zabbix/zabbix-ldap-sync-bash
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

.gitignore wieder entfernt

Browse Source
This commit is contained in:
root@zabbix.znil.net 2020-04-02 14:30:44 +02:00
parent 21dba95116
commit 5981427f8a
4 changed files with 603 additions and 285 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1,2 +1,3 @@
.gitignore
config-znil.sh config-znil.sh

31
config.sh
View File

@ -8,6 +8,7 @@
# \_____\___/|_| |_|_| |_|\__, |\__,_|_| \__,_|\__|_|\___/|_| |_| # \_____\___/|_| |_|_| |_|\__, |\__,_|_| \__,_|\__|_|\___/|_| |_|
# __/ | # __/ |
# |___/ # |___/
#############################################################################################################
# Configuration LDAP-Connection (Tested LDAPS with Windows Server 2019) # Configuration LDAP-Connection (Tested LDAPS with Windows Server 2019)
# URL of LDAP / LDAPS Server: # URL of LDAP / LDAPS Server:
# LDAP: # LDAP:
@ -28,38 +29,48 @@ LDAP_Bind_User_Password="9qA3XB1r.##Xr2+7c1HP--!pq"
LDAP_SearchBase="DC=znil,DC=local" LDAP_SearchBase="DC=znil,DC=local"
# Name of Groups in LDAP (Active-Directory) and in Zabbix for Sync with Zabbix # Name of Groups in LDAP (Active-Directory) and in Zabbix for Sync with Zabbix
# Will be created as User Type "Zabbix Super Admin" # if you do not want do use one of these groups set both groupnames to "skip" or comment out these lines
# Will be created as User Type "Zabbix Super Admin" (default)
LDAP_Groupname_ZabbixSuperAdmin_for_Sync="Zabbix-Super-Admin" LDAP_Groupname_ZabbixSuperAdmin_for_Sync="Zabbix-Super-Admin"
ZABBIX_Groupname_ZabbixSuperAdmin_for_Sync="LDAP-SuperAdmin" ZABBIX_Groupname_ZabbixSuperAdmin_for_Sync="LDAP-SuperAdmin"
# Will be created as User Type "Zabbix Admin" # Will be created as User Type "Zabbix Admin" (default)
LDAP_Groupname_ZabbixAdmin_for_Sync="Zabbix-Admin" LDAP_Groupname_ZabbixAdmin_for_Sync="Zabbix-Admin"
ZABBIX_Groupname_ZabbixAdmin_for_Sync="LDAP-Admin" ZABBIX_Groupname_ZabbixAdmin_for_Sync="LDAP-Admin"
# Will be created as User Type "Zabbix User" # Will be created as User Type "Zabbix User" (default)
LDAP_Groupname_ZabbixUser_for_Sync="Zabbix-User" LDAP_Groupname_ZabbixUser_for_Sync="Zabbix-User"
ZABBIX_Groupname_ZabbixUser_for_Sync="LDAP-User" ZABBIX_Groupname_ZabbixUser_for_Sync="LDAP-User"
# When you remove an user from the LDAP-Group, the user will moved in this group which is "Not enabled" = Disabled and Frontend access is "disabled" # When you remove an user from the LDAP-Group, the user will moved in this group which is "Not enabled" = Disabled and Frontend access is "disabled"
ZABBIX_Disabled_User_Group="LDAP-Disabled" ZABBIX_Disabled_User_Group="Disabled"
# Configuration Zabbix API Connection (Tested with Zabbix 4.4) # Configuration Zabbix API Connection (Tested with Zabbix 4.4)
# per default ssl checks will be ignored # if https:// is used, per default ssl checks will be ignored
#ZABBIX_API_URL="http://localhost/zabbix/api_jsonrpc.php" #ZABBIX_API_URL="http://localhost/zabbix/api_jsonrpc.php"
ZABBIX_API_URL="http://localhost/api_jsonrpc.php" ZABBIX_API_URL="http://localhost/api_jsonrpc.php"
ZABBIX_API_Username="zbxapi" ZABBIX_API_User="API-User"
ZABBIX_API_Password="2015zbxapi2015" ZABBIX_API_Password="strongpassword73#"
# Zabbix User type for new created Users: # Zabbix User type for new created Users:
# 1 - (default) Zabbix user; # 1 - (default) Zabbix user;
# 2 - Zabbix admin; # 2 - Zabbix admin;
# 3 - Zabbix super admin. # 3 - Zabbix super admin.
ZABBIX_Default_User_Type=1 ZABBIX_UserType_User=1
ZABBIX_UserType_Admin=2
ZABBIX_UserType_SuperAdmin=3
# Zabbix Media Type Id # Zabbix Media Type Id
# At new Installation: # At new Installation:
# 1 - Email # 1 - Email
# 2 - Jabber # 2 - Jabber
# 3 - SMS # 3 - SMS
# Media Type Id can be different if you add own Types, Delete Default Types or If have an Installation witch used "nodes" (Zabbix 2.x) in the past and you have set the bode-Id
ZABBIX_MediaTypeID="1" ZABBIX_MediaTypeID="1"
#############################################################################################################
ZABBIX_MediaTypeID="4204200000000001" # ______ _ __ ______ _ _
# | ____| | | / _| | ____(_) |
# | |__ _ __ __| | ___ | |_ | |__ _| | ___
# | __| | '_ \ / _` | / _ \| _| | __| | | |/ _ \
# | |____| | | | (_| | | (_) | | | | | | | __/
# |______|_| |_|\__,_| \___/|_| |_| |_|_|\___|
#############################################################################################################

3
mytest.sh Executable file
View File

@ -0,0 +1,3 @@
#!/bin/bash
mytemp=`ls -l /root >/dev/null 2>&1 | grep manfred`
echo "Exitcode: $?"

619
zabbix-ldap-sync.sh
View File

@ -2,7 +2,7 @@
############################################################################################################# #############################################################################################################
# Script Name ...: zabbix-ldap-sync.sh # Script Name ...: zabbix-ldap-sync.sh
# Version .......: V1.0 # Version .......: V1.0
# Date ..........: 30.03.2020 # Date ..........: 01.04.2020
# Description....: Synchronise Members of a Actice Directory Group with Zabbix via API # Description....: Synchronise Members of a Actice Directory Group with Zabbix via API
# User wich are removed will be deactivated # User wich are removed will be deactivated
# Args ..........: # Args ..........:
@ -10,100 +10,360 @@
# Email Business : Bernhard.Linz@datagroup.de # Email Business : Bernhard.Linz@datagroup.de
# Email Private : Bernhard@znil.de # Email Private : Bernhard@znil.de
############################################################################################################# #############################################################################################################
# _____ __ _ _ _ # Variables
# / ____| / _(_) | | (_) Script_Version="V1.0 (2020-04-01)"
# | | ___ _ __ | |_ _ __ _ _ _ _ __ __ _| |_ _ ___ _ __ # Colors for printf and echo
# | | / _ \| '_ \| _| |/ _` | | | | '__/ _` | __| |/ _ \| '_ \ DEFAULT_FOREGROUND=39
# | |___| (_) | | | | | | | (_| | |_| | | | (_| | |_| | (_) | | | | RED=31
# \_____\___/|_| |_|_| |_|\__, |\__,_|_| \__,_|\__|_|\___/|_| |_| GREEN=32
YELLOW=33
BLUE=34
MAGENTA=35
CYAN=36
LIGHTRED=91
LIGHTGREEN=92
LIGHTYELLOW=93
LIGHTBLUE=94
LIGHTMAGENTA=95
LIGHTCYAN=96
#############################################################################################################
# ______ _ _
# | ____| | | (_)
# | |__ _ _ _ __ ___| |_ _ ___ _ __ ___
# | __| | | | '_ \ / __| __| |/ _ \| '_ \/ __|
# | | | |_| | | | | (__| |_| | (_) | | | \__ \
# |_| \__,_|_| |_|\___|\__|_|\___/|_| |_|___/
#
#############################################################################################################
# Print_Error ### START Function #####################################################################
Print_Error () {
# $1 = Message
echo
echo -e "+- \e[91mERROR: \e[39m------------------------------------------------------------"
printf "$1"
echo
echo "+---------------------------------------------------------------------"
}
# Print_Error ### END Function #####################################################################
# Print_Status_Text ### START Function #####################################################################
Print_Status_Text () {
if [ "$b_silent" = "false" ]; then
printf "%-.70s" "${1} ......................................................................"
fi
}
# Print_Status_Text ### ENDE Function #####################################################################
# Print_Status_Done ### START Function #####################################################################
Print_Status_Done () {
# RED = 31
# GREEN = 32
if [ "$b_silent" = "false" ]; then
local status_text="${1:-done}"
local status_color="${2:-32}"
printf " \x1b["$status_color"m%s\e[m" "$status_text"
echo
fi
}
# Print_Status_Done ### ENDE Function #####################################################################
# Print_Verbose_Text ### START Function #####################################################################
Print_Verbose_Text () {
if [ "$b_verbose" = "true" ]; then
printf "%-.69s: %s\n" "${1} ......................................................................" "${2}"
fi
}
# Print_Verbose_Text ### ENDE Function #####################################################################
# Check_Prerequisites ### START Function #####################################################################
Check_Prerequisites () {
# $1 = name of command
# $2 = name of Package for Ubuntu/Debian
# $3 = name of Package for CentOS/Red Hat
if ! type "$1" >/dev/null 2>&1; then
echo
echo -e "+- \e[91mERROR: Missing Command \e[39m--------------------------------------------"
echo -e "| \e[36m$1\e[39m is not installed!"
echo "| try:"
echo "| apt install $2"
echo "| yum install $3"
echo "+---------------------------------------------------------------------"
exit 1
fi
}
# Check_Prerequisites ### END Function #####################################################################
# Translate_ldapsearch_exitcode ### START Function #####################################################################
Translate_ldapsearch_exitcode () {
case $1 in
0) printf "0: SUCCESS";;
1) printf "1: LDAP_OPERATIONS_ERROR";;
2) printf "2: LDAP_PROTOCOL_ERROR";;
3) printf "3: LDAP_TIMELIMIT_EXCEEDED";;
4) printf "4: LDAP_SIZELIMIT_EXCEEDED";;
7) printf "7: LDAP_AUTH_METHOD_NOT_SUPPORTED";;
8) printf "8: LDAP_STRONG_AUTH_REQUIRED";;
11) printf "11: LDAP_ADMINLIMIT_EXCEEDED";;
13) printf "13: LDAP_CONFIDENTIALITY_REQUIRED";;
16) printf "14: LDAP_NO_SUCH_ATTRIBUTE";;
17) printf "18: LDAP_INAPPROPRIATE_MATCHING";;
32) printf "32: LDAP_NO_SUCH_OBJECT";;
34) printf "34: LDAP_INVALID_DN_SYNTAX";;
48) printf "48: LDAP_INAPPROPRIATE_AUTH";;
49) printf "49: LDAP_INVALID_CREDENTIALS";;
50) printf "50: LDAP_INSUFFICIENT_ACCESS";;
51) printf "51: LDAP_BUSY";;
52) printf "52: LDAP_UNAVAILABLE";;
255) printf "255: LDAP Can't contact LDAP server";;
*) printf "$1: unkown error";;
esac
echo " (for more details: https://ldapwiki.com/wiki/LDAP%20Result%20Codes)"
}
# Translate_ldapsearch_exitcode ### END Function #####################################################################
# Zabbix_Logout ### START Function #####################################################################
Zabbix_Logout () {
Print_Status_Text "Logout Zabbix API"
if [ "$b_verbose" = "true" ]; then
Print_Status_Done "checking" $LIGHTCYAN
printf 'curl -k -s -X POST -H "Content-Type:application/json" -d '
printf "'"
printf '{"jsonrpc": "2.0","method":"user.logout","params":[],"id":42,"'"$ZABBIX_authentication_token"'"}'
printf "'"
echo " $ZABBIX_API_URL"
fi
myJSON=$(curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc": "2.0","method":"user.logout","params":[],"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL)
if [ "$b_verbose" = "true" ]; then Print_Status_Text "Logout Zabbix API"; fi
Print_Status_Done "done" $GREEN
}
# Zabbix_Logout ### START Function ##################################################################################################################################################################################
# _____ _ _
# / ____| | | |
# | (___ | |_ __ _ _ __| |_ _ _ _ __
# \___ \| __/ _` | '__| __| | | | '_ \
# ____) | || (_| | | | |_| |_| | |_) |
# |_____/ \__\__,_|_| \__|\__,_| .__/
# | |
# |_|
#############################################################################################################
# Check Commandline Arguments
Config_File="<notset>"
b_Unknown_Parameter="false"
b_showpasswords="false"
b_silent="false"
b_verbose="false"
while [[ $# -gt 0 ]]; do
current_parameter="$1"
case $current_parameter in
-c|-C|--config)
Config_File="$2"
shift # past -c / --config
shift # past value
;;
-p|-P|--ShowPassword)
# Passwords will be displayed in Errors and in Verbose mode
b_showpasswords="true"
shift # past argument
;;
-s|-S|--silent)
# be quiet! only errors will be displayed
b_silent="true"
shift # past argument
;;
-v|-V|--verbose)
# show some extra information
b_verbose="true"
shift # past argument
;;
*) # Catch all other
echo -e "\e[91mUnknown Parameter:\e[39m $1"
# next parameter will display help and exit script after the loop
b_Unknown_Parameter="true"
shift # past argument
;;
esac
done
if [ "$b_Unknown_Parameter" = "true" ]; then
# ToDo: Create Help text
exit 1
fi
#############################################################################################################
if [ "$b_silent" = "false" ]; then
echo "---------------------------------------------------------------------------"
echo "zabbix-ldap-sync.sh (Version $Script_Version) startup"
fi
#############################################################################################################
# Testing for all needed commands (normaly only ldapsearch have to be installed manualy)
Print_Status_Text "Checking prerequisites"
Check_Prerequisites "ldapsearch" "ldap-utils" "openldap-clients"
Check_Prerequisites "curl" "curl" "curl"
Check_Prerequisites "sed" "sed" "sed"
Check_Prerequisites "dirname" "coreutils" "coreutils"
Check_Prerequisites "readlink" "coreutils" "coreutils"
Print_Status_Done "done" $GREEN
#############################################################################################################
# _____ _ _____ __ _ _ _
# | __ \ | | / ____| / _(_) | | (_)
# | |__) |___ __ _ __| | | | ___ _ __ | |_ _ __ _ _ _ _ __ __ _| |_ _ ___ _ __
# | _ // _ \/ _` |/ _` | | | / _ \| '_ \| _| |/ _` | | | | '__/ _` | __| |/ _ \| '_ \
# | | \ \ __/ (_| | (_| | | |___| (_) | | | | | | | (_| | |_| | | | (_| | |_| | (_) | | | |
# |_| \_\___|\__,_|\__,_| \_____\___/|_| |_|_| |_|\__, |\__,_|_| \__,_|\__|_|\___/|_| |_|
# __/ | # __/ |
# |___/ # |___/
# Configuration LDAP-Connection (Tested LDAPS with Windows Server 2019) Print_Status_Text "Searching config file"
LDAP_Source_URL="ldaps://10.100.12.51" if [ "$Config_File" = "<notset>" ]; then
LDAP_Bind_User_DN="CN=ldapSearch,OU=3.Funktionsbenutzer,DC=znil,DC=local" # Get the current path of this running script - long solution wich is also working with symlinks
LDAP_Bind_User_Password="bier2017" This_Script_Bash_Source="${BASH_SOURCE[0]}"
LDAP_SearchBase="DC=znil,DC=local" while [ -h "$This_Script_Bash_Source" ]; do # resolve $This_Script_Bash_Source until the file is no longer a symlink
LDAP_Groupname_ZabbixSuperAdmin_for_Sync="Zabbix-Admins" This_Script_Path="$( cd -P "$( dirname "$This_Script_Bash_Source" )" >/dev/null 2>&1 && pwd )"
LDAP_Ignore_SSL_Certificate="true" This_Script_Bash_Source="$(readlink "$This_Script_Bash_Source")"
[[ $This_Script_Bash_Source != /* ]] && This_Script_Bash_Source="$This_Script_Path/$This_Script_Bash_Source" # if $This_Script_Bash_Source was a relative symlink, we need to resolve it relative to the path where the symlink file was located
# Configuration Zabbix API Connection (Tested Zabbix 4.4) done
#ZABBIX_API_URL="http://localhost/zabbix/api_jsonrpc.php" This_Script_Path="$( cd -P "$( dirname "$This_Script_Bash_Source" )" >/dev/null 2>&1 && pwd )"
ZABBIX_API_URL="http://localhost/api_jsonrpc.php" # Special case for programming - my own config file, excluded from .git
ZABBIX_API_Username="zbxapi" if test -f "$This_Script_Path/config-znil.sh"; then
ZABBIX_API_Password="2015zbxapi2015" Config_File="$This_Script_Path/config-znil.sh"
ZABBIX_Groupname_ZabbixSuperAdmin_for_Sync="LDAP-SuperAdmin" else
ZABBIX_Disabled_User_Group="Disabled" Config_File="$This_Script_Path/config.sh"
fi
# Zabbix User type for new created Users:
# 1 - (default) Zabbix user;
# 2 - Zabbix admin;
# 3 - Zabbix super admin.
ZABBIX_Default_User_Type=1
# Zabbix Media Type Id
# At new Installation:
# 1 - Email
# 2 - Jabber
# 3 - SMS
ZABBIX_MediaTypeID="1"
ZABBIX_MediaTypeID="4204200000000001"
#############################################################################################################
#############################################################################################################
#############################################################################################################
#############################################################################################################
#############################################################################################################
#############################################################################################################
#############################################################################################################
#############################################################################################################
# _____ _ _ _ _ _
# / ____| | | | (_) (_) |
# | | | |__ ___ ___| | __ _ __ _ __ ___ _ __ ___ __ _ _ _ _ ___ _| |_ ___ ___
# | | | '_ \ / _ \/ __| |/ / | '_ \| '__/ _ \ '__/ _ \/ _` | | | | / __| | __/ _ \/ __|
# | |____| | | | __/ (__| < | |_) | | | __/ | | __/ (_| | |_| | \__ \ | || __/\__ \
# \_____|_| |_|\___|\___|_|\_\ | .__/|_| \___|_| \___|\__, |\__,_|_|___/_|\__\___||___/
# | | | |
# |_| |_|
# ldapsearch installed?
if ! type "ldapsearch" > /dev/null; then
echo "+- ERROR -----------------------"
echo "| ldapsearch is not installed!"
echo "| try:"
echo "| apt install ldap-utils"
echo "| yum install openldap-clients"
echo "+-------------------------------"
exit 1
fi fi
# curl installed? # Normal test for the file now
if ! type "curl" > /dev/null; then if ! test -f "$Config_File"; then
echo "+- ERROR -----------------------" Print_Status_Done "Error" $RED
echo "| curl is not installed!" Print_Error "$Config_File not found"
echo "| try:"
echo "| apt install curl"
echo "| yum install curl"
echo "+-------------------------------"
exit 1 exit 1
else
Print_Status_Done "done" $GREEN
fi fi
# sed installed? # File exist, read it now
if ! type "sed" > /dev/null; then Print_Status_Text 'Reading "'$Config_File'"'
echo "+- ERROR -----------------------" source $Config_File
echo "| sed is not installed!" Print_Status_Done "done" $GREEN
echo "| try:" Print_Status_Text "Check all needed Settings"
echo "| apt install sed" # if [ -z ${var+x} ]; then echo "var is unset"; else echo "var is set to '$var'"; fi
echo "| yum install sed" if [ "$b_verbose" = "true" ]; then Print_Status_Done "checking" $LIGHTCYAN; fi
echo "+-------------------------------" ####################################################################################################
exit 1 if ! [ -z ${LDAP_Source_URL+x} ]; then Print_Verbose_Text "LDAP_Source_URL" "${LDAP_Source_URL}"; else Print_Error "Missing LDAP_Source_URL"; fi
####################################################################################################
if ! [ -z ${LDAP_Ignore_SSL_Certificate+x} ]; then
Print_Verbose_Text "LDAP_Ignore_SSL_Certificate" "${LDAP_Ignore_SSL_Certificate}"
else
LDAP_Ignore_SSL_Certificate="true"
Print_Verbose_Text "LDAP_Ignore_SSL_Certificate (using Default Value)" "${LDAP_Ignore_SSL_Certificate}"
fi fi
# printf installed? ####################################################################################################
if ! type "printf" > /dev/null; then if ! [ -z ${LDAP_Bind_User_DN+x} ]; then Print_Verbose_Text "LDAP_Bind_User_DN" "${LDAP_Bind_User_DN}"; else Print_Error "Missing LDAP_Bind_User_DN"; fi
echo "+- ERROR -----------------------" ####################################################################################################
echo "| printf is not installed!" if [ -z ${LDAP_Bind_User_Password+x} ]; then
echo "| try:" Print_Error "Missing LDAP_Bind_User_Password"
echo "| apt install sed" else
echo "| yum install sed" if [ "$b_showpasswords" = "true" ]; then
echo "+-------------------------------" Print_Verbose_Text "LDAP_Bind_User_Password" "${LDAP_Bind_User_Password}";
exit 1 else
Print_Verbose_Text "LDAP_Bind_User_Password" "${LDAP_Bind_User_Password:0:3}***************"
fi
fi
####################################################################################################
if ! [ -z ${LDAP_SearchBase+x} ]; then Print_Verbose_Text "LDAP_SearchBase" "${LDAP_SearchBase}"; else Print_Error "Missing LDAP_SearchBase"; fi
####################################################################################################
if ! [ -z ${LDAP_Groupname_ZabbixSuperAdmin_for_Sync+x} ]; then
Print_Verbose_Text "LDAP_Groupname_ZabbixSuperAdmin_for_Sync" "${LDAP_Groupname_ZabbixSuperAdmin_for_Sync}"
else
LDAP_Groupname_ZabbixSuperAdmin_for_Sync="skip"
Print_Verbose_Text "LDAP_Groupname_ZabbixSuperAdmin_for_Sync" "skip sync"
fi
if [ "$LDAP_Groupname_ZabbixSuperAdmin_for_Sync" = "skip" ]; then Print_Verbose_Text "LDAP_Groupname_ZabbixSuperAdmin_for_Sync" "skip sync"; fi
####################################################################################################
if ! [ -z ${ZABBIX_Groupname_ZabbixSuperAdmin_for_Sync+x} ]; then
Print_Verbose_Text "ZABBIX_Groupname_ZabbixSuperAdmin_for_Sync" "${ZABBIX_Groupname_ZabbixSuperAdmin_for_Sync}"
else
ZABBIX_Groupname_ZabbixSuperAdmin_for_Sync="skip"
Print_Verbose_Text "ZABBIX_Groupname_ZabbixSuperAdmin_for_Sync" "skip sync"
fi
if [ "$ZABBIX_Groupname_ZabbixSuperAdmin_for_Sync" = "skip" ]; then Print_Verbose_Text "ZABBIX_Groupname_ZabbixSuperAdmin_for_Sync" "skip sync"; fi
####################################################################################################
if ! [ -z ${LDAP_Groupname_ZabbixAdmin_for_Sync+x} ]; then
Print_Verbose_Text "LDAP_Groupname_ZabbixAdmin_for_Sync" "${LDAP_Groupname_ZabbixAdmin_for_Sync}"
else
LDAP_Groupname_ZabbixAdmin_for_Sync="skip"
Print_Verbose_Text "LDAP_Groupname_ZabbixAdmin_for_Sync" "skip sync"
fi
if [ "$LDAP_Groupname_ZabbixAdmin_for_Sync" = "skip" ]; then Print_Verbose_Text "LDAP_Groupname_ZabbixAdmin_for_Sync" "skip sync"; fi
####################################################################################################
if ! [ -z ${ZABBIX_Groupname_ZabbixAdmin_for_Sync+x} ]; then
Print_Verbose_Text "ZABBIX_Groupname_ZabbixAdmin_for_Sync" "${ZABBIX_Groupname_ZabbixAdmin_for_Sync}"
else
ZABBIX_Groupname_ZabbixAdmin_for_Sync="skip"
Print_Verbose_Text "ZABBIX_Groupname_ZabbixAdmin_for_Sync" "skip sync"
fi
if [ "$ZABBIX_Groupname_ZabbixAdmin_for_Sync" = "skip" ]; then Print_Verbose_Text "ZABBIX_Groupname_ZabbixAdmin_for_Sync" "skip sync"; fi
####################################################################################################
if ! [ -z ${LDAP_Groupname_ZabbixUser_for_Sync+x} ]; then
Print_Verbose_Text "LDAP_Groupname_ZabbixUser_for_Sync" "${LDAP_Groupname_ZabbixUser_for_Sync}"
else
LDAP_Groupname_ZabbixUser_for_Sync="skip"
Print_Verbose_Text "LDAP_Groupname_ZabbixUser_for_Sync" "skip sync"
fi
if [ "$LDAP_Groupname_ZabbixUser_for_Sync" = "skip" ]; then Print_Verbose_Text "LDAP_Groupname_ZabbixUser_for_Sync" "skip sync"; fi
####################################################################################################
if ! [ -z ${ZABBIX_Groupname_ZabbixUser_for_Sync+x} ]; then
Print_Verbose_Text "ZABBIX_Groupname_ZabbixUser_for_Sync" "${ZABBIX_Groupname_ZabbixUser_for_Sync}"
else
ZABBIX_Groupname_ZabbixUser_for_Sync="skip"
Print_Verbose_Text "ZABBIX_Groupname_ZabbixUser_for_Sync" "skip sync"
fi
if [ "$ZABBIX_Groupname_ZabbixUser_for_Sync" = "skip" ]; then Print_Verbose_Text "ZABBIX_Groupname_ZabbixUser_for_Sync" "skip sync"; fi
####################################################################################################
if ! [ -z ${ZABBIX_Disabled_User_Group+x} ]; then
Print_Verbose_Text "ZABBIX_Disabled_User_Group" "${ZABBIX_Disabled_User_Group}"
else
ZABBIX_Disabled_User_Group="Disabled"
Print_Verbose_Text "ZABBIX_Disabled_User_Group (using Default Value)" "${ZABBIX_Disabled_User_Group}"
fi
####################################################################################################
if ! [ -z ${ZABBIX_API_URL+x} ]; then Print_Verbose_Text "ZABBIX_API_URL" "${ZABBIX_API_URL}"; else Print_Error "Missing ZABBIX_API_URL"; fi
####################################################################################################
if ! [ -z ${ZABBIX_API_User+x} ]; then Print_Verbose_Text "ZABBIX_API_User" "${ZABBIX_API_User}"; else Print_Error "Missing ZABBIX_API_User"; fi
####################################################################################################
####################################################################################################
if [ -z ${ZABBIX_API_Password+x} ]; then
Print_Error "Missing ZABBIX_API_Password"
else
if [ "$b_showpasswords" = "true" ]; then
Print_Verbose_Text "ZABBIX_API_Password" "${ZABBIX_API_Password}";
else
Print_Verbose_Text "ZABBIX_API_Password" "${ZABBIX_API_Password:0:3}***************";
fi
fi
####################################################################################################
if ! [ -z ${ZABBIX_UserType_User+x} ]; then
Print_Verbose_Text "ZABBIX_UserType_User" "${ZABBIX_UserType_User}"
else
ZABBIX_UserType_User=1
Print_Verbose_Text "ZABBIX_UserType_User (using Default Value)" "${ZABBIX_UserType_User}"
fi
####################################################################################################
if ! [ -z ${ZABBIX_UserType_Admin+x} ]; then
Print_Verbose_Text "ZABBIX_UserType_Admin" "${ZABBIX_UserType_Admin}"
else
ZABBIX_UserType_Admin=1
Print_Verbose_Text "ZABBIX_UserType_Admin (using Default Value)" "${ZABBIX_UserType_Admin}"
fi
####################################################################################################
if ! [ -z ${ZABBIX_UserType_SuperAdmin+x} ]; then
Print_Verbose_Text "ZABBIX_UserType_SuperAdmin" "${ZABBIX_UserType_SuperAdmin}"
else
ZABBIX_UserType_SuperAdmin=1
Print_Verbose_Text "ZABBIX_UserType_SuperAdmin (using Default Value)" "${ZABBIX_UserType_SuperAdmin}"
fi
####################################################################################################
if ! [ -z ${ZABBIX_MediaTypeID+x} ]; then
Print_Verbose_Text "ZABBIX_MediaTypeID" "${ZABBIX_MediaTypeID}"
else
ZABBIX_MediaTypeID=1
Print_Verbose_Text "ZABBIX_MediaTypeID (using Default Value)" "${ZABBIX_MediaTypeID}"
fi
####################################################################################################
if [ "$b_verbose" = "false" ]; then
Print_Status_Done "done" $GREEN
else
Print_Status_Text "Check all needed Settings"
Print_Status_Done "done" $GREEN
fi fi
############################################################################################################# #############################################################################################################
@ -118,24 +378,57 @@ fi
# #
declare -a LDAP_ARRAY_Members_RAW # Raw Data from ldapsearch declare -a LDAP_ARRAY_Members_RAW # Raw Data from ldapsearch
declare -a LDAP_ARRAY_Members_DN # Distinguished names extracted from LDAP_ARRAY_Members_RAW declare -a LDAP_ARRAY_Members_DN # Distinguished names extracted from LDAP_ARRAY_Members_RAW
echo Print_Status_Text "STEP 1: Getting all Members from Active Directory / LDAP Group"
echo "STEP 1: Getting all Members from Active Directory / LDAP Group" if [ "$b_verbose" = "true" ]; then Print_Status_Done "checking" $LIGHTCYAN; fi
echo "--------------------------------------------------------------" if [ "$b_verbose" = "true" ]; then
echo "Group Name ......: $LDAP_Groupname_ZabbixSuperAdmin_for_Sync" echo
echo "LDAP Server .....: $LDAP_Source_URL" echo "STEP 1: Getting all Members from Active Directory / LDAP Group"
echo "LDAP User .......: $LDAP_Bind_User_DN" echo "--------------------------------------------------------------"
echo "LDAP Search Base : $LDAP_SearchBase" echo "Group Name ......: $LDAP_Groupname_ZabbixSuperAdmin_for_Sync"
echo "--------------------------------------------------------------" echo "LDAP Server .....: $LDAP_Source_URL"
echo "LDAP User .......: $LDAP_Bind_User_DN"
echo "LDAP Search Base : $LDAP_SearchBase"
echo "--------------------------------------------------------------"
echo "running ldapsearch:"
fi
if [ LDAP_Ignore_SSL_Certificate = "false" ]; then if [ LDAP_Ignore_SSL_Certificate = "false" ]; then
# normal ldapsearch call # normal ldapsearch call
if [ "$b_verbose" = "true" ]; then
if [ "$b_showpasswords" = "true" ]; then
echo 'ldapsearch -x -H '$LDAP_Source_URL' -D "'$LDAP_Bind_User_DN'" -w "'$LDAP_Bind_User_Password'" -b "'$LDAP_SearchBase'" "(&(objectClass=group)(cn="'$LDAP_Groupname_ZabbixSuperAdmin_for_Sync'"))"'
else
echo 'ldapsearch -x -H '$LDAP_Source_URL' -D "'$LDAP_Bind_User_DN'" -w "***********" -b "'$LDAP_SearchBase'" "(&(objectClass=group)(cn="'$LDAP_Groupname_ZabbixSuperAdmin_for_Sync'"))"'
fi
fi
# yes, ldapsearch is called twice - first time without grep to catch the exitcode, 2. time to catch the content
tempvar=`ldapsearch -x -H $LDAP_Source_URL -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "$LDAP_SearchBase" "(&(objectClass=group)(cn=$LDAP_Groupname_ZabbixSuperAdmin_for_Sync))" o member`
ldapsearch_exitcode="$?"
if [ "$b_verbose" = "true" ]; then echo "ldapsearch_exitcode: $ldapsearch_exitcode"; fi
tempvar=`ldapsearch -x -H $LDAP_Source_URL -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "$LDAP_SearchBase" "(&(objectClass=group)(cn=$LDAP_Groupname_ZabbixSuperAdmin_for_Sync))" o member | grep member:` tempvar=`ldapsearch -x -H $LDAP_Source_URL -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "$LDAP_SearchBase" "(&(objectClass=group)(cn=$LDAP_Groupname_ZabbixSuperAdmin_for_Sync))" o member | grep member:`
else else
# ignore SSL ldapsearch # ignore SSL ldapsearch
if [ "$b_verbose" = "true" ]; then
if [ "$b_showpasswords" = "true" ]; then
echo 'LDAPTLS_REQCERT=never ldapsearch -x -H '$LDAP_Source_URL' -D "'$LDAP_Bind_User_DN'" -w "'$LDAP_Bind_User_Password'" -b "'$LDAP_SearchBase'" "(&(objectClass=group)(cn='$LDAP_Groupname_ZabbixSuperAdmin_for_Sync'))" o member'
else
echo 'LDAPTLS_REQCERT=never ldapsearch -x -H '$LDAP_Source_URL' -D "'$LDAP_Bind_User_DN'" -w "***********" -b "'$LDAP_SearchBase'" "(&(objectClass=group)(cn='$LDAP_Groupname_ZabbixSuperAdmin_for_Sync'))" o member'
fi
fi
# yes, ldapsearch is called twice - first time without grep to catch the exitcode, 2. time to catch the content
tempvar=`LDAPTLS_REQCERT=never ldapsearch -x -H $LDAP_Source_URL -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "$LDAP_SearchBase" "(&(objectClass=group)(cn=$LDAP_Groupname_ZabbixSuperAdmin_for_Sync))" o member`
ldapsearch_exitcode="$?"
if [ "$b_verbose" = "true" ]; then echo "ldapsearch_exitcode: $ldapsearch_exitcode"; fi
tempvar=`LDAPTLS_REQCERT=never ldapsearch -x -H $LDAP_Source_URL -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "$LDAP_SearchBase" "(&(objectClass=group)(cn=$LDAP_Groupname_ZabbixSuperAdmin_for_Sync))" o member | grep member:` tempvar=`LDAPTLS_REQCERT=never ldapsearch -x -H $LDAP_Source_URL -D "$LDAP_Bind_User_DN" -w "$LDAP_Bind_User_Password" -b "$LDAP_SearchBase" "(&(objectClass=group)(cn=$LDAP_Groupname_ZabbixSuperAdmin_for_Sync))" o member | grep member:`
fi fi
LDAP_ARRAY_Members_RAW=($tempvar) # Split the raw output into an array if [ "$b_verbose" = "true" ]; then
LDAP_ARRAY_Members_DN=() echo 'Result ldapsearch (with "grep member:" : '"$tempvar"
for (( i=0; i < ${#LDAP_ARRAY_Members_RAW[*]}; i++ )); do echo "Exitcode ldapsearch: $(Translate_ldapsearch_exitcode $ldapsearch_exitcode)"
fi
# only continue if ldapsearch was succesfull
if [ "$ldapsearch_exitcode" -eq 0 ];then
LDAP_ARRAY_Members_RAW=($tempvar) # Split the raw output into an array
LDAP_ARRAY_Members_DN=()
for (( i=0; i < ${#LDAP_ARRAY_Members_RAW[*]}; i++ )); do
# Search for the word "member:" in Array - the next value is the DN of a Member # Search for the word "member:" in Array - the next value is the DN of a Member
if [ "${LDAP_ARRAY_Members_RAW[$i]:0:7}" = "member:" ]; then if [ "${LDAP_ARRAY_Members_RAW[$i]:0:7}" = "member:" ]; then
i=$(($i + 1)) i=$(($i + 1))
@ -146,42 +439,38 @@ for (( i=0; i < ${#LDAP_ARRAY_Members_RAW[*]}; i++ )); do
last_item_of_array=$(($last_item_of_array - 1)) # get the Index of the last one (0 is the first index but the number of Items would be 1) last_item_of_array=$(($last_item_of_array - 1)) # get the Index of the last one (0 is the first index but the number of Items would be 1)
LDAP_ARRAY_Members_DN[$last_item_of_array]+=" ${LDAP_ARRAY_Members_RAW[$i]}" # without ( ) -> replace the Item-Value, add no new Item to the array LDAP_ARRAY_Members_DN[$last_item_of_array]+=" ${LDAP_ARRAY_Members_RAW[$i]}" # without ( ) -> replace the Item-Value, add no new Item to the array
fi fi
done done
if [ "${#LDAP_ARRAY_Members_DN[*]}" -eq 0 ]; then
# No Members in Group or an error with ldapsearch
echo "+- ERROR -----------------------"
echo " No Members in Group or an Error with ldapsearch"
echo " try the following commands manual for testing:"
echo 'ldapsearch -x -H '$LDAP_Source_URL' -D "'$LDAP_Bind_User_DN'" -w "'$LDAP_Bind_User_Password'" -b "'$LDAP_SearchBase'" "(&(objectClass=group)(cn='$LDAP_Groupname_ZabbixSuperAdmin_for_Sync'))"'
echo "With ignore SSL Certificate:"
echo 'LDAPTLS_REQCERT=never ldapsearch -x -H '$LDAP_Source_URL' -D "'$LDAP_Bind_User_DN'" -w "'$LDAP_Bind_User_Password'" -b "'$LDAP_SearchBase'" "(&(objectClass=group)(cn='$LDAP_Groupname_ZabbixSuperAdmin_for_Sync'))"'
echo "+-------------------------------"
exit 1
else else
Print_Error "Exitcode ldapsearch not zero: $(Translate_ldapsearch_exitcode $ldapsearch_exitcode)\nTry -v -p and test command by hand"
exit 1
fi
Print_Status_Done "done" $GREEN
if [ "$b_verbose" = "true" ]; then
echo 'Got "Distinguished Name" for '${#LDAP_ARRAY_Members_DN[*]}' members:' echo 'Got "Distinguished Name" for '${#LDAP_ARRAY_Members_DN[*]}' members:'
for (( i=0; i < ${#LDAP_ARRAY_Members_DN[*]}; i++ )); do for (( i=0; i < ${#LDAP_ARRAY_Members_DN[*]}; i++ )); do
echo "$i: ${LDAP_ARRAY_Members_DN[$i]}" echo "$i: ${LDAP_ARRAY_Members_DN[$i]}"
done done
echo "--------------------------------------------------------------" echo "--------------------------------------------------------------"
fi fi
printf "Query sAMAccountName, sn, givenName and primary Email-Address "
declare -a LDAP_ARRAY_Members_sAMAccountName declare -a LDAP_ARRAY_Members_sAMAccountName
declare -a LDAP_ARRAY_Members_Surname declare -a LDAP_ARRAY_Members_Surname
declare -a LDAP_ARRAY_Members_Givenname declare -a LDAP_ARRAY_Members_Givenname
declare -a LDAP_ARRAY_Members_Email declare -a LDAP_ARRAY_Members_Email
LDAP_ARRAY_Members_sAMAccountName=() # Only catch the rest if there members in the group
LDAP_ARRAY_Members_Surname=() if [ "${#LDAP_ARRAY_Members_DN[*]}" -gt 0 ]; then
LDAP_ARRAY_Members_Givenname=() Print_Status_Text "Query sAMAccountName, sn, givenName and primary Email-Address"
LDAP_ARRAY_Members_Email=() LDAP_ARRAY_Members_sAMAccountName=()
# Maybe a User have no Surname, Givenname and/or Email - but the will be always a sAMAccountName LDAP_ARRAY_Members_Surname=()
# the checks are used for testing this. Set to false for the first run of the loop LDAP_ARRAY_Members_Givenname=()
b_check_sAMAccountName="false" LDAP_ARRAY_Members_Email=()
b_check_Surname="false" # Maybe a User have no Surname, Givenname and/or Email - but the will be always a sAMAccountName
b_check_Givenname="false" # the checks are used for testing this. Set to false for the first run of the loop
b_check_Email="false" b_check_sAMAccountName="false"
b_check_Surname="false"
b_check_Givenname="false"
b_check_Email="false"
for (( i=0; i < ${#LDAP_ARRAY_Members_DN[*]}; i++ )); do for (( i=0; i < ${#LDAP_ARRAY_Members_DN[*]}; i++ )); do
# When the Loop start again we have to for all values. All arrays-size must be equal! # When the Loop start again we have to for all values. All arrays-size must be equal!
# First run of loop will be skipped because b_check_sAMAccountName is false # First run of loop will be skipped because b_check_sAMAccountName is false
if [ "$b_check_sAMAccountName" = "true" ]; then if [ "$b_check_sAMAccountName" = "true" ]; then
@ -194,7 +483,6 @@ for (( i=0; i < ${#LDAP_ARRAY_Members_DN[*]}; i++ )); do
if [ "$b_check_Email" = "false" ]; then if [ "$b_check_Email" = "false" ]; then
LDAP_ARRAY_Members_Email+=(" ") LDAP_ARRAY_Members_Email+=(" ")
fi fi
fi fi
if [ LDAP_Ignore_SSL_Certificate = "false" ]; then if [ LDAP_Ignore_SSL_Certificate = "false" ]; then
# sed replace all ": " and "new line" to "|" # sed replace all ": " and "new line" to "|"
@ -243,23 +531,25 @@ for (( i=0; i < ${#LDAP_ARRAY_Members_DN[*]}; i++ )); do
b_check_Email="true" b_check_Email="true"
fi fi
done done
done done
echo " done" Print_Status_Done "done" $GREEN
fi
unset LDAP_ARRAY_Members_RAW unset LDAP_ARRAY_Members_RAW
echo "------------------------------------------------------------------------------------------------" if [ "$b_verbose" = "true" ]; then
echo "Result from STEP 1: Getting all Members from Active Directory / LDAP Group $LDAP_Groupname_ZabbixSuperAdmin_for_Sync" echo "------------------------------------------------------------------------------------------------"
echo "----+----------------------+----------------------+----------------------+----------------------" echo "Result from STEP 1: Getting all Members from Active Directory / LDAP Group $LDAP_Groupname_ZabbixSuperAdmin_for_Sync"
printf "%-3s | %-20s | %-20s | %-20s | %-20s" "No." "sAMAccountName" "Surname" "Givenname" "Email" echo "----+----------------------+----------------------+----------------------+----------------------"
printf "\n" printf "%-3s | %-20s | %-20s | %-20s | %-20s" "No." "sAMAccountName" "Surname" "Givenname" "Email"
echo "----+----------------------+----------------------+----------------------+----------------------" printf "\n"
for (( i=0; i < ${#LDAP_ARRAY_Members_sAMAccountName[*]}; i++ )); do echo "----+----------------------+----------------------+----------------------+----------------------"
for (( i=0; i < ${#LDAP_ARRAY_Members_sAMAccountName[*]}; i++ )); do
printf "%-3s | %-20s | %-20s | %-20s | %-20s" "$i" "${LDAP_ARRAY_Members_sAMAccountName[$i]}" "${LDAP_ARRAY_Members_Surname[$i]}" "${LDAP_ARRAY_Members_Givenname[$i]}" "${LDAP_ARRAY_Members_Email[$i]}" printf "%-3s | %-20s | %-20s | %-20s | %-20s" "$i" "${LDAP_ARRAY_Members_sAMAccountName[$i]}" "${LDAP_ARRAY_Members_Surname[$i]}" "${LDAP_ARRAY_Members_Givenname[$i]}" "${LDAP_ARRAY_Members_Email[$i]}"
printf "\n" printf "\n"
done done
echo "------------------------------------------------------------------------------------------------" echo "------------------------------------------------------------------------------------------------"
echo echo
echo echo
echo fi
############################################################################################################# #############################################################################################################
# ______ _ _ _ _ _ # ______ _ _ _ _ _
@ -271,21 +561,34 @@ echo
# __/ | # __/ |
# |___/ # |___/
# Login Zabbix API and catch the authentication token # Login Zabbix API and catch the authentication token
ZABBIX_authentication_token=$(curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc": "2.0","method":"user.login","params":{"user":"'$ZABBIX_API_Username'","password":"'$ZABBIX_API_Password'"},"id":42}' $ZABBIX_API_URL | cut -d'"' -f8) b_Zabbix_is_logged_in="false"
#echo Anmeldetoken: $ZABBIX_authentication_token Print_Status_Text "Login at Zabbix API"
if [ "${#ZABBIX_authentication_token}" -ne 32 ]; then if [ "$b_verbose" = "true" ]; then Print_Status_Done "checking" $LIGHTCYAN; fi
# Token have 32 Chars - something went wrong if [ "$b_verbose" = "true" ]; then
echo "+- ERROR -----------------------"
echo " Login Zabbix API failed!"
echo " try the following commands manual for testing:"
printf 'curl -k -s -X POST -H "Content-Type:application/json" -d ' printf 'curl -k -s -X POST -H "Content-Type:application/json" -d '
printf "'" printf "'"
printf '{"jsonrpc": "2.0","method":"user.login","params":{"user":"'$ZABBIX_API_Username'","password":"'$ZABBIX_API_Password'"},"id":42}' if [ "$b_showpasswords" = "true" ]; then
printf '{"jsonrpc": "2.0","method":"user.login","params":{"user":"'$ZABBIX_API_User'","password":"'$ZABBIX_API_Password'"},"id":42}'
else
printf '{"jsonrpc": "2.0","method":"user.login","params":{"user":"'$ZABBIX_API_User'","password":"********"},"id":42}'
fi
printf "'" printf "'"
echo " $ZABBIX_API_URL" echo " $ZABBIX_API_URL"
echo "+-------------------------------"
exit 1
fi fi
ZABBIX_authentication_token=$(curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc": "2.0","method":"user.login","params":{"user":"'$ZABBIX_API_User'","password":"'$ZABBIX_API_Password'"},"id":42}' $ZABBIX_API_URL | cut -d'"' -f8)
Print_Verbose_Text "Authentification token" "$ZABBIX_authentication_token"
if [ "${#ZABBIX_authentication_token}" -ne 32 ]; then
# Token must have 32 Chars - something went wrong
Print_Status_Done "failed" $RED
Print_Error "Login Zabbix API failed\nTry -v -p and test command by hand"
exit 1
else
b_Zabbix_is_logged_in="true"
fi
if [ "$b_verbose" = "true" ]; then Print_Status_Text "Login at Zabbix API"; fi
Print_Status_Done "done" $GREEN
Zabbix_Logout
exit 1
############################################################################################################# #############################################################################################################
# ____ ______ _ _ _ _____ # ____ ______ _ _ _ _____
# / __ \ |___ / | | | | (_) / ____| # / __ \ |___ / | | | | (_) / ____|
@ -301,7 +604,7 @@ echo "STEP 2: Get Members of Zabbix-LDAP Group"
echo "--------------------------------------------------------------" echo "--------------------------------------------------------------"
echo "Zabbix LDAP Group Name .........: $ZABBIX_Groupname_ZabbixSuperAdmin_for_Sync" echo "Zabbix LDAP Group Name .........: $ZABBIX_Groupname_ZabbixSuperAdmin_for_Sync"
echo "Zabbix Disabled User Group Name : $ZABBIX_Disabled_User_Group" echo "Zabbix Disabled User Group Name : $ZABBIX_Disabled_User_Group"
echo "Zabbix API URL .................: $ZABBIX_API_Username" echo "Zabbix API URL .................: $ZABBIX_API_User"
echo "Zabbix API User ................: $LDAP_Bind_User_DN" echo "Zabbix API User ................: $LDAP_Bind_User_DN"
echo "--------------------------------------------------------------" echo "--------------------------------------------------------------"
############################################################################################################# #############################################################################################################
@ -569,29 +872,29 @@ if [ "$b_Must_Sync_Users" = "true" ]; then
tempvar="" tempvar=""
case "$create_combination" in case "$create_combination" in
"OOO") # No Surname, Givenname or Email "OOO") # No Surname, Givenname or Email
tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc":"2.0","method":"user.create","params":{"alias":'"$tempSAM"',"usrgrps":[{"usrgrpid":"'$ZABBIX_LDAP_Group_UsrGrpId'"}],"type":'$ZABBIX_Default_User_Type'},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL` tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc":"2.0","method":"user.create","params":{"alias":'"$tempSAM"',"usrgrps":[{"usrgrpid":"'$ZABBIX_LDAP_Group_UsrGrpId'"}],"type":'$ZABBIX_UserType_User'},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL`
;; ;;
"OOX") # Email, but no Surname or Givenname "OOX") # Email, but no Surname or Givenname
tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc":"2.0","method":"user.create","params":{"alias":'"$tempSAM"',"user_medias":[{"mediatypeid": "'$ZABBIX_MediaTypeID'","sendto":['"$tempEmail"']}],"usrgrps":[{"usrgrpid":"'$ZABBIX_LDAP_Group_UsrGrpId'"}],"type":'$ZABBIX_Default_User_Type'},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL` tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc":"2.0","method":"user.create","params":{"alias":'"$tempSAM"',"user_medias":[{"mediatypeid": "'$ZABBIX_MediaTypeID'","sendto":['"$tempEmail"']}],"usrgrps":[{"usrgrpid":"'$ZABBIX_LDAP_Group_UsrGrpId'"}],"type":'$ZABBIX_UserType_User'},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL`
;; ;;
"OXO") # Givenname, but no Surname or Email "OXO") # Givenname, but no Surname or Email
tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc":"2.0","method":"user.create","params":{"alias":'"$tempSAM"',"name":'"$tempNAME"',"usrgrps":[{"usrgrpid":"'$ZABBIX_LDAP_Group_UsrGrpId'"}],"type":'$ZABBIX_Default_User_Type'},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL` tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc":"2.0","method":"user.create","params":{"alias":'"$tempSAM"',"name":'"$tempNAME"',"usrgrps":[{"usrgrpid":"'$ZABBIX_LDAP_Group_UsrGrpId'"}],"type":'$ZABBIX_UserType_User'},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL`
;; ;;
"OXX") # Givenname and Email, no Surname "OXX") # Givenname and Email, no Surname
tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc":"2.0","method":"user.create","params":{"alias":'"$tempSAM"',"user_medias":[{"mediatypeid": "'$ZABBIX_MediaTypeID'","sendto":['"$tempEmail"']}],"name":'"$tempNAME"',"usrgrps":[{"usrgrpid":"'$ZABBIX_LDAP_Group_UsrGrpId'"}],"type":'$ZABBIX_Default_User_Type'},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL` tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc":"2.0","method":"user.create","params":{"alias":'"$tempSAM"',"user_medias":[{"mediatypeid": "'$ZABBIX_MediaTypeID'","sendto":['"$tempEmail"']}],"name":'"$tempNAME"',"usrgrps":[{"usrgrpid":"'$ZABBIX_LDAP_Group_UsrGrpId'"}],"type":'$ZABBIX_UserType_User'},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL`
;; ;;
"XOO") # Surname, but no Givenname or Email "XOO") # Surname, but no Givenname or Email
tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc":"2.0","method":"user.create","params":{"alias":'"$tempSAM"',"surname":'"$tempSURNAME"',"usrgrps":[{"usrgrpid":"'$ZABBIX_LDAP_Group_UsrGrpId'"}],"type":'$ZABBIX_Default_User_Type'},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL` tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc":"2.0","method":"user.create","params":{"alias":'"$tempSAM"',"surname":'"$tempSURNAME"',"usrgrps":[{"usrgrpid":"'$ZABBIX_LDAP_Group_UsrGrpId'"}],"type":'$ZABBIX_UserType_User'},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL`
;; ;;
"XOX") # Surname and Email, but no Givenname "XOX") # Surname and Email, but no Givenname
tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc": "2.0","method":"user.create","params":{"alias":'"$tempSAM"',"surname":'"$tempSURNAME"',"user_medias":[{"mediatypeid": "'$ZABBIX_MediaTypeID'","sendto":['"$tempEmail"']}],"usrgrps":[{"usrgrpid":"'$ZABBIX_LDAP_Group_UsrGrpId'"}],"type":'$ZABBIX_Default_User_Type'},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL` tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc": "2.0","method":"user.create","params":{"alias":'"$tempSAM"',"surname":'"$tempSURNAME"',"user_medias":[{"mediatypeid": "'$ZABBIX_MediaTypeID'","sendto":['"$tempEmail"']}],"usrgrps":[{"usrgrpid":"'$ZABBIX_LDAP_Group_UsrGrpId'"}],"type":'$ZABBIX_UserType_User'},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL`
;; ;;
"XXO") # Surname and Givenname, but no Email "XXO") # Surname and Givenname, but no Email
tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc":"2.0","method":"user.create","params":{"alias":'"$tempSAM"',"name":'"$tempNAME"',"surname":'"$tempSURNAME"',"usrgrps":[{"usrgrpid":"'$ZABBIX_LDAP_Group_UsrGrpId'"}],"type":'$ZABBIX_Default_User_Type'},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL` tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc":"2.0","method":"user.create","params":{"alias":'"$tempSAM"',"name":'"$tempNAME"',"surname":'"$tempSURNAME"',"usrgrps":[{"usrgrpid":"'$ZABBIX_LDAP_Group_UsrGrpId'"}],"type":'$ZABBIX_UserType_User'},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL`
;; ;;
"XXX") # Surname, Givenname and Email "XXX") # Surname, Givenname and Email
tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc": "2.0","method":"user.create","params":{"alias":'"$tempSAM"',"name":'"$tempNAME"',"surname":'"$tempSURNAME"',"user_medias":[{"mediatypeid": "'$ZABBIX_MediaTypeID'","sendto":['"$tempEmail"']}],"usrgrps":[{"usrgrpid":"'$ZABBIX_LDAP_Group_UsrGrpId'"}],"type":'$ZABBIX_Default_User_Type'},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL` tempvar=`curl -k -s -X POST -H "Content-Type:application/json" -d '{"jsonrpc": "2.0","method":"user.create","params":{"alias":'"$tempSAM"',"name":'"$tempNAME"',"surname":'"$tempSURNAME"',"user_medias":[{"mediatypeid": "'$ZABBIX_MediaTypeID'","sendto":['"$tempEmail"']}],"usrgrps":[{"usrgrpid":"'$ZABBIX_LDAP_Group_UsrGrpId'"}],"type":'$ZABBIX_UserType_User'},"id":42,"auth":"'$ZABBIX_authentication_token'"}' $ZABBIX_API_URL`
;; ;;
esac esac
#echo "$tempvar" #echo "$tempvar"