From f74879e834597e90e1d8c1c1cf76d05f1dffacf3 Mon Sep 17 00:00:00 2001 From: Asif Bacchus Date: Mon, 14 Sep 2020 16:04:19 -0600 Subject: [PATCH] update help with mailserver options --- ab-openldap/ab-openldap.sh | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/ab-openldap/ab-openldap.sh b/ab-openldap/ab-openldap.sh index c375334..647d0f7 100755 --- a/ab-openldap/ab-openldap.sh +++ b/ab-openldap/ab-openldap.sh @@ -68,7 +68,9 @@ scriptHelp () { printf "\n" textblock "This is a simple helper script so you can avoid lengthy typing when working with the openLDAP container. The script reads the contents of '${scriptName%.*}.params' and constructs various 'docker run' commands based on that file. The biggest timesaver is working with certificates. If they are specified in the '.params' file, the script will automatically bind-mount them so openLDAP starts in 'TLS required' mode." printf "\n" - textblock "If you run the script with no parameters, it will execute the container 'normally': Run in detached mode with openLDAP automatically launched and logging to stdout. If you specified certificates, openLDAP will require a TLS connection. All modes of operation allow you to enter the container and connect directly using UNIX sockets also." + textblock "If you run the script with no parameters, it will execute the container 'normally'. That is: Run in detached mode with openLDAP automatically launched and logging to stdout. If you specified certificates, openLDAP will require a TLS connection. All modes of operation allow you to enter the container and connect directly using UNIX sockets as root with *unrestricted* access to all DITs and objects." + printf "\n" + textblock "Specifying the '--mailserver mail.server.tld' option, tells openLDAP to verify SASL passwords in the directory against an IMAP/S remote host. In other words, any user with a password '{SASL}user@server.tld' will have their password checked by the IMAP/S server using the provided email address and a 'NO/OK' reponse is fed back to openLDAP. Please note 2 things: You *must* provide the hostname of a mailserver after the '--mailserver' switch; and the remote server *must* implement IMAP/S. More details can be found in the wiki." printf "\n" textblock "Containers run in SHELL mode are ALWAYS removed upon exit as they are meant for testing only. By default, containers run without '--rm' will be restarted automatically unless they are manually stopped via 'docker stop...'" printf "\n" @@ -87,6 +89,12 @@ scriptHelp () { textblock "${cyan}--ldif ${yellow}(ab-openldap_ldif)${norm}" textblock "Change the name of the docker volume used to persist LDIFs." printf "\n" + textblock "${cyan}--mailserver ${magenta}mail.server.tld${norm}" + textblock "Verify SASL passwords against 'mail.server.tld'. Replace with proper mailserver hostname. Mailserver MUST support IMAP/S." + printf "\n" + textblock "${cyan}--mailserver-port ${yellow}(imaps)${norm}" + textblock "If your IMAP/S server uses a non-standard IMAP/S port (not 993) then specify it here. This parameter is ignored if not using '--mailserver'." + printf "\n" textblock "${cyan}--rm|--remove${norm}" textblock "Switch parameter. Automatically remove the container and associated volumes (unless data is written) after it exits." printf "\n"