#!/bin/bash
# 2024-12
# 此脚本仅支持Centos7.x

setenforce 0
#获取脚本根目录，并设为只读
readonly INITDIR=$(cd $(dirname $0); dirname "$PWD")
echo "安装openldap"
#systemctl status slapd && \
[[ -d /var/lib/ldap/ ]] && \
yum reinstall -y openldap openldap-clients openldap-servers migrationtools || \
yum install -y openldap openldap-clients openldap-servers migrationtools
\cp -f $INITDIR/file/ldap/olcDatabase\=\{2\}hdb.ldif /etc/openldap/slapd.d/cn\=config/
\cp -f $INITDIR/file/ldap/olcDatabase\=\{1\}monitor.ldif /etc/openldap/slapd.d/cn\=config/

echo "ldap数据库配置完成"
\cp -f /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
chown -R ldap.ldap /var/lib/ldap
echo "ldap数据库准备完成"

systemctl start slapd || echo -e "\033[31mldap启动异常！自动退出！\033[0m"
systemctl start slapd || exit 4
systemctl enable slapd
echo "slapd服务启动并设置开机启动完成"

cd /etc/openldap/schema/; ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f cosine.ldif &> /dev/null
cd /etc/openldap/schema/; ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f nis.ldif &> /dev/null
cd /etc/openldap/schema/; ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f collective.ldif &> /dev/null
cd /etc/openldap/schema/; ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f corba.ldif &> /dev/null
cd /etc/openldap/schema/; ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f core.ldif &> /dev/null
cd /etc/openldap/schema/; ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f duaconf.ldif &> /dev/null
cd /etc/openldap/schema/; ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f dyngroup.ldif &> /dev/null
cd /etc/openldap/schema/; ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f inetorgperson.ldif &> /dev/null
cd /etc/openldap/schema/; ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f java.ldif &> /dev/null
cd /etc/openldap/schema/; ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f misc.ldif &> /dev/null
cd /etc/openldap/schema/; ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f openldap.ldif &> /dev/null
cd /etc/openldap/schema/; ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f pmi.ldif &> /dev/null
cd /etc/openldap/schema/; ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f ppolicy.ldif &> /dev/null
echo "LDAP模式添加完成"

\cp -f $INITDIR/file/ldap/cn\=\{0\}core.ldif /etc/openldap/slapd.d/cn\=config/cn\=schema
systemctl restart slapd

#导入ldap数据
cd /etc/openldap/schema/; ldapadd -x -w zwkj@123 -D "cn=Manager,dc=zwlbs,dc=com" -f $INITDIR/file/ldap/init.ldif
echo "LDAP数据导入完成"