Skip to main content
Question

Configure LDAP via DHCP

  • June 5, 2008
  • 3 replies
  • 9 views
A
  • Anonymous

Anyone have a script to trip the "Add DHCP Supplied LDAP"? The only way I can see to do it is via a shell script using sed or something else to edit the plist file.

Steve Wood
Director, Information Technology
swood at integerdallas.com

The Integer Group | 1999 Bryan St. | Ste. 1700 | Dallas, TX 75201
T 214.758.6813 | F 214.758.6907 | C 940.312.2475

    3 replies

    A
    • Anonymous
    • June 6, 2008

    I'm afraid I'm not familiar with the change you want to make, but if you want to edit a plist, you want to use the "defaults" command. It will even edit binary plist files.

    If I misunderstood the question, though, it may be that you need to manipulate the data already within the plist (and are thinking of piping a defaults read into sed into defaults write), in which case, we are better able to help if we have details on the transformation you have in mind.

    Cheers,
    Clinton Blackmore

    A
    • Anonymous
    • June 6, 2008

    In the Directory Utility application, when you open the LDAP service you can tell LDAP to get its information from DHCP. I want to set that from a shell script. Using defaults write was my first thought, but the plist that controls that setting is not in the domain ("Domain SearchNodeConfig.plist does not exist"). So, that means in order to "trip" the flag you need to edit the plist by hand.

    Now, the plist contains information in this format:

    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd ">
    <plist version="1.0">
    <dict> <key>DHCP LDAP</key> <dict> <key>/Sets/5FB6FAF4-3397-4981-BCC0-4D8FE463CA1C</key> <true/> </dict> <key>Search Node PlugIn Version</key> <string>Search Node PlugIn Version 1.7</string> <key>Search Policy</key> <integer>1</integer>
    </dict>
    </plist>

    Notice the key "DHCP LDAP". You need to set the value of the key to true, as it is here (<true/>), if you want to gather the LDAP info from DHCP. Since I cannot use defaults write to do this, that means I have to use sed to parse out the key and then inject the true flag. BTW, the key value (in this case <key>/Sets/5FB6FAF4-3397-4981- BCC0-4D8FE463CA1C</key>) is different for each machine, so just dropping the plist into each machine won't work (I tried).

    Hope that helps.

    Steve Wood
    Director, Information Technology
    swood at integerdallas.com

    The Integer Group | 1999 Bryan St. | Ste. 1700 | Dallas, TX 75201
    T 214.758.6813 | F 214.758.6907 | C 940.312.2475

    A
    • Anonymous
    • June 9, 2008

    What is the full path and file name of the plist? Also, do you have any idea how the key value is generated -- it doesn't look like a MAC address or GUID. (It may be worthwhile to check if a machine given a plist that does not include the key will notice that and generate it itself.)

    Clinton Blackmore

    Terms & ConditionsCookie settingsAccessibility statement