#!/bin/bash

. ${TOOLKIT}-functions.sh

infile="ldap.conf"
outfile="ldap.conf.tmp"


# optional definitions

# ROOT BINDING

# if ldap_managed = true, or reply server, doesn't binding root,
# even if admin user is defined in kusa db (reply server cannot be managed)
#
rootbinddn=
ldap_managed=false
getconfirm ldap.managed && ldap_managed=true

repl=$(jtconf ldap.repl_number 2>/dev/null) || :
repl=${repl:-0}

[ $repl != 0 ] && ldap_managed=false

if $ldap_managed
then
	val=`jtconf ldap.admin 2>/dev/null` && {
		echo "  ldap.admin defined, binding root user to $val"
		rootbinddn="rootbinddn $val"

		pass=`jtconf ldap.admin_password 2>/dev/null` && {
			[ "$pass" != "" ] && {
				echo "  ldap.admin_password defined, saving to /etc/ldap.secret"
				echo -n "$pass" > /etc/ldap.secret
				chmod 600 /etc/ldap.secret
			}
		}
	}
else
	echo "  ldap NOT managed"
	[ -f /etc/ldap.secret ] && {
		echo "  removing /etc/ldap.secret"
		rm -f /etc/ldap.secret
	}
fi

# parse input file and replaces optional definitions
#
sed -e "s/___ROOTBINDDN___/$rootbinddn/" \
	$infile > $outfile

exit 0
