Using Bash to query AD with ldapsearch and also make SOAP requests

So I had a request for an application or script that would present itself to the user at boot up on a netbooted client machine before imaging. A user would enter their AD credentials and it would pull down some information from AD.

With this information from AD, we then needed to query a SOAP API to pull out some building and room location information.

This information would later be populated into the ARD text fields on the freshly imaged machine for inventory purposes, we also will upload this information into the machines AD computer record. This is done by another script that runs at first boot after the AD Bind is successful. I’m not going to go into those details here.

So what I have wound up with is a rather large bash script, it uses Pashua and CocoaDialog to present the user with some nice GUI text boxes and pop up menus for them to choose from.

I used Platypus to wrap up the script, Pashua and CocoaDialog applications into a single Mac OS X app that makes it nice and portable.

The first step is to request the users credentials:

login

or

badlogin

Once we verify that these credentials are valid, we then check to ensure the user is a member of a security group that is authorized to continue.

Assuming the user passes these checks we move on to the next step of identifying which AD site the user is at.

There is a function in the script which works out our IP address range in the format 192.168.1.0/21 this is the format that Active Directory uses to determine sites.

So we perform an ldap search looking for this string in our AD servers sites configuration OU.

If we find it, awesome we can get our site name and code from here.

sitefound

If we can’t find our site details from this IP information, then we display a message saying we couldn’t find it and request the user to enter in the site code manually.

nosite

Once we have our site code, we POST a SOAP envelope up to our webserver requesting a list of buildings for that site.

The list of buildings is returned and populates a popup menu which is presented to the user. The user then selects which building they are in.

building

After getting this building code from the user, we then make another SOAP request to our webserver and request a list of levels that exist in our selected building.
This populates another popup menu for the user to choose from.

Once the user chooses this level, we make another request to our webserver and request a list of rooms that are available on that level of that building.
This list of rooms is then populated into another popup menu for the user to choose from.

rooms

Once we have all this information we just write out the results to a text file and have a deploystudio script scoop it up and process it at first boot.

This project was obviously very site specific (for example we can’t run any Mac hardware for servers, so no Deploy studio server – see blog posts below about that) but hopefully some of the code examples might help someone out if they need to do a similar thing.

Its all up on my GitHub Repo at https://github.com/hunty1/strapper

The code is pretty well documented so it should be easy enough to follow along

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s