pdbedit - Export to LDIF

Wed Jun 2 16:19:17 GMT 2004

The attached patch provides the abililty to export all users in tbdsam 
to a LDIF file. More specifically, it adds two additional options, "-E 
or --Export-ldif" and "-F or --ldiffilename" and exports all the records 
to the specified file in LDIF format, using the ldap user suffix from 
smb.conf. If the filename option is not provided, it creates the ldif 
file in /tmp directory. Any comments will be appreciated.

Thanks.

Julius
-------------- next part --------------
Index: utils/pdbedit.c
===================================================================

--- utils/pdbedit.c	(revision 773)
+++ utils/pdbedit.c	(working copy)
@@ -49,6 +49,8 @@
 #define BIT_EXPORT	0x02000000
 #define BIT_FIX_INIT    0x04000000
 #define BIT_BADPWRESET	0x08000000
+#define BIT_EXPORT_LDIF	0x10000000
+#define BIT_LDIF_FILE_NAME	0x10000000
 
 #define MASK_ALWAYS_GOOD	0x0000001F
 #define MASK_USER_GOOD		0x00401F00
@@ -594,6 +596,129 @@
 }
 
 /*********************************************************
+ Print ldif info from sam structure
+ **********************************************************/
+static int print_ldif_info (SAM_ACCOUNT *sam_pwent, char *suffix, FILE *ldif)
+{
+    uid_t uid;
+    uid_t gid;
+    uint32 tmp;
+	char *tmp_str;
+
+	/* TODO: chaeck if entry is a user or a workstation */ 
+
+	if (!sam_pwent) return -1;
+
+	uid = nametouid(pdb_get_username(sam_pwent));
+	gid = nametogid(pdb_get_username(sam_pwent));
+	fprintf (ldif, "dn: uid=%s,%s\n", pdb_get_username(sam_pwent), suffix);
+	fprintf (ldif, "objectclass: top\n"); 
+	fprintf (ldif, "objectclass: inetOrgPerson\n"); 
+	fprintf (ldif, "objectclass: posixAccount\n"); 
+	fprintf (ldif, "objectclass: sambaSamAccount\n");
+	fprintf (ldif, "uid: %s\n", pdb_get_username(sam_pwent));
+	fprintf (ldif, "uidNumber: %lu\n", (unsigned long)uid);
+	fprintf (ldif, "gidNumber: %lu\n", (unsigned long)gid); 
+
+	tmp_str = pdb_get_plaintext_passwd(sam_pwent);
+	fprintf (ldif, "userPassword: %s\n", tmp_str ? tmp_str : "{crypt}x");
+
+	fprintf (ldif, "sambaAcctFlags: %s\n", pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent), NEW_PW_FORMAT_SPACE_PADDED_LEN));
+	fprintf (ldif, "sambaSID: %s\n",
+		sid_string_static(pdb_get_user_sid(sam_pwent)));
+	fprintf (ldif, "sambaPrimaryGroupSID: %s\n",
+		sid_string_static(pdb_get_group_sid(sam_pwent)));
+	fprintf (ldif, "cn: %s\n", pdb_get_fullname(sam_pwent));
+	fprintf (ldif, "sn: %s\n", pdb_get_fullname(sam_pwent));
+	fprintf (ldif, "displayName: %s\n", pdb_get_fullname(sam_pwent));
+	fprintf (ldif, "homeDirectory: %s\n", pdb_get_homedir(sam_pwent));
+	fprintf (ldif, "sambaHomePath: %s\n", pdb_get_homedir(sam_pwent) );
+
+	tmp_str = pdb_get_dir_drive(sam_pwent);
+	if( tmp_str && strlen(tmp_str) > 0)
+		fprintf (ldif, "sambaHomeDrive: %s\n", tmp_str );
+
+	tmp_str = pdb_get_logon_script(sam_pwent);
+	if(tmp_str && strlen(tmp_str) > 0)
+		fprintf (ldif, "sambaLogonScript: %s\n", tmp_str );
+
+	tmp_str = pdb_get_profile_path(sam_pwent);
+	if(tmp_str && strlen(tmp_str) > 0)
+		fprintf (ldif, "sambaProfilePath: %s\n", tmp_str);
+
+	fprintf (ldif, "sambaDomainName: %s\n", pdb_get_domain(sam_pwent));
+
+	tmp_str = pdb_get_acct_desc(sam_pwent);
+	if(tmp_str && strlen(tmp_str) > 0)
+		fprintf (ldif, "description: %s\n", tmp_str );
+
+	tmp = (uint32)pdb_get_logon_time(sam_pwent);
+	fprintf (ldif, "sambaLogonTime: %lu\n", tmp ? tmp : 0);
+
+	tmp = (uint32)pdb_get_logoff_time(sam_pwent);
+	fprintf (ldif, "sambaLogoffTime: %lu\n", tmp ? tmp : 0);
+
+	tmp = (uint32)pdb_get_kickoff_time(sam_pwent);
+	fprintf (ldif, "sambaKickoffTime: %lu\n", tmp ? tmp : 0);
+
+	tmp = (uint32)pdb_get_pass_last_set_time(sam_pwent);
+	fprintf (ldif, "sambaPwdLastSet: %lu\n", tmp ? tmp : 0);
+
+	tmp = (uint32)pdb_get_pass_can_change_time(sam_pwent);
+	fprintf (ldif, "sambaPwdCanChange: %lu\n", tmp ? tmp : 0);
+
+	tmp = (uint32)pdb_get_pass_must_change_time(sam_pwent);
+	fprintf (ldif, "sambaPwdMustChange: %lu\n\n", tmp ? tmp : 0);
+	return 0;
+}
+
+/*********************************************************
+ dump all Users into ldif file
+ **********************************************************/
+static int print_ldif (struct pdb_context *in, char *ldif_file_name)
+{
+     SAM_ACCOUNT *sam_pwent=NULL; 
+	 BOOL check, ret; 
+	 FILE *ldif_file_ptr = NULL; 
+	 char *suffix = lp_ldap_user_suffix (); 
+
+	 ldif_file_ptr = fopen((ldif_file_name != NULL) ? ldif_file_name: "/tmp/pdbedit-export.ldif", "w"); 
+	 
+	 if (ldif_file_ptr == NULL) { 
+	 	fprintf(stderr,"Failed to create export LDIF file"); 
+		return 1; 
+	} 
+	
+	if(strcmp(suffix, "") == 0) { 
+		fprintf(stderr,"LDAP User Suffix not specified - cannot " 
+			"create LDIF file\n"); 
+		fprintf(stderr,"You must set the \"ldap user suffix\" attribute " 
+			"in smb.conf in order to use \nthe -E option\n"); 
+		return 1; 
+	} 
+	
+	check = NT_STATUS_IS_OK(in->pdb_setsampwent(in, False)); 
+	
+	if (!check) { 
+		return 1; 
+	} 
+	
+	check = True; 
+	
+	if (!(NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)))) return 1; 
+	
+	fprintf(ldif_file_ptr, "# LDIF file generated by pdbedit tool.\n");
+	while(check && (ret = NT_STATUS_IS_OK(in->pdb_getsampwent(in,sam_pwent)))){ 
+		print_ldif_info (sam_pwent, suffix, ldif_file_ptr); 
+		pdb_free_sam(&sam_pwent); 
+		check = NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)); 
+	} 
+	
+	if (check) pdb_free_sam(&sam_pwent); 
+		in->pdb_endsampwent(in); 
+		return 0; 
+}
+/*********************************************************
  Start here.
 **********************************************************/
 
@@ -606,6 +731,7 @@
 	static BOOL add_user = False;
 	static BOOL delete_user = False;
 	static BOOL modify_user = False;
+	static BOOL export_to_ldif = False;
 	uint32	setparms, checkparms;
 	int opt;
 	static char *full_name = NULL;
@@ -623,6 +749,7 @@
 	static char *account_policy = NULL;
 	static char *user_sid = NULL;
 	static char *group_sid = NULL;
+	static char *ldif_file_name = NULL;
 	static long int account_policy_value = 0;
 	BOOL account_policy_value_set = False;
 	static BOOL badpw_reset = False;
@@ -638,6 +765,7 @@
 		{"smbpasswd-style",	'w',POPT_ARG_NONE, &spstyle, 0, "give output in smbpasswd style", NULL},
 		{"user",	'u', POPT_ARG_STRING, &user_name, 0, "use username", "USER" },
 		{"fullname",	'f', POPT_ARG_STRING, &full_name, 0, "set full name", NULL},
+		{"ldiffilename",   'F', POPT_ARG_STRING, &ldif_file_name, 0, "full path name of LDIF output file", NULL},
 		{"homedir",	'h', POPT_ARG_STRING, &home_dir, 0, "set home directory", NULL},
 		{"drive",	'D', POPT_ARG_STRING, &home_drive, 0, "set home drive", NULL},
 		{"script",	'S', POPT_ARG_STRING, &logon_script, 0, "set logon script", NULL},
@@ -651,6 +779,7 @@
 		{"backend",	'b', POPT_ARG_STRING, &backend, 0, "use different passdb backend as default backend", NULL},
 		{"import",	'i', POPT_ARG_STRING, &backend_in, 0, "import user accounts from this backend", NULL},
 		{"export",	'e', POPT_ARG_STRING, &backend_out, 0, "export user accounts to this backend", NULL},
+		{"export-ldif",	'E', POPT_ARG_STRING, &export_to_ldif, 0, "export all user accounts to LDIF file", NULL},
 		{"group",	'g', POPT_ARG_NONE, &transfer_groups, 0, "use -i and -e for groups", NULL},
 		{"account-policy",	'P', POPT_ARG_STRING, &account_policy, 0,"value of an account policy (like maximum password age)",NULL},
 		{"value",       'C', POPT_ARG_LONG, &account_policy_value, 'C',"set the account policy to this value", NULL},
@@ -674,10 +803,12 @@
 		}
 	}
 
+#if 0
 	poptGetArg(pc); /* Drop argv[0], the program name */
 
 	if (user_name == NULL)
 		user_name = poptGetArg(pc);
+#endif
 
 	if (!lp_load(dyn_CONFIGFILE,True,False,False)) {
 		fprintf(stderr, "Can't load %s - run testparm to debug it\n", dyn_CONFIGFILE);
@@ -710,8 +841,17 @@
 			(account_policy_value_set ? BIT_ACCPOLVAL : 0) +
 			(backend_in ? BIT_IMPORT : 0) +
 			(backend_out ? BIT_EXPORT : 0) +
-			(badpw_reset ? BIT_BADPWRESET : 0);
+			(badpw_reset ? BIT_BADPWRESET : 0) +
+			(ldif_file_name ? BIT_LDIF_FILE_NAME : 0) +
+			(export_to_ldif ? BIT_EXPORT_LDIF : 0);
 
+	poptGetArg(pc); /* Drop argv[0], the program name */
+
+	if (setparms & BIT_USER) {
+		if (user_name == NULL)
+			user_name = poptGetArg(pc);
+	}
+
 	if (setparms & BIT_BACKEND) {
 		if (!NT_STATUS_IS_OK(make_pdb_context_string(&bdef, backend))) {
 			fprintf(stderr, "Can't initialize passdb backend.\n");
@@ -804,6 +944,16 @@
 			return print_user_info (bdef, user_name, verbose, spstyle);
 		}
 	}
+
+	if (checkparms & BIT_EXPORT_LDIF) {
+		if(checkparms & BIT_LDIF_FILE_NAME) {
+			ldif_file_name = poptGetArg(pc);
+			return print_ldif (bdef, ldif_file_name);
+		}
+		else
+			return print_ldif (bdef, NULL);
+	}
+
 	
 	/* mask out users options */
 	checkparms &= ~MASK_USER_GOOD;
