]>
Commit | Line | Data |
---|---|---|
68242fc0 JR |
1 | diff -ur MigrationTools-47/migrate_common.ph MigrationTools-47-krb5/migrate_common.ph |
2 | --- MigrationTools-47/migrate_common.ph 2009-06-22 16:16:02.730586333 +0200 | |
3 | +++ MigrationTools-47-krb5/migrate_common.ph 2009-06-22 16:15:55.070581897 +0200 | |
a51959fb JR |
4 | @@ -120,6 +120,11 @@ |
5 | # $DEFAULT_REALM = $DEFAULT_MAIL_DOMAIN; | |
6 | # $DEFAULT_REALM =~ tr/a-z/A-Z/; | |
7 | #} | |
68242fc0 | 8 | + |
a51959fb JR |
9 | +# Default SMB SID (must be non-empty string) |
10 | +#if ($EXTENDED_SCHEMA) { | |
11 | +# $DEFAULT_SMB_SID = ""; | |
12 | +#} | |
68242fc0 JR |
13 | |
14 | if (-x "/usr/sbin/revnetgroup") { | |
15 | $REVNETGROUP = "/usr/sbin/revnetgroup"; | |
68242fc0 JR |
16 | diff -ur MigrationTools-47/migrate_passwd.pl MigrationTools-47-krb5/migrate_passwd.pl |
17 | --- MigrationTools-47/migrate_passwd.pl 2009-06-22 16:16:02.850581340 +0200 | |
18 | +++ MigrationTools-47-krb5/migrate_passwd.pl 2009-06-22 16:13:13.997264191 +0200 | |
a51959fb JR |
19 | @@ -50,6 +52,7 @@ |
20 | exit 1; | |
21 | } | |
22 | ||
23 | +$do_samba = 0; | |
24 | while ($ARGV[0] =~ /^--.*/) { | |
25 | if ($ARGV[0] eq "--minuid") { | |
26 | $minuid = $ARGV[1]; | |
27 | @@ -57,13 +60,22 @@ | |
28 | } elsif ($ARGV[0] eq "--maxuid") { | |
29 | $maxuid = $ARGV[1]; | |
30 | shift ; shift; | |
31 | + } elsif ($ARGV[0] eq "--samba") { | |
32 | + $do_samba = 1; | |
33 | + shift; | |
34 | } else { | |
35 | shift; | |
36 | } | |
37 | } | |
38 | ||
39 | +if ($do_samba && !defined($DEFAULT_SMB_SID)) { | |
40 | + print STDERR "You must set \$DEFAULT_SMB_SID in /etc/openldap/migrate_common.ph to migrate smbpasswd\n"; | |
41 | + exit 2; | |
42 | +} | |
43 | + | |
44 | &parse_args(); | |
45 | &read_shadow_file(); | |
46 | +if ($do_samba) { &read_samba(); } | |
47 | &open_files(); | |
48 | ||
49 | while(<INFILE>) | |
c42cf111 | 50 | @@ -138,7 +150,25 @@ |
68242fc0 JR |
51 | print $HANDLE "objectClass: top\n"; |
52 | ||
53 | if ($DEFAULT_REALM) { | |
54 | - print $HANDLE "objectClass: kerberosSecurityObject\n"; | |
55 | + print $HANDLE "objectClass: krb5Principal\n"; | |
56 | + print $HANDLE "objectClass: krb5KDCEntry\n"; | |
57 | + print $HANDLE "krb5PrincipalName: $user\@$DEFAULT_REALM\n"; | |
58 | + print $HANDLE "krb5KeyVersionNumber: 0\n"; | |
59 | + } | |
60 | + | |
a51959fb | 61 | + if ($DEFAULT_SMB_SID) { |
c42cf111 JR |
62 | + my $userSID = (2 * $uid) + 1000; |
63 | + my $groupSID = (2 * $gid) + 1001; | |
68242fc0 | 64 | + print $HANDLE "objectClass: sambaSamAccount\n"; |
a51959fb | 65 | + print $HANDLE "displayName: $cn\n"; |
c42cf111 JR |
66 | + print $HANDLE "sambaSID: $DEFAULT_SMB_SID-$userSID\n"; |
67 | + print $HANDLE "sambaPrimaryGroupSID: $DEFAULT_SMB_SID-$groupSID\n"; | |
a51959fb JR |
68 | + if ($do_samba) { |
69 | + print $HANDLE "sambaLMPassword: ".$sambaUsers{$user}->{"sambaLMPassword"}."\n"; | |
70 | + print $HANDLE "sambaNTPassword: ".$sambaUsers{$user}->{"sambaNTPassword"}."\n"; | |
71 | + print $HANDLE "sambaAcctFlags: ".$sambaUsers{$user}->{"sambaAcctFlags"}."\n"; | |
72 | + print $HANDLE "sambaPwdLastSet: ".$sambaUsers{$user}->{"sambaPwdLastSet"}."\n"; | |
73 | + } | |
68242fc0 JR |
74 | } |
75 | ||
76 | if ($shadowUsers{$user} ne "") { | |
a51959fb | 77 | @@ -147,10 +175,6 @@ |
68242fc0 JR |
78 | print $HANDLE "userPassword: {crypt}$pwd\n"; |
79 | } | |
80 | ||
81 | - if ($DEFAULT_REALM) { | |
82 | - print $HANDLE "krbName: $user\@$DEFAULT_REALM\n"; | |
83 | - } | |
84 | - | |
85 | if ($shell) { | |
86 | print $HANDLE "loginShell: $shell\n"; | |
87 | } | |
a51959fb JR |
88 | @@ -226,3 +250,16 @@ |
89 | } | |
90 | } | |
91 | ||
92 | +sub read_samba | |
93 | +{ | |
94 | + open(INPUT, "</etc/samba/smbpasswd"); | |
95 | + while (<INPUT>) { | |
96 | + my ($sambaUser, $id, $lmp, $ntp, $f, $lf, $xxx) = split(':'); | |
97 | + $sambaUsers{$sambaUser}->{"sambaLMPassword"} = $lmp; | |
98 | + $sambaUsers{$sambaUser}->{"sambaNTPassword"} = $ntp; | |
99 | + $sambaUsers{$sambaUser}->{"sambaAcctFlags"} = $f; | |
100 | + $lf =~ s/^LCT-//; | |
101 | + $sambaUsers{$sambaUser}->{"sambaPwdLastSet"} = hex($lf); | |
102 | + } | |
103 | + close(INPUT); | |
104 | +} | |
1c77e701 JR |
105 | diff -ur MigrationTools-47/migrate_group.pl MigrationTools-47-krb5/migrate_group.pl |
106 | --- MigrationTools-47/migrate_group.pl 2009-06-23 17:02:54.982471778 +0200 | |
107 | +++ MigrationTools-47-krb5/migrate_group.pl 2009-06-24 13:43:59.759317493 +0200 | |
c42cf111 | 108 | @@ -86,6 +86,12 @@ |
1c77e701 JR |
109 | print $HANDLE "dn: cn=$group,$NAMINGCONTEXT\n"; |
110 | print $HANDLE "objectClass: posixGroup\n"; | |
111 | print $HANDLE "objectClass: top\n"; | |
112 | + if ($DEFAULT_SMB_SID) { | |
c42cf111 | 113 | + my $groupSID = (2 * $gid) + 1001; |
1c77e701 | 114 | + print $HANDLE "objectClass: sambaGroupMapping\n"; |
c42cf111 | 115 | + print $HANDLE "sambaSID: $DEFAULT_SMB_SID-$groupSID\n"; |
1c77e701 JR |
116 | + print $HANDLE "sambaGroupType: 2\n"; |
117 | + } | |
118 | print $HANDLE "cn: $group\n"; | |
119 | if ($pwd) { | |
120 | print $HANDLE "userPassword: {crypt}$pwd\n"; |