summaryrefslogtreecommitdiff
path: root/examples/LDAP/convertSambaAccount
diff options
context:
space:
mode:
Diffstat (limited to 'examples/LDAP/convertSambaAccount')
-rwxr-xr-xexamples/LDAP/convertSambaAccount233
1 files changed, 0 insertions, 233 deletions
diff --git a/examples/LDAP/convertSambaAccount b/examples/LDAP/convertSambaAccount
deleted file mode 100755
index 8b522ef8ae..0000000000
--- a/examples/LDAP/convertSambaAccount
+++ /dev/null
@@ -1,233 +0,0 @@
-#!/usr/bin/perl -w
-##
-## Convert an LDIF file containing sambaAccount entries
-## to the new sambaSamAccount objectclass
-##
-## Copyright Gerald (Jerry) Carter 2003
-##
-## Usage: convertSambaAccount --sid=<Domain SID> \
-## --input=<input ldif> --output=<output ldif> \
-## --changetype=[modify|add]
-##
-## You can generate an input ldif file using:
-## $ ldapsearch -LL -x -h ldapsrv -D cn=root,dc=company,dc=com \
-## -b dc=copmany,dc=com > /tmp/samba3.alpha23.ldif
-##
-## Note the "-LL" so no additional comments are generated
-##
-
-
-use strict;
-use Net::LDAP::LDIF;
-use Getopt::Long;
-
-
-##############################################################################
-## local variables
-
-my ( $domain, $domsid, $changetype );
-my ( $ldif, $ldif2 );
-my ( $entry, @objclasses, $obj );
-my ( $is_samba_account, $is_samba_group );
-my ( %attr_map, %group_attr_map, $key );
-my ( @dels, $deletion, @adds, $addition );
-my ( $result, %options );
-
-
-##############################################################################
-## Print the option usage
-
-sub usage {
-
- print "convertSambaAccount <options>\n";
- print "Options:\n";
- print " --help print this help message\n";
- print " --input input LDIF filename\n";
- print " --output output LDIF filename\n";
- print " --sid domain SID\n";
- print " --changetype [modify|add] (default is 'add')\n";
-}
-
-
-##############################################################################
-## MAIN DRIVER ##
-##############################################################################
-
-##
-## hashes to map old attribute names to new ones
-##
-
-%attr_map = (
- lmPassword => 'sambaLMPassword',
- ntPassword => 'sambaNTPassword',
- pwdLastSet => 'sambaPwdLastSet',
- pwdMustChange => 'sambaPwdMustChange',
- pwdCanChange => 'sambaPwdCanChange',
- homeDrive => 'sambaHomeDrive',
- smbHome => 'sambaHomePath',
- scriptPath => 'sambaLogonScript',
- profilePath => 'sambaProfilePath',
- kickoffTime => 'sambaKickoffTime',
- logonTime => 'sambaLogonTime',
- logoffTime => 'sambaLogoffTime',
- userWorkstations => 'sambaUserWorkstations',
- domain => 'sambaDomainName',
- acctFlags => 'sambaAcctFlags',
-);
-
-%group_attr_map = (
- ntSid => 'sambaSID',
- ntGroupType => 'sambaGroupType',
-);
-
-##
-## process command line args
-##
-
-$result = GetOptions(\%options,
- "help",
- "input=s",
- "output=s",
- "sid=s",
- "changetype=s");
-
-if (!$result && ($#ARGV != -1)) {
- usage();
- exit 1;
-}
-
-if ( defined($options{'help'}) ) {
- usage();
- exit 0;
-}
-
-
-if ( !defined( $options{'sid'} ) ) {
- print "You must provide a domain sid\n";
- exit 1;
-}
-
-$domsid = $options{'sid'};
-
-$changetype = 'add';
-if ( defined( $options{'changetype'} ) ) {
- $changetype = $options{'changetype'};
-}
-
-##
-## open files
-##
-
-$ldif = Net::LDAP::LDIF->new ($options{'input'}, "r") or die $!;
-
-if ( "$changetype" eq "add" ) {
- $ldif2 = Net::LDAP::LDIF->new ($options{'output'}, "w") or die $!;
-}
-elsif ( "$changetype" eq "modify" ) {
- open( OUTPUT, ">$options{'output'}" ) or die $!;
-}
-else {
- print "Bad changetype!\n";
- exit 1;
-}
-
-##
-## process LDIF
-##
-
-while ( !$ldif->eof ) {
- undef ( $entry );
- $entry = $ldif->read_entry();
-
- ## skip entry if we find an error
- if ( $ldif->error() ) {
- print "Error msg: ",$ldif->error(),"\n";
- print "Error lines:\n",$ldif->error_lines(),"\n";
- next;
- }
-
- ##
- ## check to see if we have anything to do on this
- ## entry. If not just write it out
- ##
- @objclasses = $entry->get_value( "objectClass" );
- undef ( $is_samba_account );
- undef ( $is_samba_group );
- @adds = ();
- @dels = ();
- foreach $obj ( @objclasses ) {
- if ( lc($obj) eq "sambaaccount" ) {
- $is_samba_account = 1;
- } elsif ( lc($obj) eq "sambagroupmapping" ) {
- $is_samba_group = 1;
- }
- }
-
- if ( defined ( $is_samba_account ) ) {
- ##
- ## start editing the sambaAccount
- ##
-
- @dels = ( 'objectclass: sambaAccount', 'rid' );
- @adds = ('objectclass: sambaSamAccount', "sambaSID: " . ${domsid} . "-" . ${entry}->get_value( 'rid' ) );
- $entry->delete( 'objectclass' => [ 'sambaAccount' ] );
- $entry->add( 'objectclass' => 'sambaSamAccount' );
-
- $entry->add( 'sambaSID' => $domsid."-".$entry->get_value( "rid" ) );
- $entry->delete( 'rid' );
-
- if ( defined($entry->get_value( "primaryGroupID" )) ) {
- push @adds, "sambaPrimaryGroupSID: " . $domsid."-".$entry->get_value( "primaryGroupID" );
- push @dels, "primaryGroupID";
- $entry->add( 'sambaPrimaryGroupSID' => $domsid."-".$entry->get_value( "primaryGroupID" ) );
- $entry->delete( 'primaryGroupID' );
- }
-
-
- foreach $key ( keys %attr_map ) {
- if ( defined($entry->get_value($key)) ) {
- push @adds, "$attr_map{$key}: " . $entry->get_value($key);
- push @dels, "$key";
- $entry->add( $attr_map{$key} => $entry->get_value($key) );
- $entry->delete( $key );
- }
- }
- } elsif ( defined ( $is_samba_group ) ) {
- foreach $key ( keys %group_attr_map ) {
- if ( defined($entry->get_value($key)) ) {
- push @adds, "$group_attr_map{$key}: " . $entry->get_value($key);
- push @dels, "$key";
- $entry->add( $group_attr_map{$key} => $entry->get_value($key) );
- $entry->delete( $key );
- }
- }
- }
-
- ## see if we should write full entries or only the changes
-
- if ( "$changetype" eq "add" ) {
- $ldif2->write_entry( $entry );
- }
- else {
- if ( defined ( $is_samba_account ) || defined ( $is_samba_group ) ){
- if ( @adds + @dels > 0 ) {
- print OUTPUT "dn: " . $entry->dn . "\n";
- foreach $addition (@adds) {
- $addition =~ /(^\w+):/;
- print OUTPUT "add: " . $1 . "\n";
- print OUTPUT "$addition\n-\n";
- }
- foreach $deletion (@dels) {
- if ( $deletion =~ /^(\w+):\s(.*)/ ) {
- print OUTPUT "delete: $1\n$1: $2\n-\n";
- } else {
- print OUTPUT "delete: $deletion\n-\n"
- }
- }
- print OUTPUT "\n"
- }
- }
- }
-}
-
-