summaryrefslogtreecommitdiffstats
path: root/examples/scripts/idmap
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2009-06-19 13:57:13 +1000
committerAndrew Tridgell <tridge@samba.org>2009-06-19 13:58:28 +1000
commite5a15e6589add409eb76f62a49e2b7a116a56c7c (patch)
tree3a61f00e5a0c7a9903c5626b3d64fc78befd091b /examples/scripts/idmap
parent19723ed0fcdf267ece3dbcde503f86093aceb39b (diff)
downloadsamba-e5a15e6589add409eb76f62a49e2b7a116a56c7c.tar.gz
samba-e5a15e6589add409eb76f62a49e2b7a116a56c7c.tar.xz
samba-e5a15e6589add409eb76f62a49e2b7a116a56c7c.zip
added a sample script for the "idmap script" option
Diffstat (limited to 'examples/scripts/idmap')
-rwxr-xr-xexamples/scripts/idmap/idmap_nis.sh119
1 files changed, 119 insertions, 0 deletions
diff --git a/examples/scripts/idmap/idmap_nis.sh b/examples/scripts/idmap/idmap_nis.sh
new file mode 100755
index 0000000000..28d9952eab
--- /dev/null
+++ b/examples/scripts/idmap/idmap_nis.sh
@@ -0,0 +1,119 @@
+#!/bin/bash
+# idmap script to map SIDs to UIDs/GIDs using NIS
+# tridge@samba.org June 2009
+
+DOMAIN=$(ypdomainname)
+
+(
+ date
+ echo $*
+) >> /var/log/samba/idmap.log
+
+cmd=$1
+shift
+
+PATH=/usr/bin:bin:$PATH
+
+shopt -s nocasematch || {
+ echo "shell option nocasematch not supported"
+ exit 1
+}
+
+# map from a domain and name to a uid/gid
+map_name() {
+ domain="$1"
+ name="$2"
+ ntype="$3"
+ case $ntype in
+ 1)
+ rtype="UID"
+ map="passwd"
+ ;;
+ 2)
+ rtype="GID"
+ map="group"
+ ;;
+ *)
+ echo "ERR: bad name type $ntype"
+ exit 1
+ ;;
+ esac
+ id=$(ypmatch "$name" "$map".byname 2>/dev/null | cut -d: -f3)
+ [ -z "$id" ] && {
+ echo "ERR: bad match for $name in map $map"
+ exit 1
+ }
+ echo "$rtype":"$id"
+}
+
+# map from a unix id to a name
+map_id() {
+ ntype="$1"
+ id="$2"
+ case $ntype in
+ UID)
+ map="passwd.byuid"
+ ;;
+ GID)
+ map="group.bygid"
+ ;;
+ *)
+ echo "ERR: bad name type $ntype"
+ exit 1
+ ;;
+ esac
+ name="$(ypmatch "$id" "$map" 2>/dev/null | cut -d: -f1)"
+ [ -z "$name" ] && {
+ echo "ERR: bad match for $name in map $map"
+ exit 1
+ }
+ echo "$name"
+}
+
+
+case $cmd in
+ SIDTOID)
+ sid=$1
+ rid=`echo $sid | cut -d- -f8`
+ [ -z "$rid" ] && {
+ echo "ERR: bad rid in SID $sid"
+ exit 1
+ }
+
+ unset _NO_WINBINDD
+ # oh, this is ugly. Shell is just not meant for parsing text
+ fullname=`wbinfo -s $sid 2> /dev/null`
+ domain=`echo $fullname | cut -d'\' -f1`
+ [[ "$domain" = $DOMAIN ]] || {
+ echo "ERR: bad domain $domain"
+ exit 1
+ }
+ name=`echo $fullname | cut -d'\' -f2`
+ nwords=`echo $name | wc -w`
+ ntype=`echo $name | cut -d' ' -f$nwords`
+ nminusone=`expr $nwords - 1`
+ name=`echo $name | cut -d' ' -f-$nminusone`
+ [ -z "$name" ] && {
+ echo "ERR: bad name $fullname for SID $sid"
+ exit 1
+ }
+ map_name "$domain" "$name" "$ntype"
+ ;;
+ IDTOSID)
+ ntype=$1
+ id=$2
+ name="$(map_id "$ntype" "$id")"
+ sid="$(wbinfo -n "$name" 2>/dev/null | cut -d' ' -f1)"
+ [ -z "$sid" ] && {
+ echo "ERR: name $name not found in ADS"
+ exit 1
+ }
+ echo "SID:$sid"
+ ;;
+ *)
+ echo "ERR: Unknown command $cmd"
+ exit 1;
+ ;;
+esac
+
+exit 0