search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
reverted to 1.24 and manually merged in changes from 2.2
[Samba.git] / examples / LDAP / import2_smbpasswd.pl
blobbf643391a7e6f8fdb09fab68e4eaf8b7677e6e86
1 #!/usr/bin/perl
2 ##
3 ## Example script of how you could import a smbpasswd file into an LDAP
4 ## directory using the Mozilla PerLDAP module.
5 ##
6 ## writen by jerry@samba.org
7 ##
8 ## ported to Net::LDAP by dkrovich@slackworks.com
9
10 use Net::LDAP;
11
12 #################################################
13 ## set these to a value appropriate for your site
14 ##
15
16 $DN="dc=samba,dc=my-domain,dc=com";
17 $ROOTDN="cn=Manager,dc=my-domain,dc=com";
18 $rootpw = "secret";
19 $LDAPSERVER="localhost";
20
21 ##
22 ## end local site variables
23 #################################################
24
25 $ldap = Net::LDAP->new($LDAPSERVER) or die "Unable to connect to LDAP server $LDAPSERVER";
26
27 ## Bind as $ROOTDN so you can do updates
28 $mesg = $ldap->bind($ROOTDN, password => $rootpw);
29
30 while ( $string = <STDIN> ) {
31 chop ($string);
32
33 ## Get the account info from the smbpasswd file
34 @smbentry = split (/:/, $string);
35
36 ## Check for the existence of a system account
37 @getpwinfo = getpwnam($smbentry[0]);
38 if (! @getpwinfo ) {
39 print STDERR "$smbentry[0] does not have a system account... skipping\n";
40 next;
41 }
42
43 ## check and see if account info already exists in LDAP.
44 $result = $ldap->search ( base => "$DN",
45 scope => "sub",
46 filter => "(&(|(objectclass=posixAccount)(objectclass=smbPasswordEntry))(uid=$smbentry[0]))"
47 );
48
49 ## If no LDAP entry exists, create one.
50 if ( $result->count == 0 ) {
51 $entry = $ldap->add ( dn => "uid=$smbentry[0]\,$DN",
52 attrs => [
53 uid => $smbentry[0],
54 uidNumber => @getpwinfo[2],
55 lmPassword => $smbentry[2],
56 ntPassword => $smbentry[3],
57 acctFlags => $smbentry[4],
58 pwdLastSet => substr($smbentry[5],4),
59 objectclass => [ 'top', 'smbPasswordEntry' ]
60 ]
61 );
62 print "Adding [uid=" . $smbentry[0] . "," . $DN . "]\n";
63
64 ## Otherwise, supplement/update the existing entry.
65 } elsif ($result->count == 1) {
66 # Put the search results into an entry object
67 $entry = $result->shift_entry;
68
69 print "Updating [" . $entry->dn . "]\n";
70
71 ## Add the objectclass: smbPasswordEntry attribute if it's not there
72 @values = $entry->get_value( "objectclass" );
73 $flag = 1;
74 foreach $item (@values) {
75 if ( lc($item) eq "smbpasswordentry" ) {
76 print $item . "\n";
77 $flag = 0;
78 }
79 }
80 if ( $flag ) {
81 $entry->add(objectclass => "smbPasswordEntry");
82 }
83
84 ## Set the other attribute values
85 $entry->replace(lmPassword => $smbentry[2],
86 ntPassword => $smbentry[3],
87 acctFlags => $smbentry[4],
88 pwdLastSet => substr($smbentry[5],4)
89 );
90
91 ## Apply changes to the LDAP server
92 $updatemesg = $entry->update($ldap);
93 if ( $updatemesg->code ) {
94 print "Error updating $smbentry[0]!\n";
95 }
96
97 ## If we get here, the LDAP search returned more than one value
98 ## which shouldn't happen under normal circumstances.
99 } else {
100 print STDERR "LDAP search returned more than one entry for $smbentry[0]... skipping!\n";
101 next;
102 }
103 }
104
105 $ldap->unbind();
106 exit 0;
107
108
Samba GIT mirror