Add script to create new LDAP group.

rc-new-ldap-group

@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -e
+
+LDAP_SERVER='ldaps://ldap1.recycled.cloud'
+LDAP_BASE_DN='ou=groups,dc=recycled,dc=cloud'
+LDAP_BIND_DN='cn=admin,dc=recycled,dc=cloud'
+
+for executable in ldapsearch ldapadd sed; do
+	if ! command -v $executable >> /dev/null; then
+		echo "The $executable command is not available. Exiting." >&2
+		exit 1
+	fi
+done
+
+# Prompt for user details.
+printf "Please enter cn for new group: "
+read -r cn
+
+# Prompt for admin credentials.
+printf "\nPlease enter password for %s: " $LDAP_BIND_DN
+read -r ldap_bind_password
+
+# Determine the groups's gidNumber
+last_gid_number=$(ldapsearch -x -H $LDAP_SERVER -b $LDAP_BASE_DN \
+	-D $LDAP_BIND_DN -w "$ldap_bind_password" '(objectClass=posixGroup)' \
+	gidNumber | grep gidNumber | grep -v 10000 | sed "s|gidNumber: ||" | sort -n | tail -n 1)
+next_gid_number=$(( "$last_gid_number" + 1))
+
+
+# Generate new user, and ask for user-validation.
+ldif=$(cat << EOF
+dn: cn=${cn:?},ou=groups,dc=recycled,dc=cloud
+objectClass: posixGroup
+cn: ${cn:?}
+gidNumber: ${next_gid_number:?}
+EOF
+)
+
+echo """
+::: Generated LDIF :::
+
+$ldif
+
+::: ENTER to insert into database, Ctrl+C to abort :::
+
+"""
+
+read -r # Only used to pause execution until user input is received.
+
+printf 'Executing ldapdd... '
+echo "$ldif" | ldapadd -x -H $LDAP_SERVER -D $LDAP_BIND_DN -w "$ldap_bind_password"
+echo "DONE."