[debian-edu-commits] r80569 - branches/wheezy/debian-edu-config/share/debian-edu-config/tools
pere at alioth.debian.org
pere at alioth.debian.org
Fri Jun 14 02:27:44 UTC 2013
Author: pere
Date: 2013-06-13 12:00:04 +0000 (Thu, 13 Jun 2013)
New Revision: 80569
Modified:
branches/wheezy/debian-edu-config/share/debian-edu-config/tools/setup-ad-client
Log:
Refuse to run setup-ad-client unless the detected LDAP server is an AD server.
Modified: branches/wheezy/debian-edu-config/share/debian-edu-config/tools/setup-ad-client
===================================================================
--- branches/wheezy/debian-edu-config/share/debian-edu-config/tools/setup-ad-client 2013-06-13 11:50:52 UTC (rev 80568)
+++ branches/wheezy/debian-edu-config/share/debian-edu-config/tools/setup-ad-client 2013-06-13 12:00:04 UTC (rev 80569)
@@ -33,6 +33,18 @@
echo $domain
}
+ldap_is_active_directory() {
+ ldapuri="$1"
+ # OpenLDAP do not have defaultNamingContext in the root LDAP
+ # object, while Active Directory do.
+ if ldapsearch -LLL -H "$ldapuri" -x -b '' -s base 2>/dev/null | \
+ grep -q defaultNamingContext ; then
+ true
+ else
+ false
+ fi
+}
+
bindir=$(dirname $0)
dnsdomain=$(find_dns_domain "$1")
@@ -43,7 +55,14 @@
echo "error: Unable to find AD server using SRV records in $dnsdomain"
exit 1
fi
+
ldapuri=ldap://$adserver
+
+if ! ldap_is_active_directory $ldapuri ; then
+ echo "error: Detected LDAP server $ldapuri is not an Active Directory server"
+ exit 1
+fi
+
realm=$(lookup_ad_realm $ldapuri)
if [ -z "$realm" ] ; then
More information about the debian-edu-commits
mailing list