]>
Commit | Line | Data |
---|---|---|
68242fc0 JR |
1 | diff -ur MigrationTools-47/migrate_common.ph MigrationTools-47-krb5/migrate_common.ph |
2 | --- MigrationTools-47/migrate_common.ph 2009-06-22 16:16:02.730586333 +0200 | |
3 | +++ MigrationTools-47-krb5/migrate_common.ph 2009-06-22 16:15:55.070581897 +0200 | |
a51959fb JR |
4 | @@ -120,6 +120,11 @@ |
5 | # $DEFAULT_REALM = $DEFAULT_MAIL_DOMAIN; | |
6 | # $DEFAULT_REALM =~ tr/a-z/A-Z/; | |
7 | #} | |
68242fc0 | 8 | + |
a51959fb JR |
9 | +# Default SMB SID (must be non-empty string) |
10 | +#if ($EXTENDED_SCHEMA) { | |
11 | +# $DEFAULT_SMB_SID = ""; | |
12 | +#} | |
68242fc0 JR |
13 | |
14 | if (-x "/usr/sbin/revnetgroup") { | |
15 | $REVNETGROUP = "/usr/sbin/revnetgroup"; | |
68242fc0 JR |
16 | diff -ur MigrationTools-47/migrate_passwd.pl MigrationTools-47-krb5/migrate_passwd.pl |
17 | --- MigrationTools-47/migrate_passwd.pl 2009-06-22 16:16:02.850581340 +0200 | |
18 | +++ MigrationTools-47-krb5/migrate_passwd.pl 2009-06-22 16:13:13.997264191 +0200 | |
a51959fb JR |
19 | @@ -50,6 +52,7 @@ |
20 | exit 1; | |
21 | } | |
22 | ||
23 | +$do_samba = 0; | |
45f9ab82 JR |
24 | if ( defined($IGNORE_UID_BELOW) ) { |
25 | $minuid = $IGNORE_UID_BELOW; | |
26 | } | |
a51959fb | 27 | @@ -57,13 +60,22 @@ |
45f9ab82 JR |
28 | } elsif ($ARGV[0] eq "--maxgid") { |
29 | $maxgid = $ARGV[1]; | |
a51959fb JR |
30 | shift ; shift; |
31 | + } elsif ($ARGV[0] eq "--samba") { | |
32 | + $do_samba = 1; | |
33 | + shift; | |
34 | } else { | |
35 | shift; | |
36 | } | |
37 | } | |
38 | ||
39 | +if ($do_samba && !defined($DEFAULT_SMB_SID)) { | |
c833263d | 40 | + print STDERR "You must set \$DEFAULT_SMB_SID in %CONFDIR%migrate_common.ph to migrate smbpasswd\n"; |
a51959fb JR |
41 | + exit 2; |
42 | +} | |
43 | + | |
44 | &parse_args(); | |
45 | &read_shadow_file(); | |
46 | +if ($do_samba) { &read_samba(); } | |
47 | &open_files(); | |
48 | ||
49 | while(<INFILE>) | |
97a9c781 | 50 | @@ -138,7 +150,28 @@ |
68242fc0 JR |
51 | print $HANDLE "objectClass: top\n"; |
52 | ||
53 | if ($DEFAULT_REALM) { | |
54 | - print $HANDLE "objectClass: kerberosSecurityObject\n"; | |
55 | + print $HANDLE "objectClass: krb5Principal\n"; | |
56 | + print $HANDLE "objectClass: krb5KDCEntry\n"; | |
57 | + print $HANDLE "krb5PrincipalName: $user\@$DEFAULT_REALM\n"; | |
58 | + print $HANDLE "krb5KeyVersionNumber: 0\n"; | |
97a9c781 JR |
59 | + print $HANDLE "krb5KDCFlags: 126\n"; |
60 | + print $HANDLE "krb5MaxRenew: 604800\n"; | |
61 | + print $HANDLE "krb5MaxLife: 86400\n"; | |
68242fc0 JR |
62 | + } |
63 | + | |
a51959fb | 64 | + if ($DEFAULT_SMB_SID) { |
c42cf111 JR |
65 | + my $userSID = (2 * $uid) + 1000; |
66 | + my $groupSID = (2 * $gid) + 1001; | |
68242fc0 | 67 | + print $HANDLE "objectClass: sambaSamAccount\n"; |
a51959fb | 68 | + print $HANDLE "displayName: $cn\n"; |
c42cf111 JR |
69 | + print $HANDLE "sambaSID: $DEFAULT_SMB_SID-$userSID\n"; |
70 | + print $HANDLE "sambaPrimaryGroupSID: $DEFAULT_SMB_SID-$groupSID\n"; | |
a51959fb JR |
71 | + if ($do_samba) { |
72 | + print $HANDLE "sambaLMPassword: ".$sambaUsers{$user}->{"sambaLMPassword"}."\n"; | |
73 | + print $HANDLE "sambaNTPassword: ".$sambaUsers{$user}->{"sambaNTPassword"}."\n"; | |
74 | + print $HANDLE "sambaAcctFlags: ".$sambaUsers{$user}->{"sambaAcctFlags"}."\n"; | |
75 | + print $HANDLE "sambaPwdLastSet: ".$sambaUsers{$user}->{"sambaPwdLastSet"}."\n"; | |
76 | + } | |
68242fc0 JR |
77 | } |
78 | ||
79 | if ($shadowUsers{$user} ne "") { | |
a51959fb | 80 | @@ -147,10 +175,6 @@ |
68242fc0 JR |
81 | print $HANDLE "userPassword: {crypt}$pwd\n"; |
82 | } | |
83 | ||
84 | - if ($DEFAULT_REALM) { | |
85 | - print $HANDLE "krbName: $user\@$DEFAULT_REALM\n"; | |
86 | - } | |
87 | - | |
88 | if ($shell) { | |
89 | print $HANDLE "loginShell: $shell\n"; | |
90 | } | |
a774229d | 91 | @@ -226,3 +250,16 @@ |
a51959fb JR |
92 | } |
93 | } | |
a774229d | 94 | |
a51959fb JR |
95 | +sub read_samba |
96 | +{ | |
97 | + open(INPUT, "</etc/samba/smbpasswd"); | |
98 | + while (<INPUT>) { | |
99 | + my ($sambaUser, $id, $lmp, $ntp, $f, $lf, $xxx) = split(':'); | |
100 | + $sambaUsers{$sambaUser}->{"sambaLMPassword"} = $lmp; | |
101 | + $sambaUsers{$sambaUser}->{"sambaNTPassword"} = $ntp; | |
102 | + $sambaUsers{$sambaUser}->{"sambaAcctFlags"} = $f; | |
103 | + $lf =~ s/^LCT-//; | |
104 | + $sambaUsers{$sambaUser}->{"sambaPwdLastSet"} = hex($lf); | |
105 | + } | |
106 | + close(INPUT); | |
107 | +} | |
1c77e701 JR |
108 | diff -ur MigrationTools-47/migrate_group.pl MigrationTools-47-krb5/migrate_group.pl |
109 | --- MigrationTools-47/migrate_group.pl 2009-06-23 17:02:54.982471778 +0200 | |
110 | +++ MigrationTools-47-krb5/migrate_group.pl 2009-06-24 13:43:59.759317493 +0200 | |
c42cf111 | 111 | @@ -86,6 +86,12 @@ |
1c77e701 JR |
112 | print $HANDLE "dn: cn=$group,$NAMINGCONTEXT\n"; |
113 | print $HANDLE "objectClass: posixGroup\n"; | |
114 | print $HANDLE "objectClass: top\n"; | |
115 | + if ($DEFAULT_SMB_SID) { | |
c42cf111 | 116 | + my $groupSID = (2 * $gid) + 1001; |
1c77e701 | 117 | + print $HANDLE "objectClass: sambaGroupMapping\n"; |
c42cf111 | 118 | + print $HANDLE "sambaSID: $DEFAULT_SMB_SID-$groupSID\n"; |
1c77e701 JR |
119 | + print $HANDLE "sambaGroupType: 2\n"; |
120 | + } | |
121 | print $HANDLE "cn: $group\n"; | |
122 | if ($pwd) { | |
123 | print $HANDLE "userPassword: {crypt}$pwd\n"; |