From 1b0612b005e840fd78c797c65e6f5d68993638b8 Mon Sep 17 00:00:00 2001
From: Charles N Wyble <reachableceo@turnsys.com>
Date: Fri, 13 Dec 2024 17:32:49 -0600
Subject: [PATCH] organzing for portfolio

---
 K8S/k8s-context.sh                            |  19 +++
 K8S/kbCheck.sh                                |  18 +++
 NetworkManagement/librenms-bulkAdd.sh         |  13 ++
 .../librenmsPollScripts/discoveryWrap.sh      |  33 ++++
 .../discoveryWrapCommon.sh                    |  26 ++++
 .../librenmsPollScripts/discoveryWrapControl  |   3 +
 .../librenmsPollScripts/pollerWrap.sh         |  33 ++++
 .../librenmsPollScripts/pollerWrapCommon.sh   |  27 ++++
 .../librenmsPollScripts/pollerWrapControl     |   3 +
 SysadminAutomation/PHPIpam/phpipam_api_key.sh |  21 +++
 .../PHPIpam/phpipam_hostname_detail.sh        |  52 +++++++
 .../ServerAdmin/clean-docker.sh               |   5 +
 .../ServerAdmin/commandWrapSafe               |  29 ++++
 .../ServerAdmin/custom_ssh_handler.sh         |  10 ++
 .../ServerAdmin/obtain_centos_mac.sh          |  17 +++
 .../ServerAutomation/ServerAdmin/setForPxe.sh |  21 +++
 .../ServerAutomation/ServerAdmin/sitrep.sh    |  20 +++
 .../ServerAutomation/ServerAdmin/up2date.sh   |   7 +
 .../ServerAutomation/out-of-band/Set_User.xml |  29 ++++
 .../ServerAutomation/out-of-band/config-iLO   | 141 ++++++++++++++++++
 .../out-of-band/iLO-admin-priv                |  99 ++++++++++++
 .../out-of-band/ilo-password-changer          |  71 +++++++++
 .../ServerAutomation/out-of-band/iloFwUp      |  30 ++++
 .../out-of-band/iloUpdater.sh                 |  90 +++++++++++
 .../ssh-handlers/generic-authorized_keys      |   1 +
 .../generic-restricted-handler.sh             |  23 +++
 .../ssh-handlers/slack-authorized_keys        |   1 +
 .../ssh-handlers/slack-restricted-handler.sh  |  16 ++
 SysadminAutomation/makeIPAMUsr.sh             |  41 +++++
 SysadminAutomation/searchLdap.sh              |  11 ++
 30 files changed, 910 insertions(+)
 create mode 100644 K8S/k8s-context.sh
 create mode 100644 K8S/kbCheck.sh
 create mode 100644 NetworkManagement/librenms-bulkAdd.sh
 create mode 100644 NetworkManagement/librenmsPollScripts/discoveryWrap.sh
 create mode 100644 NetworkManagement/librenmsPollScripts/discoveryWrapCommon.sh
 create mode 100644 NetworkManagement/librenmsPollScripts/discoveryWrapControl
 create mode 100644 NetworkManagement/librenmsPollScripts/pollerWrap.sh
 create mode 100644 NetworkManagement/librenmsPollScripts/pollerWrapCommon.sh
 create mode 100644 NetworkManagement/librenmsPollScripts/pollerWrapControl
 create mode 100644 SysadminAutomation/PHPIpam/phpipam_api_key.sh
 create mode 100644 SysadminAutomation/PHPIpam/phpipam_hostname_detail.sh
 create mode 100644 SysadminAutomation/ServerAutomation/ServerAdmin/clean-docker.sh
 create mode 100644 SysadminAutomation/ServerAutomation/ServerAdmin/commandWrapSafe
 create mode 100644 SysadminAutomation/ServerAutomation/ServerAdmin/custom_ssh_handler.sh
 create mode 100644 SysadminAutomation/ServerAutomation/ServerAdmin/obtain_centos_mac.sh
 create mode 100644 SysadminAutomation/ServerAutomation/ServerAdmin/setForPxe.sh
 create mode 100644 SysadminAutomation/ServerAutomation/ServerAdmin/sitrep.sh
 create mode 100644 SysadminAutomation/ServerAutomation/ServerAdmin/up2date.sh
 create mode 100644 SysadminAutomation/ServerAutomation/out-of-band/Set_User.xml
 create mode 100644 SysadminAutomation/ServerAutomation/out-of-band/config-iLO
 create mode 100644 SysadminAutomation/ServerAutomation/out-of-band/iLO-admin-priv
 create mode 100644 SysadminAutomation/ServerAutomation/out-of-band/ilo-password-changer
 create mode 100644 SysadminAutomation/ServerAutomation/out-of-band/iloFwUp
 create mode 100644 SysadminAutomation/ServerAutomation/out-of-band/iloUpdater.sh
 create mode 100644 SysadminAutomation/ServerAutomation/ssh-handlers/generic-authorized_keys
 create mode 100644 SysadminAutomation/ServerAutomation/ssh-handlers/generic-restricted-handler.sh
 create mode 100644 SysadminAutomation/ServerAutomation/ssh-handlers/slack-authorized_keys
 create mode 100644 SysadminAutomation/ServerAutomation/ssh-handlers/slack-restricted-handler.sh
 create mode 100644 SysadminAutomation/makeIPAMUsr.sh
 create mode 100644 SysadminAutomation/searchLdap.sh

diff --git a/K8S/k8s-context.sh b/K8S/k8s-context.sh
new file mode 100644
index 0000000..6e2d40e
--- /dev/null
+++ b/K8S/k8s-context.sh
@@ -0,0 +1,19 @@
+# Set the default kube context if present
+
+DEFAULT_KUBE_CONTEXTS="$HOME/.kube/config"
+if test -f "${DEFAULT_KUBE_CONTEXTS}"
+then
+  export KUBECONFIG="$DEFAULT_KUBE_CONTEXTS"
+fi
+
+# Additional contexts should be in ~/.kube/custom-contexts/
+CUSTOM_KUBE_CONTEXTS="$HOME/.kube/custom-contexts"
+mkdir -p "${CUSTOM_KUBE_CONTEXTS}"
+
+OIFS="$IFS"
+IFS=$'\n'
+for contextFile in `find "${CUSTOM_KUBE_CONTEXTS}" -type f -name "*.yml"`
+do
+    export KUBECONFIG="$contextFile:$KUBECONFIG"
+done
+IFS="$OIFS"
diff --git a/K8S/kbCheck.sh b/K8S/kbCheck.sh
new file mode 100644
index 0000000..e584bb5
--- /dev/null
+++ b/K8S/kbCheck.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+IFS=$'\n\t'
+
+kbNodeList=(
+"db1"
+"db2"
+"db3"
+)
+
+for kbNode in ${kbNodeList[@]}; do 
+	COMMAND="$(ssh $kbNode uptime)"
+	echo "Load on $kbNode" $COMMAND
+done
+
+kubectl get nodes -o wide
+
+kubectl get pods -A -o wide
\ No newline at end of file
diff --git a/NetworkManagement/librenms-bulkAdd.sh b/NetworkManagement/librenms-bulkAdd.sh
new file mode 100644
index 0000000..068b69e
--- /dev/null
+++ b/NetworkManagement/librenms-bulkAdd.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+hostsToAdd=(
+pfv-vmsrv-06.turnsys.net
+)
+
+IFS=$'\n\t'
+
+for nodeToAdd in ${hostsToAdd[@]}; do
+        ./delhost.php $nodeToAdd
+        ./addhost.php $nodeToAdd kn3lmgmt ; ./discovery.php -h $nodeToAdd kn3lmgmt ;  ./poller.php -h $nodeToAdd kn3lmgmt &
+done
+
diff --git a/NetworkManagement/librenmsPollScripts/discoveryWrap.sh b/NetworkManagement/librenmsPollScripts/discoveryWrap.sh
new file mode 100644
index 0000000..48a7851
--- /dev/null
+++ b/NetworkManagement/librenmsPollScripts/discoveryWrap.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+#wrapper script called from cron for observium polling. A lightweight wrapper around poller.php
+
+#Source common functions/variables
+source /var/observium/CMDB/pollScripts/discoveryWrapControl
+source /var/observium/CMDB/pollScripts/discoveryWrapCommon.sh
+
+
+function discover()
+#Perform discovery of hosts with pattern passed in via $1
+{
+logger "Performing discovery of node type: $1"
+/var/observium/observium/discovery.php -h *$1* 
+if [ $? -ne 0 ]; then
+error_out fatal "discovery.php run for $1 failed"
+fi
+}
+
+function main()
+#Main execution body
+{
+for arg in "${commandline_args[@]}"; do
+ preflight "$arg"
+ touch /tmp/discovery-$arg.lock
+ discover "$arg"
+ rm -f /tmp/discovery-$arg.lock
+logger "Completed discovery."
+done
+}
+
+#Kick it all off
+commandline_args=("$@")
+main
diff --git a/NetworkManagement/librenmsPollScripts/discoveryWrapCommon.sh b/NetworkManagement/librenmsPollScripts/discoveryWrapCommon.sh
new file mode 100644
index 0000000..b33af9e
--- /dev/null
+++ b/NetworkManagement/librenmsPollScripts/discoveryWrapCommon.sh
@@ -0,0 +1,26 @@
+function error_out()
+#Handle error conditions
+#Takes two arguments:
+#Error type (fatal,nonfatal)
+#Error message
+{
+if [ $1 == "fatal" ]; then
+echo "$0 has experienced a fatal error condition and has aborted operation at $DATE. Please investigate and resolve. Details: $2" | mail -s "Observium discovery fatal error" -r $ERROR_FROM $ERROR_TO
+logger $0 has experienced a fatal error condition and has aborted operation at $DATE. Details: $2
+exit 1
+elif [ $1 == "nonfatal" ]; then
+echo "$0 has experienced a non fatal error condition and has continued operation at $DATE. Please investigate and resolve. \n Details: $2" | mail -s "Observium discovery non fatal error" -r $ERROR_FROM $ERROR_TO
+logger $0 has experienced a non fatal error condition and has continued operation at $DATE . Details: $2
+fi
+}
+
+function preflight()
+#Perform preflight checks for all scan types
+{
+logger "Performing preflight checks for discovery of node type: $1"
+echo "Performing preflight checks for discovery of node type: $1"
+
+if [ -f /tmp/discovery-$1.lock ]; then
+error_out fatal "lock file /tmp/discovery-$1.lock exists. Bailing out."
+fi
+}
diff --git a/NetworkManagement/librenmsPollScripts/discoveryWrapControl b/NetworkManagement/librenmsPollScripts/discoveryWrapControl
new file mode 100644
index 0000000..efc93db
--- /dev/null
+++ b/NetworkManagement/librenmsPollScripts/discoveryWrapControl
@@ -0,0 +1,3 @@
+DATE=$(date +%m/%d/%Y-%H:%M)
+ERROR_FROM=""
+ERROR_TO=""
diff --git a/NetworkManagement/librenmsPollScripts/pollerWrap.sh b/NetworkManagement/librenmsPollScripts/pollerWrap.sh
new file mode 100644
index 0000000..23c2073
--- /dev/null
+++ b/NetworkManagement/librenmsPollScripts/pollerWrap.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+#wrapper script called from cron for observium polling. A lightweight wrapper around poller.php
+
+#Source common functions/variables
+source /var/observium/CMDB/pollScripts/pollerWrapControl
+source /var/observium/CMDB/pollScripts/pollerWrapCommon.sh
+
+
+function poller()
+#Perform scan
+{
+logger "Performing polling of node type: $1"
+/var/observium/observium/poller.php -h *$1* 
+if [ $? -ne 0 ]; then
+error_out fatal "poller.php run for $1 failed"
+fi
+}
+
+function main()
+#Main execution body
+{
+for arg in "${commandline_args[@]}"; do
+ preflight "$arg"
+ touch /tmp/poll-$arg.lock
+ poller "$arg"
+ rm -f /tmp/poll-$arg.lock
+logger "Completed polling."
+done
+}
+
+#Kick it all off
+commandline_args=("$@")
+main
diff --git a/NetworkManagement/librenmsPollScripts/pollerWrapCommon.sh b/NetworkManagement/librenmsPollScripts/pollerWrapCommon.sh
new file mode 100644
index 0000000..d11b205
--- /dev/null
+++ b/NetworkManagement/librenmsPollScripts/pollerWrapCommon.sh
@@ -0,0 +1,27 @@
+function error_out()
+#Handle error conditions
+#Takes two arguments:
+#Error type (fatal,nonfatal)
+#Error message
+{
+if [ $1 == "fatal" ]; then
+echo "$0 has experienced a fatal error condition and has aborted operation at $DATE. Please investigate and resolve. Details: $2" | mail -s "Observium polling fatal error" -r $ERROR_FROM $ERROR_TO
+logger $0 has experienced a fatal error condition and has aborted operation at $DATE. Details: $2
+exit 1
+elif [ $1 == "nonfatal" ]; then
+echo "$0 has experienced a non fatal error condition and has continued operation at $DATE. Please investigate and resolve. \n Details: $2" | mail -s "Observium polling non fatal error" -r $ERROR_FROM $ERROR_TO
+logger $0 has experienced a non fatal error condition and has continued operation at $DATE . Details: $2
+fi
+}
+
+function preflight()
+#Perform preflight checks for all scan types
+{
+echo "Performing preflight checks for polling of: $1"
+logger "Performing preflight checks for polling of: $1"
+
+if [ -f /tmp/poll-$1.lock ]; then
+error_out fatal "Poll lock file /tmp/poll-$1.lock exists."
+fi
+
+}
diff --git a/NetworkManagement/librenmsPollScripts/pollerWrapControl b/NetworkManagement/librenmsPollScripts/pollerWrapControl
new file mode 100644
index 0000000..efc93db
--- /dev/null
+++ b/NetworkManagement/librenmsPollScripts/pollerWrapControl
@@ -0,0 +1,3 @@
+DATE=$(date +%m/%d/%Y-%H:%M)
+ERROR_FROM=""
+ERROR_TO=""
diff --git a/SysadminAutomation/PHPIpam/phpipam_api_key.sh b/SysadminAutomation/PHPIpam/phpipam_api_key.sh
new file mode 100644
index 0000000..66caa3c
--- /dev/null
+++ b/SysadminAutomation/PHPIpam/phpipam_api_key.sh
@@ -0,0 +1,21 @@
+function api_key_phpiahm()
+{
+#Description: obtain api key from phpipam for future operations
+#Arguments: none
+#Outputs: api key
+
+    curl \
+                --silent \
+                -X POST \
+                --user $UN:$PW \
+                -H "Content-Type: application/xml" \
+              $PHPIPAM_BASE_URL/user/ > /tmp/phpipam/$CURR_EX_VAR-token.xml
+
+    export API_TOKEN=$(while read_dom; do
+        if [[ $ENTITY = "token" ]]; then
+            echo $CONTENT
+        fi
+    done < /tmp/phpipam/$CURR_EX_VAR-token.xml)
+    rm -f /tmp/phpipam/$CURR_EX_VAR-token.xml
+}
+
diff --git a/SysadminAutomation/PHPIpam/phpipam_hostname_detail.sh b/SysadminAutomation/PHPIpam/phpipam_hostname_detail.sh
new file mode 100644
index 0000000..3a8690e
--- /dev/null
+++ b/SysadminAutomation/PHPIpam/phpipam_hostname_detail.sh
@@ -0,0 +1,52 @@
+function phpipam_hostname_detail()
+{
+#Description: lookup network details from a hostname
+#Arguments: hostname
+#output: IP address, netmask, gw
+
+    #Lookup TS hostname/IP in phpipam
+    IP_XML=$(curl \
+                --silent \
+                -X GET \
+                --user $UN:$PW \
+                -H "Content-Type: application/xml" \
+                -H "token:${API_TOKEN}" \
+              $PHPIPAM_BASE_URL/api/$APP_ID/addresses/search_hostname/$1/ > /tmp/phpipam/$CURR_EX_VAR-ip.xml
+    )
+
+    PC_IP=$(while read_dom; do
+        if [[ $ENTITY = "ip" ]]; then
+            echo $CONTENT
+        fi
+    done < /tmp/phpipam/$CURR_EX_VAR-ip.xml)
+
+    SUBNET_ID=$(while read_dom; do
+        if [[ $ENTITY = "subnetId" ]]; then
+            echo $CONTENT
+        fi
+    done < /tmp/phpipam/$CURR_EX_VAR-ip.xml)
+
+
+   #Use subnet id to determine netmask and gateway
+curl \
+    --silent \
+    -X GET \
+    --user $UN:$PW \
+    -H "Content-Type: application/xml" \
+    -H "token:${API_TOKEN}" \
+    $PHPIPAM_BASE_URL/api/$APP_ID/subnets/$SUBNET_ID/ > /tmp/phpipam/$CURR_EX_VAR-subnet.xml
+
+    export PC_NETMASK=$(while read_dom; do
+        if [[ $ENTITY = "Subnet_netmask" ]]; then
+            echo $CONTENT
+        fi
+    done < /tmp/phpipam/$CURR_EX_VAR-subnet.xml)
+
+    export PC_GATEWAY=$(while read_dom; do
+        if [[ $ENTITY = "ip_addr" ]]; then
+            echo $CONTENT
+        fi
+    done < /tmp/phpipam/$CURR_EX_VAR-subnet.xml)
+
+}
+
diff --git a/SysadminAutomation/ServerAutomation/ServerAdmin/clean-docker.sh b/SysadminAutomation/ServerAutomation/ServerAdmin/clean-docker.sh
new file mode 100644
index 0000000..e847919
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/ServerAdmin/clean-docker.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+
+for did in $(docker ps -a  |grep -v IMAGE|awk '{print $1}'); do docker rm -f $did;done
+for did in $(docker image ls |grep -v IMAGE|awk '{print $3}'); do docker image rm -f $did;done
diff --git a/SysadminAutomation/ServerAutomation/ServerAdmin/commandWrapSafe b/SysadminAutomation/ServerAutomation/ServerAdmin/commandWrapSafe
new file mode 100644
index 0000000..246c0b9
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/ServerAdmin/commandWrapSafe
@@ -0,0 +1,29 @@
+#!/bin/bash
+#Wrapper for various items which play traffic.
+#tcpreplay,tomahawk,isic suite
+#Check for presence of eth0 in passed arguments and abort/alert
+
+OPTIONS="$@"
+
+function ABORT()
+{
+#red bg 0;41
+#white text 1;37
+chmod 400 $0.real
+chmod 400 $0
+
+MESSAGE="You have attempted to execute an action which will result in harm to the system. The system is now terminating all shell sessions on this host and alerting support personnel. You will lose any unsaved work."
+echo -e "\e[0;41m$MESSAGE\e[1;37"
+mailsend -q -smtp RELAYHOST -t PAGEREMAIL -f ALERTFROMEMAIL -sub "$0 using eth0 activity on $(hostname)" -M "$(hostname) attempted to play traffic using $0 out of eth0 at $(date)."
+killall -g -9 bash
+}
+
+ETH0_CHECK=$(echo $OPTIONS | grep eth0 -c)
+
+if [ $ETH0_CHECK -gt 0 ];
+then
+ABORT
+fi
+
+#If all checks pass, go ahead and execute the invoking program
+$0.real $OPTIONS
diff --git a/SysadminAutomation/ServerAutomation/ServerAdmin/custom_ssh_handler.sh b/SysadminAutomation/ServerAutomation/ServerAdmin/custom_ssh_handler.sh
new file mode 100644
index 0000000..d4a33e7
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/ServerAdmin/custom_ssh_handler.sh
@@ -0,0 +1,10 @@
+function custom_ssh()
+{
+CUSTOMSSH_USER=$1
+CUSTOMSSH_HOST=$2
+CUSTOMSSH_COMMAND=$3
+
+SSH_TARGET="$CUSTOMSSH_USER@$CUSTOMSSH_HOST"
+ssh -q -t -o StrictHostKeyChecking=no -i $SSH_KEY $SSH_TARGET "$CUSTOMSSH_COMMAND"
+}
+
diff --git a/SysadminAutomation/ServerAutomation/ServerAdmin/obtain_centos_mac.sh b/SysadminAutomation/ServerAutomation/ServerAdmin/obtain_centos_mac.sh
new file mode 100644
index 0000000..a38c8b5
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/ServerAdmin/obtain_centos_mac.sh
@@ -0,0 +1,17 @@
+function obtain_centos_mac()
+{
+
+    DISTRO_TYPE="$(distro |awk '{print $1}'|tr '[:upper:]'  '[:lower:]')"
+    DISTRO_VERSION=$(distro |awk '{print $2}'|awk -F '.' '{print $1}')
+
+if [ $DISTRO_TYPE == "centos" ] && [ $DISTRO_VERSION == 6 ] ;
+then
+     /sbin/ifconfig eth0|grep HWadd| awk '{print $NF}'|tr '[:upper:]'  '[:lower:]'|sed 's/\:/-'/g
+fi
+
+if [ $DISTRO_TYPE == "centos" ] && [ $DISTRO_VERSION == 7 ] ;
+then
+     /sbin/ifconfig eth0|grep ether| awk '{print $2}'|tr '[:upper:]'  '[:lower:]'|sed 's/\:/-'/g
+fi
+
+}
diff --git a/SysadminAutomation/ServerAutomation/ServerAdmin/setForPxe.sh b/SysadminAutomation/ServerAutomation/ServerAdmin/setForPxe.sh
new file mode 100644
index 0000000..99d42d8
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/ServerAdmin/setForPxe.sh
@@ -0,0 +1,21 @@
+#!/bin/bash 
+
+echo "setting bmc for pxe boot..." 
+
+export ISHP="$(dmidecode -t System|grep Manufacturer|grep HP -c)"
+export ISDELL="$(dmidecode -t System|grep Manufacturer|grep Dell -c)"
+
+#Set BMC to PXE
+
+if [ $ISHP -eq 1 ]; then
+    hpbootcfg -P 
+fi
+
+if [ $ISDELL -eq 1 ]; then
+    ipmitool chassis bootparam set bootflag force_pxe
+fi
+
+#Reboot the system
+echo "re-booting..."
+    /sbin/reboot
+
diff --git a/SysadminAutomation/ServerAutomation/ServerAdmin/sitrep.sh b/SysadminAutomation/ServerAutomation/ServerAdmin/sitrep.sh
new file mode 100644
index 0000000..9ff46a5
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/ServerAdmin/sitrep.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+#A script to produce a current situation report for a server
+
+
+echo -e "\e[1;34;47mSystem uptime/load:\e[0m" ; uptime;
+echo -e "\e[1;34;47mSystem hostname and IP address:\e[0m"; hostname && hostname -i;
+echo -e "\e[1;34;47mDisk usage:\e[0m"; df -i; df -h;
+echo -e "\e[1;34;47mPHP process count:\e[0m" ;ps faux |grep php | wc -l;
+echo -e  "\e[1;34;47mMemory:\e[0m"; free -m; cat /proc/meminfo | egrep 'MemTotal|MemFree'; 
+echo -e "\e[1;34;47mNumber of and model ofCPU:\e[0m"; cat /proc/cpuinfo | grep processor | wc -l; cat /proc/cpuinfo | grep "model name";
+echo -e  "\e[1;34;47mSoftware Versions:\e[0m"; php -v; mysql --version; httpd -v;
+echo -e  "\e[1;34;47mExim Message Count:\e[0m"; exim -bpc;
+echo -e  "\e[1;34;47mFTP Connection Count:\e[0m"; netstat -pan |grep :21|wc -l;
+echo -e  "\e[1;34;47mApache Connection Count:\e[0m";netstat -pan|grep :80|wc -l;
+echo -e  "\e[1;34;47mSSH Connection Count:\e[0m"; netstat -pan|grep :22|wc -l;
+
+
+for i in $(ls /var/log/sa/sa[0-31]*);do echo "Average System load  for $(date +%B) $i" ; sar -f $i -q|tail -n 1 ; done;for i in $(ls /var/log/sa/sa[0-31]*);do echo "Average System load  for $(date +%B) $i" ; sar -f $i -r|tail -n 1 ; done;
+if [ -e /proc/user_beancounters ]; then echo -e "\e[1;34;47mUser Beancounters:\e[0m" && cat /proc/user_beancounters | awk '{if ($NF>0){print$0}}';fi;
+echo -e "\e[1;34;47mrunning processes:\e[0m" ; ps faux|egrep -v 'init|watchdog|iscsi|cqueue|kmpath|iscsid|syslogd|kpsmoused|auditd|irqbalance|rpc.idmapd|hcid|kmpathd|ib_cm|rpciod|migration|kjournald|scsi_eh_0|scsi_eh_1|khubd|kswapd0|kedac|kauditd|udevd|named|mingetty|agetty|dbus|kacpid|kblockd|pdflush|ksoftirqd|khelper|kthread|kseriod|klogd|acpid|spamd|cpsrvd|pure-authd|/usr/sbin/courierlogger|/usr/lib/courier-imap';blockcount=$(ip ro |grep blackhole | wc -l); if [ $blockcount -gt 0 ]; then echo -e "\e[1;34;47mBlocked IP Addresses:\e[0m"; ip ro |grep blackhole; fi 			
diff --git a/SysadminAutomation/ServerAutomation/ServerAdmin/up2date.sh b/SysadminAutomation/ServerAutomation/ServerAdmin/up2date.sh
new file mode 100644
index 0000000..de4c143
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/ServerAdmin/up2date.sh
@@ -0,0 +1,7 @@
+apt-get -y --purge autoremove
+apt-get update
+apt-get -y upgrade
+apt-get -y dist-upgrade
+apt-get -y full-upgrade
+apt-get -y --purge autoremove
+apt-get clean
diff --git a/SysadminAutomation/ServerAutomation/out-of-band/Set_User.xml b/SysadminAutomation/ServerAutomation/out-of-band/Set_User.xml
new file mode 100644
index 0000000..394071b
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/out-of-band/Set_User.xml
@@ -0,0 +1,29 @@
+<!--    file used for configuring admin privileges with hponcfg -->
+
+
+<RIBCL VERSION="2.0">
+  <LOGIN USER_LOGIN="adminname" PASSWORD="password">
+  <USER_INFO MODE="write">
+    <MOD_USER USER_LOGIN="Administrator">
+      <USER_NAME value="Administrator"/>
+      <PASSWORD value="secretcred"/>
+      <ADMIN_PRIV value="Yes"/>
+      <REMOTE_CONS_PRIV value="Yes"/>
+      <RESET_SERVER_PRIV value="Yes"/>
+      <VIRTUAL_MEDIA_PRIV value="Yes"/>
+      <CONFIG_ILO_PRIV value="Yes"/>
+      <!--        Firmware support infomation for next 6 tags:       -->
+      <!--            iLO 2 - None.                                  -->
+      <!--              iLO - Version earlier than 1.40.             -->
+      <!--         RILOE II - None.                                  -->
+      <!-- <VIEW_LOGS_PRIV value="Yes"/>                             -->
+      <!-- <CLEAR_LOGS_PRIV value="Yes"/>                            -->
+      <!-- <EMS_PRIV value="Yes"/>                                   -->
+      <!-- <UPDATE_ILO_PRIV value="No"/>                             -->
+      <!-- <CONFIG_RACK_PRIV value="Yes"/>                           -->
+      <!-- <DIAG_PRIV value="Yes"/>                                  -->
+    </MOD_USER>
+  </USER_INFO>
+  </LOGIN>
+</RIBCL>
+
diff --git a/SysadminAutomation/ServerAutomation/out-of-band/config-iLO b/SysadminAutomation/ServerAutomation/out-of-band/config-iLO
new file mode 100644
index 0000000..1c6498e
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/out-of-band/config-iLO
@@ -0,0 +1,141 @@
+#!/bin/bash
+#Script for configuring iLO - modified version, works with hponcfg-4.2.0-0.i386.rpm
+
+#set -x
+
+function configure-ilo()
+{
+echo "Now running $FUNCNAME...."
+
+
+#Install hponcfg
+#yum install -y hponcfg
+
+#Reset to factory defaults (just in case)
+hponcfg -r
+
+#Dynamic values for the generated XML
+ILONAME="$(hostname -s)-iLO"
+ILOIP="$(dig -x @DNS_SERVER_IP $ILONAME.$TLD +short)"
+
+#VLAN verification and configuration
+case $ILOIP in
+172.16.10*.*)
+GATEWAY=172.16.103.254
+NETMASK=255.255.252.0
+ENABLEV=Y
+VLAN=101
+;;
+172.16.11*.*)
+GATEWAY=172.16.115.254
+NETMASK=255.255.252.0
+ENABLEV=Y
+VLAN=112
+;;
+172.17.1.*)
+GATEWAY=0.0.0.0
+NETMASK=255.255.252.0
+ENABLEV=N
+VLAN=243
+;;
+172.17.2.*)
+GATEWAY=0.0.0.0
+NETMASK=255.255.252.0
+ENABLEV=N
+VLAN=243
+;;
+esac
+
+#Build xml config file for ILO
+cat > /tmp/ilo.dat <<ENDILO
+<!-- HPONCFG VERSION = "1.9" -->
+<!-- Generated 1/31/2013 16:8:49 -->
+<RIBCL VERSION="2.1">
+ <LOGIN USER_LOGIN="Administrator" PASSWORD="xxxxx">
+  <DIR_INFO MODE="write">
+  <MOD_DIR_CONFIG>
+    <DIR_AUTHENTICATION_ENABLED VALUE = "No"/>
+    <DIR_LOCAL_USER_ACCT VALUE = "Y"/>
+    <DIR_SERVER_ADDRESS VALUE = ""/>
+    <DIR_SERVER_PORT VALUE = "636"/>
+    <DIR_OBJECT_DN VALUE = ""/>
+    <DIR_OBJECT_PASSWORD VALUE = ""/>
+    <DIR_USER_CONTEXT_1 VALUE = ""/>
+    <DIR_USER_CONTEXT_2 VALUE = ""/>
+    <DIR_USER_CONTEXT_3 VALUE = ""/>
+  </MOD_DIR_CONFIG>
+  </DIR_INFO>
+  <RIB_INFO MODE="write">
+	<MOD_NETWORK_SETTINGS>
+	<DHCP_ENABLE VALUE = "No"/>
+	<SPEED_AUTOSELECT VALUE = "Yes"/>
+	<NIC_SPEED VALUE = "10"/>
+	<FULL_DUPLEX VALUE = "Y"/>
+	<IP_ADDRESS VALUE = "$ILOIP"/>
+	<SUBNET_MASK VALUE = "$NETMASK"/>
+	<GATEWAY_IP_ADDRESS VALUE = "$GATEWAY"/>
+	<DNS_NAME VALUE = "$ILONAME"/>
+	<PRIM_DNS_SERVER value = "10.207.12.78"/>
+	<DOMAIN_NAME VALUE = "tplab.tippingpoint.com"/>
+	<DHCP_GATEWAY VALUE = "No"/>
+	<DHCP_DNS_SERVER VALUE = "No"/>
+	<DHCP_STATIC_ROUTE VALUE = "No"/>
+	<DHCP_WINS_SERVER VALUE = "No"/>
+	<REG_WINS_SERVER VALUE = "No"/>
+	<PRIM_WINS_SERVER VALUE = ""/>
+	<SHARED_NETWORK_PORT VALUE="Y"/>
+	<VLAN_ENABLED VALUE = "$ENABLEV"/>
+	<VLAN_ID VALUE = "$VLAN"/>
+  </MOD_NETWORK_SETTINGS>
+	<!-- iLO Advanced Activation -->
+    <LICENSE> 
+		<ACTIVATE KEY="3GMPZW29YQP242466Q99355BM" />
+    </LICENSE>
+  </RIB_INFO>
+  <USER_INFO MODE="write">
+    <ADD_USER
+      USER_NAME="Guest"
+      USER_LOGIN="Guest"
+      PASSWORD="Wund3rB4r!!">
+      <ADMIN_PRIV value="Y"/>
+      <REMOTE_CONS_PRIV value="Y"/>
+      <RESET_SERVER_PRIV value="Y"/>
+      <VIRTUAL_MEDIA_PRIV value="Y"/>
+      <CONFIG_ILO_PRIV value="Y"/>
+    </ADD_USER>
+  </USER_INFO>
+  <USER_INFO MODE="write">
+    <MOD_USER USER_LOGIN="Administrator">
+      <USER_NAME value="Administrator"/>
+      <PASSWORD value="admin11=="/>
+      <ADMIN_PRIV value="N"/>
+      <REMOTE_CONS_PRIV value="Y"/>
+      <RESET_SERVER_PRIV value="Y"/>
+      <VIRTUAL_MEDIA_PRIV value="N"/>
+      <CONFIG_ILO_PRIV value="N"/>
+    </MOD_USER>
+  </USER_INFO>
+ </LOGIN>
+</RIBCL>
+
+ENDILO
+
+#Apply config to the ILO card
+hponcfg -f /tmp/ilo.dat
+
+echo "iLO configured on $ILONAME, IP: $ILOIP"
+}
+
+#configure-ilo
+
+##########################################################################################
+##		Control logic for the script						##
+##########################################################################################
+main()
+{
+echo "Configuring iLo on $ILONAME at $(date)"
+
+configure-ilo
+}
+
+main
diff --git a/SysadminAutomation/ServerAutomation/out-of-band/iLO-admin-priv b/SysadminAutomation/ServerAutomation/out-of-band/iLO-admin-priv
new file mode 100644
index 0000000..0444568
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/out-of-band/iLO-admin-priv
@@ -0,0 +1,99 @@
+#!/bin/bash
+#Standalone script for setting Administrator Privileges
+
+#set -x
+
+#Checks to see if the server is a HP
+function server-check()
+{
+SERVER_TYPE="$(dmidecode -t system|grep Manufacturer |grep HP -c)"
+	if [ $SERVER_TYPE -eq 0 ]; then
+		echo This is not a HP server, exiting. 
+		exit
+	fi 
+
+	if  [ $SERVER_TYPE -eq 1 ]; then
+		echo Server is a HP, checking admin privileges
+		#yum install -y hponcfg
+		ilo-check
+	fi 
+}
+
+#Checks the status of iLO on the server
+function ilo-check()
+{
+	#Generates the XML file for checking iLO
+cat > /tmp/ilo.check << ENDCHECK
+<RIBCL VERSION="2.0">
+  <LOGIN USER_LOGIN="adminname" PASSWORD="password">
+    <USER_INFO MODE="read">
+        <GET_USER USER_LOGIN="Administrator"/>
+    </USER_INFO>
+  </LOGIN>
+</RIBCL>
+ENDCHECK
+
+	#iLO Status variable
+	ILOSTATUS="$(hponcfg -f /tmp/ilo.check | grep ADMIN_PRIV |grep -i y -c)"
+		if [ $ILOSTATUS -eq 0 ]; then 
+			echo Administrator does not have admin privileges. Enabling...
+			configure-ilo
+		fi
+	
+		if [ $ILOSTATUS -eq 1 ]; then 
+			echo Administrator has admin privileges, exiting
+		fi
+}
+
+function configure-ilo()
+{
+
+#Build xml config file for ILO
+cat > /tmp/ilo.dat <<ENDILO
+<!-- HPONCFG VERSION = "1.9" -->
+<!-- Generated 1/31/2013 16:8:49 -->
+<RIBCL VERSION="2.1">
+ <LOGIN USER_LOGIN="Administrator" PASSWORD="xxxxx">
+  <USER_INFO MODE="write">
+    <MOD_USER USER_LOGIN="Administrator">
+      <USER_NAME value="Administrator"/>
+      <PASSWORD value="admin11=="/>
+      <ADMIN_PRIV value="Yes"/>
+      <REMOTE_CONS_PRIV value="Yes"/>
+      <RESET_SERVER_PRIV value="Yes"/>
+      <VIRTUAL_MEDIA_PRIV value="Yes"/>
+      <CONFIG_ILO_PRIV value="Yes"/>
+      <!--        Firmware support infomation for next 6 tags:       -->
+      <!--            iLO 2 - None.                                  -->
+      <!--              iLO - Version earlier than 1.40.             -->
+      <!--         RILOE II - None.                                  -->
+      <!-- <VIEW_LOGS_PRIV value="Yes"/>                             -->
+      <!-- <CLEAR_LOGS_PRIV value="Yes"/>                            -->
+      <!-- <EMS_PRIV value="Yes"/>                                   -->
+      <!-- <UPDATE_ILO_PRIV value="No"/>                             -->
+      <!-- <CONFIG_RACK_PRIV value="Yes"/>                           -->
+      <!-- <DIAG_PRIV value="Yes"/>                                  -->
+    </MOD_USER>
+  </USER_INFO>
+ </LOGIN>
+</RIBCL>
+ENDILO
+
+#Apply config to the iLO card
+hponcfg -f /tmp/ilo.dat
+
+echo "Admin Privileges enabled on $(hostname)"
+
+}
+
+##########################################################################################
+##		Control logic for the script						##
+##########################################################################################
+main()
+{
+echo "iLO Admin Privilege checker initiated on $(hostname) at $(date)"
+
+server-check
+}
+
+main
diff --git a/SysadminAutomation/ServerAutomation/out-of-band/ilo-password-changer b/SysadminAutomation/ServerAutomation/out-of-band/ilo-password-changer
new file mode 100644
index 0000000..ac856df
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/out-of-band/ilo-password-changer
@@ -0,0 +1,71 @@
+
+#This is a test change
+#!/bin/bash
+#iLO Password Updater script
+
+#set -x
+
+function iLO-password-updater()
+{
+
+#Build xml config file for ILO
+cat << ENDILO > /tmp/ilo.pass 
+<!--         RIBCL Sample Script for HP Lights-Out Products          -->
+<!--Copyright (c) 2003,2008 Hewlett-Packard Development Company, L.P.-->
+
+<!-- Description:  This is a sample XML script to change a user's    -->
+<!--               password in the database of local users on        -->
+<!--               following devices:                                -->
+<!--                 Integrated Lights-Out 2 (iLO 2)                 -->
+<!--                 Integrated Lights-Out (iLO)                     -->
+<!--                 Remote Insight Lights-Out Edition II (RILOE II) -->
+
+<!-- NOTE:  You will need to replace the values inside the quote     -->
+<!--        marks with values that are appropriate for your          -->
+<!--        environment.                                             -->
+
+<!--        Use CPQLOCFG.EXE ver 2.26 or greater with this script    -->
+
+<!--        This script was written for iLO 2 firmware version 1.30. -->
+<!--        release.                                                 -->
+
+<!--        See "HP Integrated Lights-Out Management Processor       -->
+<!--        Scripting and Command Line Resource Guide" for more      -->
+<!--        information on scripting and the syntax of the RIBCL     -->
+<!--        XML.                                                     -->
+
+<!--        Firmware support infomation for this script:             -->
+<!--            iLO 2 - All versions.                                -->
+<!--              iLO - All versions.                                -->
+<!--         RILOE II - All versions.                                -->
+
+<RIBCL VERSION="2.0">
+  <LOGIN USER_LOGIN="adminname" PASSWORD="password">
+  <USER_INFO MODE="write">
+    <MOD_USER USER_LOGIN="Administrator">
+      <PASSWORD value="secretcred"/>
+    </MOD_USER>
+  </USER_INFO>
+  </LOGIN>
+</RIBCL>
+
+ENDILO
+
+#Apply new password to the iLO card
+hponcfg -f /tmp/ilo.pass
+
+echo "iLO password changed on $(hostname)"
+}
+
+##########################################################################################
+##		Control logic for the script						##
+##########################################################################################
+
+main()
+{
+echo -e "iLO password changer initiated on $(hostname) at $(date)\n"
+
+iLO-password-updater
+}
+
+main
\ No newline at end of file
diff --git a/SysadminAutomation/ServerAutomation/out-of-band/iloFwUp b/SysadminAutomation/ServerAutomation/out-of-band/iloFwUp
new file mode 100644
index 0000000..7824eaf
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/out-of-band/iloFwUp
@@ -0,0 +1,30 @@
+#!/bin/bash
+
+#Checks to see if the server is a HP, exit if not
+SERVER_TYPE="$(dmidecode -t system|grep Manufacturer |grep HP -c)"
+	if [ $SERVER_TYPE -eq 0 ]; then
+		echo This is not a HP server, exiting. 
+		exit
+	fi 
+
+#FWDLURL="https://dl.server.domain/fwdir"
+
+
+#Upgrade ILO firmware to latest version as of 02/10/2015
+
+hponcfg -g 
+VERSION=$(hponcfg -g|grep type|awk -F 'type' '{print $2}'|awk '{print $3}')
+
+echo "Upgrading firmware...."
+
+if [ $VERSION -eq "4" ]; then
+	curl --silent $FWDLURL/ilo/HPILO4 > /tmp/HPILO4
+	chmod +x /tmp/HPILO4
+	/tmp/HPILO4
+fi
+
+if [ $VERSION -eq "2" ]; then
+	curl --silent $FWDLURL/ilo/HPILO2 > /tmp/HPILO2
+	chmod +x /tmp/HPILO2
+	/tmp/HPILO2
+fi
diff --git a/SysadminAutomation/ServerAutomation/out-of-band/iloUpdater.sh b/SysadminAutomation/ServerAutomation/out-of-band/iloUpdater.sh
new file mode 100644
index 0000000..3c32d95
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/out-of-band/iloUpdater.sh
@@ -0,0 +1,90 @@
+#!/bin/bash
+#Standalone iLO updater script - Jason Mak 6/25/2018
+#Defines the latest version of iLO
+ilo2latest="2.33"
+ilo4latest="2.61"
+#Checks server type, only proceeds on HP servers
+function server-check()
+{
+	ISHP=$(dmidecode -t System | grep Manufacturer | grep HP -c)
+	ISDELL=$(dmidecode -t System | grep Manufacturer | grep Dell -c)
+	if [ $ISDELL -eq 1 ]; then
+		echo "Server is a Dell, exiting"
+		server-cleanup
+		exit
+	fi
+	if [ $ISHP -eq 1 ]; then 
+		echo "Server is an HP, proceeding"
+		ilogeneration=$(hponcfg | grep -i "ilo" | awk -F= '{print $3}' | awk '{print $2}')
+		iloversionraw=$(hponcfg | grep -i "ilo" | awk -F= '{print $2}' | awk '{print $1}')
+		iloversion=${iloversionraw//.}
+		ilo-versioncheck
+	fi
+}
+
+#Checks iLO generation and version, updates as necessary
+function ilo-versioncheck()
+{
+	if [ $ilogeneration -eq "2" ]; then
+		if [ $(echo $iloversion -lt ${ilo2latest//.}) ]; then 
+			echo "iLO2 firmware:" $iloversionraw "latest version is:" $ilo2latest "updating..."
+			wget http://172.16.99.121/iLO/ilo2_${ilo2latest//.}.bin -O /tmp/iloFW.bin
+			update-ilo
+			server-cleanup
+		else
+			echo "iLO 2 is up to date, exiting"
+			server-cleanup
+			exit
+		fi
+	fi
+	
+	if [ $ilogeneration -eq "4" ]; then 
+		if [ $(echo $iloversion -lt ${ilo4latest//.}) ]; then 
+			echo "iLO4 firmware:" $iloversionraw "latest version is:" $ilo4latest "updating..."
+			wget http://172.16.99.121/iLO/ilo4_${ilo4latest//.}.bin -O /tmp/iloFW.bin
+			update-ilo
+			server-cleanup
+		else
+			echo "iLO 4 is up to date, exiting"
+			server-cleanup
+			exit
+		fi
+	fi
+}
+
+#xml file that performs the update
+function update-ilo()
+{
+cat > /tmp/ilo_update.xml << EOF
+<RIBCL VERSION="2.0">
+  <LOGIN USER_LOGIN="adminname" PASSWORD="password">
+    <RIB_INFO MODE="write">
+      <!--    Firmware support information for next tag:             -->
+      <!--    iLO 2 - 1.70 and later. For servers with TPM enabled.  -->
+      <!--      iLO - None                                           -->
+      <!-- Riloe II - None                                           -->
+      <TPM_ENABLED VALUE="Yes"/>
+      <UPDATE_RIB_FIRMWARE IMAGE_LOCATION="/tmp/iloFW.bin"/>
+    </RIB_INFO>
+  </LOGIN>
+</RIBCL>
+EOF
+
+hponcfg -f /tmp/ilo_update.xml
+}
+
+#Clean-up
+function server-cleanup()
+{
+	rm -vf /tmp/iloFW.bin
+	rm -vf /tmp/ilo_update.xml
+	rm -vf /tmp/iloUpdater.sh
+}
+
+#Control logic
+main ()
+{
+server-check
+}
+
+main
diff --git a/SysadminAutomation/ServerAutomation/ssh-handlers/generic-authorized_keys b/SysadminAutomation/ServerAutomation/ssh-handlers/generic-authorized_keys
new file mode 100644
index 0000000..2d5d3db
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/ssh-handlers/generic-authorized_keys
@@ -0,0 +1 @@
+command="/home/user/restricted-handler.sh",from="ALLOWED_HOST_FQDN",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty PUBLICKEY
\ No newline at end of file
diff --git a/SysadminAutomation/ServerAutomation/ssh-handlers/generic-restricted-handler.sh b/SysadminAutomation/ServerAutomation/ssh-handlers/generic-restricted-handler.sh
new file mode 100644
index 0000000..edd6feb
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/ssh-handlers/generic-restricted-handler.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+
+set $SSH_ORIGINAL_COMMAND
+ 
+case "$1" in
+   ls)
+     ;;
+   scp)
+     ;;
+   /bin/scp)
+     ;;
+   rm)
+     ;;
+   /path/to/custom/command)
+     ;;
+   *)
+     logger -s -t restricted-command -- "Invalid command $@"
+     exit 1
+     ;;
+esac
+ 
+logger -t restricted-command -- "Executing $@"
+exec "$@"
diff --git a/SysadminAutomation/ServerAutomation/ssh-handlers/slack-authorized_keys b/SysadminAutomation/ServerAutomation/ssh-handlers/slack-authorized_keys
new file mode 100644
index 0000000..729c219
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/ssh-handlers/slack-authorized_keys
@@ -0,0 +1 @@
+command="/home/slack-lab/bin/restricted-handler.sh" SSHPUBKEY
diff --git a/SysadminAutomation/ServerAutomation/ssh-handlers/slack-restricted-handler.sh b/SysadminAutomation/ServerAutomation/ssh-handlers/slack-restricted-handler.sh
new file mode 100644
index 0000000..8bc3266
--- /dev/null
+++ b/SysadminAutomation/ServerAutomation/ssh-handlers/slack-restricted-handler.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set $SSH_ORIGINAL_COMMAND
+
+case "$1" in
+   rsync)
+     ;;
+   *)
+     logger -s -t restricted-command -- "Invalid command $@"
+     echo "An attempt was made to utilize the private key on a KNEL managed server to access control and execute the following command: $@" | mail -s "SECURITY BREACH ON control for slack account: $USER" BREACHPAGEEMAIL
+     exit 1
+     ;;
+esac
+
+exec "$@"
+
diff --git a/SysadminAutomation/makeIPAMUsr.sh b/SysadminAutomation/makeIPAMUsr.sh
new file mode 100644
index 0000000..9d9527e
--- /dev/null
+++ b/SysadminAutomation/makeIPAMUsr.sh
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+export AD_DOMAIN="test"
+export DOMAIN_TLD="testco.tld"
+export AD_QUERY_USERNAME="ldapquery"
+export AD_QUERY_PASSWORD="Ldap01-^"
+export AD_DC="testdc"
+
+#-b "cn=users,dc=test,dc=testco,dc=tld" \
+# Make these into the appropriate components of above string
+
+export DCPART1=""
+export DCPART2=""
+export DCPART3=""
+
+AD_DOMAIN_FQDN="$AD_DOMAIN.$DOMAIN_TLD"
+DOMAIN_CONTROLLER_FQDN="$AD_DC.$AD_DOMAIN_FQDN"
+
+
+for domain_user in $(cat $AD_DOMAIN-userlist);
+do
+ademail=$(ldapsearch -LLL\
+		-x -h $DOMAIN_CONTROLLER_FQDN \
+		-D "$AD_QUERY_USERNAME@$AD_DOMAIN_FQDN" \
+		-w $AD_QUERY_PASSWORD \
+		-b "cn=users,dc=$DCPART1,dc=$DCPART2,dc=$DCPART3" \
+		-s sub "(samAccountName=$domain_user)" mail|grep "mail\:" | awk -F ":" '{print $2}')
+realname=$(ldapsearch -LLL\
+		-x -h $DOMAIN_CONTROLLER_FQDN \
+		-D "$AD_QUERY_USERNAME@$AD_DOMAIN_FQDN" \
+		-w $AD_QUERY_PASSWORD \
+		-b "cn=users,dc=$DCPART1,dc=$DCPART2,dc=$DCPART3" \
+		-s sub "(samAccountName=$domain_user)" name|grep "name\:" |awk -F ":" '{print $2}')
+adname=$(ldapsearch -LLL\
+		-x -h $DOMAIN_CONTROLLER_FQDN \
+		-D "$AD_QUERY_USERNAME@$AD_DOMAIN_FQDN" \
+		-w $AD_QUERY_PASSWORD \
+		-b "cn=users,dc=$DCPART1,dc=$DCPART2,dc=$DCPART3" \
+		-s sub "(samAccountName=$domain_user)" uid|grep "uid\:" |awk -F ":" '{print $2}')
+echo "INSERT INTO users (username, authMethod, password, groups, role, real_name, email, domainUser) VALUES ('$adname', 3, NULL, '{\"4\":\"4\"}', 'User', '$realname', '$ademail', 0);"
+done
diff --git a/SysadminAutomation/searchLdap.sh b/SysadminAutomation/searchLdap.sh
new file mode 100644
index 0000000..df19476
--- /dev/null
+++ b/SysadminAutomation/searchLdap.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+#A script to search LDAP
+
+#LDAP_SERVER=$(set |grep LOGONSERVER|awk -F '=' '{print $2}'|sed -e 's/\'//g')
+#echo $LDAP_SERVER
+
+LDAPSEARCH_OPTIONS="-x -LLL"
+LDAP_SERVER="some.server.tld"
+LDAP_SERVER_PORT="1234"
+
+ldapsearch -LLL -x -W -H ldaps://$LDAP_SERVER:$LDAP_SERVER_PORT -b "dc=$DC1,dc=$DC2" -D  mail=$SEARCH_EMAIL uid