improve ldap return values,

fix addUserToGroup and delUser logic with user-group interaction

openldap/auth.template.ldif

@@ -4,7 +4,8 @@ changetype: modify
 delete: olcAccess
 -
 add: olcAccess
-olcAccess: {0}to attrs=userPassword 
+olcAccess: {0}to attrs=userPassword
+    by group/groupOfNames/member="cn=admins,ou=groups,$BASE_DN" write
     by self write 
     by anonymous auth 
     by * none

openldap/init.sh

@@ -2,7 +2,7 @@ export BASE_DN=''
 read -p "Base DN: " BASE_DN
 
 export PAAS_PASSWD=$(tr -dc 'A-Za-z0-9!"#$%&'\''()*+,-./:;<=>?@[\]^_`{|}~' < /dev/urandom | head -c 256; echo)
-echo "$PAAS_PASSWD" -n > paas.token
+echo -n "$PAAS_PASSWD" > paas.token
 echo "Saved PAAS Authentication Token (password) to paas.token"
 
 envsubst '$BASE_DN' < auth.template.ldif > auth.ldif