...

Image production ci jobs are manually kicked off since there is a cost associated with storing Amazon EC2 images. Fire off the cloud-mifos-image job on the ci server to create a new image.

LDAP

Pre-requisites

• Log into a machine already in ldap or ldap.mifos.org
• Create ~/.ldaprc and copy the following lines into it if it is already not there:

TLS_CERT /etc/ssl/certs/ldap.crt
TLS_KEY /etc/ssl/private/ldap.key

Adding a new user

You can use the following script to help:

#!/bin/sh

# ./addnewuser.sh johndoe John Doe <UID> johndoe@grameenfoundation.org <secret>

cat << EOF
dn: uid=$1,ou=people,dc=mifos,dc=org
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: $1
sn: $3
givenName: $2
cn: $2 $3
displayName: $2 $3
uidNumber: $4
gidNumber: 10000
gecos: $2 $3
loginShell: /bin/bash
homeDirectory: /home/$1
userPassword: $6
shadowExpire: -1
shadowFlag: 0
shadowWarning: 7
shadowMin: 8
shadowMax: 999999
shadowLastChange: 10877
mail: $5
EOF

then invoke it like:

./addnewuser.sh johndoe John Doe <UID> johndoe@grameenfoundation.org <secret> | ldapadd -x -W -D cn=admin,dc=mifos,dc=org -h ldap.mifos.org -ZZ

if the user "johndoe" exists it will error, however duplicating the UID will NOT generate an error so be sure to make sure that it does not exist. If the command completes successfully than you can log into a ldap client e.g. <mfi>.mifos.org and run getent passwd and you will see the newly added entry. If you make a mistake you can delete the entry with the following:

ldapdelete -x -w mifos -D cn=admin,dc=mifos,dc=org -h ldap.mifos.org -ZZ 'uid=johndoe,ou=people,dc=mifos,dc=org'

You can also search the ldap db with the following

ldapsearch -LLL -x -w mifos -D cn=admin,dc=mifos,dc=org -h ldap.mifos.org -ZZ 'cn=*Jeff*

The last argument 'cn=Jeff' can be adjusted accordingly based on which field you want to search or w

TODO

• How to add or remove a sysadmin from the LDAP server
  • (or just add to LDAP and point there?)

...