Cybersecurity
DevOps Cloud
IT Operations Cloud
You have the need to remove the directory [LDAP] link from multiple users based on attribute matching, for example, all users with the last name of "smith".
Here is a script that will prompt you for the needed information and then delete the directory link from the matching user objects:
#/bin/bash
#
# You will need to know the IP Address or Hostname of a GroupWise Admin Service, preferably of the
# Primary GroupWise domain. To determine if you need the IP address or hostname, from a terminal
# window on the GW Admin server, run one of the following commands:
#
# Linux - /opt/novell/groupwise/admin/gwadmin-ipc query
# Windows - C:\Program Files\Novell\GroupWise Server\admin\gwadmin-ipc.exe query | more
#
# The output should read something like:
# 192.168.10.10:9710=>MyDomain(/mail/mydomain)
# or
# 0.0.0.0:9710=>MyDomain(/mail/mydomain)
#
# If it reads as the second example, the admin service is listening on all interfaces,
# so you can use either the IP address or DNS Hostname for this script.
# If an IP address or DNS Hostname is listed, you must use that for this script as the
# admin service is bound exclusively to it.
#
# You will also need to enter the admin service port, and valid GroupWise administrator
# credentials to login to the Admin service.
#
# The Post Office name is the name given to the Post Office.
#
# To see a list of valid attribute names for a user object in GroupWise go to:
# https://SeverIPorDNSname:<AdminPort>/gwadmin-service/list/USER/schema
#
# The attribute data match must be exact, for example, the data match for the attribute "externalEntity" must be
# either "true" or "false" as it's a Boolean value.
# An example of a "string" value: for the attribute "lastName" enter "Smith" -- all users with the last name
# of Smith will have their DirectoryID [LDAP association] removed.
#
# The LDAP Directory ID is the name of the LDAP directory that the user object is associated with.
#
#
echo " "
read -p "Enter GroupWise Admin Service IP/Hostname: " IP
echo " "
read -p "Enter GroupWise Admin Service Port: " PORT
echo " "
read -p "Enter GroupWise System Administrator: " GWADMIN
echo " "
read -p "Enter GroupWise Administrator Password: " PWD
echo " "
read -p "Enter Post Office name: " POA
echo " "
read -p "Enter Attribute name: " ATTR
echo " "
read -p "Enter attribute data match: " MATCH
echo " "
read -p "Enter LDAP Directory ID: " DIRECTORY
echo " "BASEURL="https://$IP:$PORT/gwadmin-service"
LISTURL="$BASEURL/list/USER.csv?attrs=domain,postoffice,name&filter=postOfficeName eq '$POA' AND $ATTR eq '$MATCH' AND directoryId eq '$DIRECTORY'"URLS=`curl -k --user $GWADMIN:$PWD $LISTURL |gawk --field-separator=, 'NR!=1 {print "'$BASEURL'/domains/"$1"/postoffices/"$2"/users/"$3"/directorylink"}'`
for URL in $URLS
do
echo $URL
curl -k --user $GWADMIN:$PWD -X DELETE $URL
done
echo "done"
A copy of the script is attached in .txt format for you to download.
Note: This script is provided as-is. You use it at your own risk.