I have never used TCL before but am needing to use it in order to script commands in a tool we use. I have a bash script running that obtains some information from AD, which it will then pass to the TCL script to use. here is my bash script which runs without any issue.
echo "Enter username for LDAP Search"
read USERNAME
export USERNAME
echo "Enter password"
read -s PASSWORD
export PASSWORD
echo "What user do you want to add to Centrify?"
read CENTRIFY_USER
export CENTRIFY_USER
OBJECTSID=`ldapsearch -H ldap://my.domain.com:389 -D "[email protected]" -w $PASSWORD -x -b "DC=my,DC=domain,DC=com" "(&(objectCategory=user)(sAMAccountName=$CENTRIFY_USER))" | grep objectSid | cut -d " " -f2`
SID=`/home/mydirectory/convert_objectSid_to_sid.sh $OBJECTSID`
export SID
echo "Adding user to Centrify..."
/home/mydirectory/add_users_to_centrify.sh
"add_users_to_centrify.sh" is the tcl script that is then called, but I get the error error during execution: can't read "USERNAME": no such variable in the tcl script.
Here are the contents of that:
#!/bin/sh
# \
exec adedit "$0" ${1+"$@"}
package require ade_lib
puts $env(USERNAME)
puts $env(PASSWORD)
puts $env(SID)
puts $env(CENTRIFY_USER)
bind my.domain.com $USERNAME {$PASSWORD}
Another issue, when the tcl script is called, all of the arguments I'm passing get printed, including the password. I had thought exporting would be the safest way to do this as it should only set the environment variables for this subshell and not print them. What's happening here?
The password is getting printed because you're explicitly printing the password (
puts $env(PASSWORD)).The error seems very clear: there is no variable in the tcl script named
USERNAME. You could set one like this (and similarly forPASSWORD):Or you could just use the environment variables directly: