I’m using openldap on Mac OS X Server 10.6 and need to generate a vcard for all the users in a given group. By using the ldapsearch I can list all the memberUid’s for all users in that group. I found a perl script (Advanced LDAP Search or ALS) that was written by someone that will generate the vcard easily. ALS can be found here http://www.ldapman.org/tools/als.gz
So what I need to do is create a wrapper script (in python or perl) that will effectively loop through the memberUid’s and run the ALS command to create the vcard and append it to the file.
This command provides the memberUid’s:
ldapsearch -x -b 'dc=ldap,dc=server,dc=com' '(cn=testgroup)'
Then running ALS gives the vcard:
als -b dc=ldap,dc=server,dc=com -V uid=aaronh > vcardlist.vcf
If it’s easier to do this using Perl since ALS is already using it that would be fine. I’ve done more work in python but I’m open to suggestions.
Thanks in advance,
Aaron
EDIT:
Here is a link to the Net:LDAP code that I have to date. So far it pulls down the ldap entries with all user information. What I’m missing is how to capture just the UID for each user and then push it into ALS.
http://www.queencitytech.com/net-ldap
Here is an example entry (after running the code from the above link):
#-------------------------------
DN: uid=aaronh,cn=users,dc=ldap,dc=server,dc=com
altSecurityIdentities : Kerberos:aaronh@LDAP.SERVER.COM
apple-generateduid : F0F9DA73-70B3-47EB-BD25-FE4139E16942
apple-imhandle : Jabber:aaronh@ichat.server.com
apple-mcxflags : <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>simultaneous_login_enabled</key>
<true/>
</dict>
</plist>
authAuthority : ;ApplePasswordServer;0x4c11231147c72b59000001f800001663,1024 35 131057002239213764263627099108547501925287731311742942286788930775556419648865483768960345576253082450228562208107642206135992876630494830143899597135936566841409094870100055573569425410665510365545238751677692308677943427807426637133913499488233527734757673201849965347880843479632671824597968768822920700439 root@ldap.server.com:192.168.1.175;Kerberosv5;0x4c11231147c72b59000001f800001663;aaronh@LDAP.SERVER.COM;LDAP.SERVER.COM;1024 35 131057002239213764263627099108547501925287731311742942286788930775556419648865483768960345576253082450228562208107642206135992876630494830143899597135936566841409094870100055573569425410665510365545238751677692308677943427807426637133913499488233527734757673201849965347880843479632671824597968768822920700439 root@ldap.server.com:192.168.1.170
cn : Aaron Hoffman
gidNumber : 20
givenName : Aaron
homeDirectory : 99
loginShell : /bin/bash
objectClass : inetOrgPersonposixAccountshadowAccountapple-userextensibleObjectorganizationalPersontopperson
sn : Hoffman
uid : aaronh
uidNumber : 2643
userPassword : ********
#-------------------------------
My language of choice would be Perl – but only because I’ve done similar operations using Perl and LDAP.
If I remember correctly, that ldapsearch command will give you the full LDIF entry for each uid in the testgroup cn. If that’s the case, then you’ll need to clean it up a bit before it’s ready for the als part. Though it’s definitely not the most elegant solution, a quick and dirty method is to use backticks and run the command’s output through a grep. This will return a nice list of all the memberUids. From there it’s just a simple foreach loop and you’re done. Without any testing or knowing for sure what your LDAP output looks like, I’d go with something like this:
As I said, I haven’t tested this, and I’m not exactly sure what the output of your ldapsearch looks like, so you may have to tweak it a bit to fit your exact needs. That should be enough to get you going though.
If anyone has a better idea I’d love to hear it too.