diff options
author | Gerald Carter <jerry@samba.org> | 2005-01-20 16:31:42 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:55:03 -0500 |
commit | e86235fbdcfe8dd71b2ee887052e27f67a240fab (patch) | |
tree | 8c655206dc786e92dc5884f124dc48bab0ffe999 /examples/LDAP/smbldap-tools/smbldap-populate.pl | |
parent | 5f659ffbf07eeba2fdabaaa7def0f78726f68ab2 (diff) | |
download | samba-e86235fbdcfe8dd71b2ee887052e27f67a240fab.tar.gz samba-e86235fbdcfe8dd71b2ee887052e27f67a240fab.tar.bz2 samba-e86235fbdcfe8dd71b2ee887052e27f67a240fab.zip |
r4867: Removing smbldap-tools from the svn tree. I'll include
the latest version in the actual release tarballs.
Have spoken to the idealx developers about this.
Updated README to reflect the changte for people using svn.
Removed ldapsync.pl since it is no longer needed when using
the smbldap-tools (only keep things you support).
(This used to be commit f745e5119f420d4826ac395037880666761e05e8)
Diffstat (limited to 'examples/LDAP/smbldap-tools/smbldap-populate.pl')
-rwxr-xr-x | examples/LDAP/smbldap-tools/smbldap-populate.pl | 370 |
1 files changed, 0 insertions, 370 deletions
diff --git a/examples/LDAP/smbldap-tools/smbldap-populate.pl b/examples/LDAP/smbldap-tools/smbldap-populate.pl deleted file mode 100755 index b691a84850..0000000000 --- a/examples/LDAP/smbldap-tools/smbldap-populate.pl +++ /dev/null @@ -1,370 +0,0 @@ -#!/usr/bin/perl -w - -# Populate a LDAP base for Samba-LDAP usage -# - -# This code was developped by IDEALX (http://IDEALX.org/) and -# contributors (their names can be found in the CONTRIBUTORS file). -# -# Copyright (C) 2001-2002 IDEALX -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License -# as published by the Free Software Foundation; either version 2 -# of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, -# USA. - -# Purpose : -# . Create an initial LDAP database suitable for Samba 2.2 -# . For lazy people, replace ldapadd (with only an ldif parameter) - -use strict; -use FindBin; -use FindBin qw($RealBin); -use lib "$RealBin/"; -use smbldap_tools; -use smbldap_conf; -use Getopt::Std; -use Net::LDAP::LDIF; - -use vars qw(%oc); - -# objectclass of the suffix -%oc = ( - "ou" => "organizationalUnit", - "o" => "organization", - "dc" => "dcObject", - ); - - -my %Options; - -my $ok = getopts('a:b:?', \%Options); -if ( (!$ok) || ($Options{'?'}) ) { - print "Usage: $0 [-ab?] [ldif]\n"; - print " -a administrator login name (default: Administrator)\n"; - print " -b guest login name (default: nobody)\n"; - print " -? show this help message\n"; - print " ldif file to add to ldap (default: suffix, Groups,"; - print " Users, Computers and builtin users )\n"; - exit (1); -} - -my $_ldifName; -my $tmp_ldif_file="/tmp/$$.ldif"; - -if (@ARGV >= 1) { - $_ldifName = $ARGV[0]; -} - -my $adminName = $Options{'a'}; -if (!defined($adminName)) { - $adminName = "Administrator"; -} - -my $guestName = $Options{'b'}; -if (!defined($guestName)) { - $guestName = "nobody"; -} - -if (!defined($_ldifName)) { - my $attr; - my $val; - my $objcl; - - print "Using builtin directory structure\n"; - if ($suffix =~ m/([^=]+)=([^,]+)/) { - $attr = $1; - $val = $2; - $objcl = $oc{$attr} if (exists $oc{$attr}); - if (!defined($objcl)) { - $objcl = "myhardcodedobjectclass"; - } - } else { - die "can't extract first attr and value from suffix $suffix"; - } - #print "$attr=$val\n"; - my ($organisation,$ext) = ($suffix =~ m/dc=(.*),dc=(.*)$/); - - #my $FILE="|cat"; - my $FILE=$tmp_ldif_file; - open (FILE, ">$FILE") || die "Can't open file $FILE: $!\n"; - - print FILE <<EOF; -dn: $suffix -objectClass: $objcl -objectclass: organization -$attr: $val -o: $organisation - -dn: $usersdn -objectClass: organizationalUnit -ou: $usersou - -dn: $groupsdn -objectClass: organizationalUnit -ou: $groupsou - -dn: $computersdn -objectClass: organizationalUnit -ou: $computersou - -dn: uid=$adminName,$usersdn -cn: $adminName -sn: $adminName -objectClass: inetOrgPerson -objectClass: sambaSamAccount -objectClass: posixAccount -gidNumber: 512 -uid: $adminName -uidNumber: 998 -homeDirectory: $_userHomePrefix -sambaPwdLastSet: 0 -sambaLogonTime: 0 -sambaLogoffTime: 2147483647 -sambaKickoffTime: 2147483647 -sambaPwdCanChange: 0 -sambaPwdMustChange: 2147483647 -sambaHomePath: $_userSmbHome -sambaHomeDrive: $_userHomeDrive -sambaProfilePath: $_userProfile -sambaPrimaryGroupSID: $SID-512 -sambaLMPassword: XXX -sambaNTPassword: XXX -sambaAcctFlags: [U ] -sambaSID: $SID-2996 -loginShell: /bin/false -gecos: Netbios Domain Administrator - -dn: uid=$guestName,$usersdn -cn: $guestName -sn: $guestName -objectClass: inetOrgPerson -objectClass: sambaSamAccount -objectClass: posixAccount -gidNumber: 514 -uid: $guestName -uidNumber: 999 -homeDirectory: /dev/null -sambaPwdLastSet: 0 -sambaLogonTime: 0 -sambaLogoffTime: 2147483647 -sambaKickoffTime: 2147483647 -sambaPwdCanChange: 0 -sambaPwdMustChange: 2147483647 -sambaHomePath: $_userSmbHome -sambaHomeDrive: $_userHomeDrive -sambaProfilePath: $_userProfile -sambaPrimaryGroupSID: $SID-514 -sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX -sambaNTPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX -sambaAcctFlags: [NU ] -sambaSID: $SID-2998 -loginShell: /bin/false - -dn: cn=Domain Admins,$groupsdn -objectClass: posixGroup -objectClass: sambaGroupMapping -gidNumber: 512 -cn: Domain Admins -memberUid: $adminName -description: Netbios Domain Administrators -sambaSID: $SID-512 -sambaGroupType: 2 -displayName: Domain Admins - -dn: cn=Domain Users,$groupsdn -objectClass: posixGroup -objectClass: sambaGroupMapping -gidNumber: 513 -cn: Domain Users -description: Netbios Domain Users -sambaSID: $SID-513 -sambaGroupType: 2 -displayName: Domain Users - -dn: cn=Domain Guests,$groupsdn -objectClass: posixGroup -objectClass: sambaGroupMapping -gidNumber: 514 -cn: Domain Guests -description: Netbios Domain Guests Users -sambaSID: $SID-514 -sambaGroupType: 2 -displayName: Domain Guests - -dn: cn=Administrators,$groupsdn -objectClass: posixGroup -objectClass: sambaGroupMapping -gidNumber: 544 -cn: Administrators -description: Netbios Domain Members can fully administer the computer/sambaDomainName -sambaSID: $SID-544 -sambaGroupType: 2 -displayName: Administrators - -dn: cn=Users,$groupsdn -objectClass: posixGroup -objectClass: sambaGroupMapping -gidNumber: 545 -cn: Users -description: Netbios Domain Ordinary users -sambaSID: $SID-545 -sambaGroupType: 2 -displayName: users - -dn: cn=Guests,$groupsdn -objectClass: posixGroup -objectClass: sambaGroupMapping -gidNumber: 546 -cn: Guests -memberUid: $guestName -description: Netbios Domain Users granted guest access to the computer/sambaDomainName -sambaSID: $SID-546 -sambaGroupType: 2 -displayName: Guests - -dn: cn=Power Users,$groupsdn -objectClass: posixGroup -objectClass: sambaGroupMapping -gidNumber: 547 -cn: Power Users -description: Netbios Domain Members can share directories and printers -sambaSID: $SID-547 -sambaGroupType: 2 -displayName: Power Users - -dn: cn=Account Operators,$groupsdn -objectClass: posixGroup -objectClass: sambaGroupMapping -gidNumber: 548 -cn: Account Operators -description: Netbios Domain Users to manipulate users accounts -sambaSID: $SID-548 -sambaGroupType: 2 -displayName: Account Operators - -dn: cn=Server Operators,$groupsdn -objectClass: posixGroup -objectClass: sambaGroupMapping -gidNumber: 549 -cn: Server Operators -description: Netbios Domain Server Operators -sambaSID: $SID-549 -sambaGroupType: 2 -displayName: Server Operators - -dn: cn=Print Operators,$groupsdn -objectClass: posixGroup -objectClass: sambaGroupMapping -gidNumber: 550 -cn: Print Operators -description: Netbios Domain Print Operators -sambaSID: $SID-550 -sambaGroupType: 2 -displayName: Print Operators - -dn: cn=Backup Operators,$groupsdn -objectClass: posixGroup -objectClass: sambaGroupMapping -gidNumber: 551 -cn: Backup Operators -description: Netbios Domain Members can bypass file security to back up files -sambaSID: $SID-551 -sambaGroupType: 2 -displayName: Backup Operators - -dn: cn=Replicator,$groupsdn -objectClass: posixGroup -objectClass: sambaGroupMapping -gidNumber: 552 -cn: Replicator -description: Netbios Domain Supports file replication in a sambaDomainName -sambaSID: $SID-552 -sambaGroupType: 2 -displayName: Replicator - -dn: cn=Domain Computers,$groupsdn -objectClass: posixGroup -objectClass: sambaGroupMapping -gidNumber: 553 -cn: Domain Computers -description: Netbios Domain Computers accounts -sambaSID: $SID-553 -sambaGroupType: 2 -displayName: Domain Computers - -EOF - close FILE; -} else { - $tmp_ldif_file=$_ldifName; -} - -my $ldap_master=connect_ldap_master(); -my $ldif = Net::LDAP::LDIF->new($tmp_ldif_file, "r", onerror => 'undef' ); -while( not $ldif->eof() ) { - my $entry = $ldif->read_entry(); - if ( $ldif->error() ) { - print "Error msg: ",$ldif->error(),"\n"; - print "Error lines:\n",$ldif->error_lines(),"\n"; - } else { - my $dn = $entry->dn; - print "adding new entry: $dn\n"; - my $result=$ldap_master->add($entry); - $result->code && warn "failed to add entry: ", $result->error ; - } -} -$ldap_master->unbind; -system "rm -f $tmp_ldif_file"; -exit(0); - - -######################################## - -=head1 NAME - -smbldap-populate.pl - Populate your LDAP database - -=head1 SYNOPSIS - - smbldap-populate.pl [ldif-file] - -=head1 DESCRIPTION - - The smbldap-populate.pl command helps to populate an LDAP server - by adding the necessary entries : base suffix (doesn't abort - if already there), organizational units for users, groups and - computers, builtin users : Administrator and guest, builtin - groups (though posixAccount only, no SambaTNG support). - - -a name Your local administrator login name (default: Administrator) - -b name Your local guest login name (default: nobody) - - If you give an extra parameter, it is assumed to be the ldif - file to use instead of the builtin one. Options -a and -b - will be ignored. - -=head1 FILES - - /usr/lib/perl5/site-perl/smbldap_conf.pm : Global parameters. - -=head1 SEE ALSO - - smp(1) - -=cut - -#' - - - -# - The End |