summaryrefslogtreecommitdiff
path: root/examples/LDAP/ldapsync.pl
diff options
context:
space:
mode:
Diffstat (limited to 'examples/LDAP/ldapsync.pl')
-rw-r--r--examples/LDAP/ldapsync.pl122
1 files changed, 0 insertions, 122 deletions
diff --git a/examples/LDAP/ldapsync.pl b/examples/LDAP/ldapsync.pl
deleted file mode 100644
index c112bcc34c..0000000000
--- a/examples/LDAP/ldapsync.pl
+++ /dev/null
@@ -1,122 +0,0 @@
-#!/usr/bin/perl -w
-
-# LDAP to unix password sync script for samba-tng
-# originally by Jody Haynes <Jody.Haynes@isunnetworks.com>
-# 12/12/2000 milos@interactivesi.com
-# modified for use with MD5 passwords
-# 12/16/2000 mami@arena.sci.univr.it
-# modified to change lmpassword and ntpassword for samba
-# 05/01/2001 mami@arena.sci.univr.it
-# modified for being also a /bin/passwd replacement
-#
-# ACHTUNG!! For servers that support the LDAP Modify password
-# extended op (e.g. OpenLDAP), see the "ldap password
-# sync" option in smb.conf(5).
-#
-
-$basedn = "ou=Students,dc=univr, dc=it";
-$binddn = "uid=root,dc=univr,dc=it";
-$scope = "sub";
-$passwd = "mysecret";
-
-foreach $arg (@ARGV) {
- if ($< != 0) {
- die "Only root can specify parameters\n";
- } else {
- if ( ($arg eq '-?') || ($arg eq '--help') ) {
- print "Usage: $0 [-o] [username]\n";
- print " -o, --without-old-password do not ask for old password (root only)\n";
- print " -?, --help show this help message\n";
- exit (-1);
- } elsif ( ($arg eq '-o') || ($arg eq '--without-old-password') ) {
- $oldpass = 1;
- } elsif (substr($arg,0) ne '-') {
- $user = $arg;
- if (!defined(getpwnam($user))) {
- die "$0: Unknown user name '$user'\n"; ;
- }
- }
- }
-}
-
-if (!defined($user)) {
- $user=$ENV{"USER"};
-}
-
-if (!defined($oldpass)) {
- system "stty -echo";
- print "Old password for user $user: ";
- chomp($oldpass=<STDIN>);
- print "\n";
- system "stty echo";
-
- $ntpwd = `/usr/local/sbin/smbencrypt '$oldpass'`;
- $lmpassword = substr($ntpwd, 0, index($ntpwd, ':')); chomp $lmpassword;
- $ntpassword = substr($ntpwd, index($ntpwd, ':')+1); chomp $ntpassword;
-
- # Find dn for user $user (maybe check unix password too?)
- $dn=`ldapsearch -b '$basedn' -s '$scope' '(&(uid=$user)(lmpassword=$lmpassword)(ntpassword=$ntpassword))'|head -1`;
- chomp $dn;
-
- if ($dn eq '') {
- print "Wrong password for user $user!\n";
- exit (-1);
- }
-} else {
- # Find dn for user $user
- $dn=`ldapsearch -b '$basedn' -s '$scope' '(uid=$user)'|head -1`;
- chomp $dn;
-}
-
-system "stty -echo";
-print "New password for user $user: ";
-chomp($pass=<STDIN>);
-print "\n";
-system "stty echo";
-
-system "stty -echo";
-print "Retype new password for user $user: ";
-chomp($pass2=<STDIN>);
-print "\n";
-system "stty echo";
-
-if ($pass ne $pass2) {
- die "Wrong password!\n";
-} else {
-# MD5 password
-$random = join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64, rand 64, rand 64, rand 64, rand 64, rand 64, rand 64];
-$bsalt = "\$1\$"; $esalt = "\$";
-$modsalt = $bsalt.$random.$esalt;
-$password = crypt($pass, $modsalt);
-
-# LanManager and NT clear text passwords
-$ntpwd = `/usr/local/sbin/smbencrypt '$pass'`;
-chomp($lmpassword = substr($ntpwd, 0, index($ntpwd, ':')));
-chomp($ntpassword = substr($ntpwd, index($ntpwd, ':')+1));
-
-$FILE="|/usr/bin/ldapmodify -D '$binddn' -w $passwd";
-
-open FILE or die;
-
-print FILE <<EOF;
-dn: $dn
-changetype: modify
-replace: userPassword
-userPassword: {crypt}$password
--
-changetype: modify
-replace: lmpassword
-lmpassword: $lmpassword
--
-changetype: modify
-replace: ntpassword
-ntpassword: $ntpassword
--
-
-EOF
-close FILE;
-
-}
-
-exit 0;
-