#!/bin/sh
#ident $Id: ldap_getcred,v 1.2 2004/11/18 02:58:53 lukeh Exp $
#
# Run this script from cron to update the credentials cache for
# nss_ldap
#

PATH=$REGISTRY=Prefix/bin:$REGISTRY=Prefix/sbin:/usr/bin:/bin

LDAP_CONF=$REGISTRY=SysConfDir/ldap.conf
LDAP_CACHE=$REGISTRY=LocalStateDir/run/.ldapcache

HOST=`grep -i "^host " $LDAP_CONF | awk '{print $2}'`
if [ $? -ne 0 ]; then
	print "Failed to find server host name in $LDAP_CONF; bailing."
	exit $?
fi

SASL_AUTH_ID=`grep -i "^sasl_auth_id " $LDAP_CONF | awk '{print $2}'`
if [ $? -ne 0 ]; then
	print "Failed to find SASL auth id in $LDAP_CONF; bailing."
	exit $?
fi

LDAP_SPN="ldap/$HOST"

kinit -k -c $LDAP_CACHE -S $LDAP_SPN $SASL_AUTH_ID
if [ $? != 0 ]; then
	exit $?
fi

chmod a+r $REGISTRY=LocalStateDir/run/.ldapcache
if [ $? != 0 ]; then
	exit $?
fi

exit 0

