package ldapdef; use strict; use Net::LDAP; use Net::LDAP::Util qw(ldap_error_text); use lib qw(/usr/lib/libDrakX); use ugtk2; use common; use standalone; use MDK::Wizard::Varspaceval; use MDK::Wizard::Wizcommon; use Expect; require Exporter; use vars qw(@ISA @EXPORT %cfg %cfgfile $congfile $msg $attrs %ldap $ldap); @ISA=qw(Exporter); @EXPORT=qw( %cfg %cfgfile $congfile load_config ldap_connect root_bind $msg anonymous_bind ldap_search get_dn $attrs get_dse %ldap add_user modif_krb5); require Exporter; my $o = { name => N("Add POSIX account"), var => { defou => 'ou=Users', srv => '', dom => 'mandrakesoft.com', suffix => '', rootdn => '', rootpass => '', rootpass2 => '', cn => '', sn => '', uid => '', uidpass => '', lshell => '/bin/bash', home => '/home/', uidnb => '1004', gidnb => '1004', container => 'container', objectclass => 'top,account,posixaccount', shadowmax => '99999', shadowmin => '-1', plop => '', tmp => '', nom => '', prenom => '', }, needed_rpm => [ 'squid' ], defaultimage => "/usr/share/wizards/proxy_wizard/images/proxy.png" }; my $ldap_suffix=join(',dc=', split(/\./, `hostname -f`)); $ldap_suffix =~ s/[^,]*,//; my $conf_file = "/etc/sysconfig/ldapconf"; ##### Read conf file is exist my $hostname = `hostname`; $o->{var}{srv} = $hostname; if (-f $conf_file) { my %conf = getVarsFromSh($conf_file); $o->{var}{suffix} = $conf{suffix}; $o->{var}{rootdn} = $conf{rootdn}; $o->{var}{rootpass} = $conf{rootpass}; $o->{var}{srv} = $conf{srv}; $o->{var}{defou} = $conf{users}; } else { my $hostname = `hostname`; $o->{var}{srv} = $hostname; $o->{var}{suffix} = $ldap_suffix; } # Connect to Ldap server sub ldap_connect { my $cnx= Net::LDAP->new($o->{var}{srv}) or die "Impossible de se connecter au server"; } # bind root sub root_bind{ my ($ldap) = @_; #my $mesg=$ldap->bind(dn =>"cn=".$o->{var}{rootdn}.",".$o->{var}{suffix},password =>$o->{var}{rootpass}); my $mesg=$ldap->bind(dn =>$o->{var}{rootdn},password =>$o->{var}{rootpass}); print ldap_error_text($mesg->code); return $mesg->code; } sub anonymous_bind{ my ($ds) = @_; my $mesg=$ds->bind; return $mesg->code; } sub ldap_search{ my ($ds,$filter,$basedn) = @_; my $attrs =['objectClass']; my $mesg = $ds->search( base => $basedn, filter => $filter, scope => "sub", attrs => $attrs ); my $href = $mesg->as_struct; print("Results of the query\n"); print "$href"; } sub get_dn{ my ($ds,$filter,$basedn,$attrs) = @_; my $mesg = $ds->search( base => $basedn, filter => $filter, scope => "sub", #attrs => $attrs ); #my $entry = ""; #foreach $entry ($mesg->entries) { #print "show DN ".$entry->dn."\n"; #} return $mesg } sub get_dse { my $ldap = ldap_connect(); my $result = get_dn($ldap,"(objectclass=organization)","$cfg{'base'}"); my @arrayOfDNs = $result->entries; #my %ldap = (); foreach my $dn_value (@arrayOfDNs) { my $orga = $dn_value->dn; $ldap{'orga'} = $orga; } return %ldap; } sub add_user { my ($u) = @_; my $ldap = ldap_connect(); root_bind($ldap); my $result = $ldap->add( "uid=$u->{var}{uid},$u->{var}{defou},$u->{var}{suffix}", attr => [ objectclass => ["top","posixAccount","inetOrgPerson","shadowAccount"], sn => $u->{var}{sn}, uid => $u->{var}{uid}, cn => $u->{var}{cn}, userPassword => $u->{var}{uidpass}, loginShell => $u->{var}{lshell}, uidNumber => $u->{var}{uidnb}, gidNumber => $u->{var}{gidnb}, homeDirectory => $u->{var}{home}.$u->{var}{uid}, shadowMin => '-1', shadowMax => '999999', shadowWarning => '7', shadowInactive => '-1', shadowExpire => '-1', ] ); #print ldap_error_text($result->code); return $result->code; } sub modif_krb5 { my ($u) = @_; my $ldap = ldap_connect(); root_bind($ldap); my $result = $ldap->modify( "uid=$u->{var}{uid},$u->{var}{defou},$u->{var}{suffix}", changes => [ replace => [objectClass => ['inetOrgPerson', 'posixAccount', 'shadowAccount','krb5Principal']], replace => [ userPassword => 'EROS '], add => [krb5PrincipalName => $u->{var}{uid}], ] ); $result->code && die "failed to add entry: ", $result->error ; return 1; }