[Samba] Migration to samba4 ad and sync to openldap.
mj
lists at merit.unu.edu
Sat Apr 6 08:41:12 UTC 2019
Hi,
And if you're more into php, here is the script I created for our
migration, using php. Perhaps you can adjust it for your requirements:
> <?php
>
> ini_set('display_errors', 'Off');
> error_reporting(E_ALL);
>
> $samba3_server = "1.2.3.4";
> $samba3_port = 389;
> $samba3_dn = 'ou=users,dc=company,dc=com';
> $samba3_filter="(uid=*)";
> $samba3_fields = array("mail", "uid");
>
> $samba4_server = 'ldap://192.168.122.102';
> $samba4_user = 'Administrator at REALM.SAMBA4';
> $samba4_pass = 'very_secret';
> $samba4_port = 389;
> $samba4_dn = 'CN=users,DC=company,DC=samba4';
> $samba4_fields = array("mail", "cn", "dn", "otherMailbox");
> $samba4_realm = 'realm.samba4';
>
> // samba 3 init, accessed anonymously
> $samba3 = ldap_connect($samba3_server, $samba3_port)
> or die('Cannot Connect to $samba3_server');
> ldap_set_option($samba3, LDAP_OPT_PROTOCOL_VERSION, 3);
> $samba3Bind = ldap_bind($samba3);
> if (!$samba3Bind) {die('Cannot Bind to samba3');}
>
> // samba 4 init, bind with a password, non-ssl
> $samba4 = ldap_connect($samba4_server, $samba4_port)
> or die('Cannot Connect to $samba4_server');
> ldap_set_option($samba4, LDAP_OPT_PROTOCOL_VERSION, 3);
> ldap_set_option($samba4, LDAP_OPT_REFERRALS, 0);
> $samba4Bind = ldap_bind($samba4, $samba4_user, $samba4_pass);
> if (!$samba4Bind) {die('Cannot Bind to $samba4_server');}
>
> $s3_search_result=ldap_search($samba3, $samba3_dn, $samba3_filter);
>
> $s3_count = ldap_count_entries($samba3, $s3_search_result);
> echo "Total number of ldap records found: $s3_count<br />";
>
> $uid = ldap_first_entry($samba3, $s3_search_result);
>
> //actual work is done below
> while ($uid) {
> $s3_uid = ldap_get_values($samba3, $uid, 'uid');
> $s3_mail = ldap_get_values($samba3, $uid, 'mail');
> $s3_homedirectory = ldap_get_values($samba3, $uid, 'homeDirectory');
> $s3_givenName = @ldap_get_values($samba3, $uid, 'givenName');
> $s3_sn = ldap_get_values($samba3, $uid, 'sn');
> $s3_description = @ldap_get_values($samba3, $uid, 'description');
> $s3_initials = @ldap_get_values($samba3, $uid, 'initials');
> $s3_sambahomepath = @ldap_get_values($samba3, $uid, 'sambaHomePath');
> $s3_sambahomedrive = @ldap_get_values($samba3, $uid, 'sambaHomedrive');
> $s3_sambalogonscript = @ldap_get_values($samba3, $uid, 'sambaLogonScript');
> $s3_gecos = @ldap_get_values($samba3, $uid, 'gecos');
> $s3_displayname = @ldap_get_values($samba3, $uid, 'displayName');
>
> $hoeveel_mail = $s3_mail["count"];
> $hoeveel_uid = $s3_uid["count"];
> echo "This uid: $s3_uid[0], how many addresses defined: $hoeveel_mail | ";
>
> // find matching AD account
> $samba4_filter="(sAMAccountName=$s3_uid[0])";
> $s4_search_result=ldap_search($samba4, $samba4_dn, $samba4_filter);
> $s4_count = ldap_count_entries($samba4, $s4_search_result);
> $s4_entry = ldap_get_entries($samba4, $s4_search_result);
> $s4_dn = $s4_entry[0]["dn"];
>
> echo " || Samba4 dn: $s4_dn | ";
>
> $info["otherMailbox"] = array();
> $info["mail"] = array();
>
> // below we fill the $info array with values from samba3
> $info["userPrincipalName"] = ($s3_uid[0] . '@' . $samba4_realm);
> $info["sn"] = $s3_sn[0];
> $info["uid"] = $s3_uid[0];
> $info["msSFU30Name"] = $s3_uid[0];
> $info["unixHomeDirectory"] = $s3_homedirectory[0];
> $info["homeDirectory"] = $s3_sambahomepath[0];
> $info["homeDrive"] = $s3_sambahomedrive[0];
> $info["scriptPath"] = $s3_sambalogonscript[0];
> // below fields are not always filled
> if(isset($s3_givenName[0])) { $info["givenName"] = $s3_givenName[0]; }
> if(isset($s3_initials[0])) { $info["initials"] = $s3_initials[0]; }
> if(isset($s3_mail[0])) { $info["mail"] = $s3_mail[0]; }
> if(isset($s3_description[0])) { $info["description"] = $s3_description[0]; }
> if(isset($s3_gecos[0])) { $info["gecos"] = $s3_gecos[0]; }
> if(isset($s3_displayname[0])) { $info["displayName"] = $s3_displayname[0]; }
>
> echo "Has the following additional mail fields: ";
> for ($i=1; $i < $hoeveel_mail; $i++) {
> echo ($i. ": ") . $s3_mail[$i]. ", ";
> $info["otherMailbox"][$i-1] = $s3_mail[$i];
> }
> echo "<br />";
>
> // put $info array in the AD
> ldap_mod_replace($samba4, $s4_dn, $info);
>
> // and proceed with the next samba3 record
> $uid = ldap_next_entry($samba3, $uid);
> }
>
> ldap_close($samba4);
> ldap_close($samba3);
>
> ?>
More information about the samba
mailing list