#! /bin/sh
#
# Author: patrick zambelli
# (C) wuerth phoenix 2011
#
# Plugin that checks your ldap directory service querying for objects.
# Define the ldap base DN and OU to search and define an expression
# to be found in the result
# 

PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin

PROGNAME="Check_LDAP_SEARCH"
REVISION="1.0"


print_usage() {
        echo "Usage: $PROGNAME -H <ldap_host> -b 'dc=wuerth,dc=com' -f '(&(objectClass=user)(samaccountname=pb00162))' -u username -p password -s search_term"
}

print_help() {
        echo "$PROGNAME $REVISION"
        echo ""
        print_usage
        echo ""
        echo "Plugin that checks your ldap directory service querying for objects."
	echo "Define the ldap base DN and OU to search and define an expression"
	echo "to be found in the result"
	echo ""
	echo "-H <ip/hostname> the host to query"
	echo "-p <port> the port for LDAP: i.e 389"
	echo "-b base dn like 'dc=wuerth,dc=com'"
	echo "-f ldap filter to use: '(&(objectClass=user)(samaccountname=pb00162))'"
	echo "-u ldap username"
	echo "-p ldap password"
	echo "-s search term to grep in output"
	echo "-o set flag to use OPEN LDAP call"
	echo " "
	echo " Example call for Open LDAP:"
	echo "./check_ldap_search.sh -H Host-IP -b \"o=ldap object name,c=it\" -f \"(cn=ckldap*)\" -s \"ckldap\" -o"
	

        exit 0
}

if [ $# -lt 4 ]
then
	print_help
	exit $STATE_UNKNOWN
fi

HOST=
PORT="389"
USER=
PASSWD=
BASEDN=
FILTER="*"
SEARCH="*"
OPENLDAP=0
VERBOSE=0
while getopts “h:H:p:b:f:u:p:s:v,o” OPTION
do
     case $OPTION in
         h)
             print_help
             exit 0
             ;;
         H)
             HOST=$OPTARG
             ;;
         p)
             PORT=$OPTARG
             ;;
	 b)
             BASEDN=$OPTARG
             ;;
	 f)
             FILTER=$OPTARG
             ;;
	 u)
             USER=$OPTARG
             ;;
         p)
             PASSWD=$OPTARG
             ;;
         s)
             SEARCH=$OPTARG
             ;;
         o)
             OPENLDAP=1
             ;;
         v)
             VERBOSE=1
             ;;
         ?)
             print_help
             exit 3
             ;;
     esac
done



if [ -z "$HOST" ]
then
	echo "UNKNOWN - forgot to specify HOST in commandline"
	exit $STATE_UNKNOWN
fi


#Active directory
if [ $OPENLDAP -eq 0 ]
then

  if [ "$VERBOSE" -eq "1" ]; then
	echo "ldapsearch -h $HOST -p $PORT -b \"$BASEDN\" -D $USER -x -w$PASSWD \"$FILTER\""
  fi

  ldapResult=`ldapsearch -h $HOST -p $PORT -b $BASEDN -D $USER -x -w$PASSWD "$FILTER" | grep -v filter | grep $SEARCH`

#Open LDAP
else 

  if [ "$VERBOSE" -eq "1" ]; then
	echo "ldapsearch -x -h $HOST -p $PORT -b \"$BASEDN\" \"$FILTER\""
  fi

  ldapResult=`ldapsearch -x -h $HOST -p $PORT -b "$BASEDN" "$FILTER" | grep -v filter | grep $SEARCH`
fi


if [ $? -eq "0" ]; then
   echo "The object attribute $SEARCH has been found"
   exit 0
else
   echo "The object attribute $SEARCH has not been found in $BASEDN"
   exit 2
fi
exit 3