• Home
  • History
  • Annotate
  • Line#
  • Navigate
  • Raw
  • Download
  • only in /netgear-WNDR4500v2-V1.0.0.60_1.0.38/ap/gpl/samba-3.0.13/examples/LDAP/smbldap-tools-0.8.7/doc/
1#!/usr/bin/perl
2
3# $Id: smbldap-migrate-groups,v 1.5 2005/01/08 12:04:45 jtournier Exp $
4#
5#  This code was developped by IDEALX (http://IDEALX.org/) and
6#  contributors (their names can be found in the CONTRIBUTORS file).
7#
8#                 Copyright (C) 2002 IDEALX
9#
10#  This program is free software; you can redistribute it and/or
11#  modify it under the terms of the GNU General Public License
12#  as published by the Free Software Foundation; either version 2
13#  of the License, or (at your option) any later version.
14#
15#  This program is distributed in the hope that it will be useful,
16#  but WITHOUT ANY WARRANTY; without even the implied warranty of
17#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18#  GNU General Public License for more details.
19#
20#  You should have received a copy of the GNU General Public License
21#  along with this program; if not, write to the Free Software
22#  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
23#  USA.
24
25# Purpose of smbldap-migrate-groups : to parse a Windows
26# group dump and populate Unix groups
27# Reads group dump on stdin
28
29
30use strict;
31use FindBin;
32use FindBin qw($RealBin);
33use lib "$RealBin/";
34use smbldap_tools;
35use Getopt::Std;
36
37sub process_rec_group
38  {
39    my ($group, $mb) = @_;
40    my @members;
41    
42    if (!(@members = group_get_members($group))) {
43      return 0;
44    }
45
46    foreach my $m (@members) {
47      if ( !($m =~ m/^\*/) ) {
48	push @{$mb}, $m;
49      } else {
50	my $gname = $m;
51	$gname =~ s/^.//;
52	if (!process_rec_group($gname, $mb)) {
53	  print "recursive group not added : $gname\n";
54	}
55      }
56    }
57  }
58
59
60# given a group dn and a list of members, update the group
61sub modify_group
62  {
63    my ($group, $dn_line, @members, $recgroup) = @_;
64    my $m;
65    my @new_mb;
66
67    foreach $m (@members) {
68      if ( ($m =~ m/^\*/) ) {
69	my $gname = $m;
70	$gname =~ s/^.//;
71	if (!$recgroup) {
72	  print "recursive group not added : $gname\n";
73	} else {
74	  if (!process_rec_group($gname, \@new_mb)) {
75	    print "recursive group not added : $gname\n";
76	  }
77	}
78      } else {
79	push @new_mb, $m;
80      }
81    }
82
83    # new_mb contains flat members from group dump
84    # now append them to existing members
85    push @new_mb, group_get_members($group);
86    # uniq them
87    my %saw;
88    @saw{@new_mb} = ();
89    @new_mb = keys %saw;
90
91    my $nmb = $#new_mb + 1;
92    print STDERR "Group $group now has $nmb member(s)\n"; 
93    
94    my $mbs;
95    foreach $m (@new_mb) {
96      $mbs .= "memberUid: $m\n";
97    }
98
99    my $mods="$dn_line
100changetype: modify
101replace: memberUid
102$mbs
103";
104
105    #print "$mods\n";
106    my $tmpldif =
107      "$mods
108";
109
110    die "$0: error while modifying group $group\n"
111      unless (do_ldapmodify($tmpldif) == 0);
112    undef $tmpldif;
113  }
114
115sub display_group
116  {
117    my ($group, @members) = @_;
118
119    print "Group name $group\n";
120    print "Members\n";
121    my $m;
122    my $i = 0;
123    foreach $m (@members) {
124      print "$m ";
125      if ($i % 5 == 0) {
126	print "\n";
127      }
128      $i++;
129    }
130  }
131
132sub process_group
133  {
134    my ($group, @members, $nocreate, $noupdate, $recgroup) = @_;
135
136    my $dn_line;
137    if (!defined($dn_line = get_group_dn($group))) {
138      # group not found, create it ?
139      if (!$nocreate) {
140	system "/usr/local/sbin/smbldap-groupadd \"$group\"; sleep 5";
141	if (!defined($dn_line = get_group_dn($group))) {
142	  return 1;
143	}
144	modify_group($group, $dn_line, @members, $recgroup);
145      } else {
146	# don't create
147	print "not created:\n";
148	display_group($group, @members);
149      }
150    } else {
151      # group found, update it ?
152      if (!$noupdate) {
153	modify_group($group, $dn_line, @members, $recgroup);
154      } else {
155	# don't update
156	print "not updated:\n";
157	display_group($group, @members);    
158      }
159    }
160  }
161
162###################################################
163
164my %Options;
165
166my $ok = getopts('CUr?', \%Options);
167if ( (!$ok) || ($Options{'?'}) ) {
168  print "Usage: $0 [-CUr?] < group_dump\n";
169  print "  -C	    don't create group if it doesn't exist\n";
170  print "  -U	    don't update group if it exists\n";
171  print "  -r	    recursively process groups\n";
172  exit(1);
173}
174
175my $group_name;
176my $group_desc;
177my $has_members = 0;
178my @members = ();
179
180while (<>) {
181  my $line = $_;
182  chomp($line);
183  next if ( $line =~ m/^\s*$/ );
184
185  if ($group_name eq "") {
186    if ( $line =~ m/^Group name\s+(.+).$/ ) {
187      $group_name = $1;
188      next;
189    }
190  }
191  if ($group_desc eq "") {
192    if ( $line =~ m/^Comment\s+(.*)$/ ) {
193      $group_desc = $1;
194      next;
195    }
196  }
197  next if ( $line =~ m/^-+.$/ );
198  if (!$has_members) {
199    if ( $line =~ m/^Members/ ) {
200      $has_members = 1;
201      next;
202    }
203  } else {
204    if ( $line =~ m/^The command completed successfully/ ) {
205      last;
206    } else {
207      push(@members, split(/\s+/, $line));
208      next;
209    }
210  }
211
212  #print;
213}
214
215if ( $#members > -1) {
216  process_group($group_name, @members, $Options{'C'}, $Options{'U'}, $Options{'r'});
217}
218
219#print "gn=$group_name\n";
220#print "gd=$group_desc\n";
221#my $m;
222#foreach $m (@members)
223#{
224#    print "$m ";
225#}
226#print "\n";
227