Delete & Create userTemplates using Terminal for scripting

letmesetupthis · April 28, 2023, 3:52pm

hey everyone

I want to script as much of my setup as possible.
Is there an official way to Delete & Create userTemplates using the Terminal for scripting?

jlk · May 2, 2023, 6:42am

Hey,

this can be done via udm settings/usertemplate. An overview of variables configurable upon creation is provided via --help.

Best regards
Jan-Luca

letmesetupthis · May 3, 2023, 11:36am

I tried to import a template from the information I get when using “list”.
But even when I remove some things it doesnt like.
it will always give me:

LDAP Error: Invalid syntax: univentionAuthTimestamp: value #0 invalid per syntax.

Since the ‘univentionAuthTimestamp’ attribute cannot be set directly, I think it should be automatically generated? But it’s not.

letmesetupthis · May 4, 2023, 9:09am

I remove all the places where there was = none and now it works

letmesetupthis · May 4, 2023, 10:03am

just got another issue…
when I use set groups it works but tells me to use append instead… but using append it will only create the group in set groups.
when I add them commad-seperate din one set group it also doesnt work. so the only way to do it is set group for each group but it says its the wrong way to do so.

jlk · May 4, 2023, 1:47pm

Glad that you got it working! I did not understand the new issue completely, can you provide us with the command that you built and said output?

letmesetupthis · May 4, 2023, 2:01pm

this works:

eval "$(ucr shell ldap/base)"
ldap_fulldomain=$(echo "$ldap_base" | sed -E 's/dc=([^,]+),dc=([^,]+)/\1.\2/')
udm settings/usertemplate create \
  --position "cn=templates,cn=univention,$ldap_base" \
  --set name=1_Basic_User \
  --set SoGoActivated=1 \
  --set SoGoQuota=0 \
  --set SoGotls_enforce_in=0 \
  --set SoGotls_enforce_out=0 \
  --set displayName="<firstname> <lastname><:strip>" \
  --set e-mail="<firstname>.<lastname>@$ldap_fulldomain<:lower,umlauts,strip>" \
  --set disabled=0 \
  --set groups="cn=Domain Users,cn=groups,$ldap_base" \
  --set groups="cn=normalusers,cn=groups,$ldap_base" \
  --set groups="cn=Email_Enabled_Account,cn=groups,$ldap_base" \
  --set groups="cn=Nextcloud_Enabled_Account,cn=groups,$ldap_base" \
  --set mailPrimaryAddress="<firstname>.<lastname>@$ldap_fulldomain<:lower,umlauts,strip>" \
  --set primaryGroup="cn=normalusers,cn=groups,$ldap_base" \
  --set shell="/bin/bash" \
  --set unixhome="/home/<username>" \
  --set nextcloudEnabled=1 \
  --set pwdChangeNextLogin=0

but it always tells me, that I should use “append” for multiple gorups.
so wehn I replace set groups with append groups or when I list the groups comma-seperated, it will always only create the pirmary and first group. never the append ones or 2nd and third when seperatign them in one line

jlk · May 4, 2023, 3:20pm

Alright, I was able to reproduce the warning. If there is one --set and apart from that --append is used the tempalte is indeed created with only the first group, but only using --append for all supplied groups worked for me. Can you confirm that?

letmesetupthis · May 4, 2023, 4:19pm

yes, it works that way.