63 lines
1.8 KiB
Go
63 lines
1.8 KiB
Go
|
package user
|
||
|
|
||
|
import (
|
||
|
"fmt"
|
||
|
"log"
|
||
|
|
||
|
"github.com/spf13/cobra"
|
||
|
"github.com/spf13/viper"
|
||
|
ldap "gopkg.in/ldap.v2"
|
||
|
|
||
|
cli "git.metaunix.net/metaunix.net/muldap/lib/cli"
|
||
|
)
|
||
|
|
||
|
func init() {
|
||
|
// define user delete subcommand flags
|
||
|
userPwCmd.Flags().StringP("base_ou", "o", "", "LDAP OU where your user entries are stored")
|
||
|
userPwCmd.Flags().StringP("uid_attribute", "a", "uid", "LDAP DN attribute for users")
|
||
|
userPwCmd.Flags().StringVarP(&flagUserUsername, "username", "u", "", "Username of user to delete")
|
||
|
// bind config file values to user delete flags
|
||
|
viper.BindPFlag("user.base_ou", userPwCmd.Flags().Lookup("base_ou"))
|
||
|
viper.BindPFlag("user.uid_attr", userPwCmd.Flags().Lookup("uid_attribute"))
|
||
|
}
|
||
|
|
||
|
// define user password subcommand
|
||
|
var userPwCmd = &cobra.Command{
|
||
|
Use: "pw",
|
||
|
Short: "Set an LDAP user's password",
|
||
|
Long: "Prompts you for a password to use to set an LDAP user's password",
|
||
|
Run: func(cmd *cobra.Command, args []string) {
|
||
|
// create new LDAP connection
|
||
|
l, err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", viper.GetString("host"), viper.GetInt("port")))
|
||
|
if err != nil {
|
||
|
log.Fatal(err)
|
||
|
}
|
||
|
defer l.Close()
|
||
|
|
||
|
// bind as the admin user
|
||
|
err = l.Bind(viper.GetString("bind_dn"), viper.GetString("bind_pw"))
|
||
|
if err != nil {
|
||
|
log.Fatal(err)
|
||
|
}
|
||
|
|
||
|
// get password from user
|
||
|
userPw, pwErr := cli.GetUserInput("New user password", true)
|
||
|
|
||
|
if pwErr != nil {
|
||
|
log.Fatal(pwErr)
|
||
|
}
|
||
|
|
||
|
// set up user DN
|
||
|
userDn := fmt.Sprintf("%s=%s,%s", viper.GetString("user.uid_attr"), flagUserUsername, viper.GetString("user.base_ou"))
|
||
|
|
||
|
// create new password modify request
|
||
|
passwordModifyRequest := ldap.NewPasswordModifyRequest(userDn, "", userPw)
|
||
|
|
||
|
// perform password change operation
|
||
|
_, err = l.PasswordModify(passwordModifyRequest)
|
||
|
if err != nil {
|
||
|
log.Fatalf("Password could not be changed: %s", err.Error())
|
||
|
}
|
||
|
},
|
||
|
}
|