diff --git a/oas_configs/Remote Desktop Setup Guide.odt b/oas_templates/Remote Desktop Setup Guide.odt similarity index 100% rename from oas_configs/Remote Desktop Setup Guide.odt rename to oas_templates/Remote Desktop Setup Guide.odt diff --git a/oas_configs/VPN Setup Guide.odt b/oas_templates/VPN Setup Guide.odt similarity index 100% rename from oas_configs/VPN Setup Guide.odt rename to oas_templates/VPN Setup Guide.odt diff --git a/oas_clients/template.ovpn b/oas_templates/template.ovpn similarity index 100% rename from oas_clients/template.ovpn rename to oas_templates/template.ovpn diff --git a/ovpn-ad-sync.sh b/ovpn-ad-sync.sh index a994690..18524ea 100755 --- a/ovpn-ad-sync.sh +++ b/ovpn-ad-sync.sh @@ -24,7 +24,8 @@ OAS_USERDIR="/etc/openvpn/oas_clients" # Full path to user conf OAS_RSADIR="/etc/openvpn/rsa" # Full path to easy-rsa root OAS_LOGFILE="/var/log/oas.log" # Log file OAS_LOGRET=10 # Lines of old log to keep -OAS_OVPNTPL="${OAS_USERDIR}/template.ovpn" # Template file to use for clients +OAS_TPLDIR="/etc/openvpn/oas_templates" # Full path to user templates +OAS_OVPNTPL="${OAS_TPLDIR}/template.ovpn" # Template file to use for clients OAS_MAILSUBJ="Example Company - VPN Information" # Subject line of email OAS_MAILFROM="admin@example.com" # This will appear as the "From" address OAS_MAILADMIN="admin@example.com" # Email to copy all configs and errors to @@ -109,7 +110,25 @@ for s_user in $( fi # end of the first looper! done -# next thing is to check and delete (or recycle) user directories not in directory group + +# Now we need to list all directories, and then run an ldap search to see if there is a matching user. If not, we'll figure out how to revoke their certs and then delete the config directory. + +# source rsa vars to get ready to revoke +cd ${OAS_RSADIR} +source ./vars + +# go back to user directory +cd ${OAS_USERDIR} +log "Beginning user deletion run" +# let's list the directories first, then on each dir, run a ldapsearch to see if user match. If not, delete and revoke. +for s_userd in ${OAS_USERDIR} + do + echo "${s_userd}" + # end of second looper. I think we are done for now + done + + + log "Script run complete - it may or may not be a success, the log will tell..." log "Taking a nap before the next run..."