1#!/usr/bin/perl 2 3# $Id: smbldap-migrate-pwdump-groups,v 1.1 2005/03/08 09:29:47 jtournier Exp $ 4# 5# This code was developped by IDEALX (http://IDEALX.org/) and 6# contributors (their names can be found in the CONTRIBUTORS file). 7# 8# Copyright (C) 2002 IDEALX 9# 10# This program is free software; you can redistribute it and/or 11# modify it under the terms of the GNU General Public License 12# as published by the Free Software Foundation; either version 2 13# of the License, or (at your option) any later version. 14# 15# This program is distributed in the hope that it will be useful, 16# but WITHOUT ANY WARRANTY; without even the implied warranty of 17# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18# GNU General Public License for more details. 19# 20# You should have received a copy of the GNU General Public License 21# along with this program; if not, write to the Free Software 22# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, 23# USA. 24 25# Purpose of smbldap-migrate-groups : to parse a Windows 26# group dump and populate Unix groups 27# Reads group dump on stdin 28 29 30use strict; 31use FindBin; 32use FindBin qw($RealBin); 33use lib "$RealBin/"; 34use smbldap_tools; 35use Getopt::Std; 36 37sub process_rec_group 38 { 39 my ($group, $mb) = @_; 40 my @members; 41 42 if (!(@members = group_get_members($group))) { 43 return 0; 44 } 45 46 foreach my $m (@members) { 47 if ( !($m =~ m/^\*/) ) { 48 push @{$mb}, $m; 49 } else { 50 my $gname = $m; 51 $gname =~ s/^.//; 52 if (!process_rec_group($gname, $mb)) { 53 print "recursive group not added : $gname\n"; 54 } 55 } 56 } 57 } 58 59 60# given a group dn and a list of members, update the group 61sub modify_group 62 { 63 my ($group, $dn_line, @members, $recgroup) = @_; 64 my $m; 65 my @new_mb; 66 67 foreach $m (@members) { 68 if ( ($m =~ m/^\*/) ) { 69 my $gname = $m; 70 $gname =~ s/^.//; 71 if (!$recgroup) { 72 print "recursive group not added : $gname\n"; 73 } else { 74 if (!process_rec_group($gname, \@new_mb)) { 75 print "recursive group not added : $gname\n"; 76 } 77 } 78 } else { 79 push @new_mb, $m; 80 } 81 } 82 83 # new_mb contains flat members from group dump 84 # now append them to existing members 85 push @new_mb, group_get_members($group); 86 # uniq them 87 my %saw; 88 @saw{@new_mb} = (); 89 @new_mb = keys %saw; 90 91 my $nmb = $#new_mb + 1; 92 print STDERR "Group $group now has $nmb member(s)\n"; 93 94 my $mbs; 95 foreach $m (@new_mb) { 96 $mbs .= "memberUid: $m\n"; 97 } 98 99 my $mods="$dn_line 100changetype: modify 101replace: memberUid 102$mbs 103"; 104 105 #print "$mods\n"; 106 my $tmpldif = 107 "$mods 108"; 109 110 die "$0: error while modifying group $group\n" 111 unless (do_ldapmodify($tmpldif) == 0); 112 undef $tmpldif; 113 } 114 115sub display_group 116 { 117 my ($group, @members) = @_; 118 119 print "Group name $group\n"; 120 print "Members\n"; 121 my $m; 122 my $i = 0; 123 foreach $m (@members) { 124 print "$m "; 125 if ($i % 5 == 0) { 126 print "\n"; 127 } 128 $i++; 129 } 130 } 131 132sub process_group 133 { 134 my ($group, @members, $nocreate, $noupdate, $recgroup) = @_; 135 136 my $dn_line; 137 if (!defined($dn_line = get_group_dn($group))) { 138 # group not found, create it ? 139 if (!$nocreate) { 140 system "/usr/local/sbin/smbldap-groupadd \"$group\"; sleep 5"; 141 if (!defined($dn_line = get_group_dn($group))) { 142 return 1; 143 } 144 modify_group($group, $dn_line, @members, $recgroup); 145 } else { 146 # don't create 147 print "not created:\n"; 148 display_group($group, @members); 149 } 150 } else { 151 # group found, update it ? 152 if (!$noupdate) { 153 modify_group($group, $dn_line, @members, $recgroup); 154 } else { 155 # don't update 156 print "not updated:\n"; 157 display_group($group, @members); 158 } 159 } 160 } 161 162################################################### 163 164my %Options; 165 166my $ok = getopts('CUr?', \%Options); 167if ( (!$ok) || ($Options{'?'}) ) { 168 print "Usage: $0 [-CUr?] < group_dump\n"; 169 print " -C don't create group if it doesn't exist\n"; 170 print " -U don't update group if it exists\n"; 171 print " -r recursively process groups\n"; 172 exit(1); 173} 174 175my $group_name; 176my $group_desc; 177my $has_members = 0; 178my @members = (); 179 180while (<>) { 181 my $line = $_; 182 chomp($line); 183 next if ( $line =~ m/^\s*$/ ); 184 185 if ($group_name eq "") { 186 if ( $line =~ m/^Group name\s+(.+).$/ ) { 187 $group_name = $1; 188 next; 189 } 190 } 191 if ($group_desc eq "") { 192 if ( $line =~ m/^Comment\s+(.*)$/ ) { 193 $group_desc = $1; 194 next; 195 } 196 } 197 next if ( $line =~ m/^-+.$/ ); 198 if (!$has_members) { 199 if ( $line =~ m/^Members/ ) { 200 $has_members = 1; 201 next; 202 } 203 } else { 204 if ( $line =~ m/^The command completed successfully/ ) { 205 last; 206 } else { 207 push(@members, split(/\s+/, $line)); 208 next; 209 } 210 } 211 212 #print; 213} 214 215if ( $#members > -1) { 216 process_group($group_name, @members, $Options{'C'}, $Options{'U'}, $Options{'r'}); 217} 218 219#print "gn=$group_name\n"; 220#print "gd=$group_desc\n"; 221#my $m; 222#foreach $m (@members) 223#{ 224# print "$m "; 225#} 226#print "\n"; 227