Open AlexSamad opened 2 years ago
diff --git a/site/role/files/ybzabbix/server/zabbix-ldap-sync.sh b/site/role/files/ybzabbix/server/zabbix-ldap-sync.sh
index 18bcc3d2..e2366975 100644
--- a/site/role/files/ybzabbix/server/zabbix-ldap-sync.sh
+++ b/site/role/files/ybzabbix/server/zabbix-ldap-sync.sh
@@ -423,33 +423,33 @@ if [ LDAP_Ignore_SSL_Certificate = "false" ]; then
# normal ldapsearch call
if [ "$b_verbose" = "true" ]; then
if [ "$b_showpasswords" = "true" ]; then
- echo 'ldapsearch -x -o ldif-wrap=no -H '$LDAP_Source_URL' -D "'$LDAP_Bind_User_DN'" -w "'$LDAP_Bind_User_Password'" -b "'$LDAP_SearchBase'" "(&(objectClass=group)(cn="'$LDAP_Groupname_for_Sync'"))"'
+ echo 'ldapsearch -x -o ldif-wrap=no -H '$LDAP_Source_URL' -D "'$LDAP_Bind_User_DN'" -w "'$LDAP_Bind_User_Password'" -b "'$LDAP_SearchBase'" "(&(objectCategory=user)(memberOf:1.2.840.113556.1.4.1941:='$LDAP_Groupname_for_Sync'))"'
else
- echo 'ldapsearch -x -o ldif-wrap=no -H '$LDAP_Source_URL' -D "'$LDAP_Bind_User_DN'" -w "***********" -b "'$LDAP_SearchBase'" "(&(objectClass=group)(cn="'$LDAP_Groupname_for_Sync'"))"'
+ echo 'ldapsearch -x -o ldif-wrap=no -H '$LDAP_Source_URL' -D "'$LDAP_Bind_User_DN'" -w "***********" -b "'$LDAP_SearchBase'" "(&(objectCategory=user)(memberOf:1.2.840.113556.1.4.1941:='$LDAP_Groupname_for_Sync'))"'
fi
fi
# yes, ldapsearch is called twice - first time without grep to catch the exitcode, 2. time to catch the content
- tempvar=`ldapsearch -x -o ldif-wrap=no -H $LDAP_Source_URL -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "$LDAP_SearchBase" "(&(objectClass=group)(cn=$LDAP_Groupname_for_Sync))" o member`
+ tempvar=`ldapsearch -x -o ldif-wrap=no -H $LDAP_Source_URL -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "$LDAP_SearchBase" "(&(objectCategory=user)(memberOf:1.2.840.113556.1.4.1941:=$LDAP_Groupname_for_Sync))" -LLL dn`
ldapsearch_exitcode="$?"
if [ "$b_verbose" = "true" ]; then echo "ldapsearch_exitcode: $ldapsearch_exitcode"; fi
- tempvar=`ldapsearch -x -o ldif-wrap=no -H $LDAP_Source_URL -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "$LDAP_SearchBase" "(&(objectClass=group)(cn=$LDAP_Groupname_for_Sync))" o member | grep member:`
+ tempvar=`ldapsearch -x -o ldif-wrap=no -H $LDAP_Source_URL -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "$LDAP_SearchBase" "(&(objectCategory=user)(memberOf:1.2.840.113556.1.4.1941:=$LDAP_Groupname_for_Sync))" -LLL dn | tr '[:upper:]' '[:lower:]' |grep dn:`
else
# ignore SSL ldapsearch
if [ "$b_verbose" = "true" ]; then
if [ "$b_showpasswords" = "true" ]; then
- echo 'LDAPTLS_REQCERT=never ldapsearch -x -o ldif-wrap=no -H '$LDAP_Source_URL' -D "'$LDAP_Bind_User_DN'" -w "'$LDAP_Bind_User_Password'" -b "'$LDAP_SearchBase'" "(&(objectClass=group)(cn='$LDAP_Groupname_for_Sync'))" o member'
+ echo 'LDAPTLS_REQCERT=never ldapsearch -x -o ldif-wrap=no -H '$LDAP_Source_URL' -D "'$LDAP_Bind_User_DN'" -w "'$LDAP_Bind_User_Password'" -b "'$LDAP_SearchBase'" "(&(objectCategory=user)(memberOf:1.2.840.113556.1.4.1941:='$LDAP_Groupname_for_Sync'))" -LLL dn'
else
- echo 'LDAPTLS_REQCERT=never ldapsearch -x -o ldif-wrap=no -H '$LDAP_Source_URL' -D "'$LDAP_Bind_User_DN'" -w "***********" -b "'$LDAP_SearchBase'" "(&(objectClass=group)(cn='$LDAP_Groupname_for_Sync'))" o member'
+ echo 'LDAPTLS_REQCERT=never ldapsearch -x -o ldif-wrap=no -H '$LDAP_Source_URL' -D "'$LDAP_Bind_User_DN'" -w "***********" -b "'$LDAP_SearchBase'" "(&(objectCategory=user)(memberOf:1.2.840.113556.1.4.1941:='$LDAP_Groupname_for_Sync'))" -LLL dn'
fi
fi
# yes, ldapsearch is called twice - first time without grep to catch the exitcode, 2. time to catch the content
- tempvar=`LDAPTLS_REQCERT=never ldapsearch -x -o ldif-wrap=no -H $LDAP_Source_URL -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "$LDAP_SearchBase" "(&(objectClass=group)(cn=$LDAP_Groupname_for_Sync))" o member`
+ tempvar=`LDAPTLS_REQCERT=never ldapsearch -x -o ldif-wrap=no -H $LDAP_Source_URL -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "$LDAP_SearchBase" "(&(objectCategory=user)(memberOf:1.2.840.113556.1.4.1941:=$LDAP_Groupname_for_Sync))" -LLL dn`
ldapsearch_exitcode="$?"
if [ "$b_verbose" = "true" ]; then echo "ldapsearch_exitcode: $ldapsearch_exitcode"; fi
- tempvar=`LDAPTLS_REQCERT=never ldapsearch -x -o ldif-wrap=no -H $LDAP_Source_URL -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "$LDAP_SearchBase" "(&(objectClass=group)(cn=$LDAP_Groupname_for_Sync))" o member | grep member:`
+ tempvar=`LDAPTLS_REQCERT=never ldapsearch -x -o ldif-wrap=no -H $LDAP_Source_URL -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "$LDAP_SearchBase" "(&(objectCategory=user)(memberOf:1.2.840.113556.1.4.1941:=$LDAP_Groupname_for_Sync))" -LLL dn | tr '[:upper:]' '[:
lower:]' | grep dn:`
fi
if [ "$b_verbose" = "true" ]; then
- echo 'Result ldapsearch (with "grep member:" : '"$tempvar"
+ echo 'Result ldapsearch (with "grep dn:" : '"$tempvar"
echo "Exitcode ldapsearch: $(Translate_ldapsearch_exitcode $ldapsearch_exitcode)"
fi
# only continue if ldapsearch was succesfull
@@ -458,7 +458,7 @@ if [ "$ldapsearch_exitcode" -eq 0 ];then
LDAP_ARRAY_Members_DN=()
for (( i=0; i < ${#LDAP_ARRAY_Members_RAW[*]}; i++ )); do
# Search for the word "member:" in Array - the next value is the DN of a Member
- if [ "${LDAP_ARRAY_Members_RAW[$i]:0:7}" = "member:" ]; then
+ if [ "${LDAP_ARRAY_Members_RAW[$i]:0:3}" = "dn:" ]; then
i=$(($i + 1))
LDAP_ARRAY_Members_DN+=("${LDAP_ARRAY_Members_RAW[$i]}") # add new Item to the end of the array
else
@@ -534,7 +534,7 @@ if [ "${#LDAP_ARRAY_Members_DN[*]}" -gt 0 ]; then
echo "'s/$/|/' | sed 's/: /|/'"
fi
# sed replace all ": " and "new line" to "|"
- tempvar=`ldapsearch -x -o ldif-wrap=no -H $LDAP_Source_URL -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "${LDAP_ARRAY_Members_DN[$i]}" o sAMAccountName o sn o givenName o mail | grep "^sn: \|^givenName: \|^sAMAccountName: \|^mail:" | sed 's/$/|/' | sed
's/: /|/'`
+ tempvar=`ldapsearch -x -o ldif-wrap=no -H $LDAP_Source_URL -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "${LDAP_ARRAY_Members_DN[$i]}" o sAMAccountName o sn o givenName o mail | grep "^sn: \|^givenName: \|^sAMAccountName: \|^mail:" | sed 's/$/|/' | sed
's/: /|/' | tr '[:upper:]' '[:lower:]'`
else
if [ "$b_verbose" = "true" ]; then
printf "LDAPTLS_REQCERT=never ldapsearch -x -o ldif-wrap=no -H "
@@ -554,7 +554,7 @@ if [ "${#LDAP_ARRAY_Members_DN[*]}" -gt 0 ]; then
echo "'s/$/|/' | sed 's/: /|/'"
fi
# sed replace all ": " and "new line" to "|"
- tempvar=`LDAPTLS_REQCERT=never ldapsearch -x -o ldif-wrap=no -H "$LDAP_Source_URL" -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "${LDAP_ARRAY_Members_DN[$i]}" o sAMAccountName o sn o givenName o mail | grep "^sn: \|^givenName: \|^sAMAccountName: \|^mail:" | sed 's/$/|/' | sed 's/: /|/'`
+ tempvar=`LDAPTLS_REQCERT=never ldapsearch -x -o ldif-wrap=no -H "$LDAP_Source_URL" -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "${LDAP_ARRAY_Members_DN[$i]}" o sAMAccountName o sn o givenName o mail | grep "^sn: \|^givenName: \|^sAMAccountName: \|^mail:" | sed 's/$/|/' | sed 's/: /|/' | tr '[:upper:]' '[:lower:]'`
if [ "$b_verbose" = "true" ]; then
echo $tempvar
fi
@@ -800,7 +800,7 @@ if [ "$b_verbose" = "true" ]; then
printf " $ZABBIX_API_URL"
fi
tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc": "2.0","method":"user.get","params":{"usrgrpids":"'$ZABBIX_LDAP_Group_UsrGrpId'","output":["alias","userid"]},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL`
-if [ "$b_verbose" = "true" ]; then echo $tempvar; fi
+if [ "$b_verbose" = "true" ]; then echo ; echo $tempvar; echo ;fi
IFS='"' # " is set as delimiter
ZABBIX_ARRAY_LDAP_GroupMember_RAW=($tempvar)
IFS=' ' # space is set as delimiter
@@ -813,10 +813,12 @@ for (( i=0; i < ${#ZABBIX_ARRAY_LDAP_GroupMember_RAW[*]}; i++ )); do
Print_Verbose_Text "Found UserId" "${ZABBIX_ARRAY_LDAP_GroupMember_RAW[$i]}"
#printf "."
fi
- if [ "${ZABBIX_ARRAY_LDAP_GroupMember_RAW[$i]}" = "alias" ]; then
+ #if [ "${ZABBIX_ARRAY_LDAP_GroupMember_RAW[$i]}" = "alias" ]; then
+ if [ "${ZABBIX_ARRAY_LDAP_GroupMember_RAW[$i]}" = "username" ]; then
i=$(($i + 2))
ZABBIX_ARRAY_LDAP_GroupMember_alias+=("${ZABBIX_ARRAY_LDAP_GroupMember_RAW[$i]}")
- Print_Verbose_Text "Found Alias" "${ZABBIX_ARRAY_LDAP_GroupMember_RAW[$i]}"
+ #Print_Verbose_Text "Found Alias" "${ZABBIX_ARRAY_LDAP_GroupMember_RAW[$i]}"
+ Print_Verbose_Text "Found Username" "${ZABBIX_ARRAY_LDAP_GroupMember_RAW[$i]}"
#printf "."
fi
done
@@ -830,7 +832,8 @@ if [ "$b_verbose" = "true" ]; then
printf "%-3s | %-20s | %-20s | %-20s | %-20s" "No." "Alias" "UserId" " " " "
printf "\n"
echo "----+----------------------+----------------------+----------------------+----------------------"
- for (( i=0; i < ${#ZABBIX_ARRAY_LDAP_GroupMember_alias[*]}; i++ )); do
+ #for (( i=0; i < ${#ZABBIX_ARRAY_LDAP_GroupMember_alias[*]}; i++ )); do
+ for (( i=0; i < ${#ZABBIX_ARRAY_LDAP_GroupMember_userid[*]}; i++ )); do
printf "%-3s | %-20s | %-20s | %-20s | %-20s" "$i" "${ZABBIX_ARRAY_LDAP_GroupMember_alias[$i]}" "${ZABBIX_ARRAY_LDAP_GroupMember_userid[$i]}" " " " "
printf "\n"
done
@@ -859,11 +862,15 @@ fi
b_Must_Sync_Users="false"
# Check 1:
Print_Status_Text "Check 1: Number of Users LDAP"
-Print_Status_Done "${#LDAP_ARRAY_Members_sAMAccountName[*]}" $DEFAULT_FOREGROUND
+# I want users to use email address not sam account name to login
+#Print_Status_Done "${#LDAP_ARRAY_Members_sAMAccountName[*]}" $DEFAULT_FOREGROUND
+Print_Status_Done "${#LDAP_ARRAY_Members_Email[*]}" $DEFAULT_FOREGROUND
Print_Status_Text "Check 1: Number of Users Zabbix"
Print_Status_Done "${#ZABBIX_ARRAY_LDAP_GroupMember_alias[*]}" $DEFAULT_FOREGROUND
Print_Status_Text "Check 1: Number of Users"
-if [ "${#LDAP_ARRAY_Members_sAMAccountName[*]}" -eq "${#ZABBIX_ARRAY_LDAP_GroupMember_alias[*]}" ]; then
+# I want users to use email address not sam account name to login
+#if [ "${#LDAP_ARRAY_Members_sAMAccountName[*]}" -eq "${#ZABBIX_ARRAY_LDAP_GroupMember_alias[*]}" ]; then
+if [ "${#LDAP_ARRAY_Members_Email[*]}" -eq "${#ZABBIX_ARRAY_LDAP_GroupMember_alias[*]}" ]; then
Print_Status_Done "equal" $GREEN
else
Print_Status_Done "not equal" $RED
@@ -875,15 +882,22 @@ if [ "$b_Must_Sync_Users" = "false" ]; then
# make Compare case insensitive, save original settings
orig_nocasematch=$(shopt -p nocasematch)
shopt -s nocasematch
- Print_Status_Text "Check 2: Compare Active Directory sAMAccountName with Zabbix Alias"
+ #Print_Status_Text "Check 2: Compare Active Directory sAMAccountName with Zabbix Alias"
+ Print_Status_Text "Check 2: Compare Active Directory mail with Zabbix username"
if [ "$b_verbose" = "true" ]; then Print_Status_Done "checking" $LIGHTCYAN; fi
# Check every sAMAccountName and find a alias for it
- for (( i=0; i < ${#LDAP_ARRAY_Members_sAMAccountName[*]}; i++ )); do
+ # I want users to use email address not sam account name to login
+ #for (( i=0; i < ${#LDAP_ARRAY_Members_sAMAccountName[*]}; i++ )); do
+ for (( i=0; i < ${#LDAP_ARRAY_Members_Email[*]}; i++ )); do
b_alias_was_found="false"
for (( k=0; k < ${#ZABBIX_ARRAY_LDAP_GroupMember_alias[*]}; k++ )); do
- if [[ "${LDAP_ARRAY_Members_sAMAccountName[$i]}" == "${ZABBIX_ARRAY_LDAP_GroupMember_alias[$k]}" ]]; then
+ # I want users to use email address not sam account name to login
+ #if [[ "${LDAP_ARRAY_Members_sAMAccountName[$i]}" == "${ZABBIX_ARRAY_LDAP_GroupMember_alias[$k]}" ]]; then
+ if [[ "${LDAP_ARRAY_Members_Email[$i]}" == "${ZABBIX_ARRAY_LDAP_GroupMember_alias[$k]}" ]]; then
# printf "."
- Print_Verbose_Text "${LDAP_ARRAY_Members_sAMAccountName[$i]}" "found"
+ # I want users to use email address not sam account name to login
+ #Print_Verbose_Text "${LDAP_ARRAY_Members_sAMAccountName[$i]}" "found"
+ Print_Verbose_Text "${LDAP_ARRAY_Members_Email[$i]}" "found"
b_alias_was_found="true"
# if user have found the loop can be finished
break
@@ -891,7 +905,9 @@ if [ "$b_Must_Sync_Users" = "false" ]; then
done
if [ "$b_alias_was_found" = "false" ]; then
b_Must_Sync_Users="true"
- Print_Verbose_Text "${LDAP_ARRAY_Members_sAMAccountName[$i]}" "not found"
+ # I want users to use email address not sam account name to login
+ #Print_Verbose_Text "${LDAP_ARRAY_Members_sAMAccountName[$i]}" "not found"
+ Print_Verbose_Text "${LDAP_ARRAY_Members_Email[$i]}" "not found"
if [ "$b_verbose" = "true" ]; then Print_Status_Text "Check 2: Compare Active Directory sAMAccountName with Zabbix Alias"; fi
Print_Status_Done "mismatch" $RED
# one user was not found, we can exit the test, we must sync
@@ -948,7 +964,8 @@ if [ "$b_Must_Sync_Users" = "true" ]; then
i=$(($i + 2))
ZABBIX_ARRAY_AllUser_userid+=("${ZABBIX_ARRAY_AllUser_RAW[$i]}")
fi
- if [ "${ZABBIX_ARRAY_AllUser_RAW[$i]}" = "alias" ]; then
+ #if [ "${ZABBIX_ARRAY_AllUser_RAW[$i]}" = "alias" ]; then
+ if [ "${ZABBIX_ARRAY_AllUser_RAW[$i]}" = "username" ]; then
i=$(($i + 2))
ZABBIX_ARRAY_AllUser_alias+=("${ZABBIX_ARRAY_AllUser_RAW[$i]}")
fi
@@ -986,12 +1003,18 @@ if [ "$b_Must_Sync_Users" = "true" ]; then
orig_nocasematch=$(shopt -p nocasematch)
shopt -s nocasematch
i_CounterNewUsers=0
- for (( i=0; i < ${#LDAP_ARRAY_Members_sAMAccountName[*]}; i++ )); do
+ # I want users to use email address not sam account name to login
+ #for (( i=0; i < ${#LDAP_ARRAY_Members_sAMAccountName[*]}; i++ )); do
+ for (( i=0; i < ${#LDAP_ARRAY_Members_Email[*]}; i++ )); do
b_we_have_a_winner="false"
for (( k=0; k < ${#ZABBIX_ARRAY_AllUser_alias[*]}; k++ )); do
- if [[ "${LDAP_ARRAY_Members_sAMAccountName[$i]}" == "${ZABBIX_ARRAY_AllUser_alias[$k]}" ]]; then
+ # I want users to use email address not sam account name to login
+ #if [[ "${LDAP_ARRAY_Members_sAMAccountName[$i]}" == "${ZABBIX_ARRAY_AllUser_alias[$k]}" ]]; then
+ if [[ "${LDAP_ARRAY_Members_Email[$i]}" == "${ZABBIX_ARRAY_AllUser_alias[$k]}" ]]; then
LDAP_ARRAY_Members_UserId+=("${ZABBIX_ARRAY_AllUser_userid[$k]}")
- Print_Verbose_Text "Found existing User: ${LDAP_ARRAY_Members_sAMAccountName[$i]}" "${ZABBIX_ARRAY_AllUser_alias[$k]}"
+ # I want users to use email address not sam account name to login
+ #Print_Verbose_Text "Found existing User: ${LDAP_ARRAY_Members_sAMAccountName[$i]}" "${ZABBIX_ARRAY_AllUser_alias[$k]}"
+ Print_Verbose_Text "Found existing User: ${LDAP_ARRAY_Members_Email[$i]}" "${ZABBIX_ARRAY_AllUser_alias[$k]}"
b_we_have_a_winner="true"
break
fi
@@ -1001,7 +1024,9 @@ if [ "$b_Must_Sync_Users" = "true" ]; then
# User was not found - but we need an array item to have all array index identical and matched to each other
# also mark this User to have to be created
LDAP_ARRAY_Members_UserId+=("create-user")
- Print_Verbose_Text "No Zabbix user found: ${LDAP_ARRAY_Members_sAMAccountName[$i]}" "will be created"
+ # I want users to use email address not sam account name to login
+ #Print_Verbose_Text "No Zabbix user found: ${LDAP_ARRAY_Members_sAMAccountName[$i]}" "will be created"
+ Print_Verbose_Text "No Zabbix user found: ${LDAP_ARRAY_Members_Email[$i]}" "will be created"
b_have_to_create_new_user="true"
i_CounterNewUsers=$(($i_CounterNewUsers + 1))
fi
@@ -1037,10 +1062,14 @@ if [ "$b_Must_Sync_Users" = "true" ]; then
fi
declare -a ZABBIX_ARRAY_New_User_RAW
# Search for all User with UserId "create-user"
- for (( i=0; i < ${#LDAP_ARRAY_Members_sAMAccountName[*]}; i++ )); do
+ # I want users to use email address not sam account name to login
+ #for (( i=0; i < ${#LDAP_ARRAY_Members_sAMAccountName[*]}; i++ )); do
+ for (( i=0; i < ${#LDAP_ARRAY_Members_Email[*]}; i++ )); do
if [ "${LDAP_ARRAY_Members_UserId[$i]}" = "create-user" ]; then
# printf "Create new user ${LDAP_ARRAY_Members_sAMAccountName[$i]} ... "
- tempSAM='"'"${LDAP_ARRAY_Members_sAMAccountName[$i]}"'"'
+ # I want users to use email address not sam account name to login
+ #tempSAM='"'"${LDAP_ARRAY_Members_sAMAccountName[$i]}"'"'
+ tempSAM='"'"${LDAP_ARRAY_Members_Email[$i]}"'"'
# Check the things we have
create_combination=""
if [ "${LDAP_ARRAY_Members_Surname[$i]}" != " - " ]; then
@@ -1161,7 +1190,9 @@ if [ "$b_Must_Sync_Users" = "true" ]; then
LDAP_ARRAY_Members_UserId[$i]="${ZABBIX_ARRAY_New_User_RAW[$k]}"
fi
done
- Print_Verbose_Text "Created: ${LDAP_ARRAY_Members_sAMAccountName[$i]}" "LDAP_ARRAY_Members_UserId[$i]"
+ # I want users to use email address not sam account name to login
+ #Print_Verbose_Text "Created: ${LDAP_ARRAY_Members_sAMAccountName[$i]}" "LDAP_ARRAY_Members_UserId[$i]"
+ Print_Verbose_Text "Created: ${LDAP_ARRAY_Members_Email[$i]}" "LDAP_ARRAY_Members_UserId[$i]"
fi
done
if [ "$b_verbose" = "true" ]; then Print_Status_Text "STEP 6: Create needed $i_CounterNewUsers new Zabbix-User"; fi
@@ -1193,7 +1224,9 @@ if [ "$b_Must_Sync_Users" = "true" ]; then
fi
tempvar=""
list_of_userids=""
- for (( i=0; i < ${#LDAP_ARRAY_Members_sAMAccountName[*]}; i++ )); do
+ # I want users to use email address not sam account name to login
+ #for (( i=0; i < ${#LDAP_ARRAY_Members_sAMAccountName[*]}; i++ )); do
+ for (( i=0; i < ${#LDAP_ARRAY_Members_Email[*]}; i++ )); do
list_of_userids+='"'${LDAP_ARRAY_Members_UserId[$i]}'"'
list_of_userids+=","
done
@@ -1323,7 +1356,9 @@ if [ "$b_Must_Sync_Users" = "true" ]; then
# If a user is a now a member of the deactivated user group we can now remove the user from the Zabbix-LDAP-Group
tempvar=""
list_of_userids=""
- for (( i=0; i < ${#LDAP_ARRAY_Members_sAMAccountName[*]}; i++ )); do
+ # I want users to use email address not sam account name to login
+ #for (( i=0; i < ${#LDAP_ARRAY_Members_sAMAccountName[*]}; i++ )); do
+ for (( i=0; i < ${#LDAP_ARRAY_Members_Email[*]}; i++ )); do
list_of_userids+='"'${LDAP_ARRAY_Members_UserId[$i]}'"'
list_of_userids+=","
done
this includes the other patch for groups in groups. also it turns all username to lower case.
I think at some point zabbix changed alias to username - made that change as well
I have used the username instead of the email-address because a user always have an username, but not all users have an email-address. If a email-adress exist, the address will be imported for notifications
Would be nice to allow this to happen