[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Populating the ldif

To: Chris Readle <chris@mgelectronic.com>
Subject: Re: Populating the ldif
From: Jauder Ho <jauderho@carumba.com>
Date: Thu, 24 Feb 2000 22:42:14 -0800 (PST)
Cc: openldap list <openldap-software@OpenLDAP.org>
In-reply-to: <38B43291.2F346B4D@mgelectronic.com>

Well, I don't really care for outlook but to generate ldif, you can
probably do something like this (NOTE: your base schema should be in place
already). YMMV.

This requires posixAccount. Read
http://www.ietf.org/rfc/rfc2307.txt?number=2307

basically 

objectclass posixAccount
        requires
                objectclass,
                cn,
                uid,
                uidNumber,
                gidNumber,
                homeDirectory
        allows
                userPassword,
                loginShell,
                gecos,
                description


A quick hack turned into a 100 line script :) The results look
something like this.

dn: uid=jauderho, dc=carumba, dc=com
objectclass: top
objectclass: person
objectclass: organizationalperson
objectclass: inetorgperson
objectclass: posixAccount
uid: jauderho
uidNumber: 500
gidNumber: 500
homeDirectory: /home/jauderho
userPassword: {crypt}xxxxxxxxxxxxx
loginShell: /bin/tcsh
cn: Jauder Ho


--Jauder

#!/usr/bin/perl
#
# passwd2ldif
#
# Someone asked how to generate ldif from /etc/passwd so here's my quick
# and dirty hack. YMMV. This puts the username "uid" in the rdn, change it if 
# you do not want that. You may have to run this as root. Check the output!!!
#
# NOTE: make sure the crypt(3) implementation on your source and target 
#       machines are the same/compatible and the posixAccount objectclass is
#	available. Google for it if you do not know what I am talking about.
#
# $Id$
# (C) Copyright 2000 Jauder Ho <jauderho@carumba.com>
#

my $passwd = "/etc/passwd";
my $shadow = "/etc/shadow";
my $basedn = "dc\=carumba, dc\=com";

my %shadows;

# Do not open $shadow if it is not readable
if (-r $shadow) {
	open(SHADOW,"$shadow") or die "ERROR: Cannot open file $shadow\n";

	for (<SHADOW>) {
		my (@fields);

		(@fields) = split(/:/,$_);

		# Figure out potential replacements for /etc/passwd entries
		$shadows{$fields[0]} = $fields[1]
		unless (length($fields[1]) != 13);		
	}

	close(SHADOW);
}

open(PASSWD,"$passwd") or die "ERROR: Cannot open file $passwd\n";

# Do it!
for (<PASSWD>) {
	my (@fields);
	my (@gecos);

	chomp();
	
	(@fields) = split(/:/,$_);
	
	# Clean the comment field a bit
	# It is broken into: name, office, office phone, home phone
	(@gecos) = split(/,/,$fields[4]);

	# Clean up the name a little bit
	$gecos[0] =~ s/^\s+//;			# Suck in the front!
	$gecos[0] =~ s/\s*$//;			# Suck in the back!
	$gecos[0] =~ s/\s+/ /g;

	# Start by printing the DN, pick one
	# print "dn: cn\=$gecos[0], $basedn\n";
	print "dn: uid\=$fields[0], $basedn\n";

	# Print the objectclasses to be used
	print "objectclass: top\n",
	      "objectclass: person\n",
	      "objectclass: organizationalperson\n",
	      "objectclass: inetorgperson\n",
	      "objectclass: posixAccount\n";

	print "uid: $fields[0]\n",
	      "uidNumber: $fields[2]\n",
	      "gidNumber: $fields[3]\n",
	      "homeDirectory: $fields[5]\n";

	# Now for the fun part, figuring out what to put in for the password
	# field
	if (length($fields[1]) != 13) {
		# See if we have something useful in %shadows
		print "userPassword: {crypt}$shadows{$fields[0]}\n"
		if ($shadows{$fields[0]});
	} else {
		print "userPassword: {crypt}$fields[1]\n";
	}

	print "loginShell: $fields[6]\n" if defined($fields[6]);

	# Some misc info, only works for "enchanced" /etc/passwd
	print "cn: $gecos[0]\n" if defined($gecos[0]);
	print "postalAddress: $gecos[1]\n" if defined($gecos[1]);
	print "telephonenumber: $gecos[2]\n" if defined($gecos[2]);

	print "\n";
}

close(PASSWD);

# The End

References:
- Populating the ldif
  - From: Chris Readle <chris@mgelectronic.com>

Prev by Date: Re: How to monitor it
Next by Date: Re: How to monitor it
Index(es):
- Chronological
- Thread