Finkregh · September 14, 2015 11:35
diff --git a/create-prosody-groups.sh b/create-prosody-groups.sh
 #!/bin/bash
 # hacked together, might eat your kittens.
 # for auth agains LDAP/AD look at https://blogs.mafia-server.net/nur-bahnhof/2013/12/prosody-authentification-ldapactivedirectory/

 tmpfile=/tmp/sharedgroups.txt
 XMPP_DOMAIN=xmpp.example.org
 AD_DC=dc1.corp.example.org
 LDAP_ROOT="dc=example,dc=org"
 LDAP_SUB_OU="ou=OE"
 ALL_USERS_GROUP="Everybody"

 for org in some AD orgs ; do echo "[${org}]" ;  ldapsearch -x -h ${AD_DC} -D "admin-user" -w password -LLL -b "ou=${org},${LDAP_SUB_OU},${LDAP_ROOT}" "(&(objectClass=user)(mail=*))" | grep -E "^cn: |sAMAccountName: "; done > ${tmpfile}

 echo "[${ALL_USERS_GROUP}]" >> ${tmpfile}
 ldapsearch -x -h ${AD_DC} -D "admin-user" -w password -LLL -b "${LDAP_SUB_OU},${LDAP_ROOT}" "(&(objectClass=user)(mail=*))" | grep -E "^cn: |sAMAccountName: " >> ${tmpfile}

 while read line ; do
        if echo ${line} | grep -qE "^\[" ; then
                echo ""
                echo $line
        else
                if echo ${line} | grep -qE "^cn" ; then
                        fullname=$(echo ${line} | cut -d ' ' -f 2-)
                elif echo ${line} | grep -qE "^sAMAccountName" ; then
                        uid=$(echo ${line} | cut -d ' ' -f 2 | tr '[:upper:]' '[:lower:]')
                        echo "${uid}@${XMPP_DOMAIN}=${fullname}"
                fi
        fi
 done < ${tmpfile}
diff --git a/cron.d_local b/cron.d_local
 0 0 * * * root /usr/local/bin/create-prosody-groups.sh > /var/lib/prosody/sharedgroups.txt ; chown prosody.prosody /var/lib/prosody/sharedgroups.txt ;  systemctl restart prosody.service
diff --git a/prosody.cfg.lua b/prosody.cfg.lua
 groups_file = "/var/lib/prosody/sharedgroups.txt"
	#!/bin/bash
	# hacked together, might eat your kittens.
	# for auth agains LDAP/AD look at https://blogs.mafia-server.net/nur-bahnhof/2013/12/prosody-authentification-ldapactivedirectory/

	tmpfile=/tmp/sharedgroups.txt
	XMPP_DOMAIN=xmpp.example.org
	AD_DC=dc1.corp.example.org
	LDAP_ROOT="dc=example,dc=org"
	LDAP_SUB_OU="ou=OE"
	ALL_USERS_GROUP="Everybody"

	for org in some AD orgs ; do echo "[${org}]" ; ldapsearch -x -h ${AD_DC} -D "admin-user" -w password -LLL -b "ou=${org},${LDAP_SUB_OU},${LDAP_ROOT}" "(&(objectClass=user)(mail=*))" \| grep -E "^cn: \|sAMAccountName: "; done > ${tmpfile}

	echo "[${ALL_USERS_GROUP}]" >> ${tmpfile}
	ldapsearch -x -h ${AD_DC} -D "admin-user" -w password -LLL -b "${LDAP_SUB_OU},${LDAP_ROOT}" "(&(objectClass=user)(mail=*))" \| grep -E "^cn: \|sAMAccountName: " >> ${tmpfile}

	while read line ; do
	if echo ${line} \| grep -qE "^\[" ; then
	echo ""
	echo $line
	else
	if echo ${line} \| grep -qE "^cn" ; then
	fullname=$(echo ${line} \| cut -d ' ' -f 2-)
	elif echo ${line} \| grep -qE "^sAMAccountName" ; then
	uid=$(echo ${line} \| cut -d ' ' -f 2 \| tr '[:upper:]' '[:lower:]')
	echo "${uid}@${XMPP_DOMAIN}=${fullname}"
	fi
	fi
	done < ${tmpfile}