3 # Imports passwd, shadow and group files into the directory.
4 # You should cleanse the files of anything you do not want to add to the
7 # The first step is to call this script to import the passwd file and
8 # create all the new entries. This should be done on an empty freshly
9 # initialized directory with the rootdn/password set in the server.
10 # The command to execute is
11 # ldapimport -a -p ~/passwd
12 # The -a tells the script to add all the entries it finds, it should be
15 # The next step is to import the shadow file and group, no clensing need be
17 # this as any entries that do not exist will be ignored (silently)
18 # ldapimport -s /etc/shadow -g /etc/group
21 import string, re, time, ldap, getopt, sys;
22 from userdir_ldap import *;
30 # This parses a gecos field and returns a tuple containing the new normalized
31 # field and the first, middle and last name of the user. Gecos is formed
32 # in the standard debian manner with 5 feilds seperated by commas
33 def ParseGecos(Field):
34 Gecos = re.split("[,:]",Field);
39 (cn,mn,sn) = NameSplit(Gecos[0]);
41 # Normalize the gecos field
45 while (len(Gecos) < 5):
48 Gecos = ["","","","",""];
50 # Reconstruct the gecos after mauling it
51 Field = Gecos[0] + "," + Gecos[1] + "," + Gecos[2] + "," + \
52 Gecos[3] + "," + Gecos[4];
53 return (Field,cn,mn,sn);
55 # Check if a number string is really a number
58 string.index(string.digits,x);
60 # Read the passwd file into the database
61 def DoPasswd(l,Passwd):
62 # Read the passwd file and import it
63 Passwd = open(Passwd,"r");
66 Line = Passwd.readline();
70 Split = re.split("[:\n]",Line);
71 (Split[4],cn,mn,sn) = ParseGecos(Split[4]);
72 CheckNumber(Split[2]);
73 CheckNumber(Split[3]);
74 Rec = [(ldap.MOD_REPLACE,"uid",Split[0]),
75 (ldap.MOD_REPLACE,"uidNumber",Split[2]),
76 (ldap.MOD_REPLACE,"gidNumber",Split[3]),
77 (ldap.MOD_REPLACE,"gecos",Split[4]),
78 (ldap.MOD_REPLACE,"homeDirectory",Split[5]),
79 (ldap.MOD_REPLACE,"loginShell",Split[6]),
80 (ldap.MOD_REPLACE,"cn",cn),
81 (ldap.MOD_REPLACE,"mn",mn),
82 (ldap.MOD_REPLACE,"sn",sn)];
84 Dn = "uid=" + Split[0] + "," + BaseDn;
88 # Unfortunately add_s does not take the same args as modify :|
91 l.add_s(Dn,[("uid",Split[0]),
92 ("objectClass","top"),
93 ("objectClass","account"),
94 ("objectClass","posixAccount"),
95 ("objectClass","shadowAccount"),
96 ("objectClass","debiandeveloper")]);
97 except ldap.ALREADY_EXISTS:
100 # Send the modify request
102 Outstanding = Outstanding + 1;
103 Outstanding = FlushOutstanding(l,Outstanding,1);
105 FlushOutstanding(l,Outstanding);
107 # Read the shadow file into the database
108 def DoShadow(l,Shadow):
109 # Read the passwd file and import it
110 Shadow = open(Shadow,"r");
113 Line = Shadow.readline();
117 Split = re.split("[:\n]",Line);
119 # Ignore system accounts with no password, they do not belong in the
121 if (Split[1] == 'x' or Split[1] == '*'):
122 print "Ignoring system account,",Split[0];
126 CheckNumber(Split[x]);
128 Rec = [(ldap.MOD_REPLACE,"shadowLastChange",Split[2]),
129 (ldap.MOD_REPLACE,"shadowMin",Split[3]),
130 (ldap.MOD_REPLACE,"shadowMax",Split[4]),
131 (ldap.MOD_REPLACE,"shadowWarning",Split[5]),
132 (ldap.MOD_REPLACE,"shadowInactive",Split[6]),
133 (ldap.MOD_REPLACE,"shadowExpire",Split[7])];
134 if (WritePasses == 1):
135 Rec.append((ldap.MOD_REPLACE,"userPassword","{crypt}"+Split[1]));
137 Dn = "uid=" + Split[0] + "," + BaseDn;
138 print "Importing",Dn,
141 # Send the modify request
143 Outstanding = Outstanding + 1;
145 Outstanding = FlushOutstanding(l,Outstanding,1);
146 FlushOutstanding(l,Outstanding);
148 # Read the group file into the database
149 def DoGroup(l,Group):
150 # Read the passwd file and import it
151 Group = open(Group,"r");
154 Line = Group.readline();
158 # Split up the group information
159 Split = re.split("[:\n]",Line);
160 Members = re.split("[, ]*",Split[3]);
161 CheckNumber(Split[2]);
163 # Iterate over the membership list and add the membership information
165 Rec = [(ldap.MOD_ADD,"supplementaryGid",Split[0])];
171 Dn = "uid=" + x + "," + BaseDn;
172 print "Adding",Dn,"to group",Split[0];
175 # Send the modify request
177 Outstanding = Outstanding + 1;
178 Outstanding = FlushOutstanding(l,Outstanding,1);
183 Rec = [(ldap.MOD_REPLACE,"gid",Split[0]),
184 (ldap.MOD_REPLACE,"gidNumber",Split[2])];
186 Dn = "gid=" + Split[0] + "," + BaseDn;
187 print "Importing",Dn,
190 # Unfortunately add_s does not take the same args as modify :|
193 l.add_s(Dn,[("gid",Split[0]),
194 ("objectClass","top"),
195 ("objectClass","posixGroup")]);
196 except ldap.ALREADY_EXISTS:
199 # Send the modify request
201 Outstanding = Outstanding + 1;
204 FlushOutstanding(l,Outstanding);
207 (options, arguments) = getopt.getopt(sys.argv[1:], "ap:s:g:xu:")
208 for (switch, val) in options:
213 elif (switch == '-p'):
215 elif (switch == '-s'):
217 elif (switch == '-g'):
219 elif (switch == '-u'):
222 # Main program starts here
223 print "Accessing LDAP directory as '" + AdminUser + "'";
224 Password = getpass(AdminUser + "'s password: ");
226 # Connect to the ldap server
227 l = ldap.open(LDAPServer);
228 UserDn = "uid=" + AdminUser + "," + BaseDn;
229 l.simple_bind_s(UserDn,Password);