Initial import

[samba] / examples / LDAP / smbldap-tools-0.9.1 / doc / smbldap-migrate-pwdump-groups

diff --git a/examples/LDAP/smbldap-tools-0.9.1/doc/smbldap-migrate-pwdump-groups b/examples/LDAP/smbldap-tools-0.9.1/doc/smbldap-migrate-pwdump-groups
new file mode 100644 (file)
index 0000000..a009c0d
--- /dev/null
+++ b/examples/LDAP/smbldap-tools-0.9.1/doc/smbldap-migrate-pwdump-groups
@@ -0,0 +1,226 @@
+#!/usr/bin/perl
+
+# $Id: smbldap-migrate-pwdump-groups,v 1.1 2005/03/08 09:29:47 jtournier Exp $
+#
+#  This code was developped by IDEALX (http://IDEALX.org/) and
+#  contributors (their names can be found in the CONTRIBUTORS file).
+#
+#                 Copyright (C) 2002 IDEALX
+#
+#  This program is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU General Public License
+#  as published by the Free Software Foundation; either version 2
+#  of the License, or (at your option) any later version.
+#
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+#  USA.
+
+# Purpose of smbldap-migrate-groups : to parse a Windows
+# group dump and populate Unix groups
+# Reads group dump on stdin
+
+
+use strict;
+use FindBin;
+use FindBin qw($RealBin);
+use lib "$RealBin/";
+use smbldap_tools;
+use Getopt::Std;
+
+sub process_rec_group
+  {
+    my ($group, $mb) = @_;
+    my @members;
+    
+    if (!(@members = group_get_members($group))) {
+      return 0;
+    }
+
+    foreach my $m (@members) {
+      if ( !($m =~ m/^\*/) ) {
+       push @{$mb}, $m;
+      } else {
+       my $gname = $m;
+       $gname =~ s/^.//;
+       if (!process_rec_group($gname, $mb)) {
+         print "recursive group not added : $gname\n";
+       }
+      }
+    }
+  }
+
+
+# given a group dn and a list of members, update the group
+sub modify_group
+  {
+    my ($group, $dn_line, @members, $recgroup) = @_;
+    my $m;
+    my @new_mb;
+
+    foreach $m (@members) {
+      if ( ($m =~ m/^\*/) ) {
+       my $gname = $m;
+       $gname =~ s/^.//;
+       if (!$recgroup) {
+         print "recursive group not added : $gname\n";
+       } else {
+         if (!process_rec_group($gname, \@new_mb)) {
+           print "recursive group not added : $gname\n";
+         }
+       }
+      } else {
+       push @new_mb, $m;
+      }
+    }
+
+    # new_mb contains flat members from group dump
+    # now append them to existing members
+    push @new_mb, group_get_members($group);
+    # uniq them
+    my %saw;
+    @saw{@new_mb} = ();
+    @new_mb = keys %saw;
+
+    my $nmb = $#new_mb + 1;
+    print STDERR "Group $group now has $nmb member(s)\n"; 
+    
+    my $mbs;
+    foreach $m (@new_mb) {
+      $mbs .= "memberUid: $m\n";
+    }
+
+    my $mods="$dn_line
+changetype: modify
+replace: memberUid
+$mbs
+";
+
+    #print "$mods\n";
+    my $tmpldif =
+      "$mods
+";
+
+    die "$0: error while modifying group $group\n"
+      unless (do_ldapmodify($tmpldif) == 0);
+    undef $tmpldif;
+  }
+
+sub display_group
+  {
+    my ($group, @members) = @_;
+
+    print "Group name $group\n";
+    print "Members\n";
+    my $m;
+    my $i = 0;
+    foreach $m (@members) {
+      print "$m ";
+      if ($i % 5 == 0) {
+       print "\n";
+      }
+      $i++;
+    }
+  }
+
+sub process_group
+  {
+    my ($group, @members, $nocreate, $noupdate, $recgroup) = @_;
+
+    my $dn_line;
+    if (!defined($dn_line = get_group_dn($group))) {
+      # group not found, create it ?
+      if (!$nocreate) {
+       system "/usr/local/sbin/smbldap-groupadd \"$group\"; sleep 5";
+       if (!defined($dn_line = get_group_dn($group))) {
+         return 1;
+       }
+       modify_group($group, $dn_line, @members, $recgroup);
+      } else {
+       # don't create
+       print "not created:\n";
+       display_group($group, @members);
+      }
+    } else {
+      # group found, update it ?
+      if (!$noupdate) {
+       modify_group($group, $dn_line, @members, $recgroup);
+      } else {
+       # don't update
+       print "not updated:\n";
+       display_group($group, @members);    
+      }
+    }
+  }
+
+###################################################
+
+my %Options;
+
+my $ok = getopts('CUr?', \%Options);
+if ( (!$ok) || ($Options{'?'}) ) {
+  print "Usage: $0 [-CUr?] < group_dump\n";
+  print "  -C      don't create group if it doesn't exist\n";
+  print "  -U      don't update group if it exists\n";
+  print "  -r      recursively process groups\n";
+  exit(1);
+}
+
+my $group_name;
+my $group_desc;
+my $has_members = 0;
+my @members = ();
+
+while (<>) {
+  my $line = $_;
+  chomp($line);
+  next if ( $line =~ m/^\s*$/ );
+
+  if ($group_name eq "") {
+    if ( $line =~ m/^Group name\s+(.+).$/ ) {
+      $group_name = $1;
+      next;
+    }
+  }
+  if ($group_desc eq "") {
+    if ( $line =~ m/^Comment\s+(.*)$/ ) {
+      $group_desc = $1;
+      next;
+    }
+  }
+  next if ( $line =~ m/^-+.$/ );
+  if (!$has_members) {
+    if ( $line =~ m/^Members/ ) {
+      $has_members = 1;
+      next;
+    }
+  } else {
+    if ( $line =~ m/^The command completed successfully/ ) {
+      last;
+    } else {
+      push(@members, split(/\s+/, $line));
+      next;
+    }
+  }
+
+  #print;
+}
+
+if ( $#members > -1) {
+  process_group($group_name, @members, $Options{'C'}, $Options{'U'}, $Options{'r'});
+}
+
+#print "gn=$group_name\n";
+#print "gd=$group_desc\n";
+#my $m;
+#foreach $m (@members)
+#{
+#    print "$m ";
+#}
+#print "\n";