diff -U0 smbldap-tools-0.9.6/ChangeLog.svn36 smbldap-tools-0.9.6/ChangeLog
--- smbldap-tools-0.9.6/ChangeLog.svn36 2010-11-15 14:45:49.000000000 +0000
+++ smbldap-tools-0.9.6/ChangeLog 2011-03-07 13:09:28.736762330 +0000
@@ -1 +1,23 @@
-# $Id: ChangeLog 26 2010-11-15 14:28:01Z mm1 $
+# $Id: ChangeLog 34 2011-02-23 08:10:50Z fumiyas $
+
+2011-02-23 <fumiyas at OSS echnology, Inc. Japan>
+ * smbldap_tools.pm:
+ - get_next_id: Use getgrgid() for GID number
+ - read_parameter: Use lexically-scoped variable $line
+ instead of global $_
+ - read_user_human_readable: Use UTF-8 flaged string and
+ \P{IsPrint} to check if an LDAP attribute has non-printable
+ characters or not
+ * smbldap-populate: Fix wrong sambaGroupType values for local groups
+ * Replace bare "smbpasswd" with "$config{smbpasswd}"
+ * smbldap-useradd: Add -h (--no-dereference) option to the
+ chown(1) command-line
+ * smbldap-useradd: Extend -Z (--attr) option to take multiple
+ -Z options
+ * smbldap-usermod: Set sambaPwdLastSet to the current time
+ if "-B 0" is used (for Samba 3.0.25 and later)
+ * smbldap-usermod: Extend -Z (--attr) option:
+ - Take multiple -Z options
+ - Append a value to a multi-value attribute by -Z +name=value
+ - Remove a value from a multi-value attribute by -Z -name=value
+ - Remove a attribte by -Z -name
diff -up smbldap-tools-0.9.6/configure.pl.svn36 smbldap-tools-0.9.6/configure.pl
--- smbldap-tools-0.9.6/configure.pl.svn36 2010-11-15 14:45:49.000000000 +0000
+++ smbldap-tools-0.9.6/configure.pl 2011-03-07 13:09:28.743763425 +0000
@@ -1,13 +1,13 @@
#!/usr/bin/perl -w
-# $Id: configure.pl 26 2010-11-15 14:28:01Z mm1 $
+# $Id: configure.pl 36 2011-03-05 10:02:23Z mm1 $
-# This script can help you setting up the smbldap_conf.pl file. It will get all
-# the defaults value that are defined in the smb.conf configuration file. You
+# This script can help you setting up the smbldap_conf.pl file. It will set all
+# the default values that are defined in the smb.conf configuration file. You
# should then start with this configuration file. You will also need the SID
-# for your samba domain: set up the controler domain before using this script.
+# for your samba domain: set up the domain controller before using this script.
-# This code was developped by IDEALX (http://IDEALX.org/) and
+# This code was developed by IDEALX (http://IDEALX.org/) and
# contributors (their names can be found in the CONTRIBUTORS file).
#
# Copyright (C) 2002 IDEALX
@@ -43,14 +43,14 @@ Before starting, check
. if your samba controller is up and running.
. if the domain SID is defined (you can get it with the 'net getlocalsid')
- . you can leave the configuration using the Crtl-c key combination
+ . you can leave the configuration using the Ctrl-c key combination
. empty value can be set with the \".\" character\n";
print "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\n";
# we first check if Samba is up and running
my $test_smb=`pidof smbd`;
chomp($test_smb);
-die "\nSamba need to be started first !\n" if ($test_smb eq "" || not defined $test_smb);
+die "\nSamba needs to be started first !\n" if ($test_smb eq "" || not defined $test_smb);
print "Looking for configuration files...\n\n";
my $smb_conf="";
@@ -67,11 +67,11 @@ if ($config_smb ne "") {
my $conf_dir;
if (-d "/etc/opt/IDEALX/smbldap-tools") {
- $conf_dir="/etc/opt/IDEALX/smbldap-tools/";
+ $conf_dir="/etc/opt/IDEALX/smbldap-tools";
} elsif (-d "/etc/smbldap-tools") {
- $conf_dir="/etc/smbldap-tools/";
+ $conf_dir="/etc/smbldap-tools";
} else {
- $conf_dir="/etc/opt/IDEALX/smbldap-tools/";
+ $conf_dir="/etc/opt/IDEALX/smbldap-tools";
}
print "\nThe default directory in which the smbldap configuration files are stored is shown.\n";
@@ -83,13 +83,13 @@ if ($conf_dir_tmp ne "") {
$conf_dir=$conf_dir_tmp;
}
-$conf_dir=~s/(\w)$/$1\//;
+$conf_dir=~s/\/*$//;
if (! -d $conf_dir) {
mkdir "$conf_dir";
}
-my $smbldap_conf="$conf_dir"."smbldap.conf";
-my $smbldap_bind_conf="$conf_dir"."smbldap_bind.conf";
+my $smbldap_conf="$conf_dir"."/smbldap.conf";
+my $smbldap_bind_conf="$conf_dir"."/smbldap_bind.conf";
@@ -141,8 +141,8 @@ print "Let's start configuring the smbld
# }
# . if no value is found in smb.conf for the keys, this value is proposed
# . the 'insist' variable: if set to 1, then the script will always call for a value
-# for the parameter. In other words, there's not default value, and it can't be set
-# to a null caracter string.
+# for the parameter. In other words, there's no default value, and it can't be set
+# to an empty string.
sub read_entry
{
@@ -193,10 +193,10 @@ sub read_entry
return $value;
}
-print ". workgroup name: name of the domain Samba act as a PDC\n";
+print ". workgroup name: name of the domain Samba acts as a PDC for\n";
my $workgroup=read_entry(" workgroup name","workgroup","",0);
-print ". netbios name: netbios name of the samba controler\n";
+print ". netbios name: netbios name of the samba controller\n";
my $netbios_name=read_entry(" netbios name","netbiosname","",0);
print ". logon drive: local path to which the home directory will be connected (for NT Workstations). Ex: 'H:'\n";
@@ -207,7 +207,7 @@ my $logonhome=read_entry(" logon home (
#$logonhome=~s/\\/\\\\/g;
print ". logon path: directory where roaming profiles are stored. Ex:'\\\\$netbios_name\\profiles\\\%U'\n";
-my $logonpath=read_entry(" logon path (press the \".\" character if you don't want roaming profile)","logonpath","\\\\$netbios_name\\profiles\\\%U",0);
+my $logonpath=read_entry(" logon path (press the \".\" character if you don't want roaming profiles)","logonpath","\\\\$netbios_name\\profiles\\\%U",0);
#$logonpath=~s/\\/\\\\/g;
my $userHome=read_entry(". home directory prefix (use %U as username)","","/home/\%U",0);
@@ -237,12 +237,11 @@ my $sambaUnixIdPooldn=read_entry(" samb
my ($trash1,$server);
if (defined $config{passdbbackend}) {
($trash1,$server)=($config{passdbbackend}=~m/(.*)ldap:\/\/(.*)/);
-} else {
- $server="127.0.0.1";
}
+$server="127.0.0.1" unless defined($server);
$server=~s/\///;
my $ldapmasterserver;
-print ". ldap master server: IP adress or DNS name of the master (writable) ldap server\n";
+print ". ldap master server: IP address or DNS name of the master (writable) ldap server\n";
$ldapmasterserver=read_entry(" ldap master server","",$server,0);
my $ldapmasterport;
if (defined $config{ldapport}) {
@@ -257,7 +256,7 @@ print "\n";
system "stty echo";
# parameters for the slave ldap server
-print ". ldap slave server: IP adress or DNS name of the slave ldap server: can also be the master one\n";
+print ". ldap slave server: IP address or DNS name of the slave ldap server: can also be the master one\n";
my $ldap_slave_server=read_entry(" ldap slave server","","$server",0);
my $ldap_slave_port;
if (defined $config{ldapport}) {
@@ -307,16 +306,13 @@ my $userLoginShell=read_entry(". default
my $skeletonDir=read_entry(". default skeleton directory","","/etc/skel",0);
-my $mailDomain=read_entry(". default domain name to append to mail adress", "","",0);
+my $mailDomain=read_entry(". default domain name to append to mail address", "","",0);
print "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";
my $template_smbldap="
-# \$Source: /opt/cvs/samba/smbldap-tools/configure.pl,v $
-# \$Id: configure.pl 26 2010-11-15 14:28:01Z mm1 $
-#
# smbldap-tools.conf : Q & D configuration file for smbldap-tools
-# This code was developped by IDEALX (http://IDEALX.org/) and
+# This code was developed by IDEALX (http://IDEALX.org/) and
# contributors (their names can be found in the CONTRIBUTORS file).
#
# Copyright (C) 2001-2002 IDEALX
@@ -524,12 +520,12 @@ mailDomain=\"$mailDomain\"
#
##############################################################################
-# Allows not to use smbpasswd (if with_smbpasswd="0" in smbldap.conf) but
+# Allows not to use smbpasswd (if with_smbpasswd=\"0\" in smbldap.conf) but
# prefer Crypt::SmbHash library
with_smbpasswd=\"0\"
smbpasswd=\"/usr/bin/smbpasswd\"
-# Allows not to use slappasswd (if with_slappasswd="0" in smbldap.conf)
+# Allows not to use slappasswd (if with_slappasswd=\"0\" in smbldap.conf)
# but prefer Crypt:: libraries
with_slappasswd=\"0\"
slappasswd=\"/usr/sbin/slappasswd\"
@@ -542,7 +538,7 @@ my $template_smbldap_bind="
############################
# Credential Configuration #
############################
-# Notes: you can specify two differents configuration if you use a
+# Note: you can specify two different configurations if you use a
# master ldap for writing access and a slave ldap server for reading access
# By default, we will use the same DN (so it will work for standard Samba
# release)
diff -up smbldap-tools-0.9.6/CONTRIBUTORS.svn36 smbldap-tools-0.9.6/CONTRIBUTORS
--- smbldap-tools-0.9.6/CONTRIBUTORS.svn36 2010-11-15 14:45:49.000000000 +0000
+++ smbldap-tools-0.9.6/CONTRIBUTORS 2011-03-07 13:09:28.743763425 +0000
@@ -1,4 +1,4 @@
-# $Id: CONTRIBUTORS 26 2010-11-15 14:28:01Z mm1 $
+# $Id: CONTRIBUTORS 36 2011-03-05 10:02:23Z mm1 $
#
## Authors, developers and contributors of SMBLDAP-TOOLS
@@ -9,6 +9,7 @@ or maintain parts of the code tree:
. David Le Corfec <dlc@freesurf.fr>
. Olivier Lemaire <olivier.lemaire@IDEALX.com>
. Martin Matuška <mm@FreeBSD.org>
+ . SATOH Fumiyasu <fumiyas at OSS Technology, Inc., Japan>
Many thanks for bug reports and patches:
. Bruce Benda
@@ -37,5 +38,5 @@ Many thanks for bug reports and patches:
bug report for smbldap-populate
. Christophe DUBREUIL <christophe.dubreuil@laposte.net>
Net::LDAP support in smbldap_tools.pm
- . Paul Horwath <paul@city-fan.org>
+ . Paul Howarth <paul@city-fan.org>
various style, spelling and other bugfixes
diff -up smbldap-tools-0.9.6/smbldap_bind.conf.svn36 smbldap-tools-0.9.6/smbldap_bind.conf
--- smbldap-tools-0.9.6/smbldap_bind.conf.svn36 2010-11-15 14:45:49.000000000 +0000
+++ smbldap-tools-0.9.6/smbldap_bind.conf 2011-03-07 13:09:28.744763582 +0000
@@ -1,4 +1,4 @@
-# $Id: smbldap_bind.conf 26 2010-11-15 14:28:01Z mm1 $
+# $Id: smbldap_bind.conf 35 2011-02-23 09:07:36Z fumiyas $
#
############################
# Credential Configuration #
@@ -7,7 +7,7 @@
# master ldap for writing access and a slave ldap server for reading access
# By default, we will use the same DN (so it will work for standard Samba
# release)
-slaveDN="cn=Manager,dc=iallanis,dc=info"
+slaveDN="cn=Manager,dc=example,dc=com"
slavePw="secret"
-masterDN="cn=Manager,dc=iallanis,dc=info"
+masterDN="cn=Manager,dc=example,dc=com"
masterPw="secret"
diff -up smbldap-tools-0.9.6/smbldap.conf.svn36 smbldap-tools-0.9.6/smbldap.conf
--- smbldap-tools-0.9.6/smbldap.conf.svn36 2010-11-15 14:45:49.000000000 +0000
+++ smbldap-tools-0.9.6/smbldap.conf 2011-03-07 13:09:28.745763738 +0000
@@ -1,4 +1,4 @@
-# $Id: smbldap.conf 26 2010-11-15 14:28:01Z mm1 $
+# $Id: smbldap.conf 35 2011-02-23 09:07:36Z fumiyas $
#
# smbldap-tools.conf : Q & D configuration file for smbldap-tools
@@ -57,7 +57,7 @@ sambaDomain="DOMSMB"
# Slave LDAP server
# Ex: slaveLDAP=127.0.0.1
# If not defined, parameter is set to "127.0.0.1"
-slaveLDAP="ldap.iallanis.info"
+slaveLDAP="ldap.example.com"
# Slave LDAP port
# If not defined, parameter is set to "389"
@@ -66,7 +66,7 @@ slavePort="389"
# Master LDAP server: needed for write operations
# Ex: masterLDAP=127.0.0.1
# If not defined, parameter is set to "127.0.0.1"
-masterLDAP="ldap.iallanis.info"
+masterLDAP="ldap.example.com"
# Master LDAP port
# If not defined, parameter is set to "389"
@@ -95,15 +95,15 @@ cafile="/etc/smbldap-tools/ca.pem"
# certificate to use to connect to the ldap server
# see "man Net::LDAP" in start_tls section for more details
-clientcert="/etc/smbldap-tools/smbldap-tools.iallanis.info.pem"
+clientcert="/etc/smbldap-tools/smbldap-tools.example.com.pem"
# key certificate to use to connect to the ldap server
# see "man Net::LDAP" in start_tls section for more details
-clientkey="/etc/smbldap-tools/smbldap-tools.iallanis.info.key"
+clientkey="/etc/smbldap-tools/smbldap-tools.example.com.key"
# LDAP Suffix
# Ex: suffix=dc=IDEALX,dc=ORG
-suffix="dc=iallanis,dc=info"
+suffix="dc=example,dc=com"
# Where are stored Users
# Ex: usersdn="ou=Users,dc=IDEALX,dc=ORG"
@@ -209,7 +209,7 @@ userScript="logon.bat"
# Domain appended to the users "mail"-attribute
# when smbldap-useradd -M is used
# Ex: mailDomain="idealx.com"
-mailDomain="iallanis.info"
+mailDomain="example.com"
##############################################################################
#
diff -up smbldap-tools-0.9.6/smbldap-populate.svn36 smbldap-tools-0.9.6/smbldap-populate
--- smbldap-tools-0.9.6/smbldap-populate.svn36 2010-11-15 14:45:49.000000000 +0000
+++ smbldap-tools-0.9.6/smbldap-populate 2011-03-07 13:09:28.746763893 +0000
@@ -1,6 +1,6 @@
#!/usr/bin/perl -w
-# $Id: smbldap-populate 26 2010-11-15 14:28:01Z mm1 $
+# $Id: smbldap-populate 28 2011-02-23 00:43:34Z fumiyas $
# This code was developped by Jerome Tournier (jtournier@gmail.com) and
# contributors (their names can be found in the CONTRIBUTORS file).
@@ -339,7 +339,7 @@ gidNumber: 544
cn: Administrators
description: Netbios Domain Members can fully administer the computer/sambaDomainName
sambaSID: S-1-5-32-544
-sambaGroupType: 5
+sambaGroupType: 4
displayName: Administrators
#dn: cn=Users,$config{groupsdn}
@@ -350,7 +350,7 @@ displayName: Administrators
#cn: Users
#description: Netbios Domain Ordinary users
#sambaSID: S-1-5-32-545
-#sambaGroupType: 5
+#sambaGroupType: 4
#displayName: users
#dn: cn=Guests,$config{groupsdn}
@@ -362,7 +362,7 @@ displayName: Administrators
#memberUid: $guestName
#description: Netbios Domain Users granted guest access to the computer/sambaDomainName
#sambaSID: S-1-5-32-546
-#sambaGroupType: 5
+#sambaGroupType: 4
#displayName: Guests
#dn: cn=Power Users,$config{groupsdn}
@@ -373,7 +373,7 @@ displayName: Administrators
#cn: Power Users
#description: Netbios Domain Members can share directories and printers
#sambaSID: S-1-5-32-547
-#sambaGroupType: 5
+#sambaGroupType: 4
#displayName: Power Users
dn: cn=Account Operators,$config{groupsdn}
@@ -384,7 +384,7 @@ gidNumber: 548
cn: Account Operators
description: Netbios Domain Users to manipulate users accounts
sambaSID: S-1-5-32-548
-sambaGroupType: 5
+sambaGroupType: 4
displayName: Account Operators
#dn: cn=System Operators,$config{groupsdn}
@@ -395,7 +395,7 @@ displayName: Account Operators
#cn: System Operators
#description: Netbios Domain System Operators
#sambaSID: S-1-5-32-549
-#sambaGroupType: 5
+#sambaGroupType: 4
#displayName: System Operators
dn: cn=Print Operators,$config{groupsdn}
@@ -406,7 +406,7 @@ gidNumber: 550
cn: Print Operators
description: Netbios Domain Print Operators
sambaSID: S-1-5-32-550
-sambaGroupType: 5
+sambaGroupType: 4
displayName: Print Operators
dn: cn=Backup Operators,$config{groupsdn}
@@ -417,7 +417,7 @@ gidNumber: 551
cn: Backup Operators
description: Netbios Domain Members can bypass file security to back up files
sambaSID: S-1-5-32-551
-sambaGroupType: 5
+sambaGroupType: 4
displayName: Backup Operators
dn: cn=Replicators,$config{groupsdn}
@@ -428,7 +428,7 @@ gidNumber: 552
cn: Replicators
description: Netbios Domain Supports file replication in a sambaDomainName
sambaSID: S-1-5-32-552
-sambaGroupType: 5
+sambaGroupType: 4
displayName: Replicators
";
diff -up smbldap-tools-0.9.6/smbldap_tools.pm.svn36 smbldap-tools-0.9.6/smbldap_tools.pm
--- smbldap-tools-0.9.6/smbldap_tools.pm.svn36 2010-11-15 14:45:49.000000000 +0000
+++ smbldap-tools-0.9.6/smbldap_tools.pm 2011-03-07 13:09:28.747764049 +0000
@@ -1,6 +1,6 @@
#!/usr/bin/perl -w
-# $Id: smbldap_tools.pm 26 2010-11-15 14:28:01Z mm1 $
+# $Id: smbldap_tools.pm 32 2011-02-23 01:32:15Z fumiyas $
# This code was developped by Jerome Tournier (jtournier@gmail.com) and
# contributors (their names can be found in the CONTRIBUTORS file).
@@ -25,6 +25,7 @@
use strict;
package smbldap_tools;
+use Encode;
use Net::LDAP;
use Crypt::SmbHash;
use Unicode::MapUTF8 qw(to_utf8 from_utf8);
@@ -121,16 +122,16 @@ sub print_banner {
sub read_parameter {
my $line = shift;
## check for a param = value
- if ( $_ =~ /=/ ) {
+ if ( $line =~ /=/ ) {
my ( $param, $val );
- if ( $_ =~ /\s*.*?\s*=\s*".*"/ ) {
- ( $param, $val ) = /\s*(.*?)\s*=\s*"(.*)"/;
+ if ( $line =~ /\s*(.*?)\s*=\s*"(.*)"/ ) {
+ ( $param, $val ) = ($1, $2);
}
- elsif ( $_ =~ /\s*.*?\s*=\s*'.*'/ ) {
- ( $param, $val ) = /\s*(.*?)\s*=\s*'(.*)'/;
+ elsif ( $line =~ /\s*(.*?)\s*=\s*'(.*)'/ ) {
+ ( $param, $val ) = ($1, $2);
}
else {
- ( $param, $val ) = /\s*(.*?)\s*=\s*(.*)/;
+ ( $param, $val ) = $line =~ /\s*(.*?)\s*=\s*(.*)/;
}
return ( $param, $val );
}
@@ -624,7 +625,7 @@ sub add_posix_machine {
# success = add_samba_machine_smbpasswd($computername)
sub add_samba_machine_smbpasswd {
my $user = shift;
- system "smbpasswd -a -m $user";
+ system "$config{smbpasswd} -a -m $user";
return 1;
}
@@ -828,9 +829,10 @@ sub read_user {
$lines .= "dn: " . $entry->dn . "\n";
foreach my $attr ( $entry->attributes ) {
my @vals = $entry->get_value($attr);
-# foreach my $val (@vals) {
-# $val = "**UNPRINTABLE**" if ( $val =~ /[^[:print:]]/ );
-# }
+# my $val_utf8 = eval {
+# Encode::decode_utf8($val, Encode::FB_CROAK);
+# };
+# $val = "**UNPRINTABLE**" if ($@ || $val_utf8 =~ /\P{IsPrint}/);
$lines .= $attr . ": " . join( ',', @vals ) . "\n";
}
}
@@ -857,7 +859,10 @@ sub read_user_human_readable {
foreach my $attr ( $entry->attributes ) {
my @vals = $entry->get_value($attr);
foreach my $val (@vals) {
- $val = "**UNPRINTABLE**" if ( $val =~ /[^[:print:]]/ );
+ my $val_utf8 = eval {
+ Encode::decode_utf8($val, Encode::FB_CROAK);
+ };
+ $val = "**UNPRINTABLE**" if ($@ || $val_utf8 =~ /\P{IsPrint}/);
}
if ( $attr eq "sambaPwdLastSet"
or $attr eq "sambaPwdCanChange"
@@ -1209,7 +1214,8 @@ sub get_next_id($$) {
if ( $check_uid_mesg->count == 0 ) {
# now, look if the id or gid is not already used in /etc/passwd or /etc/group
- if ( !getpwuid($nextuid) ) {
+ if ($attribute =~ /^uid/i && !getpwuid($nextuid) ||
+ $attribute =~ /^gid/i && !getgrgid($nextuid) ) {
$found = 1;
return $nextuid;
}
diff -up smbldap-tools-0.9.6/smbldap-useradd.svn36 smbldap-tools-0.9.6/smbldap-useradd
--- smbldap-tools-0.9.6/smbldap-useradd.svn36 2010-11-15 14:45:49.000000000 +0000
+++ smbldap-tools-0.9.6/smbldap-useradd 2011-03-07 13:09:28.748764206 +0000
@@ -1,6 +1,6 @@
#!/usr/bin/perl -w
-# $Id: smbldap-useradd 26 2010-11-15 14:28:01Z mm1 $
+# $Id: smbldap-useradd 34 2011-02-23 08:10:50Z fumiyas $
# This code was developed by Jerome Tournier (jtournier@gmail.com) and
# contributors (their names can be found in the CONTRIBUTORS file).
@@ -33,13 +33,47 @@ use smbldap_tools;
use Crypt::SmbHash;
#####################
-use Getopt::Std;
+use Getopt::Long;
my %Options;
-my $ok =
- getopts( 'abc:d:g:ik:mno:s:t:u:wA:B:C:D:E:F:G:H:M:N:O:PS:T:WX:Z:?', \%Options );
+Getopt::Long::Configure('bundling');
+my $ok = GetOptions(
+ "A|sambaPwdCanChange=s" => \$Options{A},
+ "B|sambaPwdMustChange=s" => \$Options{B},
+ "C|sambaHomePath=s" => \$Options{C},
+ "D|sambaHomeDrive=s" => \$Options{D},
+ "E|sambaLogonScript=s" => \$Options{E},
+ "F|sambaProfilePath=s" => \$Options{F},
+ "G|group=s" => \$Options{G},
+ "H|sambaAcctFlags=s" => \$Options{H},
+ "M|mailAddresses=s" => \$Options{M},
+ "N|givenName=s" => \$Options{N},
+ "O|mailLocalAddress=s" => \$Options{O},
+ "P" => \$Options{P},
+ "S|surname=s" => \$Options{S},
+ "T|mailToAddress=s" => \$Options{T},
+ "W" => \$Options{W},
+ "X|inputEncoding=s" => \$Options{X},
+ "Z|attr=s@" => \$Options{Z},
+ "a|addsambaSAMAccount" => \$Options{a},
+ "b|aix" => \$Options{b},
+ "c|gecos=s" => \$Options{c},
+ "d|homedir=s" => \$Options{d},
+ "g|gid=s" => \$Options{g},
+ "h|?|help" => \$Options{h},
+ "i" => \$Options{i},
+ "k=s" => \$Options{k},
+ "m" => \$Options{m},
+ "n" => \$Options{n},
+ "o|ou=s" => \$Options{o},
+ "p=s" => \$Options{p},
+ "s|shell=s" => \$Options{s},
+ "t=s" => \$Options{t},
+ "u|uid=s" => \$Options{u},
+ "w" => \$Options{w},
+);
-if ( ( !$ok ) || ( @ARGV < 1 ) || ( $Options{'?'} ) ) {
+if ( ( !$ok ) || ( @ARGV < 1 ) || ( $Options{'h'} ) ) {
print_banner;
print "Usage: $0 [-abcdgikmnostuwABCDEFGHMNOPSTWXZ?] username\n";
print " -a is a Windows User (otherwise, Posix stuff only)\n";
@@ -79,7 +113,7 @@ if ( ( !$ok ) || ( @ARGV < 1 ) || ( $Opt
print " -T mailToAddress (forward address) (comma separated)\n";
print " -X input encoding for givenname and surname (default UTF-8)\n";
print " -Z set custom LDAP attributes, name=value pairs comma separated\n";
- print " -? show this help message\n";
+ print " -h show this help message\n";
exit(1);
}
@@ -482,7 +516,7 @@ if ( defined( $tmp = $Options{'m'} ) ) {
system "mkdir $userHomeDirectory 2>/dev/null";
}
system
-"chown -R $userUidNumber:$userGidNumber $userHomeDirectory 2>/dev/null";
+"chown -hR $userUidNumber:$userGidNumber $userHomeDirectory 2>/dev/null";
if ( defined $config{userHomeDirectoryMode} ) {
system
"chmod $config{userHomeDirectoryMode} $userHomeDirectory 2>/dev/null";
@@ -521,17 +555,26 @@ if (@userMailTo) {
}
# Custom modification - MPK
-if ( $Options{'Z'} ) {
- my @namval = split /,/, $Options{'Z'};
- if (@namval) {
- foreach my $pair (@namval) {
- my ( $name, $value ) = split /=/, $pair;
- next if ( !$name or !$value );
- push( @adds, $name => $value );
- }
+if ( defined( $tmp = $Options{'Z'} ) ) {
+ my %adds;
+ for my $pair ( map { split /,/ } @{$Options{'Z'}} ) {
+ my ( $name, $value ) = split( /[=:]/, $pair, 2 );
+ $name = lc( $name );
+ push( @{$adds{$name}}, $value );
+ }
+
+ while ( my ($name, $value) = each( %adds ) ) {
+ push( @adds, $name => $value );
}
}
+if (@adds) {
+ my $modify =
+ $ldap_master->modify( "uid=$userName,$config{usersdn}", add => {@adds} );
+
+ $modify->code && die "failed to add entry: ", $modify->error;
+}
+
# Add Samba user infos
if ( defined( $Options{'a'} ) ) {
if ( !$config{with_smbpasswd} ) {
@@ -588,7 +631,7 @@ if ( defined( $Options{'a'} ) ) {
}
else {
- my $FILE = "|smbpasswd -s -a $userName >/dev/null";
+ my $FILE = "|$config{smbpasswd} -s -a $userName >/dev/null";
open( FILE, $FILE ) || die "$!\n";
print FILE <<EOF;
x
@@ -616,6 +659,8 @@ EOF
$tmp = defined( $Options{'F'} ) ? $Options{'F'} : $config{userProfile};
my $valprofilepath = &subst_user( $tmp, $userName );
+ my @adds = ();
+
if ($valhomedrive) {
push( @adds, 'sambaHomeDrive' => $valhomedrive );
}
diff -up smbldap-tools-0.9.6/smbldap-usermod.svn36 smbldap-tools-0.9.6/smbldap-usermod
--- smbldap-tools-0.9.6/smbldap-usermod.svn36 2010-11-15 14:45:49.000000000 +0000
+++ smbldap-tools-0.9.6/smbldap-usermod 2011-03-07 13:09:28.749764363 +0000
@@ -1,6 +1,6 @@
#!/usr/bin/perl -w
-# $Id: smbldap-usermod 26 2010-11-15 14:28:01Z mm1 $
+# $Id: smbldap-usermod 34 2011-02-23 08:10:50Z fumiyas $
# This code was developped by Jerome Tournier (jtournier@gmail.com) and
# contributors (their names can be found in the CONTRIBUTORS file).
@@ -32,7 +32,6 @@ use smbldap_tools;
use Time::Local;
#####################
-use Getopt::Std;
use Getopt::Long;
my %Options;
my $nscd_status;
@@ -53,19 +52,19 @@ my $ok = GetOptions(
"M|mail=s" => \$Options{M},
"N|givenName=s" => \$Options{N},
"O|mailLocalAddress=s" => \$Options{O},
- "P=s" => \$Options{P},
+ "P" => \$Options{P},
"U|shadowUnlock" => \$Options{U},
"S|surname=s" => \$Options{S},
"T|mailToAddress=s" => \$Options{T},
"X|inputEncoding=s" => \$Options{X},
- "Z|attr=s" => \$Options{Z},
+ "Z|attr=s@" => \$Options{Z},
"a|addsambaSAMAccount" => \$Options{a},
"c|gecos=s" => \$Options{c},
"d|homedir=s" => \$Options{d},
"e|expire=s" => \$Options{e},
"sambaExpire=s" => \$Options{sambaExpire},
"g|gid=s" => \$Options{g},
- "h|help" => \$Options{h},
+ "h|?|help" => \$Options{h},
"o|canBeNotUnique" => \$Options{o},
"r|rename=s" => \$Options{r},
"s|shell=s" => \$Options{s},
@@ -77,8 +76,6 @@ my $ok = GetOptions(
"u|uid=s" => \$Options{u}
);
-#my $ok = getopts('A:B:C:D:E:F:H:IJM:N:O:S:PT:X:Z:ame:f:u:g:G:d:l:r:s:c:ok:?h', \%Options);
-
if ( ( !$ok ) || ( @ARGV < 1 ) || ( $Options{'h'} ) ) {
print_banner;
print "Usage: $0 [options] username\n\n";
@@ -632,12 +629,9 @@ if ( defined( $tmp = $Options{'A'} ) ) {
}
}
-my $_sambaPwdMustChange;
if ( defined( $tmp = $Options{'B'} ) ) {
if ( $samba == 1 ) {
if ( $tmp != 0 ) {
- $_sambaPwdMustChange = 0;
-
# To force a user to change his password:
# . the attribut sambaAcctFlags must not match the 'X' flag
my $_sambaAcctFlags;
@@ -651,12 +645,13 @@ if ( defined( $tmp = $Options{'B'} ) ) {
$_sambaAcctFlags = "\[$letters\]";
push( @mods, 'sambaAcctFlags' => $_sambaAcctFlags );
}
- push( @mods, 'sambaPwdLastSet' => '0' );
+ push(@mods, 'sambaPwdLastSet' => 0);
+ push(@mods, 'sambaPwdMustChange' => 0);
}
else {
- $_sambaPwdMustChange = $winmagic;
+ push(@mods, 'sambaPwdLastSet' => time);
+ push(@mods, 'sambaPwdMustChange' => $winmagic);
}
- push( @mods, 'sambaPwdMustChange' => $_sambaPwdMustChange );
}
else {
print "User $user is not a samba user\n";
@@ -776,15 +771,31 @@ elsif ( !$samba == 1
}
if ( defined( $tmp = $Options{'Z'} ) ) {
- my @namval = split /,/, $tmp;
- if (@namval) {
- foreach my $pair (@namval) {
- my ( $name, $value ) = split /=/, $pair;
- next if ( !$name or !$value );
- push( @mods, $name => $value );
- }
+ my %mods;
+ for my $pair ( map { split /,/ } @{$Options{'Z'}} ) {
+ my ( $name, $value ) = split( /[=:]/, $pair, 2 );
+ $name = lc( $name );
+ if ( defined($value) ) {
+ if ( $name =~ s/^([\+\-])// ) {
+ my $action = $1;
+ my @value_old = $mods{$name}
+ ? @{$mods{$name}}
+ : $user_entry->get_value($name);
+ my @value = ($action eq '+')
+ ? list_union( \@value_old, [$value] )
+ : list_minus( \@value_old, [$value] );
+ $mods{$name} = \@value;
+ } else {
+ push( @{$mods{$name}}, $value );
+ }
+ } elsif ( $name =~ s/^-// ) {
+ $mods{$name} = [];
+ }
}
+ while ( my ($name, $value) = each( %mods ) ) {
+ push( @mods, $name => $value );
+ }
}
# apply changes