3 ## Example script of how you could import a smbpasswd file into an LDAP
4 ## directory using the Mozilla PerLDAP module.
6 ## writen by jerry@samba.org
8 ## ported to Net::LDAP by dkrovich@slackworks.com
12 #################################################
13 ## set these to a value appropriate for your site
16 $DN="dc=samba,dc=my-domain,dc=com";
17 $ROOTDN="cn=Manager,dc=my-domain,dc=com";
19 $LDAPSERVER="localhost";
22 ## end local site variables
23 #################################################
25 $ldap = Net
::LDAP
->new($LDAPSERVER) or die "Unable to connect to LDAP server $LDAPSERVER";
27 ## Bind as $ROOTDN so you can do updates
28 $mesg = $ldap->bind($ROOTDN, password
=> $rootpw);
30 while ( $string = <STDIN
> ) {
33 ## Get the account info from the smbpasswd file
34 @smbentry = split (/:/, $string);
36 ## Check for the existence of a system account
37 @getpwinfo = getpwnam($smbentry[0]);
39 print STDERR
"$smbentry[0] does not have a system account... skipping\n";
43 ## check and see if account info already exists in LDAP.
44 $result = $ldap->search ( base
=> "$DN",
46 filter
=> "(&(|(objectclass=posixAccount)(objectclass=smbPasswordEntry))(uid=$smbentry[0]))"
49 ## If no LDAP entry exists, create one.
50 if ( $result->count == 0 ) {
51 $entry = $ldap->add ( dn
=> "uid=$smbentry[0]\,$DN",
54 uidNumber
=> @getpwinfo[2],
55 lmPassword
=> $smbentry[2],
56 ntPassword
=> $smbentry[3],
57 acctFlags
=> $smbentry[4],
58 pwdLastSet
=> substr($smbentry[5],4),
59 objectclass
=> [ 'top', 'smbPasswordEntry' ]
62 print "Adding [uid=" . $smbentry[0] . "," . $DN . "]\n";
64 ## Otherwise, supplement/update the existing entry.
65 } elsif ($result->count == 1) {
66 # Put the search results into an entry object
67 $entry = $result->shift_entry;
69 print "Updating [" . $entry->dn . "]\n";
71 ## Add the objectclass: smbPasswordEntry attribute if it's not there
72 @values = $entry->get_value( "objectclass" );
74 foreach $item (@values) {
75 if ( lc($item) eq "smbpasswordentry" ) {
81 $entry->add(objectclass
=> "smbPasswordEntry");
84 ## Set the other attribute values
85 $entry->replace(lmPassword
=> $smbentry[2],
86 ntPassword
=> $smbentry[3],
87 acctFlags
=> $smbentry[4],
88 pwdLastSet
=> substr($smbentry[5],4)
91 ## Apply changes to the LDAP server
92 $updatemesg = $entry->update($ldap);
93 if ( $updatemesg->code ) {
94 print "Error updating $smbentry[0]!\n";
97 ## If we get here, the LDAP search returned more than one value
98 ## which shouldn't happen under normal circumstances.
100 print STDERR
"LDAP search returned more than one entry for $smbentry[0]... skipping!\n";