Created
December 16, 2018 10:53
-
-
Save jyotishp/1329ac327aa2bcedde8cf3837af8c8c1 to your computer and use it in GitHub Desktop.
Alumni migration scripts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #### TODO #### | |
| # - Validate input args | |
| # - Handle users with multiple emails | |
| ############## | |
| # Overview of steps | |
| # - Check if user exists on Gsuite. If not, stop. | |
| # - Check if user with same username exists in @alumni. If yes, stop. | |
| # - Change the primary email address from user@students -> user@alumni | |
| # - Add user@students as an alias for user@alumni | |
| # - Add mailForwardingAddress in our LDAP. | |
| # CAS returns mailForwardingAddress if available else mail. | |
| # - Change OU on GSuite. Users in @research have mails blocked. | |
| # - Add user to respective alumni groups (mailing list) | |
| # - Generate BCC maps, local password, migration CSV for research | |
| gam() { "/root/bin/gam/gam" "$@" ; } | |
| early_quit() { echo "$1" >> $2; exit 1; } | |
| quit() { echo "$1 failed at $2" >> errors.txt; exit 1; } | |
| # Input parsing | |
| current_email="$1" | |
| domain=`echo $1 | awk -F '@' '{print $2}'` | |
| username=`echo $1 | awk -F '@' '{print $1}'` | |
| ldap_admin_password="$2" | |
| touch errors.txt | |
| # Check if the user exists on GSuite | |
| touch no_gsuite_account.txt | |
| if gam info user $current_email > /dev/null 2>&1; then | |
| : | |
| else | |
| early_quit $current_email no_gsuite_account.txt | |
| fi | |
| # Check if the alumni email with same username exists | |
| touch no_unique_username.txt | |
| if gam info user $username@alumni.iiit.ac.in > /dev/null 2>&1; then | |
| early_quit $current_email no_unique_username.txt | |
| fi | |
| # Change primary mail address on GSuite | |
| if gam update user $current_email email $username@alumni.iiit.ac.in; then | |
| : | |
| else | |
| quit $current_email primary_email_update | |
| fi | |
| # Add current email as an alias on GSuite | |
| # GSuite addes primary as alias when primary changes | |
| # if gam create alias $current_email user $username@alumni.iiit.ac.in; then | |
| # : | |
| # else | |
| # # Revert and quit | |
| # gam update user $username@alumni.iiit.ac.in email $current_email | |
| # quit $current_email adding_alias | |
| # fi | |
| # Add mail forwarding address in our LDAP | |
| if ldapsearch -h ldap.iiit.ac.in -x -o ldif-wrap=no -b ou=users,dc=iiit,dc=ac,dc=in -LLL mail=$current_email dn | grep dn: >| /tmp/tmp.ldif; then | |
| : | |
| else | |
| quit $current_email fetching_ldap_record | |
| fi | |
| echo "changetype: modify" >> /tmp/tmp.ldif | |
| echo "add: mailForwardingAddress" >> /tmp/tmp.ldif | |
| echo "mailForwardingAddress: $username@alumni.iiit.ac.in" >> /tmp/tmp.ldif | |
| ldapmodify -h ldap.iiit.ac.in -D cn=admin -w $ldap_admin_password -x -f /tmp/tmp.ldif | |
| # Change OU on GSuite | |
| new_org=`gam info user $current_email | grep 'Google Org' | awk -F ': ' '{print $2}' | sed "s/$domain/alumni.iiit.ac.in/g"` | |
| # Create OU if doesn't exist | |
| if gam info org $new_org > /dev/null 2>&1; then | |
| : | |
| else | |
| parent_org=`echo $new_org | awk -F'/' 'BEGIN {OFS = FS}; NF {NF -= 1}; 1'` | |
| if gam info org $parent_org > /dev/null 2>&1; then | |
| gam create org $(echo $new_org | awk -F '/' '{print $NF}') parent $parent_org | |
| else | |
| head_org=`echo $parent_org | awk -F '/' 'BEGIN {OFS = FS}; NF {NF -= 1}; 1'` | |
| gam create org $(echo $parent_org | awk -F '/' '{print $NF}') parent $head_org | |
| gam create org $(echo $new_org | awk -F '/' '{print $NF}') parent $parent_org | |
| fi | |
| fi | |
| # Update OU | |
| if gam update user $username@alumni.iiit.ac.in org $new_org; then | |
| : | |
| else | |
| quit $current_email gsuite_ou | |
| fi | |
| # Change OU in our LDAP | |
| # Don't do it now. We need copy of mail BCCed to alumni for while. | |
| # Add user to alumni groups | |
| branch=`echo $new_org | awk -F '/' '{print $NF}'` | |
| batch=`echo $parent_org | awk -F '/' '{print $NF}'` | |
| # Check if batch group exists | |
| if gam info group $batch@alumni.iiit.ac.in > /dev/null 2>&1; then | |
| : | |
| else | |
| gam create group $batch@alumni.iiit.ac.in name "$batch" description "$batch mailing list." | |
| gam update group $(echo $batch | awk -F '2k' '{print $1}')@alumni.iiit.ac.in add member user $batch@alumni.iiit.ac.in | |
| fi | |
| # Check branch group exists | |
| if gam info group "${batch}_${branch}@alumni.iiit.ac.in" > /dev/null 2>&1; then | |
| : | |
| else | |
| gam create group "${batch}_${branch}@alumni.iiit.ac.in" name "$batch $branch" description "$batch $branch mailing list." | |
| gam update group $batch@alumni.iiit.ac.in add member user "${batch}_${branch}@alumni.iiit.ac.in" | |
| fi | |
| # Add user | |
| gam update group "${batch}_${branch}@alumni.iiit.ac.in" add member user $username@alumni.iiit.ac.in | |
| #### Only for research #### | |
| if [ "$domain" == "students.iiit.ac.in" ]; then | |
| exit 0 | |
| fi | |
| # Create BCC maps | |
| touch research_bcc_maps | |
| echo -e "$current_email\t$username@alumni.iiit.ac.in" >> research_bcc_maps | |
| # Generate random local passwords on zimbra (generate commands to run on zimbra) | |
| password=`head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13` | |
| touch add_local_passwords | |
| echo "sp $current_email $password" >> add_local_passwords | |
| # Create migration CSV file for GSuite with local zimbra passwords | |
| touch research_migration.csv | |
| echo "$username@alumni.iiit.ac.in,$current_email,$password" >> research_migration.csv | |
| exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment