-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathldap_replication_script.sh
94 lines (82 loc) · 3.56 KB
/
ldap_replication_script.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
#!/bin/bash
NONE='\033[00m'
DATE=`date '+%Y-%m-%d-%H:%M:%S'`
MASTER01="10.xx.xxx.xxx"
MASTER02="10.xxx.xx.xxx"
FROM_EMAIL="noreply@domain.com"
TO_EMAIL="user@domain.com"
LDAP_BIND_USER="uid=admin,ou=system"
LDAP_BIND_PWD="xxxxxx"
SEARCH_BASE="ou=USER,ou=WEB,o=DOMAIN"
mkdir -p /opt/ldap_replication_script
FILE01="/opt/ldap_replication_script/master01.txt"
FILE02="/opt/ldap_replication_script/master02.txt"
CONNMESSAGE01="/opt/ldap_replication_script/masterconn_alert01.json"
CONNMESSAGE02="/opt/ldap_replication_script/masterconn_alert02.json"
REPLMESSAGE="/opt/ldap_replication_script/replication_alert.json"
SORTED_USERS_FILE01="/opt/ldap_replication_script/sorted_users01.txt"
SORTED_USERS_FILE02="/opt/ldap_replication_script/sorted_users02.txt"
timeout 60 ldapsearch -D ${LDAP_BIND_USER} -w ${LDAP_BIND_PWD} -p 10389 -h ${MASTER01} -b ${SEARCH_BASE} | grep -E 'cn:|numEntries:' > $FILE01
EXIT_STATUS=$?
if [ $EXIT_STATUS != 0 ]
then
echo -e "\e[32m${DATE} Unable to execute ldapsearch command.${NONE}"
echo "{
\"Subject\": {
\"Data\": \"LDAP Connection Alert\",
\"Charset\": \"UTF-8\"
},
\"Body\": {
\"Text\": {
\"Data\": \"Alert!! Ldapsearch command didnot execute successfully on server '${MASTER01}'. \nPossible Reason: Unable to connect to LdapServer. \nSolution: Check ApacheDS Service Status.\",
\"Charset\": \"UTF-8\"
}
}
}" > ${CONNMESSAGE01}
aws ses send-email --destination ToAddresses=${TO_EMAIL} --from ${FROM_EMAIL} --message file://${CONNMESSAGE01} --region us-east-1
else
timeout 60 ldapsearch -D ${LDAP_BIND_USER} -w ${LDAP_BIND_PWD} -p 10389 -h ${MASTER02} -b ${SEARCH_BASE} | grep -E 'cn:|numEntries:' > $FILE02
EXIT_STATUS=$?
if [ $EXIT_STATUS != 0 ]
then
echo -e "\e[32m${DATE} Unable to execute ldapsearch command.${NONE}"
echo "{
\"Subject\": {
\"Data\": \"LDAP Connection Alert\",
\"Charset\": \"UTF-8\"
},
\"Body\": {
\"Text\": {
\"Data\": \"Alert!! Ldapsearch command didnot execute successfully on server '${MASTER02}'. \nPossible Reason: Unable to connect to LdapServer. \nSolution: Check ApacheDS Service Status.\",
\"Charset\": \"UTF-8\"
}
}
}" > ${CONNMESSAGE02}
aws ses send-email --destination ToAddresses=${TO_EMAIL} --from ${FROM_EMAIL} --message file://${CONNMESSAGE02} --region us-east-1
else
NUMENTRIES1=`cat $FILE01 | grep numEntries: | awk '{print $3}'`
NUMENTRIES2=`cat $FILE02 | grep numEntries: | awk '{print $3}'`
if [[ "${NUMENTRIES1}" == "${NUMENTRIES2}" ]]; then
echo -e "\e[32m${DATE} Replication is in sync.${NONE}"
else
echo -e "\e[31m${DATE} Replication is not in sync. Sending Alert.....${NONE}"
cat $FILE01 | grep cn: | sort -n -k 2 > ${SORTED_USERS_FILE01}
cat $FILE02 | grep cn: | sort -n -k 2 > ${SORTED_USERS_FILE02}
USERS1=`diff -s $SORTED_USERS_FILE01 $SORTED_USERS_FILE02 | grep cn: | grep '<' | tr -d '< ' | awk 'NR%1{printf $0;next;}1' | paste -s -d, -`
USERS2=`diff -s $SORTED_USERS_FILE01 $SORTED_USERS_FILE02 | grep cn: | grep '>' | tr -d '> ' | awk 'NR%1{printf $0;next;}1' | paste -s -d, -`
echo "{
\"Subject\": {
\"Data\": \"LDAP Replication Alert\",
\"Charset\": \"UTF-8\"
},
\"Body\": {
\"Text\": {
\"Data\": \"Alert!! Ldap Replication not in Sync.\n\nTotal Entries: \nnumEntries in ${MASTER01}: ${NUMENTRIES1} \nnumEntries in ${MASTER02}: ${NUMENTRIES2} \n\nUser Difference in Both Servers: \nUsers in ${MASTER01}: ${USERS1} \nUsers in ${MASTER02}: ${USERS2}\",
\"Charset\": \"UTF-8\"
}
}
}" > ${REPLMESSAGE}
aws ses send-email --destination ToAddresses=${TO_EMAIL} --from ${FROM_EMAIL} --message file://${REPLMESSAGE} --region us-east-1
fi
fi
fi