smbldap-groupmod.pl [plain text]
use strict;
use smbldap_tools;
use smbldap_conf;
use Getopt::Std;
my %Options;
my $ok = getopts('og:n:m:x:?', \%Options);
if ( (!$ok) || (@ARGV < 1) || ($Options{'?'}) ) {
print "Usage: $0 [-g gid [-o]] [-n name] [-m members(,)] [-x members (,)] groupname\n";
print " -g new gid\n";
print " -o gid is not unique\n";
print " -n new group name\n";
print " -m add members (comma delimited)\n";
print " -x delete members (comma delimted)\n";
print " -? show this help message\n";
exit (1);
}
my $groupName = $ARGV[0];
if (!defined(get_group_dn($groupName))) {
print "$0: group $groupName doesn't exist\n";
exit (6);
}
my $newname = $Options{'n'};
my $nscd_status = system "/etc/init.d/nscd status >/dev/null 2>&1";
if ($nscd_status == 0) {
system "/etc/init.d/nscd restart > /dev/null 2>&1";
}
my $gid = getgrnam($groupName);
my $tmp;
if (defined($tmp = $Options{'g'}) and $tmp =~ /\d+/) {
if (!defined($Options{'o'})) {
if (defined(getgrgid($tmp))) {
print "$0: gid $tmp exists\n";
exit (6);
}
}
if (!($gid == $tmp)) {
my $tmpldif =
"dn: cn=$groupName,$groupsdn
changetype: modify
replace: gidNumber
gidNumber: $tmp
";
die "$0: error while modifying group $groupName\n"
unless (do_ldapmodify($tmpldif) == 0);
undef $tmpldif;
}
}
if (defined($newname)) {
my $FILE="|$ldapmodrdn >/dev/null";
open (FILE, $FILE) || die "$!\n";
print FILE <<EOF;
cn=$groupName,$groupsdn
cn=$newname
EOF
;
close FILE;
die "$0: error while modifying group $groupName\n" if ($?);
my $tmpldif =
"dn: cn=$newname,$groupsdn
changetype: modify
delete: cn
-
add: cn
cn: $newname
";
die "$0: error while modifying group $groupName\n"
unless (do_ldapmodify($tmpldif) == 0);
undef $tmpldif;
}
if (defined($Options{'m'})) {
my $members = $Options{'m'};
my @members = split( /,/, $members );
my $member;
foreach $member ( @members ) {
my $tmpldif =
"dn: cn=$groupName,$groupsdn
changetype: modify
add: memberUid
memberUid: $member
";
die "$0: error while modifying group $groupName\n"
unless (do_ldapmodify($tmpldif) == 0);
undef $tmpldif;
}
}
if (defined($Options{'x'})) {
my $members = $Options{'x'};
my @members = split( /,/, $members );
my $member;
foreach $member ( @members ) {
my $tmpldif =
"dn: cn=$groupName,$groupsdn
changetype: modify
delete: memberUid
memberUid: $member
";
die "$0: error while modifying group $groupName\n"
unless (do_ldapmodify($tmpldif) == 0);
undef $tmpldif;
}
}
$nscd_status = system "/etc/init.d/nscd status >/dev/null 2>&1";
if ($nscd_status == 0) {
system "/etc/init.d/nscd restart > /dev/null 2>&1";
}
exit (0);
=head1 NAME
smbldap-groupmod.pl - Modify a group
=head1 SYNOPSIS
smbldap-groupmod.pl [-g gid [-o]] [-n group_name ] group
=head1 DESCRIPTION
The smbldap-groupmod.pl command modifies the system account files to
reflect the changes that are specified on the command line.
The options which apply to the smbldap-groupmod command are
-g gid The numerical value of the group's ID. This value must be
unique, unless the -o option is used. The value must be non-
negative. Any files which the old group ID is the file
group ID must have the file group ID changed manually.
-n group_name
The name of the group will be changed from group to group_name.
-m members
The members to be added to the group in comma-delimeted form.
-x members
The members to be removed from the group in comma-delimted form.
=head1 EXAMPLES
smbldap-groupmod.pl -g 253 development
This will change the GID of the 'development' group to '253'.
smbldap-groupmod.pl -n Idiots Managers
This will change the name of the 'Managers' group to 'Idiots'.
smbldap-groupmod.pl -m "jdoe,jsmith" "Domain Admins"
This will add 'jdoe' and 'jsmith' to the 'Domain Admins' group.
smbldap-groupmod.pl -x "jdoe,jsmith" "Domain Admins"
This will remove 'jdoe' and 'jsmith' from the 'Domain Admins' group.
=head1 SEE ALSO
groupmod(1)
=cut