The SecureLogin Attribute Provisioning Tool (SLAP tool) enables SecureLogin to leverage an organization's provisioning system. You can use the SLAP tool to import the following data, in XML format, from third-party applications into the SecureLogin user's datastore as well as export information (except for passwords and passphrases):
The SLAP tool operates as a bidirectional translator between SecureLogin data in a directory and an XML file. The XML schema used is the same as the Copy Settings GUI importer/exporter. In addition to copying settings, the SLAP tool can extract usernames. The SLAP tool doesn't export sensitive data such as passwords and passphrases.
For example, an organization with 10,000 users in a SAP* system, implementing SecureLogin, can speed deployment significantly by automating the initial user login with the SLAP tool. Use the SLAP tool to extract the usernames and passwords into a text file that is subsequently loaded into SecureLogin. The SLAP tool removes the requirement for each user to enter credentials on first login to SecureLogin.
The SLAP tool syntax is
slaptool [-hlaspcPef] -r object_name_file | -o "object" [file ...]
For example,
./slaptool.exe -o "CN=markus.O=novell.T=RDev" initial_setup.xml
In this example, slaptool.exe reads user IDs, applications, settings and password policies from the file initial_setup.xml and writes them out to the object CN=markus.O=novell.T=RDev.
The following example Perl script assumes usernames and passwords are stored in a text file named listofnames.txt. There is one space between each username and password pair per line.
An XML file that contains the data for import is required to run this script. Where the data is customized on a per username basis, the string to be substituted is replaced with *usernamegoeshere*.
open FILE,"listofnames.txt";
foreach (<FILE>) {
chomp; # Clean string
@lines = split(/\n/); # Split up string
foreach $l (@lines) {
@fields = split(/\s/);
$name = $fields[0];
$pass = $fields[1];
open DATAFILE,"source.xml";
open OUTFILE,">data.xml";
foreach (<DATAFILE>) { # Write up a file specific to this user
s/\*usernamegoeshere\*/$name/;
s/\*passwordgoeshere\*/$pass/;
# Any other variable susbstitution can be done here too...
print OUTFILE "$_";
}
close DATAFILE;
close OUTFILE;
system "slaptool.exe -o \"CN=$name.O=myorg.T=OURCOMPANY\" data.xml";
}
}
close FILE;
unlink 'data.xml';
Using an XML file called source.xml, run the script with the data to be imported. For example, import data that has been manually exported from a single user setup, but with the value for the username replaced with the string "*usernamegoeshere*".
The example script does not include error handling.
<?xml version="1.0"?><securelogin> <passphrasequestions> <question>Please enter a passphrase for SLAP testing.</question> </passphrasequestions> <passphrase> <activequestion>Please enter a passphrase for SLAP testing.</activequestion> <answer>passphrase</answer> </passphrase> <logins> <login> <name>fnord</name> <symbol> <name>username</name> <value>bob</value> </symbol> <symbol> <name>Password</name> <value>test</value> </symbol> </login> <login> <name>notepad.exe</name> <symbol> <name>username</name> <value>asdf</value> </symbol> <symbol> <name>Password</name> <value>test</value> </symbol> </login> <login> <name>testlogin</name> <symbol> <name>username</name> <value>Novell</value> </symbol> <symbol> <name>Password</name> <value>test</value> </symbol> </login> </logins></securelogin>