PageRenderTime 65ms CodeModel.GetById 38ms RepoModel.GetById 0ms app.codeStats 0ms

/iRedMail/tools/create_mail_user_OpenLDAP.sh

https://bitbucket.org/zhb/iredmail
Shell | 295 lines | 163 code | 40 blank | 92 comment | 12 complexity | 5ae2d4e1ef4df4132a75c70daeae1750 MD5 | raw file
    

  1. #!/usr/bin/env bash
    2. 

  2. 

  3. # Author:   Zhang Huangbin (zhb _at_ iredmail.org)
    4. 

  4. # Purpose:  Add new OpenLDAP user for postfix mail server.
    5. 

  5. # Project:  iRedMail (http://www.iredmail.org/)
    6. 

  6. 

  7. # --------------------------- WARNING ------------------------------
    8. 

  8. # This script only works under iRedMail >= 0.8.4 due to ldap schema
    9. 

  9. # changes.
    10. 

  10. # ------------------------------------------------------------------
    11. 

  11. 

  12. # --------------------------- USAGE --------------------------------
    13. 

  13. # 1) Please change variables below to fit your env:
    14. 

  14. #
    15. 

  15. #   - In 'Global Setting' section:
    16. 

  16. #       * STORAGE_BASE_DIRECTORY
    17. 

  17. #
    18. 

  18. #   - In 'LDAP Setting' section:
    19. 

  19. #       * LDAP_SUFFIX
    20. 

  20. #       * BINDDN
    21. 

  21. #       * BINDPW
    22. 

  22. #       * QUOTA
    23. 

  23. #
    24. 

  24. #   - In 'Virtual Domains & Users' section:
    25. 

  25. #       * QUOTA
    26. 

  26. #       * TRANSPORT
    27. 

  27. #       * PASSWORD_SCHEME       # SSHA is recommended.
    28. 

  28. #       * DEFAULT_PASSWD
    29. 

  29. #       * USE_DEFAULT_PASSWD
    30. 

  30. #
    31. 

  31. #   - Pure-FTPd integration:
    32. 

  32. #       * PUREFTPD_INTEGRATION      # <- set to 'YES' if you want to integrate it.
    33. 

  33. #       * FTP_BASE_DIRECTORY        # <- directory used to store FTP data.
    34. 

  34. #
    35. 

  35. #   - Optional variables:
    36. 

  36. #       * SEND_WELCOME_MSG
    37. 

  37. #
    38. 

  38. # 2) Execute this script with domain name and username (without @domain) directly:
    39. 

  39. #
    40. 

  40. #       shell# bash create_mail_user_OpenLDAP.sh example.com new_user
    41. 

  41. #
    42. 

  42. #    It will create a mail user with mail address "new_user@example.com".
    43. 

  43. #    To add multiple mail users, just list all usernames:
    44. 

  44. #
    45. 

  45. #       shell# bash create_mail_user_OpenLDAP.sh example.com new_user new_user2 new_user3
    46. 

  46. #
    47. 

  47. # ------------------------------------------------------------------
    48. 

  48. 

  49. # Source functions.
    50. 

  50. . ../conf/global
    51. 

  51. . ../conf/core
    52. 

  52. 

  53. # ----------------------------------------------
    54. 

  54. # ------------ Global Setting ------------------
    55. 

  55. # ----------------------------------------------
    56. 

  56. # Storage base directory used to store users' mail.
    57. 

  57. # mailbox of LDAP user will be:
    58. 

  58. #    ${STORAGE_BASE_DIRECTORY}/${DOMAIN_NAME}/${USERNAME}/
    59. 

  59. # Such as:
    60. 

  60. #    /var/vmail/vmail1/iredmail.org/zhb/
    61. 

  61. #   -------------------|===========|-----|
    62. 

  62. #   STORAGE_BASE_DIRECTORY|DOMAIN_NAME|USERNAME
    63. 

  63. #
    64. 

  64. STORAGE_BASE_DIRECTORY="/var/vmail/vmail1"
    65. 

  65. 

  66. # ------------------------------------------------------------------
    67. 

  67. # -------------------------- LDAP Setting --------------------------
    68. 

  68. # ------------------------------------------------------------------
    69. 

  69. LDAP_SUFFIX="dc=example,dc=com"
    70. 

  70. 

  71. # Setting 'BASE_DN'.
    72. 

  72. BASE_DN="o=domains,${LDAP_SUFFIX}"
    73. 

  73. 

  74. # Setting 'DOMAIN_NAME' and DOMAIN_DN':
    75. 

  75. #     * DOMAIN will be used in mail address: ${USERNAME}@${DOMAIN}
    76. 

  76. #    * DOMAIN_DN will be used in LDAP dn.
    77. 

  77. DOMAIN_NAME="$1"
    78. 

  78. DOMAIN_DN="domainName=${DOMAIN_NAME}"
    79. 

  79. OU_USER_DN="ou=Users"
    80. 

  80. 

  81. # ---------- rootdn of LDAP Server ----------
    82. 

  82. # Setting rootdn of LDAP.
    83. 

  83. BINDDN="cn=Manager,${LDAP_SUFFIX}"
    84. 

  84. 

  85. # Setting rootpw of LDAP.
    86. 

  86. BINDPW='passwd'
    87. 

  87.  
    88. 

  88. # ---------- Virtual Domains & Users --------------
    89. 

  89. # Set default quota for LDAP users: 104857600 = 100M
    90. 

  90. QUOTA='1048576000'
    91. 

  91. 

  92. # Default MTA Transport (Defined in postfix master.cf).
    93. 

  93. TRANSPORT='dovecot'
    94. 

  94. 

  95. # Password setting.
    96. 

  96. PASSWORD_SCHEME='SSHA'   # MD5, SSHA. SSHA is recommended.
    97. 

  97. DEFAULT_PASSWD='888888'
    98. 

  98. USE_DEFAULT_PASSWD='NO'
    99. 

  99. 

  100. # ------------------------------------------------------------------
    101. 

  101. # -------------------- Pure-FTPd Integration -----------------------
    102. 

  102. # ------------------------------------------------------------------
    103. 

  103. # Add objectClass and attributes for pure-ftpd integration.
    104. 

  104. # Note: You must inlucde pureftpd.schema in OpenLDAP slapd.conf first.
    105. 

  105. PUREFTPD_INTEGRATION='NO'
    106. 

  106. FTP_BASE_DIRECTORY='/home/ftp'
    107. 

  107. 

  108. # ------------------------------------------------------------------
    109. 

  109. # ------------------------- Welcome Msg ----------------------------
    110. 

  110. # ------------------------------------------------------------------
    111. 

  111. # Send a welcome mail after user created.
    112. 

  112. SEND_WELCOME_MSG='NO'
    113. 

  113. 

  114. # Set welcome mail info.
    115. 

  115. WELCOME_MSG_SUBJECT="Welcome!"
    116. 

  116. WELCOME_MSG_BODY="Welcome, new user."
    117. 

  117. 

  118. # -------------------------------------------
    119. 

  119. # ----------- End Global Setting ------------
    120. 

  120. # -------------------------------------------
    121. 

  121. 

  122. # Time stamp, will be appended in maildir.
    123. 

  123. DATE="$(date +%Y.%m.%d.%H.%M.%S)"
    124. 

  124. 

  125. STORAGE_BASE="$(dirname ${STORAGE_BASE_DIRECTORY})"
    126. 

  126. STORAGE_NODE="$(basename ${STORAGE_BASE_DIRECTORY})"
    127. 

  127. 

  128. add_new_domain()
    129. 

  129. {
    130. 

  130.     domain="$(echo ${1} | tr '[A-Z]' '[a-z]')"
    131. 

  131.     ldapsearch -x -D "${BINDDN}" -w "${BINDPW}" -b "${BASE_DN}" | grep "domainName: ${domain}" >/dev/null
    132. 

  132. 

  133.     if [ X"$?" != X"0" ]; then
    134. 

  134.         echo "Add new domain: ${domain}."
    135. 

  135. 

  136.         ldapadd -x -D "${BINDDN}" -w "${BINDPW}" <<EOF
    137. 

  137. dn: ${DOMAIN_DN},${BASE_DN}
    138. 

  138. objectClass: mailDomain
    139. 

  139. domainName: ${domain}
    140. 

  140. mtaTransport: ${TRANSPORT}
    141. 

  141. accountStatus: active
    142. 

  142. enabledService: mail
    143. 

  143. EOF
    144. 

  144.     else
    145. 

  145.         :
    146. 

  146.     fi
    147. 

  147. 

  148.     ldapadd -x -D "${BINDDN}" -w "${BINDPW}" <<EOF
    149. 

  149. dn: ${OU_USER_DN},${DOMAIN_DN},${BASE_DN}
    150. 

  150. objectClass: organizationalUnit
    151. 

  151. objectClass: top
    152. 

  152. ou: Users
    153. 

  153. EOF
    154. 

  154. 

  155.     ldapadd -x -D "${BINDDN}" -w "${BINDPW}" <<EOF
    156. 

  156. dn: ou=Groups,${DOMAIN_DN},${BASE_DN}
    157. 

  157. objectClass: organizationalUnit
    158. 

  158. objectClass: top
    159. 

  159. ou: Groups
    160. 

  160. EOF
    161. 

  161. 

  162.     ldapadd -x -D "${BINDDN}" -w "${BINDPW}" <<EOF
    163. 

  163. dn: ou=Aliases,${DOMAIN_DN},${BASE_DN}
    164. 

  164. objectClass: organizationalUnit
    165. 

  165. objectClass: top
    166. 

  166. ou: Aliases
    167. 

  167. EOF
    168. 

  168. 

  169.     ldapadd -x -D "${BINDDN}" -w "${BINDPW}" <<EOF
    170. 

  170. dn: ou=Externals,${DOMAIN_DN},${BASE_DN}
    171. 

  171. objectClass: organizationalUnit
    172. 

  172. objectClass: top
    173. 

  173. ou: Externals
    174. 

  174. EOF
    175. 

  175. }
    176. 

  176. 

  177. add_new_user()
    178. 

  178. {
    179. 

  179.     USERNAME="$(echo $1 | tr [A-Z] [a-z])"
    180. 

  180.     MAIL="$( echo $2 | tr [A-Z] [a-z])"
    181. 

  181. 

  182.     # Create template LDIF file for this new user and add it.
    183. 

  183.     # If you do *NOT* want to keep rootpw in script, use '-W' instead of 
    184. 

  184.     # '-w "${BINDPW}".
    185. 

    186. 

  186.     maildir="${DOMAIN_NAME}/$(hash_maildir ${USERNAME})"
    187. 

  187. 

  188.     # Generate user password.
    189. 

  189.     if [ X"${USE_DEFAULT_PASSWD}" == X'YES' ]; then
    190. 

  190.         PASSWD="$(python ./generate_password_hash.py ${PASSWORD_SCHEME} ${DEFAULT_PASSWD})"
    191. 

  191.     else
    192. 

  192.         PASSWD="$(python ./generate_password_hash.py ${PASSWORD_SCHEME} ${USERNAME})"
    193. 

  193.     fi
    194. 

  194. 

  195.     if [ X"${PUREFTPD_INTEGRATION}" == X'YES' ]; then
    196. 

  196.         LDIF_PUREFTPD_USER="objectClass: PureFTPdUser
    197. 

  197. FTPStatus: enabled
    198. 

  198. FTPQuotaFiles: 50
    199. 

  199. FTPQuotaMBytes: 10
    200. 

  200. FTPDownloadBandwidth: 50
    201. 

  201. FTPUploadBandwidth: 50
    202. 

  202. FTPDownloadRatio: 5
    203. 

  203. FTPUploadRatio: 1
    204. 

  204. FTPHomeDir: ${FTP_BASE_DIRECTORY}/${DOMAIN_NAME}/${USERNAME}/
    205. 

  205. "
    206. 

  206.     else
    207. 

  207.         LDIF_PUREFTPD_USER=''
    208. 

  208.     fi
    209. 

  209. 

  210.     ldapadd -x -D "${BINDDN}" -w "${BINDPW}" <<EOF
    211. 

  211. dn: mail=${MAIL},${OU_USER_DN},${DOMAIN_DN},${BASE_DN}
    212. 

  212. objectClass: inetOrgPerson
    213. 

  213. objectClass: shadowAccount
    214. 

  214. objectClass: amavisAccount
    215. 

  215. objectClass: mailUser
    216. 

  216. objectClass: top
    217. 

  217. accountStatus: active
    218. 

  218. storageBaseDirectory: ${STORAGE_BASE}
    219. 

  219. homeDirectory: ${STORAGE_BASE_DIRECTORY}/${maildir}
    220. 

  220. mailMessageStore: ${STORAGE_NODE}/${maildir}
    221. 

  221. mail: ${MAIL}
    222. 

  222. mailQuota: ${QUOTA}
    223. 

  223. userPassword: ${PASSWD}
    224. 

  224. cn: ${USERNAME}
    225. 

  225. sn: ${USERNAME}
    226. 

  226. givenName: ${USERNAME}
    227. 

  227. uid: ${USERNAME}
    228. 

  228. shadowLastChange: 0
    229. 

  229. amavisLocal: TRUE
    230. 

  230. enabledService: internal
    231. 

  231. enabledService: doveadm
    232. 

  232. enabledService: lib-storage
    233. 

  233. enabledService: indexer-worker
    234. 

  234. enabledService: dsync
    235. 

  235. enabledService: mail
    236. 

  236. enabledService: pop3
    237. 

  237. enabledService: pop3secured
    238. 

  238. enabledService: imap
    239. 

  239. enabledService: imapsecured
    240. 

  240. enabledService: managesieve
    241. 

  241. enabledService: managesievesecured
    242. 

  242. enabledService: sieve
    243. 

  243. enabledService: sievesecured
    244. 

  244. enabledService: smtp
    245. 

  245. enabledService: smtpsecured
    246. 

  246. enabledService: deliver
    247. 

  247. enabledService: lda
    248. 

  248. enabledService: lmtp
    249. 

  249. enabledService: forward
    250. 

  250. enabledService: senderbcc
    251. 

  251. enabledService: recipientbcc
    252. 

  252. enabledService: shadowaddress
    253. 

  253. enabledService: displayedInGlobalAddressBook
    254. 

  254. enabledService: sogo
    255. 

  255. ${LDIF_PUREFTPD_USER}
    256. 

  256. EOF
    257. 

  257. }
    258. 

  258. 

  259. send_welcome_mail()
    260. 

  260. {
    261. 

  261.     MAIL="$1"
    262. 

  262.     echo "Send a welcome mail to new user: ${MAIL}"
    263. 

  263. 

  264.     echo "${WELCOME_MSG_BODY}" | mail -s "${WELCOME_MSG_SUBJECT}" ${MAIL}
    265. 

  265. }
    266. 

  266. 

  267. usage()
    268. 

  268. {
    269. 

  269.     echo "Usage:"
    270. 

  270.     echo -e "\t$0 DOMAIN USERNAME"
    271. 

  271.     echo -e "\t$0 DOMAIN USER1 USER2 USER3 ..."
    272. 

  272. }
    273. 

  273. 

  274. if [ $# -lt 2 ]; then
    275. 

  275.     usage
    276. 

  276. else
    277. 

  277.     # Promopt to check settings.
    278. 

  278.     [ X"${LDAP_SUFFIX}" == X"dc=example,dc=com" ] && echo "You should change 'LDAP_SUFFIX' in $0."
    279. 

  279. 

  280.     # Get domain name.
    281. 

  281.     DOMAIN_NAME="$(echo $1 | tr '[A-Z]' '[a-z]')"
    282. 

  282.     shift 1
    283. 

  283. 

  284.     add_new_domain ${DOMAIN_NAME}
    285. 

  285.     for i in $@; do
    286. 

  286.         USERNAME="$(echo $i | tr '[A-Z]' '[a-z]')"
    287. 

  287.         MAIL="${USERNAME}@${DOMAIN_NAME}"
    288. 

  288. 

  289.         # Add new user in LDAP.
    290. 

  290.         add_new_user ${USERNAME} ${MAIL}
    291. 

  291. 

  292.         # Send welcome msg to new user.
    293. 

  293.         [ X"${SEND_WELCOME_MSG}" == X'YES' ] && send_welcome_mail ${MAIL}
    294. 

  294.     done
    295. 

  295. fi
    296. 

  296.