1. PERL SCRIPTS
===============

This directory contains a set of Perl5 scripts, which we use to maintain
our internal LDAP database. Most of these scripts requires the Ldapp
module, which is described elsewhere.



2. INSTALLATION
===============

There is not Makefile in this directory (yet...). You probably have to
edit the first line in every script, e.g. change the line

	#!/usr/bin/perl5


to be whatever is the PATH to your Perl5 interpreter, e.g.

	#!/usr/local/bin/perl


In some of the scripts there are separate configuration area (not covered
by the LdapUtils module). Other than that, the default parameters in the
LdapUtils.pm module should cover the basic configuration. Note that this
"main" configuration file is in the ../lib directory.

Copy these scripts to your local repository of handy tools, and make sure
they are executable.



3. USAGE
========

Most of the LDAP enabled scripts uses a standard set of options. Many of
these options have default values, which we define in the LDAP module
("library") named LdapUtils.pm. Edit this file to fit your environment,
and then copy into your .../lib/site_perl directory. Standard options are

	-n		Don't do any updates ("dry run")
	-v		Give verbose output/messages
	-W		Give verbose/extra warnings, when applicable

	-h hostname	LDAP server name
	-p port #	LDAP port, default is 389 (or 636 for SSL)
	-b base DN	LDAP Base-DN
	-D bind DN	LDAP bind DN (connect to server as this "user")
	-w bind pswd	Password to bind to the server
	-P certfile	Use SSL, with the certificates from this file


There are a few "shortcuts" available for the "-D" and "-b" options:

	root		Bind as the LDAP "root" user
	user		Bind as the current Unix user

	root		The default Base for your DIT
	people		Where your "people" entries are
	mail		Mail groups
	groups		LDAP groups, for ACLs etc.



4. SCRIPTS
==========

This is a short description of each script. This is by no means a complete
documentation, the best way to figure out what the script does is probably
to read the source ("Use the source, Luke!").

The beginning of all scripts has a short description of the options the
particular scripts supports. Many of these scripts takes an LDAP search
string as an argument, which is of the normal LDAP syntax.

	adduser		Creates a user in the LDAP and UNIX environment.
	-------		This is currently the mechanism that the Help Desk
			and Desktop support use to create new users at 
			Netscape.  It currently takes radically different
			command-line arguments than most of the other scripts.
			Author:  Luke Sheneman, x3513


	genpasswd	Generate a /etc/passwd type file from LDAP data.
	---------


	ldap_mail	Setup the mail attributes for a particular user.
	---------


	lfinger		Simple script to "emulate" the finger client, but
	-------		using LDAP to find the information.


	mailsync	Synchronize Unix/NIS aliases into LDAP. This is
	--------	very much work in progress, and a new version
			should be ready soon (which handles more special
			aliases). NOTE: This is an old script, and we are
			working on a new, improved version.


	modattr		Modify an attribute for a set of users, i.e. add
	-------		or delete values. The last argument is a search
			criteria, e.g.

				  % modattr sn=Hedstrom uid=leif


	modclass	This is very similar to modattr, but can only do
	--------	one thing, modify the objectClass attribute.


	monitor		Print some status information about a running LDAP
	-------		server. This has only been tested with Netscapes
			slapd daemon...


	psoftsync	Synchronize a flat file dump from PeopleSoft with
	---------	the LDAP data. Note the configuration in the top
			of this script, you'll have to change that! :)

	pswdsync	Synchronize Unix/NIS user information ("passwd")
	--------	into the LDAP database. Note that the actual
			password is only synchronized if the "-s" option
			is given.


	qsearch		Like "ldapsearch", but even simpler... :)
	-------


	renattr		Rename an attribute for one or more entries.
	-------


	restarter	This script is a kludge, which we use to restart
	---------	the LDAP server if there are too many connections.


	rmentry		Remove one or more entries from the LDAP server.
	-------		Since this is a potentially dangerous script, it
			will ask you to confirm before deleting an entry.


	vrfyPO		Check the Message Server v3.0 PostOffice and
	------		message store against the LDAP data. It will
			report missing or unknown users in the PO.

	
	vrfymail	Verify that the uniqueness of the "mail" and
	--------	"mailAlternateAddress" through the entire LDAP
			server is met. This restriction is something that
			will be eased up a little in Msg Srv v3.5.


	ph2ldif		Convert a PH/PSO database to LDIF, very simple...
	-------


	phsync		Like ph2ldif, but talks direcly to the LDAP server.
	------


	parse_log	Parse the access log from a Directory Server, and
	---------	produce useful summaries and statistics.

	fixcopiedfrom	Read and/or set the copiedfrom attribute on
	-------------	consumer. This is useful when working replicas
			that might have problems.

	cleanforwards	Remove bad forward addresses from users
	-------------	entries. This is useful only if you allow your
			users to set their own forwarding information in
			LDAP.

	normphones	Simple script to normalize (and possibly change
	----------	area codes) for all phone numbers. There are two
			reasons to use this script: The first is to
			normalize all phone number to a standard format,
			and the second is to rewrite area codes. The
			latter is useful if you ever change area code for
			you campus...

	rmduplicates	Remove duplicated attribute values. This shouldn't
	------------	happend, but it does due to a bug in DS-1.03 and
			earlier. This is fixed in DS-1.04(?) and DS-3.

	ldapstats	Gather performance and usage statistics from an
	---------	LDAP server, storing it in a daily "stats" file.
			The format of the output file is very brief, to
			make it as small as possible. The script will
			rotate the log file automatically, at midnight.

	import_aka	Simple script to import legacy mailing lists into
	----------	LDAP. The "dist" file should hold one member per
			line, either as a UID or as an RFC822 address. We
			will only add members if they are in the local
			LDAP server, of if they are RFC822 addresses.
	


-- Leif

-----------------------------------------------------
$Id: README,v 1.9 1998/03/11 06:23:54 leif Exp $
