linux_wiki:freeipa_report_uids_gids

FreeIPA: Report UIDs GIDs

General Information

Output all UIDs and GIDs (names to number mappings) to two separate files.

Checklist


The Script

report-uids-gids.sh
#!/bin/bash
# Name: report-uids-gids.sh
# Description: Get all usernames/uids and group names/gids, put into two separate files
# Last Updated: 2016-10-07
# Recent Changes:-Updated usage and renamed
###############################################################################################
 
##### Customize These Variables #####
# admin credentials
admin_user="admin"
 
# Dump files for uids/gids
dump_uids="/root/ldap-scripts/tmp/report-uids-gids_uids"
dump_gids="/root/ldap-scripts/tmp/report-uids-gids_gids"
##### End of Customize Variables #####
 
#=====================================
# Functions; Main starts after
#=====================================
function show_usage
{
  echo -e "\n==== Report: All UIDs and GIDs ===="
  echo -e "\nDescripton: Get all usernames/uids and group names/gids, put into two separate files."
  echo -e "\n--Usage--"
  echo -e "./report_uids-gids.sh [OPTIONS]"
  echo -e "\n-OPTIONS-"
  echo -e "-h                    => Display usage."
  echo -e "\n--Other Requirements--"
  echo -e "-> FreeIPA admin access."
  echo -e
}
 
#=======================
# Get Script Arguments
#=======================
# Reset POSIX variable in case it has been used previously in this shell
OPTIND=1
 
while getopts "h" opt; do
  case "${opt}" in
    h) # -h (help) argument
      show_usage
      exit 0
    ;;
    *) # invalid argument
      show_usage
      exit 0
    ;;
  esac
done
 
#==================
# Main Starts Here
#==================
 
# Pre-check - see if we have a kerberos ticket, if not, prompt login
/usr/bin/klist -s
if [[ $? -ne 0 ]]; then
  echo ">>No kerberos ticket found for (${admin_user}), login as ${admin_user} now:"
  /usr/bin/kinit ${admin_user}
  echo
fi
 
echo -e "======================================================"
echo -e "####============= IPA: UID/GID Dump ==============####"
echo -e "======================================================"
echo
echo -e "This script will get all usernames/uids, group names/gids and put them into two files.\n"
echo -e "User IDs: ${dump_uids}"
echo -e "Group IDs: ${dump_gids}"
 
echo -e "=>Dump all uids/gids?[y/n]:\c"
read run_script
 
if [[ ${run_script} != "y" ]]; then
  echo -e "\n>>Will not dump uids/gids. Exiting..."
  exit 1
fi
 
echo -e ">> Clearing out temporary files..."
cat /dev/null > ${dump_uids}
cat /dev/null > ${dump_gids}
 
echo -e ">> Getting user list..."
user_list="$(ipa user-find --sizelimit=0 | grep -E "(login|UID)" | awk -F: '{print $2}')"
 
echo -e ">> Creating username/uid file..."
for user_field in $(echo ${user_list}); do 
  if [[ "${user_field}" =~ ^[0-9] ]]; then 
    echo -en ": ${user_field}" >> ${dump_uids}
  else 
    echo -e "\n${user_field}\c" >> ${dump_uids}
  fi
done
 
echo -e ">> Getting group list..."
group_list="$(ipa group-find --sizelimit=0 | grep -E "(name|GID)" | awk -F: '{print $2}')"
 
echo -e ">> Creating group name/gid file..."
for group_field in $(echo ${group_list}); do 
  if [[ "${group_field}" =~ ^[0-9] ]]; then 
    echo -en ": ${group_field}" >> ${dump_gids}
  else 
    echo -e "\n${group_field}\c" >> ${dump_gids}
  fi
done
 
echo -e "\n>> Files located at: ${dump_uids} and ${dump_gids}"
 
echo -e "\n======================================================"
echo -e "####=========== UID/GID Dump Complete ============####"
echo -e "======================================================"

  • linux_wiki/freeipa_report_uids_gids.txt
  • Last modified: 2019/05/25 23:50
  • (external edit)