#!/bin/bash
# Name: config-enable-anonbinds.sh
# Description: Enable LDAP Anonymous (NULL Base) Binds
# Last Updated: 2017-09-05
# Recent Changes:-Initial release
###############################################################################################

##### Customize These Variables #####
# LDAP Connection Settings
dmPass=directorymanagerpasswordhere
ldapHost=ldapserverhere.yourdomain.org
ldapUser='directory manager'
##### End of Customize Variables #####

#==================
# Main Starts Here
#==================
echo -e "================================================================================="
echo -e "####============ IPA: Enable LDAP Anonymous Binds (NULL BASE)  =============####"
echo -e "================================================================================="
echo
echo -e "This script will enable LDAP Anonymous Binds. Service restart required after.\n"
echo -e "=>Continue?[y/n]:\c"
read run_script

if [[ ${run_script} != "y" ]]; then
  echo -e "\n>>Will not run the script. Exiting..."
  exit 1
fi

## LDAP Modify ##
echo -e "\n>> Enabling LDAP Anonymous binds ..."
ldapmodify -D "cn=${ldapUser}" -w ${dmPass} -p 389 -h ${ldapHost} -x <<-END
dn: cn=config
changetype: modify
replace: nsslapd-allow-anonymous-access
nsslapd-allow-anonymous-access: on
END