3 # LDAP to unix password sync script for samba-tng
4 # originally by Jody Haynes <Jody.Haynes@isunnetworks.com>
5 # 12/12/2000 milos@interactivesi.com
6 # modified for use with MD5 passwords
7 # 12/16/2000 mami@arena.sci.univr.it
8 # modified to change lmpassword and ntpassword for samba
9 # 05/01/2001 mami@arena.sci.univr.it
10 # modified for being also a /bin/passwd replacement
12 $basedn = "ou=Students,dc=univr, dc=it";
13 $binddn = "uid=root,dc=univr,dc=it";
17 foreach $arg (@ARGV) {
19 die "Only root can specify parameters\n";
21 if ( ($arg eq '-?') || ($arg eq '--help') ) {
22 print "Usage: $0 [-o] [username]\n";
23 print " -o, --without-old-password do not ask for old password (root only)\n";
24 print " -?, --help show this help message\n";
26 } elsif ( ($arg eq '-o') || ($arg eq '--without-old-password') ) {
28 } elsif (substr($arg,0) ne '-') {
30 if (!defined(getpwnam($user))) {
31 die "$0: Unknown user name '$user'\n"; ;
37 if (!defined($user)) {
41 if (!defined($oldpass)) {
43 print "Old password for user $user: ";
44 chomp($oldpass=<STDIN
>);
48 $ntpwd = `/usr/local/sbin/smbencrypt '$oldpass'`;
49 $lmpassword = substr($ntpwd, 0, index($ntpwd, ':')); chomp $lmpassword;
50 $ntpassword = substr($ntpwd, index($ntpwd, ':')+1); chomp $ntpassword;
52 # Find dn for user $user (maybe check unix password too?)
53 $dn=`ldapsearch -b '$basedn' -s '$scope' '(&(uid=$user)(lmpassword=$lmpassword)(ntpassword=$ntpassword))'|head -1`;
57 print "Wrong password for user $user!\n";
61 # Find dn for user $user
62 $dn=`ldapsearch -b '$basedn' -s '$scope' '(uid=$user)'|head -1`;
67 print "New password for user $user: ";
73 print "Retype new password for user $user: ";
74 chomp($pass2=<STDIN
>);
78 if ($pass ne $pass2) {
79 die "Wrong password!\n";
82 $random = join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64, rand 64, rand 64, rand 64, rand 64, rand 64, rand 64];
83 $bsalt = "\$1\$"; $esalt = "\$";
84 $modsalt = $bsalt.$random.$esalt;
85 $password = crypt($pass, $modsalt);
87 # LanManager and NT clear text passwords
88 $ntpwd = `/usr/local/sbin/smbencrypt '$pass'`;
89 chomp($lmpassword = substr($ntpwd, 0, index($ntpwd, ':')));
90 chomp($ntpassword = substr($ntpwd, index($ntpwd, ':')+1));
92 $FILE="|/usr/bin/ldapmodify -D '$binddn' -w $passwd";
100 userPassword: {crypt}$password
104 lmpassword: $lmpassword
108 ntpassword: $ntpassword