B Sample Scripts for Updating Default Attributes for Reconciliation
This appendix provides sample scripts for editing the default attribute mappings for reconciliation.
Sample scripts for the procedure described in Updating the Scripts for Reconciliation After Editing Schema Attributes are as follows:
B.1 Original Sample Script
This is the original FetchAllUserRecords.txt script.
while read inputline ;do __NAME__=$(echo $inputline | cut -d: -f1); USID=$(echo $inputline | cut -d: -f3); COMMENTS=$(echo $inputline | cut -d: -f5); HOME_DIR=$(echo $inputline | cut -d: -f6); CREATE_HOME_DIR="false"; if [ -d "$HOME_DIR" ] ;then CREATE_HOME_DIR="true";fi; USER_SHELL=$(echo $inputline | cut -d: -f7); PGROUP=$( id -G -n $__NAME__ | cut -d' ' -f1); shadowRecord=$(cat /etc/shadow |grep $__NAME__); INACTIVE=$(echo $shadowRecord | cut -d: -f7); EXP_DATE=$(echo $shadowRecord | cut -d: -f8); secgrplist=""; id -G -n $__NAME__ | grep -q " "; if [ $? -eq 0 ];then secgrplist=$( id -G -n $__NAME__ | cut -d ' ' -f2- | sed 's/ /~~~/g'); fi; ENABLE="true"; if [ ! -z "$__NAME__" ] ;then passwd -S $__NAME__ | grep -w LK >/dev/null; if [ $? -eq 0 ] ;then ENABLE="false"; fi; passwd -S $__NAME__ | grep -w locked >/dev/null; if [ $? -eq 0 ] ;then ENABLE="false"; fi; fi; RESULT1=__NAME__:$__NAME__:__ENABLE__:$ENABLE:COMMENTS:$COMMENTS:USID:$USID:USER_SHELL:$USER_SHELL:HOME_DIR:$HOME_DIR:; RESULT2=CREATE_HOME_DIR:$CREATE_HOME_DIR:SECONDARYGROUP:$secgrplist:; RESULT3=PGROUP:$PGROUP:INACTIVE:$INACTIVE:EXP_DATE:$EXP_DATE:__UID__:$__NAME__; RESULT="$RESULT1$RESULT2$RESULT3"; echo "$RESULT" | grep -q -w "$connectorPrompt"; if [ $? -gt 0 ];then echo "RESULT_START $RESULT RESULT_END"; else echo "Record contains connector prompt. Hence ignored"; fi; done < /etc/passwd;[ $? -eq 0 ] && echo "SUCCESS"; unset inputline __NAME__ USID COMMENTS HOME_DIR USER_SHELL PGROUP secgrplist; unset ENABLE passwordFull passwordF passwordS RESULT RESULT1 RESULT2 RESULT3 __UID__ INACTIVE EXP_DATE shadowRecord;
B.2 Updated Sample Script
This is the FetchAllUserRecords.txt script that has been updated to include the newly added __GID__ attribute. The updated lines are represented in bold font.
while read inputline ;do __NAME__=$(echo $inputline | cut -d: -f1); USID=$(echo $inputline | cut -d: -f3); COMMENTS=$(echo $inputline | cut -d: -f5); HOME_DIR=$(echo $inputline | cut -d: -f6); CREATE_HOME_DIR="false"; if [ -d "$HOME_DIR" ] ;then CREATE_HOME_DIR="true";fi; USER_SHELL=$(echo $inputline | cut -d: -f7); PGROUP=$( id -G -n $__NAME__ | cut -d' ' -f1); __GID__=$( id -G $__NAME__ | cut -d' ' -f1); shadowRecord=$(cat /etc/shadow |grep $__NAME__); INACTIVE=$(echo $shadowRecord | cut -d: -f7); EXP_DATE=$(echo $shadowRecord | cut -d: -f8); secgrplist=""; id -G -n $__NAME__ | grep -q " "; if [ $? -eq 0 ];then secgrplist=$( id -G -n $__NAME__ | cut -d ' ' -f2- | sed 's/ /~~~/g'); fi; ENABLE="true"; if [ ! -z "$__NAME__" ] ;then passwd -S $__NAME__ | grep -w LK >/dev/null; if [ $? -eq 0 ] ;then ENABLE="false"; fi; passwd -S $__NAME__ | grep -w locked >/dev/null; if [ $? -eq 0 ] ;then ENABLE="false"; fi; fi; RESULT1=__NAME__:$__NAME__:__ENABLE__:$ENABLE:COMMENTS:$COMMENTS:USID:$USID:USER_SHELL:$USER_SHELL:HOME_DIR:$HOME_DIR:; RESULT2=CREATE_HOME_DIR:$CREATE_HOME_DIR:SECONDARYGROUP:$secgrplist:; RESULT3=PGROUP:$PGROUP:INACTIVE:$INACTIVE:EXP_DATE:$EXP_DATE:__UID__:$__NAME__:__GID__:$__GID__; RESULT="$RESULT1$RESULT2$RESULT3"; echo "$RESULT" | grep -q -w "$connectorPrompt"; if [ $? -gt 0 ];then echo "RESULT_START $RESULT RESULT_END"; else echo "Record contains connector prompt. Hence ignored"; fi; done < /etc/passwd;[ $? -eq 0 ] && echo "SUCCESS"; unset inputline __NAME__ USID COMMENTS HOME_DIR USER_SHELL PGROUP secgrplist __GID__; unset ENABLE passwordFull passwordF passwordS RESULT RESULT1 RESULT2 RESULT3 __UID__ INACTIVE EXP_DATE shadowRecord;