diff --git a/dicos/71_lemonldap_ng_scribe.xml b/dicos/71_lemonldap_ng_scribe.xml new file mode 100644 index 0000000..121f980 --- /dev/null +++ b/dicos/71_lemonldap_ng_scribe.xml @@ -0,0 +1,57 @@ + + + + + + + + + + + oui + activerLemon + distant + local + + + + oui + activer_sso + + + + oui + ldap_tls + ldaps + ldap + + + + adresse_ip_ldap + + + + ldap_port + + + + ldap_base_dn + + + + ldap_reader + + + + ldap_reader_passfile + + + + eolesso_cas_folder + + + + + + + diff --git a/postservice/98-lemonldap-ng-scribe-register-hosts b/postservice/98-lemonldap-ng-scribe-register-hosts new file mode 100644 index 0000000..eda1aa7 --- /dev/null +++ b/postservice/98-lemonldap-ng-scribe-register-hosts @@ -0,0 +1,45 @@ +#!/bin/bash + +[ "$(CreoleGet activerLemon non)" = 'oui' ] || exit 0 + +[ -f /usr/lib/eole/eolead.sh ] || exit 0 + +. /usr/lib/eole/eolead.sh +# ScribeAD/HorusAD +. $CONTAINER_ROOTFS/etc/eole/samba4-vars.conf +DNS_IP="${CONTAINER_IP}" +CONTAINER_EXEC='lxc-attach -n addc --' + +EXT_IP=$(CreoleGet adresse_ip_eth0) + +for service in manager auth reload +do + fqdn=$(CreoleGet "${service}WebName") + service_addr=$(dig "@${DNS_IP}" "${fqdn}" +short) + if [ "${service_addr}" != "${EXT_IP}" ] + then + ${CONTAINER_EXEC} kinit "${AD_HOST_NAME^^}@${AD_REALM^^}" -k -t "${AD_HOST_KEYTAB_FILE}" + if [ -n "${service_addr}" ] + then + echo -n "Suppression de l’enregistrement DNS '${fqdn} IN A ${service_addr}' : " + $CONTAINER_EXEC samba-tool \ + dns \ + delete \ + "${AD_HOST_NAME}.${AD_REALM}" \ + "${AD_REALM}" \ + "${fqdn}" A "${service_addr}" \ + -k 1 + fi + + echo -n "Ajout de l’enregistrement DNS '${fqdn} IN A ${EXT_IP}' : " + $CONTAINER_EXEC samba-tool \ + dns \ + add \ + "${AD_HOST_NAME}.${AD_REALM}" \ + "${AD_REALM}" \ + "${fqdn}" A "${EXT_IP}" \ + -k 1 + fi +done + +exit 0