summaryrefslogtreecommitdiff
path: root/examples/LDAP/smbldap-tools/smbldap-populate.pl
diff options
context:
space:
mode:
Diffstat (limited to 'examples/LDAP/smbldap-tools/smbldap-populate.pl')
-rwxr-xr-xexamples/LDAP/smbldap-tools/smbldap-populate.pl294
1 files changed, 294 insertions, 0 deletions
diff --git a/examples/LDAP/smbldap-tools/smbldap-populate.pl b/examples/LDAP/smbldap-tools/smbldap-populate.pl
new file mode 100755
index 0000000000..5be9ca4262
--- /dev/null
+++ b/examples/LDAP/smbldap-tools/smbldap-populate.pl
@@ -0,0 +1,294 @@
+#!/usr/bin/perl
+
+# Populate a LDAP base for Samba-LDAP usage
+#
+# This code was developped by IDEALX (http://IDEALX.org/) and
+# contributors (their names can be found in the CONTRIBUTORS file).
+#
+# Copyright (C) 2001-2002 IDEALX
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+# USA.
+
+# Purpose :
+# . Create an initial LDAP database suitable for Samba 2.2
+# . For lazy people, replace ldapadd (with only an ldif parameter)
+
+use strict;
+use smbldap_tools;
+use smbldap_conf;
+
+use Getopt::Std;
+
+use vars qw(%oc);
+
+# objectclass of the suffix
+%oc = (
+ "ou" => "organizationalUnit",
+ "o" => "organization",
+ "dc" => "dcObject",
+);
+
+
+my %Options;
+
+my $ok = getopts('a:b:?', \%Options);
+if ( (!$ok) || ($Options{'?'}) ) {
+ print "Usage: $0 [-ab?] [ldif]\n";
+ print " -a administrator login name (default: Administrator)\n";
+ print " -b guest login name (default: nobody)\n";
+ print " -? show this help message\n";
+ print " ldif file to add to ldap (default: suffix, Groups,";
+ print " Users, Computers and builtin users )\n";
+ exit (1);
+}
+
+my $_ldifName;
+
+if (@ARGV >= 1) {
+ $_ldifName = $ARGV[0];
+}
+
+my $adminName = $Options{'a'};
+if (!defined($adminName)) {
+ $adminName = "Administrator";
+}
+
+my $guestName = $Options{'b'};
+if (!defined($guestName)) {
+ $guestName = "nobody";
+}
+
+if (!defined($_ldifName)) {
+ my $attr;
+ my $val;
+ my $objcl;
+
+ if ($suffix =~ m/([^=]+)=([^,]+)/) {
+ $attr = $1;
+ $val = $2;
+ $objcl = $oc{$attr} if (exists $oc{$attr});
+ if (!defined($objcl)) {
+ $objcl = "myhardcodedobjectclass";
+ }
+ } else {
+ die "can't extract first attr and value from suffix $suffix";
+ }
+ #print "$attr=$val\n";
+
+ #my $FILE="|cat";
+ my $FILE="|$ldapadd -c";
+ open (FILE, $FILE) || die "$!\n";
+
+ print FILE <<EOF;
+dn: $suffix
+objectClass: $objcl
+$attr: $val
+
+dn: $usersdn
+objectClass: organizationalUnit
+ou: $usersou
+
+dn: $groupsdn
+objectClass: organizationalUnit
+ou: $groupsou
+
+dn: $computersdn
+objectClass: organizationalUnit
+ou: $computersou
+
+dn: uid=$adminName,$usersdn
+cn: $adminName
+objectClass: sambaAccount
+objectClass: posixAccount
+gidNumber: 512
+uid: $adminName
+uidNumber: 998
+homeDirectory: $_userHomePrefix
+pwdLastSet: 0
+logonTime: 0
+logoffTime: 2147483647
+kickoffTime: 2147483647
+pwdCanChange: 0
+pwdMustChange: 2147483647
+smbHome: $_userSmbHome
+homeDrive: $_userHomeDrive
+profilePath: $_userProfile
+rid: 500
+primaryGroupID: 512
+lmPassword: XXX
+ntPassword: XXX
+acctFlags: [U ]
+loginShell: /bin/false
+gecos: Netbios Domain Administrator
+
+dn: uid=$guestName,$usersdn
+cn: $guestName
+objectClass: sambaAccount
+objectClass: posixAccount
+gidNumber: 514
+uid: $guestName
+uidNumber: 999
+homeDirectory: /dev/null
+pwdLastSet: 0
+logonTime: 0
+logoffTime: 2147483647
+kickoffTime: 2147483647
+pwdCanChange: 0
+pwdMustChange: 2147483647
+smbHome: $_userSmbHome
+homeDrive: $_userHomeDrive
+profilePath: $_userProfile
+rid: 501
+primaryGroupID: 514
+lmPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
+ntPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
+acctFlags: [NU ]
+loginShell: /bin/false
+
+dn: cn=Domain Admins,$groupsdn
+objectClass: posixGroup
+gidNumber: 512
+cn: Domain Admins
+memberUid: $adminName
+description: Netbios Domain Administrators (need smb.conf configuration)
+
+dn: cn=Domain Users,$groupsdn
+objectClass: posixGroup
+gidNumber: 513
+cn: Domain Users
+description: Netbios Domain Users (not implemented yet)
+
+dn: cn=Domain Guests,$groupsdn
+objectClass: posixGroup
+gidNumber: 514
+cn: Domain Guests
+description: Netbios Domain Guests Users (not implemented yet)
+
+dn: cn=Administrators,$groupsdn
+objectClass: posixGroup
+gidNumber: 544
+cn: Administrators
+description: Netbios Domain Members can fully administer the computer/domain (not implemented yet)
+
+dn: cn=Users,$groupsdn
+objectClass: posixGroup
+gidNumber: 545
+cn: Users
+description: Netbios Domain Ordinary users (not implemented yet)
+
+dn: cn=Guests,$groupsdn
+objectClass: posixGroup
+gidNumber: 546
+cn: Guests
+memberUid: $guestName
+description: Netbios Domain Users granted guest access to the computer/domain (not implemented yet)
+
+
+dn: cn=Power Users,$groupsdn
+objectClass: posixGroup
+gidNumber: 547
+cn: Power Users
+description: Netbios Domain Members can share directories and printers (not implemented yet)
+
+dn: cn=Account Operators,$groupsdn
+objectClass: posixGroup
+gidNumber: 548
+cn: Account Operators
+description: Netbios Domain Users to manipulate users accounts (not implemented yet)
+
+dn: cn=Server Operators,$groupsdn
+objectClass: posixGroup
+gidNumber: 549
+cn: Server Operators
+description: Netbios Domain Server Operators (need smb.conf configuration)
+
+dn: cn=Print Operators,$groupsdn
+objectClass: posixGroup
+gidNumber: 550
+cn: Print Operators
+description: Netbios Domain Print Operators (need smb.conf configuration)
+
+dn: cn=Backup Operators,$groupsdn
+objectClass: posixGroup
+gidNumber: 551
+cn: Backup Operators
+description: Netbios Domain Members can bypass file security to back up files (not implemented yet)
+
+dn: cn=Replicator,$groupsdn
+objectClass: posixGroup
+gidNumber: 552
+cn: Replicator
+description: Netbios Domain Supports file replication in a domain (not implemented yet)
+
+dn: cn=Domain Computers,$groupsdn
+objectClass: posixGroup
+gidNumber: 553
+cn: Domain Computers
+description: Netbios Domain Computers accounts
+
+EOF
+ close FILE;
+ exit($?)
+
+} else {
+ exec "$ldapadd < $_ldifName";
+}
+
+exit(0);
+
+
+########################################
+
+=head1 NAME
+
+ smbldap-populate.pl - Populate your LDAP database
+
+=head1 SYNOPSIS
+
+ smbldap-populate.pl [ldif-file]
+
+=head1 DESCRIPTION
+
+ The smbldap-populate.pl command helps to populate an LDAP server
+ by adding the necessary entries : base suffix (doesn't abort
+ if already there), organizational units for users, groups and
+ computers, builtin users : Administrator and guest, builtin
+ groups (though posixAccount only, no SambaTNG support).
+
+ -a name Your local administrator login name (default: Administrator)
+ -b name Your local guest login name (default: nobody)
+
+ If you give an extra parameter, it is assumed to be the ldif
+ file to use instead of the builtin one. Options -a and -b
+ will be ignored. This usage mode makes the command behave
+ like ldapadd(1) with extra parameters taken from the smbldap-tools
+ config (smbldap_conf.pm).
+
+=head1 FILES
+
+ /usr/lib/perl5/site-perl/smbldap_conf.pm : Global parameters.
+
+=head1 SEE ALSO
+
+ smp(1)
+
+=cut
+
+#'
+
+
+
+# - The End