Commit ae4d931b authored by Haarst, Jan van's avatar Haarst, Jan van
Browse files

First import of script to create new user on the bioinformatics servers.

parent 960c8d93
#!/bin/bash
set -o nounset
set -o errexit
function ad_id_to_dn() {
echo `ldapsearch -x -LLL -E pr=200/noprompt -H ldaps://ldap.wurnet.nl -D srv_ldap_reader@wur.nl -w ldap_reader "(&(samAccountName="$1"))" -b "dc=wurnet,dc=nl" dn | \
sed -e '/^$/,$d' | sed ':a;N;$!ba;s/\n //g'| awk '{$1=""; print $0}'`
}
function ad_id_to_mail() {
TERM=mail
echo $(ldapsearch -x -LLL -E pr=200/noprompt -H ldaps://ldap.wurnet.nl -D srv_ldap_reader@wur.nl -w ldap_reader "(&(samAccountName="$1"))" -b "dc=wurnet,dc=nl" $TERM | \
grep $TERM | cut -f 2 -d':')
}
function ad_id_to_name() {
TERM=cn
echo $(ldapsearch -x -LLL -E pr=200/noprompt -H ldaps://ldap.wurnet.nl -D srv_ldap_reader@wur.nl -w ldap_reader "(&(samAccountName="$1"))" -b "dc=wurnet,dc=nl" $TERM | \
grep $TERM | cut -f 2 -d':') | awk -F, '{ print $2 " " $1 }'
}
function add_to_ad_group() {
binddn=${SUDO_USER}@wurnet.nl
# If changing this, als change DN
# Lookup with
# ldapsearch -x -LLL -E pr=200/noprompt -H ldaps://ldap.wurnet.nl -D srv_ldap_reader@wur.nl -w ldap_reader "(&(samAccountName="SERVERS_dev1_Rusr"))" -b "dc=wurnet,dc=nl" dn
local USERDN=$(ad_id_to_dn $1)
group=SERVERS_dev1_Rusr
echo "Adding $1 to group $group in the AD."
ldapmodify -x -H ldaps://ldap.wurnet.nl -D "$binddn" -w "$ADMINPASSWORD" << EOF
dn: CN=SERVERS_dev1_Rusr,OU=dev1.ab,OU=BioInformatics,OU=NoPolicy,OU=Servers,DC=wurnet,DC=nl
changetype: modify
add: member
member: $USERDN
EOF
}
#TODO Fix this, doesn't work
function del_from_ad_group() {
binddn=${SUDO_USER}@wurnet.nl
# If changing this, als change DN
# Lookup with
# ldapsearch -x -LLL -E pr=200/noprompt -H ldaps://ldap.wurnet.nl -D srv_ldap_reader@wur.nl -w ldap_reader "(&(samAccountName="SERVERS_dev1_Rusr"))" -b "dc=wurnet,dc=nl" dn
local USERDN=$(ad_id_to_dn $1)
group=SERVERS_dev1_Rusr
echo "Deleting $1 from group $group in the AD."
ldapmodify -x -H ldaps://ldap.wurnet.nl -D "$binddn" -w "$ADMINPASSWORD" << EOF
dn: CN=SERVERS_dev1_Rusr,OU=dev1.ab,OU=BioInformatics,OU=NoPolicy,OU=Servers,DC=wurnet,DC=nl
changetype: modify
delete: member
member: $USERDN
EOF
}
if [ -z "${1-}" ] || [ -z "${SUDO_USER-}" ]
then
echo "Usage : sudo $0 USERNAME"
exit 1
fi
NEW_USER=${1}
NAME=$(ad_id_to_name $1)
MAIL=$(ad_id_to_mail $1)
ADMIN_NAME=$(ad_id_to_name $SUDO_USER)
if [ -z "${ADMINPASSWORD-}" ]
then
read -sp "Enter your password for ${SUDO_USER}:" ADMINPASSWORD
fi
#del_from_ad_group $NEW_USER
#exit
add_to_ad_group $NEW_USER
mkdir -p --mode=700 --verbose {/mnt/scratch/,/mnt/LTR_userdata/}${NEW_USER}
chown --verbose ${NEW_USER}:'domain users' /mnt/scratch/${NEW_USER}
chown --verbose ${NEW_USER}:'domain users' /mnt/LTR_userdata/${NEW_USER}
echo "Use this as mail template to mail $MAIL :"
echo
cat << EOF
Hi $NAME,
You now have access to our shared servers.
We share these servers with a couple of groups, these are :
- Bioscience, Applied bioinformatics
- Chairgroup of bioinformatics
- Chairgroup of Nematology
- Chairgroup of Genetics
- Host-Microbe Interactomics
You should be able to log in to all our machines via ssh using you WUR account.
From a wired connection within the WUR all machines should be available directly, from outside of the WUR or via wifi you first need to log on to a machine that is connected to the internet, for instance www.bioinformatics.nl (AKA myers.bioinformatics.nl) and then you can use ssh to connect to the other machines.
If you type a wrong password consecutively three times connecting to www.bioinformatics.nl you will be blocked for a day (manual override is possible), so you should consider using ssh-key based authentication.
Your home directory is shared across all machines, it must contain no more than 10 GB.
There are two network disks that are also shared across (almost) all machines:
/mnt/scratch
and
/mnt/LTR_userdata
Scratch is for temporary data, LTR_userdata is for data that should be backed up. Currently the network disks are slow, which can affect running times of your software a lot. For scratch and home we will move to a different file server that should bring performance back to acceptable levels.
You have your own directory on these as well. Try to keep your data storage within reasonable limits, there should/will be hard limits in the future.
Make sure to not claim a complete machine for a long time in terms of CPUs or memory without notice, we do not use a scheduling agent like on the HPC/Anunna.
The machines run Ubuntu. You can ask us to install some software if it is available in one of the repositories through aptitude, more ‘manual’ installations should be done by yourself.
A way to easily do this, is through bioconda : https://bioconda.github.io/
Current machines:
altschul.bioinformatics.nl
bork.bioinformatics.nl
dayhoff.bioinformatics.nl
eddy.bioinformatics.nl
fisher.bioinformatics.nl
franklin.bioinformatics.nl
hogeweg.bioinformatics.nl
myers.bioinformatics.nl
pevzner.bioinformatics.nl
smith.bioinformatics.nl
waterman.bioinformatics.nl
If you log on to machine you usually get an overview of the load on the machines.
For questions and remarks it is best to use sysop@bioinformatics.nl
Bye,
$ADMIN_NAME
EOF
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment