files
+src_$(FLASK_MODULE)_static_REC_DIR	:= $(FLASK_PATH)/static
+src_$(FLASK_MODULE)_templates_REC_DIR	:= $(FLASK_PATH)/templates
+src_$(FLASK_MODULE)_instance_REC_DIR	:= $(FLASK_PATH)/resources
+
+endif
--- a/cadolesldap.mk
+++ b/cadolesldap.mk
@ -0,0 +1,8 @@
+#
+# PVE specific variables
+#
+
+# LDAP init
+ldap_schema_REC_DIR		:=$(DESTDIR)/etc/ldap/schema
+ldap_patchs_DATA_DIR	:=$(DESTDIR)/usr/share/eole/creole/patch
+
--- a/dicos/25_cadolesldap.xml
+++ b/dicos/25_cadolesldap.xml
@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="utf-8"?>
+<creole>
+    <files>
+        <file filelist='cadolesldap' name='/etc/cadolesldap/init/cadolesldap.ldif' rm='True' mkdir='True'/>
+    </files>
+
+    <variables>
+        <family name='CADOLES LDAP'>
+            <variable name='activer_cadolesldap' type='oui/non' description='Activer Annuaire Cadoles'>
+                <value>oui</value>
+            </variable>
+
+            <variable type='string' name='cadolesldap_pwdadmin' description="Mot de passe du compte admin durant l'instance" mandatory='True'/>
+            <variable type='string' name='cadolesldap_organization' description="Nom de l'organisation principale (exemple Cadoles)" mandatory='True'/>
+            <variable type='string' name='cadolesldap_niveau01branche' description="Nom de la branche de Niveau 01 (exemple Departement)" mandatory='True'/>
+            <variable type='string' name='cadolesldap_niveau01name' description="Nom de la première orgranisation de Niveau 01 (exemple Interne)" mandatory='True'/>
+            <variable type='string' name='cadolesldap_niveau01siren' description="SIREN de la première orgranisation de Niveau 01" mandatory='True'/>
+            <variable type='string' name='cadolesldap_niveau02branche' description="Nom de la branche de Niveau 02 (exemple Service)" mandatory='True'/>
+        </family>
+    </variables>
+
+    <constraints>
+        <condition name='disabled_if_in' source='activer_admin_passfile'>
+            <param>non</param>
+            <target type='variable'>activer_cadolesldap</target>
+        </condition>
+
+        <condition name='hidden_if_in' source='activer_cadolesldap'>
+            <param>non</param>
+            <target type='filelist'>cadolesldap</target>
+            <target type='variable'>cadolesldap_pwdadmin</target>
+            <target type='variable'>cadolesldap_organization</target>
+            <target type='variable'>cadolesldap_niveau01branche</target>
+            <target type='variable'>cadolesldap_niveau01name</target>
+            <target type='variable'>cadolesldap_niveau01siren</target>
+            <target type='variable'>cadolesldap_niveau02branche</target>
+        </condition>
+    </constraints>
+    <help>
+    </help>
+</creole>
--- a/eole.mk
+++ b/eole.mk
@ -0,0 +1,231 @@
+#
+# NE PAS EDITER CE FICHIER
+#
+# Utiliser <appli>.mk à inclure à la fin de Makefile
+
+#################
+# Sanity checks #
+#################
+
+ifeq (, $(DESTDIR))
+$(warning $$(DESTDIR) is empty, installation will be done in /)
+endif
+
+ifeq (, $(filter-out XXX-XXX, $(strip $(SOURCE))))
+$(error $$(SOURCE) variable has incorrect value '$(SOURCE)')
+endif
+
+ifeq (, $(filter-out 2.X, $(strip $(EOLE_VERSION))))
+$(error $$(EOLE_VERSION) variable has incorrect value '$(EOLE_VERSION)')
+endif
+
+ifeq (, $(filter-out 2.X.Y, $(strip $(EOLE_RELEASE))))
+$(error $$(EOLE_RELEASE) variable has incorrect value '$(EOLE_RELEASE)')
+endif
+
+#########################
+# Variables definitions #
+#########################
+
+INSTALL                 := install
+INSTALL_DATA            := install -m 644
+INSTALL_PROGRAM         := install -m 755
+INSTALL_DIRECTORY       := install -m 755 -d
+INSTALL_RECURSIVE       := cp -dr --no-preserve=ownership
+
+# Standard path
+bin_PROG_DIR		:= $(DESTDIR)/usr/bin
+sbin_PROG_DIR		:= $(DESTDIR)/usr/sbin
+man8_DATA_DIR		:= $(DESTDIR)/usr/share/man/fr.UTF-8/man8
+
+# Base
+eole_DIR                := $(DESTDIR)/usr/share/eole
+
+ifeq ($(strip $(EOLE_VERSION)), 2.3)
+diagnose_PROG_DIR       := $(eole_DIR)/diagnose/module
+else
+diagnose_PROG_DIR       := $(eole_DIR)/diagnose/
+endif
+
+# Creole
+creole_DIR              := $(eole_DIR)/creole
+dicos_DATA_DIR          := $(creole_DIR)/dicos
+tmpl_DATA_DIR           := $(creole_DIR)/distrib
+preservice_PROG_DIR     := $(eole_DIR)/preservice
+pretemplate_PROG_DIR    := $(eole_DIR)/pretemplate
+posttemplate_PROG_DIR   := $(eole_DIR)/posttemplate
+postservice_PROG_DIR    := $(eole_DIR)/postservice
+ifeq ($(strip $(EOLE_VERSION)), 2.3)
+firewall_DATA_DIR       := $(eole_DIR)/firewall
+endif
+bacula_restore_DATA_DIR := $(eole_DIR)/bacula/restore
+bareos_restore_DATA_DIR := $(eole_DIR)/bareos/restore
+bacula_fichier_DATA_DIR := $(DESTDIR)/etc/bacula/baculafichiers.d
+bareos_fichier_DATA_DIR	:= $(DESTDIR)/etc/bareos/bareosfichiers.d
+ifeq ($(strip $(EOLE_VERSION)), 2.3)
+schedule_pre_PROG_DIR   := $(eole_DIR)/schedule/pre
+schedule_post_PROG_DIR  := $(eole_DIR)/schedule/post
+else
+schedule_scripts_PROG_DIR	:= $(eole_DIR)/schedule/scripts
+endif
+extra_REC_DIR		:= $(creole_DIR)/extra
+
+# Zéphir
+zephir_DATA_DIR         := $(DESTDIR)/usr/share/zephir
+zephir_configs_DATA_DIR := $(zephir_DATA_DIR)/monitor/configs
+zephir_srv_DATA_DIR     := $(zephir_configs_DATA_DIR)/services
+zephir_scripts_PROG_DIR := $(zephir_DATA_DIR)/scripts
+
+# SSO
+sso_DATA_DIR            := $(DESTDIR)/usr/share/sso
+sso_filtres_DATA_DIR    := $(sso_DATA_DIR)/app_filters
+sso_user-info_DATA_DIR  := $(sso_DATA_DIR)/user_infos
+
+# EAD
+ead_DATA_DIR            := $(DESTDIR)/usr/share/ead2/backend/config
+ead_actions_DATA_DIR    := $(ead_DATA_DIR)/actions
+ead_perms_DATA_DIR      := $(ead_DATA_DIR)/perms
+ead_roles_DATA_DIR      := $(ead_DATA_DIR)/roles
+
+# Program libraries goes under /usr/lib/<PROGRAM>/
+lib_$(SOURCE)_DATA_DIR	:= $(DESTDIR)/usr/lib/$(SOURCE)
+
+# Scripts Eole
+scripts_PROG_DIR        := $(eole_DIR)/sbin
+lib_eole_DATA_DIR	:= $(DESTDIR)/usr/lib/eole
+
+# LDAP
+ldap_passwords_DATA_DIR := $(eole_DIR)/annuaire/password_files
+
+# LXC
+lxc_DATA_DIR            := $(eole_DIR)/lxc
+lxc_fstab_DATA_DIR      := $(lxc_DATA_DIR)/fstab
+lxc_hosts_DATA_DIR	:= $(lxc_DATA_DIR)/hosts
+
+# SQL
+sql_DATA_DIR            := $(eole_DIR)/mysql/$(SOURCE)
+sql_gen_DATA_DIR        := $(sql_DATA_DIR)/gen
+sql_updates_DATA_DIR    := $(sql_DATA_DIR)/updates
+
+sql_conf_gen_DATA_DIR		:= $(eole_DIR)/applications/gen
+sql_conf_passwords_DATA_DIR	:= $(eole_DIR)/applications/passwords
+sql_conf_updates_DATA_DIR	:= $(eole_DIR)/applications/updates/$(SOURCE)
+
+# EoleDB sql directory
+db_DIR               := $(eole_DIR)/db
+db_gen_DATA_DIR      := $(eole_DIR)/db/$(SOURCE)/gen
+db_updates_DATA_DIR  := $(eole_DIR)/db/$(SOURCE)/updates
+
+# Certifs
+certs_DATA_DIR		:= $(eole_DIR)/certs
+
+# Logrotate
+logrotate_DATA_DIR      := $(DESTDIR)/etc/logrotate.d
+
+# Cron
+cron_PROG_DIR 		:= $(DESTDIR)/etc/cron.daily
+
+# Python modules
+ifneq ($(DESTDIR),)
+PYTHON_OPTS     := --root $(DESTDIR)
+endif
+
+# Translation
+TRANSLATION_SRC := translation
+TRANSLATION_DEST := $(DESTDIR)/usr/share/locale
+PO_FILES = $(wildcard $(TRANSLATION_SRC)/*/*.po)
+MO_FOLDERS = $(addprefix $(TRANSLATION_DEST), $(addsuffix LC_MESSAGES,$(subst $(TRANSLATION_SRC),,$(dir $(PO_FILES)))))
+
+#############################################
+# Common directories and files installation #
+#############################################
+
+all:
+
+$(MO_FOLDERS):
+	$(INSTALL_DIRECTORY) $@
+
+$(PO_FILES): $(MO_FOLDERS)
+	msgfmt -o $(TRANSLATION_DEST)$(subst $(TRANSLATION_SRC),,$(addsuffix LC_MESSAGES,$(dir $@)))/$(notdir $(@:.po=.mo)) $@
+
+install-lang: $(PO_FILES)
+
+install:: install-dirs install-files install-lang
+
+# $1 = command to run
+# $2 = source directory
+# $3 = destination directory
+define fc_install_file
+	if [ -d $2 ]; then					\
+		for file in `ls -1 $2/`; do			\
+		   $1 $2/$$file $3 || true;			\
+	    done;						\
+	fi
+endef
+
+##
+## Directory creation
+##
+
+# use % to catch local name in $*
+# data, program and recursive directory require a corresponding
+# directory in local sources
+%_DATA_DIR %_PROG_DIR %REC_DIR:
+	test ! -d $(subst _,/,$*) || $(INSTALL_DIRECTORY) $($@)
+
+# Create the directory referenced by the variable without a local one.
+%_DIR:
+	@: # do nothing
+
+##
+## Install files present directly under data, program and recursive directories
+##
+
+# $*   : name of variable
+# $($*): value of variable
+%-instdata:
+	$(call fc_install_file, $(INSTALL_DATA), $(subst _,/,$(subst _DATA_DIR,,$*)), $($*))
+
+%-instprog:
+	$(call fc_install_file, $(INSTALL_PROGRAM), $(subst _,/,$(subst _PROG_DIR,,$*)), $($*))
+
+%-instrec:
+	$(call fc_install_file, $(INSTALL_RECURSIVE), $(subst _,/,$(subst _REC_DIR,,$*)), $($*))
+
+
+# Use second expansion as variables may be created in included
+# Makefiles
+.SECONDEXPANSION:
+
+# List of all directories
+installdirs_LIST	= $(foreach V, $(filter %_DIR, $(.VARIABLES)),	\
+				$(if $(filter file, $(origin $(V))),	\
+					$(V)))
+# List of data directories
+installdata_LIST	= $(filter %_DATA_DIR, $(installdirs_LIST))
+# List of program directories
+installprog_LIST	= $(filter %_PROG_DIR, $(installdirs_LIST))
+# List of recursive directories
+installrec_LIST	 	= $(filter %_REC_DIR, $(installdirs_LIST))
+
+# Expand directories to create as dependency
+# Use double-colon to permit user to define additionnal install-dirs
+install-dirs:: $$(installdirs_LIST)
+
+# Expand files to install as dependency
+# Use double-colon to permit user to define additionnal install-files
+install-files:: install-data-files install-prog-files install-rec-dirs
+
+install-data-files: $$(patsubst %,%-instdata,$$(installdata_LIST))
+
+install-prog-files: $$(patsubst %,%-instprog,$$(installprog_LIST))
+
+install-rec-dirs:   $$(patsubst %,%-instrec,$$(installrec_LIST))
+
+# Installation of python modules
+ifeq ($(shell test -f setup.py && echo 0), 0)
+install-files::
+	python setup.py install --no-compile --install-layout=deb $(PYTHON_OPTS)
+endif
+
+.PHONY: install install-dirs install-files install-data-files install-prog-files install-rec-dirs
--- a/ldap/patchs/slapd.conf.patch
+++ b/ldap/patchs/slapd.conf.patch
@ -0,0 +1,35 @@
+--- distrib/slapd.conf	2017-11-14 15:48:53.000000000 +0100
+++ modif/slapd.conf	2018-03-26 17:01:41.136558718 +0200
+@@ -23,6 +23,8 @@
+ %elif %%ldap_schema == 'zephir'
+ include        /etc/ldap/schema/openldap.schema
+ %end if
+include        /etc/ldap/schema/cadoles.schema
+
+ 
+ ## Support du TLS
+ TLSCertificateFile      %%server_cert
+@@ -43,6 +45,9 @@
+ # Where the dynamically loaded modules are stored
+ modulepath      /usr/lib/ldap
+ moduleload      back_bdb
+# moduleload      dynlist
+moduleload      memberof
+
+ %if %%ldap_replication == 'oui' or %%ldap_replication_client == 'oui'
+ moduleload      syncprov
+ %end if
+@@ -96,6 +101,13 @@
+ # Mode 700 recommended.
+ directory    /var/lib/ldap
+ 
+#overlay                 dynlist
+#dynlist-attrset  cadolesPerson labeledURI cadolesMemberOf
+
+overlay memberof
+memberof-group-oc cadolesGroup
+memberof-member-ad cadolesMember
+
+ # Indices to maintain
+ index   objectClass         eq
+ index   uid,cn,sn           eq,subinitial
--- a/ldap/schema/cadoles.schema
+++ b/ldap/schema/cadoles.schema
@ -0,0 +1,121 @@
+#-------------------------------------------------------------------------------
+#
+## schema Cadoles pour la Openid
+#
+#-------------------------------------------------------------------------------
+
+attributetype ( 2.16.840.1.113732.3.1.101
+	NAME 'givensName'
+	DESC 'Prénoms Agent'
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+	SINGLE-VALUE )
+
+attributetype ( 2.16.840.1.113732.3.1.102
+	NAME 'usualname'
+	DESC 'Nom Usage'
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+	SINGLE-VALUE )
+
+attributetype ( 2.16.840.1.113732.3.1.103
+	NAME 'birthdate'
+	DESC 'Date de Naissance'
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+	SINGLE-VALUE )
+
+attributetype ( 2.16.840.1.113732.3.1.104
+	NAME 'birthcountry'
+	DESC 'Code INSEE Pays de Naissance'
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+	SINGLE-VALUE )
+
+attributetype ( 2.16.840.1.113732.3.1.105
+	NAME 'birthplace'
+	DESC 'Code INSEE Lieu de Naissance'
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+	SINGLE-VALUE )
+
+attributetype ( 2.16.840.1.113732.3.1.106
+	NAME 'gender'
+	DESC 'Sexe de la Personne'
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+	SINGLE-VALUE )
+
+attributetype ( 2.16.840.1.113732.3.1.107
+	NAME 'job'
+	DESC 'Métier'
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+	SINGLE-VALUE )
+
+attributetype ( 2.16.840.1.113732.3.1.108
+	NAME 'position'
+	DESC 'Fonction relative à Unité Organisationnelle'
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+	SINGLE-VALUE )
+
+attributetype ( 2.16.840.1.113732.3.1.109
+	NAME 'belongingpopulation'
+	DESC 'Population Appartenance'
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+	SINGLE-VALUE )
+
+attributetype ( 2.16.840.1.113732.3.1.110
+	NAME 'authlevel'
+	DESC 'Niveau Authentification Demandé'
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+	SINGLE-VALUE )
+
+attributetype ( 2.16.840.1.113732.3.1.111
+	NAME 'siren'
+	DESC 'Identifiant Entreprise'
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+	SINGLE-VALUE )
+
+attributetype ( 2.16.840.1.113732.3.1.112
+	NAME 'siret'
+	DESC 'Identifiant Etablissement'
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+	SINGLE-VALUE )
+
+attributetype ( 2.16.840.1.113732.3.1.113 
+ NAME 'cadolesMember' 
+ DESC 'Membres du groupe' 
+ EQUALITY distinguishedNameMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
+
+objectclass (  2.16.840.1.113732.3.1.1
+  NAME 'cadolesPerson'
+  DESC 'Description Personne Cadoles'
+  SUP top AUXILIARY
+  MAY  ( givensName $
+		 usualname $
+		 birthdate $
+		 birthcountry $
+		 birthplace $
+		 gender $
+		 job $
+		 position $
+		 belongingpopulation $
+		 authlevel 
+  ) )
+
+objectclass (  2.16.840.1.113732.3.1.2
+  NAME 'cadolesSiren'
+  DESC 'Siren'
+  SUP top AUXILIARY
+  MAY  ( siren 
+  ) )  
+
+objectclass (  2.16.840.1.113732.3.1.3
+  NAME 'cadolesSiret'
+  DESC 'Siret'
+  SUP top AUXILIARY
+  MAY  ( siret $
+         postalAddress
+  ) )  
+
+objectclass (  2.16.840.1.113732.3.1.4
+  NAME 'cadolesGroup'
+  DESC 'Descirption Groupe Cadoles'
+  SUP top AUXILIARY
+  MAY  ( cadolesMember
+  ) )  
--- a/posttemplate/91-cadolesldap
+++ b/posttemplate/91-cadolesldap
@ -0,0 +1,42 @@
+#!/bin/bash
+
+#
+# Initialisation of LDAP Directory
+#
+
+
+#
+# Run command as particular user
+#
+function runAs() {
+    USER=${1}
+    shift
+    CMD="su ${USER} -s /bin/bash -c ${@}"
+
+    eval ${CMD}
+    return ${?}
+}
+
+function main()
+{
+	MODE=${1}
+
+	result=0
+
+
+	if [[ ${MODE} == "instance" ]]
+	then
+		LDIF="/etc/cadolesldap/init/cadolesldap.ldif"
+		USER="openldap"
+		CMD="\"slapadd -l ${LDIF} -f \"/etc/ldap/slapd.conf\"\""
+
+		service slapd stop
+		runAs ${USER} ${CMD}
+		result=$((result+${?}))
+		service slapd start
+		return ${result}
+	fi
+}
+
+main $@
+exit ${?}
--- a/tmpl/cadolesldap.ldif
+++ b/tmpl/cadolesldap.ldif
@ -0,0 +1,72 @@
+%import pyeole.ssha
+
+# Entrée 3: ou=%%cadolesldap_organization,o=gouv,c=fr
+dn: ou=%%cadolesldap_organization,o=gouv,c=fr
+objectclass: organizationalUnit
+objectclass: top
+ou: %%cadolesldap_organization
+
+# Entrée 4: ou=%%cadolesldap_niveau01branche,ou=%%cadolesldap_organization,o=gouv,c=fr
+dn: ou=%%cadolesldap_niveau01branche,ou=%%cadolesldap_organization,o=gouv,c=fr
+objectclass: organizationalUnit
+objectclass: top
+ou: %%cadolesldap_niveau01branche
+
+# Entrée 5: cn=%%cadolesldap_niveau01name,ou=%%cadolesldap_niveau01branche,ou=%%cadolesldap_organization,o=gouv,c=fr
+dn: cn=%%cadolesldap_niveau01name,ou=%%cadolesldap_niveau01branche,ou=%%cadolesldap_organization,o=gouv,c=fr
+objectclass: posixGroup
+objectclass: top
+objectclass: sambaGroupMapping
+objectclass: cadolesGroup
+objectclass: cadolesSiren
+cn: %%cadolesldap_niveau01name
+gidnumber: 1
+memberuid: admin
+cadolesMember: uid=admin,ou=users,ou=%%cadolesldap_organization,o=gouv,c=fr
+sambagrouptype: 2
+sambasid: 1
+siren: %%cadolesldap_niveau01siren
+
+# Entrée 6: ou=%%cadolesldap_niveau02branche,ou=%%cadolesldap_organization,o=gouv,c=fr
+dn: ou=%%cadolesldap_niveau02branche,ou=%%cadolesldap_organization,o=gouv,c=fr
+objectclass: organizationalUnit
+objectclass: top
+ou: %%%%cadolesldap_niveau02branche
+
+# Entrée 7: ou=groups,ou=%%cadolesldap_organization,o=gouv,c=fr
+dn: ou=groups,ou=%%cadolesldap_organization,o=gouv,c=fr
+objectclass: organizationalUnit
+objectclass: top
+ou: groups
+
+# Entrée 8: ou=users,ou=%%cadolesldap_organization,o=gouv,c=fr
+dn: ou=users,ou=%%cadolesldap_organization,o=gouv,c=fr
+objectclass: organizationalUnit
+objectclass: top
+ou: users
+
+# Entrée 9: uid=admin,ou=users,ou=%%cadolesldap_organization,o=gouv,c=fr
+dn: uid=admin,ou=users,ou=%%cadolesldap_organization,o=gouv,c=fr
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+objectclass: cadolesPerson
+objectclass: cadolesSiren
+objectclass: cadolesSiret
+authlevel: simple
+uid: admin
+cn: %%cadolesldap_organization
+sn: %%cadolesldap_organization
+displayname: Administrateur %%cadolesldap_organization
+givenname: Administrateur
+mail: %%system_mail_to
+siren: %%cadolesldap_niveau01siren
+userpassword: %%pyeole.ssha.ssha_encode(%%cadolesldap_pwdadmin)
+
+
+
+
+
+
+