Script to generate /etc/passwd entries for security = domain
Gerald Carter
cartegw at Eng.Auburn.EDU
Fri Aug 14 18:30:54 GMT 1998
As promised, here is a perl script to generate /etc/passwd entries from
the output of 'net user /domain' when run on you NT PDC.
Altrenately you could use the 'username map' in smb.conf
Probably has bugs. Things I know work...
- Creates the new entries in a ./paswd.new file so you can
check them prior to catenating them onto /etc/passwd
- Will not duplicate existing uids
- Will not duplicate an existing username.
Here's an example session....
C:\> net user > users.txt
C:\> type uses.txt
User accounts for \\SQUIRT
-----------------------------------------------------------------------
Administrator alemke
anderson
breese carlisle
cartegw
chapman cross
dbeale
debbieh dmckwski
doug
gbailey Guest
guest1
guven gvdozier
hendrix
hugjen jaull
jbryant
jowens jtolbert
kchang
kprice kyongm
larrybar
lim llpitch
marghitu
mathiks mccreary
moore
nblount phillips
roland
roundup rstamper
sadanur
seabner sheriev
simonton
stephenh teatejc
wbarnes
jerry carter
The command completed successfully.
C:\>
...now copy users.txt to the Samba server...
[cartegw at orwell nt2passwd]6$ ./nt2passwd users.txt
Enter the uid to start with : 1000
Enter the gid to use : 100
[cartegw at orwell nt2passwd]7$ cat passwd.new
Administrator:*:1000:100:NT Dummy account:/dev/null:/bin/False
Guest:*:1092:100:NT Dummy account:/dev/null:/bin/False
roundup:*:1115:100:NT Dummy account:/dev/null:/bin/False
jerry:*:1124:100:NT Dummy account:/dev/null:/bin/False
carter:*:1125:100:NT Dummy account:/dev/null:/bin/False
........
Notice that not all users were generated a new paswd entry. This is
because they already existed.
Since the user does not need a passwd, it is bisabled and I
believe that you do not need and entry in /etc/shadow as well.
Some lines may have wrapped. The actual source can be downloaded if
necessary from ftp://ftp.eng.auburn.edu/pub/cartegw/samba/nt2passwd
Have fun. Send comments / bugs / etc... to me. Not tested
really well but simple enough.
j-
--
________________________________________________________________________
Gerald ( Jerry ) Carter
Engineering Network Services Auburn University
jerry at eng.auburn.edu http://www.eng.auburn.edu/users/cartegw
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )
------- cut here --------------------------------------------
#!/usr/local/bin/perl5
#
# Author : Gerald (Jerry) Carter
# E-mail : jerry at eng.auburn.edu
# Filename : nt2passwd
# Date Created : August 13, 1998
# Last Update :
#
# Simple perl script to accept the input from the
# 'net user /domain > users.txt' on an NT domain member
# and place the users in an /etc/passwd formatted file
# in the current directory
#
# The program will prompt for a starting uid and a gid.
# It will not allow starting at uid 0 nor will it allow
# assigning gid 0 to generated entries.
#
# The generated file may be catenated to /etc/passwd at
# your descretion. I make no claims about the script.
# **Use it at your own risk** No warrenty expressed or
# implied.
#
# DO NOT RUN THE SCRIPT WHEN THE CWD IS /etc. You will lose
# your /etc/passwd
#
# open the input file
open ( USER_LIST, "$ARGV[0]" ) || die $!;
# get the starting uid
print "Enter the uid to start with : ";
$start_uid = <STDIN>;
$start_uid = int ( $start_uid );
if ( $start_uid eq 0 ) {
printf STDERR "Cannot start with uid 0!\nProgram exiting...\n";
exit (-1);
}
$current_uid = $start_uid;
print "Enter the gid to use : ";
$gid = <STDIN>;
$gid = int ( $gid );
if ( $gid eq 0 ) {
printf STDERR "Cannot use gid 0 as the group ID!\n";
printf STDERR "Program exiting...\n";
exit (-1);
}
$comment = 'NT Dummy account';
$shell = '/bin/False';
$homedir = '/dev/null';
# open the output file
open ( PASSWD, "> passwd.new" ) || die $!;
# loop through the input file
while ( $string = <USER_LIST> ) {
chop ( $string );
# weed out the command output and keep the list of users
$string = &checkInput ( $string );
# break up the input
if ( "$string" ne "" ) {
( $user1, $user2, $user3 ) = split (/\ +/, $string );
# $user1...
($name) = getpwuid ( $current_uid );
while ( "$name" ne "" ) {
$current_uid++;
($name) = getpwuid ( $current_uid );
}
( $username ) = getpwnam ( $user1 );
if ( "$username" eq "" ) {
printf PASSWD
"$user1:*:$current_uid:$gid:$comment:$homedir:$shell\n";
}
$current_uid++;
# $user2...
if ( "$user2" ne "" ) {
($name) = getpwuid ( $current_uid );
while ( "$name" ne "" ) {
$current_uid++;
($name) = getpwuid ( $current_uid );
}
( $username ) = getpwnam ( $user2 );
if ( "$username" eq "" ) {
printf PASSWD
"$user2:*:$current_uid:$gid:$comment:$homedir:$shell\n";
}
$current_uid++;
if ( "$user3" ne "" ) {
($name) = getpwuid ( $current_uid );
while ( "$name" ne "" ) {
$current_uid++;
($name) = getpwuid ( $current_uid );
}
( $username ) = getpwnam ( $user3 );
if ( "$username" eq "" ) {
printf PASSWD
"$user3:*:$current_uid:$gid:$comment:$homedir:$shell\n";
}
$current_uid++;
}
}
}
}
# close the files
close ( USER_LIST );
close ( PASSWD );
# successful completion
exit (0);
#################################################################
sub checkInput {
local ( $input ) = @_;
if ( $input =~ '\\\\' ) {
$input = '';
}
elsif ( $input =~ "command completed" ) {
$input = '';
}
elsif ( $input =~ '---------' ) {
$input = '';
}
$input;
}
------ cut here ---------------------------------------------
More information about the samba-ntdom
mailing list