From 44b6513bfc248a3b59fa858f9451a877193a9d4a Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Fri, 29 Jun 2001 20:43:24 +0000
Subject: adding an export routine to generate an smbpasswd file from LDAP

---
 examples/LDAP/export_smbpasswd.pl | 63 +++++++++++++++++++++++++++++++++++++++
 examples/LDAP/import_smbpasswd.pl | 29 +++++++++---------
 2 files changed, 77 insertions(+), 15 deletions(-)
 create mode 100644 examples/LDAP/export_smbpasswd.pl

(limited to 'examples')

diff --git a/examples/LDAP/export_smbpasswd.pl b/examples/LDAP/export_smbpasswd.pl
new file mode 100644
index 00000000000..3f67dc62427
--- /dev/null
+++ b/examples/LDAP/export_smbpasswd.pl
@@ -0,0 +1,63 @@
+#!/usr/bin/perl
+##
+## Example script to export ldap entries into an smbpasswd file format
+## using the Mozilla PerLDAP module.
+##
+## writen by jerry@samba.org
+##
+
+use Mozilla::LDAP::Conn;
+use Mozilla::LDAP::Entry;
+
+######################################################
+## Set these values to whatever you need for your site
+##
+
+$DN="ou=people,dc=plainjoe,dc=org";
+$ROOTDN="cn=Manager,dc=plainjoe,dc=org";
+$rootpw = "secret";
+$LDAPSERVER="localhost";
+
+##
+## end local site variables
+######################################################
+
+
+$conn = new Mozilla::LDAP::Conn ("$LDAPSERVER", "389", $ROOTDN, $rootpw );
+die "Unable to connect to LDAP server $LDAPSERVER" unless $conn;
+
+print "##\n";
+print "## Autogenerated smbpasswd file via ldapsearch\n";
+print "## from $LDAPSERVER ($DN)\n";
+print "##\n";
+
+## scheck for the existence of the posixAccount first
+$result = $conn->search ("$DN", "sub", "(objectclass=smbPasswordEntry)");
+	
+	
+## loop over the entries we found
+while ($result) {
+	
+	@uid         = $result->getValue("uid"); 
+	@uidNumber   = $result->getValue("uidNumber"); 
+	@lm_pw       = $result->getValue("lmpassword"); 
+	@nt_pw       = $result->getValue("ntpassword"); 
+	@acct        = $result->getValue("acctFlags"); 
+	@pwdLastSet  = $result->getValue("pwdLastSet"); 
+	
+	if (($#uid+1) && ($#uidNumber+1)) {
+	
+		$lm_pw[0]      = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" if (! ($#lm_pw+1));
+		$nt_pw[0]      = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" if (! ($#nt_pw+1));
+		$acct[0]       = "[DU         ]" if (! ($#acct+1));
+		$pwdLastSet[0] = "FFFFFFFF" if (! ($#pwdLastSet+1));
+		
+		print "$uid[0]:$uidNumber[0]:$lm_pw[0]:$nt_pw[0]:$acct[0]:LCT-$pwdLastSet[0]\n";
+	}
+	
+	$result = $conn->nextEntry();		
+	
+}
+
+$conn->close();
+exit 0;
diff --git a/examples/LDAP/import_smbpasswd.pl b/examples/LDAP/import_smbpasswd.pl
index f1fc33c6319..d19ee64488f 100644
--- a/examples/LDAP/import_smbpasswd.pl
+++ b/examples/LDAP/import_smbpasswd.pl
@@ -1,32 +1,30 @@
 #!/usr/bin/perl
 ##
-## Example script og how you could import and smbpasswd file into an LDAP
+## Example script of how you could import and smbpasswd file into an LDAP
 ## directory using the Mozilla PerLDAP module.
 ##
-## wrriten by jerry@samba.org
+## writen by jerry@samba.org
 ##
 
 use Mozilla::LDAP::Conn;
 use Mozilla::LDAP::Entry;
 
+#################################################
+## set these to a value appropriate for your site
+##
+
 $DN="ou=people,dc=plainjoe,dc=org";
 $ROOTDN="cn=Manager,dc=plainjoe,dc=org";
 $rootpw = "secret";
 $LDAPSERVER="localhost";
 
+##
+## end local site variables
+#################################################
 
-print "Connecting to $LDAPSERVER...";
 $conn = new Mozilla::LDAP::Conn ("$LDAPSERVER", "389", $ROOTDN, $rootpw );
 die "Unable to connect to LDAP server $LDAPSERVER" unless $conn;
-print "connected!\n";
 
-if ("$ARGV[0]") {
-	open (SMBPASSFILE, "$ARGV[0]") || die $!;
-	$infile = SMBPASSFILE;
-}
-else {
-	$infile = STDIN;
-}
 
 while ( $string = <$infile> ) {
 	chop ($string);
@@ -34,7 +32,11 @@ while ( $string = <$infile> ) {
 	## get the account information
 	@smbentry = split (/:/, $string);
 
-	## scheck for the existence of the posixAccount first
+	## check for the existence of the posixAccount first
+
+	## FIXME!!  Should do a getownam() and let the NSS modules lookup the account
+	## This way you can have a UNIX account in /etc/passwd and the smbpasswd i
+	## entry in LDAP.
 	$result = $conn->search ("$DN", "sub", "(&(uid=$smbentry[0])(objectclass=posixAccount))");
 	if ( ! $result ) {
 		print STDERR "uid=$smbentry[0] does not have a posixAccount entry in the directory!\n";
@@ -57,10 +59,7 @@ while ( $string = <$infile> ) {
 	if (! $conn->update($result)) {
 		print "Error updating!\n";
 	}
-
-	## $result->printLDIF();
 }
 
-close ($infile);
 $conn->close();
 exit 0;
-- 
cgit