search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
working on creating the 3.0 release tree
[Samba.git] / examples / LDAP / import_smbpasswd.pl
blob61ad33c8099e3dab94b27def63dc315e1e522cca
1 #!/usr/bin/perl
2 ##
3 ## Example script of how you could import a smbpasswd file into an LDAP
4 ## directory using the Mozilla PerLDAP module.
5 ##
6 ## writen by jerry@samba.org
7 ##
8 ## ported to Net::LDAP by dkrovich@slackworks.com
9
10 use Net::LDAP;
11
12 #################################################
13 ## set these to a value appropriate for your site
14 ##
15
16 $DN="ou=people,dc=plainjoe,dc=org";
17 $ROOTDN="cn=Manager,dc=plainjoe,dc=org";
18 # If you use perl special character in your
19 # rootpw, escape them:
20 # $rootpw = "secr\@t" instead of $rootpw = "secr@t"
21 $rootpw = "n0pass";
22 $LDAPSERVER="scooby";
23
24 ##
25 ## end local site variables
26 #################################################
27
28 $ldap = Net::LDAP->new($LDAPSERVER) or die "Unable to connect to LDAP server $LDAPSERVER";
29
30 ## Bind as $ROOTDN so you can do updates
31 $mesg = $ldap->bind($ROOTDN, password => $rootpw);
32 $mesg->error() if $mesg->code();
33
34 while ( $string = <STDIN> ) {
35 chomp ($string);
36
37 ## Get the account info from the smbpasswd file
38 @smbentry = split (/:/, $string);
39
40 ## Check for the existence of a system account
41 @getpwinfo = getpwnam($smbentry[0]);
42 if (! @getpwinfo ) {
43 print STDERR "**$smbentry[0] does not have a system account... \n";
44 next;
45 }
46 ## Calculate RID = uid*2 +1000
47 $rid=@getpwinfo[2]*2+1000;
48
49 ## check and see if account info already exists in LDAP.
50 $result = $ldap->search ( base => "$DN",
51 scope => "sub",
52 filter => "(uid=$smbentry[0])"
53 );
54
55 ## If no LDAP entry exists, create one.
56 if ( $result->count == 0 ) {
57 $new_entry = Net::LDAP::Entry->new();
58 $new_entry->add( dn => "uid=$smbentry[0],$DN",
59 uid => $smbentry[0],
60 rid => $rid,
61 lmPassword => $smbentry[2],
62 ntPassword => $smbentry[3],
63 acctFlags => $smbentry[4],
64 cn => $smbentry[0],
65 pwdLastSet => hex(substr($smbentry[5],4)),
66 objectclass => 'sambaAccount' );
67
68 $result = $ldap->add( $new_entry );
69 $result->error() if $result->code();
70 print "Adding [uid=" . $smbentry[0] . "," . $DN . "]\n";
71
72 ## Otherwise, supplement/update the existing entry.
73 }
74 elsif ($result->count == 1)
75 {
76 # Put the search results into an entry object
77 $entry = $result->entry(0);
78
79 print "Updating [" . $entry->dn . "]\n";
80
81 ## Add the objectclass: sambaAccount attribute if it's not there
82 @values = $entry->get_value( "objectclass" );
83 $flag = 1;
84 foreach $item (@values) {
85 print "$item\n";
86 if ( "$item" eq "sambaAccount" ) {
87 $flag = 0;
88 }
89 }
90 if ( $flag ) {
91 ## Adding sambaAccount objectclass requires adding at least rid:
92 ## uid attribute already exists we know since we searched on it
93 $entry->add(objectclass => "sambaAccount",
94 rid => $rid );
95 }
96
97 ## Set the other attribute values
98 $entry->replace(rid => $rid,
99 lmPassword => $smbentry[2],
100 ntPassword => $smbentry[3],
101 acctFlags => $smbentry[4],
102 pwdLastSet => hex(substr($smbentry[5],4)));
103
104 ## Apply changes to the LDAP server
105 $updatemesg = $entry->update($ldap);
106 $updatemesg->error() if $updatemesg->code();
107
108 ## If we get here, the LDAP search returned more than one value
109 ## which shouldn't happen under normal circumstances.
110 } else {
111 print STDERR "LDAP search returned more than one entry for $smbentry[0]... skipping!\n";
112 next;
113 }
114 }
115
116 $ldap->unbind();
117 exit 0;
118
119
Samba GIT mirror