From 5f5274025f5d20d093f27bab83e9cff4c8cae1fd Mon Sep 17 00:00:00 2001 From: Philippe Caseiro Date: Tue, 15 Dec 2020 13:48:29 +0100 Subject: [PATCH] Adding first ActiveDirectory support Need to be fixed : admin user membership FIXME note added --- dicos/25_cadolesldap.xml | 33 ++- ldap/schema/eole/cadoles.schema.ldif | 396 +++++++++++++++++++++++++++ posttemplate/91-cadolesldap | 47 +++- scripts/cadoles_add_schema.sh | 93 +++++++ tmpl/cadolesldap.ldif | 89 ++++-- 5 files changed, 623 insertions(+), 35 deletions(-) create mode 100644 ldap/schema/eole/cadoles.schema.ldif create mode 100755 scripts/cadoles_add_schema.sh diff --git a/dicos/25_cadolesldap.xml b/dicos/25_cadolesldap.xml index 1ea5129..7b037ee 100644 --- a/dicos/25_cadolesldap.xml +++ b/dicos/25_cadolesldap.xml @@ -6,24 +6,39 @@ - + oui - + + niveau01 niveau02 + + oui + + + cadoles-reader + + + + non + + + cadoles-writer + + - + non cadolesldap cadolesldap_pwdadmin @@ -35,6 +50,18 @@ + + non + cadolesldap_reader + cadolesldap_reader_pass + + + + non + cadolesldap_writer + cadolesldap_writer_pass + + libelle_etab diff --git a/ldap/schema/eole/cadoles.schema.ldif b/ldap/schema/eole/cadoles.schema.ldif new file mode 100644 index 0000000..c3ff35a --- /dev/null +++ b/ldap/schema/eole/cadoles.schema.ldif @@ -0,0 +1,396 @@ +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=givensName,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113732.3.1.101 +schemaIdGuid:: Jlbt5wmATVMcWKBhHjDO6Q== +cn: givensName +name: givensName +lDAPDisplayName: givensName +description:: UHLDqW5vbXMgQWdlbnQ= +attributeSyntax: 2.5.5.12 +oMSyntax: 64 +isSingleValued: TRUE + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=usualname,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113732.3.1.102 +schemaIdGuid:: ZHr974ZZzNma8pHl9aaLKA== +cn: usualname +name: usualname +lDAPDisplayName: usualname +description: Nom Usage +attributeSyntax: 2.5.5.12 +oMSyntax: 64 +isSingleValued: TRUE + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=birthdate,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113732.3.1.103 +schemaIdGuid:: wkZpNuM104JsF2zMxq3fnw== +cn: birthdate +name: birthdate +lDAPDisplayName: birthdate +description: Date de Naissance +attributeSyntax: 2.5.5.12 +oMSyntax: 64 +isSingleValued: TRUE + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=birthcountry,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113732.3.1.104 +schemaIdGuid:: +ReayhtKgycw+f1WmyUFjA== +cn: birthcountry +name: birthcountry +lDAPDisplayName: birthcountry +description: Code INSEE Pays de Naissance +attributeSyntax: 2.5.5.12 +oMSyntax: 64 +isSingleValued: TRUE + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=birthplace,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113732.3.1.105 +schemaIdGuid:: PWA2lFufaLT7V426mHUTEA== +cn: birthplace +name: birthplace +lDAPDisplayName: birthplace +description: Code INSEE Lieu de Naissance +attributeSyntax: 2.5.5.12 +oMSyntax: 64 +isSingleValued: TRUE + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=gender,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113732.3.1.106 +schemaIdGuid:: SLktEEb4rGlIyy5Eo9Shjg== +cn: gender +name: gender +lDAPDisplayName: gender +description: Sexe de la Personne +attributeSyntax: 2.5.5.12 +oMSyntax: 64 +isSingleValued: TRUE + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=job,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113732.3.1.107 +schemaIdGuid:: nhVCGzIC/Fdk2uAMDGHfFA== +cn: job +name: job +lDAPDisplayName: job +description:: TcOpdGllcg== +attributeSyntax: 2.5.5.12 +oMSyntax: 64 +isSingleValued: TRUE + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=position,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113732.3.1.108 +schemaIdGuid:: j0OPKDBf7J/iPToHdwF0ZQ== +cn: position +name: position +lDAPDisplayName: position +description:: Rm9uY3Rpb24gcmVsYXRpdmUgw6AgVW5pdMOpIE9yZ2FuaXNhdGlvbm5lbGxl +attributeSyntax: 2.5.5.12 +oMSyntax: 64 +isSingleValued: TRUE + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=belongingpopulation,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113732.3.1.109 +schemaIdGuid:: KVMi+GCSzkYHccfbRnCmaQ== +cn: belongingpopulation +name: belongingpopulation +lDAPDisplayName: belongingpopulation +description: Population Appartenance +attributeSyntax: 2.5.5.12 +oMSyntax: 64 +isSingleValued: TRUE + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=authlevel,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113732.3.1.110 +schemaIdGuid:: i7mCIv1VtoKwDOwX8hHs4A== +cn: authlevel +name: authlevel +lDAPDisplayName: authlevel +description:: Tml2ZWF1IEF1dGhlbnRpZmljYXRpb24gRGVtYW5kw6k= +attributeSyntax: 2.5.5.12 +oMSyntax: 64 +isSingleValued: TRUE + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=siren,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113732.3.1.111 +schemaIdGuid:: yWAVXrzf61bqVFmttTCMoQ== +cn: siren +name: siren +lDAPDisplayName: siren +description: Identifiant Entreprise +attributeSyntax: 2.5.5.12 +oMSyntax: 64 +isSingleValued: TRUE + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=siret,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113732.3.1.112 +schemaIdGuid:: xuETMsIWjPkNn9PP6XH2Hw== +cn: siret +name: siret +lDAPDisplayName: siret +description: Identifiant Etablissement +attributeSyntax: 2.5.5.12 +oMSyntax: 64 +isSingleValued: TRUE + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=cadolesMember,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113732.3.1.113 +schemaIdGuid:: jKgWUFwz5KWM4Fkbbiuw6Q== +cn: cadolesMember +name: cadolesMember +lDAPDisplayName: cadolesMember +description: Membres du groupe +attributeSyntax: 2.5.5.1 +oMSyntax: 127 +isSingleValued: FALSE + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=niveau01,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113732.3.1.114 +schemaIdGuid:: ax677pNcedcU/lJbaV61rg== +cn: niveau01 +name: niveau01 +lDAPDisplayName: niveau01 +description: Label Entreprise +attributeSyntax: 2.5.5.12 +oMSyntax: 64 +isSingleValued: TRUE + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=niveau02,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113732.3.1.115 +schemaIdGuid:: caUDcwXPL7LKxotwqD4LsQ== +cn: niveau02 +name: niveau02 +lDAPDisplayName: niveau02 +description: Label Etablissement +attributeSyntax: 2.5.5.12 +oMSyntax: 64 +isSingleValued: TRUE + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=cadolesPerson,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: classSchema +governsID: 2.16.840.1.113732.3.1.1 +schemaIdGuid:: BS9z8eJKvYZ+lS8OJgeC1g== +cn: cadolesPerson +name: cadolesPerson +lDAPDisplayName: cadolesPerson +description: Description Personne Cadoles +subClassOf: top +objectClassCategory: 3 +mayContain: givensName +mayContain: usualname +mayContain: birthdate +mayContain: birthcountry +mayContain: birthplace +mayContain: gender +mayContain: job +mayContain: position +mayContain: belongingpopulation +mayContain: authlevel +defaultObjectCategory: CN=cadolesPerson,CN=Schema,CN=Configuration,{DNCONFIG} + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=cadolesSiren,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: classSchema +governsID: 2.16.840.1.113732.3.1.2 +schemaIdGuid:: 7pJbNueSjwpq7TsL2aiW1w== +cn: cadolesSiren +name: cadolesSiren +lDAPDisplayName: cadolesSiren +description: Siren +subClassOf: top +objectClassCategory: 3 +mayContain: siren +mayContain: niveau01 +defaultObjectCategory: CN=cadolesSiren,CN=Schema,CN=Configuration,{DNCONFIG} + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=cadolesSiret,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: classSchema +governsID: 2.16.840.1.113732.3.1.3 +schemaIdGuid:: BOOf/nwBuCFehtpsyYrLjA== +cn: cadolesSiret +name: cadolesSiret +lDAPDisplayName: cadolesSiret +description: Siret +subClassOf: top +objectClassCategory: 3 +mayContain: siret +mayContain: postalAddress +mayContain: niveau02 +defaultObjectCategory: CN=cadolesSiret,CN=Schema,CN=Configuration,{DNCONFIG} + +DN: +changeType: modify +add: schemaUpdateNow +schemaUpdateNow: 1 +- + +dn: CN=cadolesGroup,CN=Schema,CN=Configuration,{DNCONFIG} +changeType: add +objectClass: top +objectClass: classSchema +governsID: 2.16.840.1.113732.3.1.4 +schemaIdGuid:: IPc/rPzhpAjekHrvXgdI8w== +cn: cadolesGroup +name: cadolesGroup +lDAPDisplayName: cadolesGroup +description: Descirption Groupe Cadoles +subClassOf: top +objectClassCategory: 3 +mayContain: cadolesMember +defaultObjectCategory: CN=cadolesGroup,CN=Schema,CN=Configuration,{DNCONFIG} + diff --git a/posttemplate/91-cadolesldap b/posttemplate/91-cadolesldap index 379fdf0..3a7d47c 100755 --- a/posttemplate/91-cadolesldap +++ b/posttemplate/91-cadolesldap @@ -17,25 +17,42 @@ function runAs() { return ${?} } +function addLDAPschema() +{ + LDIF="/etc/cadolesldap/init/cadolesldap.ldif" + USER="openldap" + CMD="\"slapadd -l ${LDIF} -f \"/etc/ldap/slapd.conf\"\"" + + service slapd stop + runAs ${USER} ${CMD} + result=$((result+${?})) + service slapd start + return ${result} +} + +function addADSchema() +{ + /usr/share/eole/sbin/cadoles_add_schema.sh + return ${?} +} + function main() { - MODE=${1} - - result=0 + MODE=${1} + result=0 - if [[ ${MODE} == "instance" ]] - then - LDIF="/etc/cadolesldap/init/cadolesldap.ldif" - USER="openldap" - CMD="\"slapadd -l ${LDIF} -f \"/etc/ldap/slapd.conf\"\"" - - service slapd stop - runAs ${USER} ${CMD} - result=$((result+${?})) - service slapd start - return ${result} - fi + if [[ ${MODE} == "instance" ]] + then + if [[ $(CreoleGet eole_module) == "seth" ]] + then + addADSchema + return ${?} + else + addLDAPschema + return ${?} + fi + fi } if [[ $(CreoleGet activer_cadolesldap non) == "oui" ]] diff --git a/scripts/cadoles_add_schema.sh b/scripts/cadoles_add_schema.sh new file mode 100755 index 0000000..ca987f4 --- /dev/null +++ b/scripts/cadoles_add_schema.sh @@ -0,0 +1,93 @@ +#!/bin/bash + +set -e + +if [[ ! -e /etc/eole/samba4-vars.conf ]] +then + exit 0 +fi + +. /etc/eole/samba4-vars.conf + +function updateSchemaDN() +{ + STR=${1} + DN=${2} + FILE=${3} + + sed -i -e "s/${STR}/${DN}/g" ${FILE} + return ${?} +} + +function user_exists() { + local username="${1}" + samba-tool user show "${username}" > /dev/null 2>&1 + return ${?} +} + +DN="$(CreoleGet cadolesldap_basedn)" +BASEDN="CN=Schema,CN=Configuration,${DN}" +INITDIR="/etc/cadolesldap/init" + +RETURNED=$(ldbsearch --option="dsdb:schema update allowed"=true -H /var/lib/samba/private/sam.ldb -b $BASEDN CN=siren CN | grep "returned.*records") + +if [ "$RETURNED" = "# returned 0 records" ]; then + # Import schema + SCHEMAS="cadoles.schema" + PRIVATE_DIR=/etc/eole/private + + for schema in $SCHEMAS + do + updateSchemaDN "{DNCONFIG}" "${DN}" /etc/ldap/schema/eole/${schema}.ldif + if [[ $? -ne 0 ]] + then + echo "Error updating DN for ${schema}" + break + fi + ldbmodify -H /var/lib/samba/private/sam.ldb /etc/ldap/schema/eole/${schema}.ldif --option="dsdb:schema update allowed"=true + if [[ $? -ne 0 ]] + then + echo "Error updating Schema ${schema} !!" + break + fi + done +fi + +lv1=$(CreoleGet cadolesldap_niveau01name ) +RETURNED=$(ldbsearch --option="dsdb:schema update allowed"=true -H /var/lib/samba/private/sam.ldb -b $DN OU=${lv1} OU | grep "#.* entries") +if [ "$RETURNED" = "# 0 entries" ]; then + ldbmodify -H /var/lib/samba/private/sam.ldb ${INITDIR}/cadolesldap.ldif + if [[ -e ${INITDIR}/cadolesindex.ldif ]] + then + ldbmodify --option="dsdb:schema update allowed"=true -H /var/lib/samba/private/sam.ldb ${INITDIR}/cadolesindex.ldif + fi + + if [[ $(CreoleGet cadolesldap_create_reader non) == "oui" ]] + then + user=$(CreoleGet cadolesldap_reader) + password=$(CreoleGet cadolesldap_reader_pass) + if ! user_exists ${user} + then + echo "Ajout du compte d'écriture dans l'annuaire '$user'... " + samba-tool user create --random-password $user + samba-tool user setexpiry $user --noexpiry + samba-tool user setpassword $user --newpassword="${password}" + fi + fi + + if [[ $(CreoleGet cadolesldap_create_writer non) == "oui" ]] + then + user=$(CreoleGet cadolesldap_writer) + password=$(CreoleGet cadolesldap_writer_pass) + if ! user_exists ${user} + then + echo "Ajout du compte d'écriture dans l'annuaire '$user'... " + samba-tool user create --random-password $user + samba-tool user setexpiry $user --noexpiry + samba-tool group addmembers 'Domain Admins' $user + samba-tool user setpassword $user --newpassword="${password}" + fi + fi +fi + +exit 0 \ No newline at end of file diff --git a/tmpl/cadolesldap.ldif b/tmpl/cadolesldap.ldif index bde9d53..94a1562 100755 --- a/tmpl/cadolesldap.ldif +++ b/tmpl/cadolesldap.ldif @@ -1,66 +1,121 @@ %import pyeole.ssha -# Entrée 3: ou=%%cadolesldap_organization,o=gouv,c=fr -dn: ou=%%cadolesldap_organization,o=gouv,c=fr +# Entrée 3: ou=%%cadolesldap_organization,%%cadolesldap_basedn +dn: ou=%%cadolesldap_organization,%%cadolesldap_basedn +%if %%eole_module == "seth" +changetype: add +%end if objectclass: organizationalUnit objectclass: top ou: %%cadolesldap_organization -# Entrée 4: ou=%%cadolesldap_niveau01branche,ou=%%cadolesldap_organization,o=gouv,c=fr -dn: ou=%%cadolesldap_niveau01branche,ou=%%cadolesldap_organization,o=gouv,c=fr +# Entrée 4: ou=%%cadolesldap_niveau01branche,ou=%%cadolesldap_organization,%%cadolesldap_basedn +dn: ou=%%cadolesldap_niveau01branche,ou=%%cadolesldap_organization,%%cadolesldap_basedn +%if %%eole_module == "seth" +changetype: add +%end if objectclass: organizationalUnit objectclass: top ou: %%cadolesldap_niveau01branche -# Entrée 5: cn=%%cadolesldap_niveau01name,ou=%%cadolesldap_niveau01branche,ou=%%cadolesldap_organization,o=gouv,c=fr -dn: cn=%%cadolesldap_niveau01name,ou=%%cadolesldap_niveau01branche,ou=%%cadolesldap_organization,o=gouv,c=fr +# Entrée 5: cn=%%cadolesldap_niveau01name,ou=%%cadolesldap_niveau01branche,ou=%%cadolesldap_organization,%%cadolesldap_basedn +dn: cn=%%cadolesldap_niveau01name,ou=%%cadolesldap_niveau01branche,ou=%%cadolesldap_organization,%%cadolesldap_basedn +%if %%eole_module == "seth" +changetype: add +%end if objectclass: posixGroup objectclass: top +%if %%eole_module == "seth" +objectclass: group +%else objectclass: sambaGroupMapping +%end if objectclass: cadolesGroup objectclass: cadolesSiren cn: %%cadolesldap_niveau01name gidnumber: 1 memberuid: admin -cadolesMember: uid=admin,ou=users,ou=%%cadolesldap_organization,o=gouv,c=fr +%if %%eole_module != "seth" +cadolesMember: uid=admin,ou=users,ou=%%cadolesldap_organization,%%cadolesldap_basedn +%end if +%if %%eole_module != "seth" sambagrouptype: 2 sambasid: 1 +%end if +%if not %%is_empty(%%cadolesldap_niveau01siren) siren: %%cadolesldap_niveau01siren +%else +siren: %%cadolesldap_niveau01name +%end if -# Entrée 6: ou=%%cadolesldap_niveau02branche,ou=%%cadolesldap_organization,o=gouv,c=fr -dn: ou=%%cadolesldap_niveau02branche,ou=%%cadolesldap_organization,o=gouv,c=fr +# Entrée 6: ou=%%cadolesldap_niveau02branche,ou=%%cadolesldap_organization,%%cadolesldap_basedn +dn: ou=%%cadolesldap_niveau02branche,ou=%%cadolesldap_organization,%%cadolesldap_basedn +%if %%eole_module == "seth" +changetype: add +%end if objectclass: organizationalUnit objectclass: top -ou: %%%%cadolesldap_niveau02branche +ou: %%cadolesldap_niveau02branche -# Entrée 7: ou=groups,ou=%%cadolesldap_organization,o=gouv,c=fr -dn: ou=groups,ou=%%cadolesldap_organization,o=gouv,c=fr +# Entrée 7: ou=groups,ou=%%cadolesldap_organization,%%cadolesldap_basedn +dn: ou=groups,ou=%%cadolesldap_organization,%%cadolesldap_basedn +%if %%eole_module == "seth" +changetype: add +%end if objectclass: organizationalUnit objectclass: top ou: groups -# Entrée 8: ou=users,ou=%%cadolesldap_organization,o=gouv,c=fr -dn: ou=users,ou=%%cadolesldap_organization,o=gouv,c=fr +# Entrée 8: ou=users,ou=%%cadolesldap_organization,%%cadolesldap_basedn +dn: ou=users,ou=%%cadolesldap_organization,%%cadolesldap_basedn +%if %%eole_module == "seth" +changetype: add +%end if objectclass: organizationalUnit objectclass: top ou: users -# Entrée 9: uid=admin,ou=users,ou=%%cadolesldap_organization,o=gouv,c=fr -dn: uid=admin,ou=users,ou=%%cadolesldap_organization,o=gouv,c=fr +%if %%eole_module == "seth" +# Entrée 9: cn=admin,ou=users,ou=%%cadolesldap_organization,%%cadolesldap_basedn +dn: cn=admin,ou=users,ou=%%cadolesldap_organization,%%cadolesldap_basedn +%else +# Entrée 9: uid=admin,ou=users,ou=%%cadolesldap_organization,%%cadolesldap_basedn +dn: uid=admin,ou=users,ou=%%cadolesldap_organization,%%cadolesldap_basedn +%end if +%if %%eole_module == "seth" +changetype: add +%end if objectclass: top objectclass: person objectclass: organizationalPerson +%if %%eole_module == "seth" +objectclass: user +%end if objectclass: inetOrgPerson objectclass: cadolesPerson objectclass: cadolesSiren objectclass: cadolesSiret authlevel: simple uid: admin -cn: %%cadolesldap_organization +cn: admin sn: %%cadolesldap_organization displayname: Administrateur %%cadolesldap_organization givenname: Administrateur +%if not %%is_empty(%%system_mail_to) mail: %%system_mail_to +%end if +%if not %%is_empty(%%cadolesldap_niveau01siren) siren: %%cadolesldap_niveau01siren +%else +siren: %%cadolesldap_niveau01name +%end if niveau01: %%cadolesldap_niveau01name userpassword: %%pyeole.ssha.ssha_encode(%%cadolesldap_pwdadmin) + +%if %%eole_module == "seth" +# FIXME CadolesMember ... +# Entrée 9bis: cn=%%cadolesldap_niveau01name,ou=%%cadolesldap_niveau01branche,ou=%%cadolesldap_organization,%%cadolesldap_basedn +#dn: cn=%%cadolesldap_niveau01name,ou=%%cadolesldap_niveau01branche,ou=%%cadolesldap_organization,%%cadolesldap_basedn +#changetype: add +#cadolesMember: cn=admin,ou=users,ou=%%cadolesldap_organization,%%cadolesldap_basedn +%end if \ No newline at end of file