From f4835b451515e9b7bf2af6b8fc1456fb161305b0 Mon Sep 17 00:00:00 2001
From: James Valleroy <jvalleroy@mailbox.org>
Date: Tue, 30 Jun 2015 16:29:03 -0400
Subject: [PATCH] Add new LDAP users to admin group.

---
 actions/create-ldap-user | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/actions/create-ldap-user b/actions/create-ldap-user
index e33dfb92b..9f255c381 100755
--- a/actions/create-ldap-user
+++ b/actions/create-ldap-user
@@ -34,3 +34,24 @@ if [ $? -ne 0 ]; then
     echo "Failed to create user"
     exit 1
 fi
+
+# check if admin group exists
+results=$(ldapsearch -Y EXTERNAL -H ldapi:/// -b 'ou=groups,dc=thisbox' -LLL "(cn=admin)" cn)
+
+if [ -z "$results" ]; then
+    # create admin group, with new user as a member
+    cat <<EOF |ldapadd -Y EXTERNAL -H ldapi:///
+dn: cn=admin,ou=groups,dc=thisbox
+objectClass: groupOfUniqueNames
+cn: admin
+uniqueMember: uid=$username,ou=users,dc=thisbox
+EOF
+else
+    # add new user to existing admin group
+    cat <<EOF |ldapmodify -Y EXTERNAL -H ldapi:///
+dn: cn=admin,ou=groups,dc=thisbox
+changetype: modify
+add: uniqueMember
+uniqueMember: uid=$username,ou=users,dc=thisbox
+EOF
+fi