Synchronize Unix/SMB passwords with 'synchpasswd'

Shawn A. Clifford sac at dvs.nuphase.com
Thu Jul 2 20:34:44 GMT 1998 

Hi,

        It's been a while since I created my smbpasswd file, and therefore
it is
no longer in synch with my Unix file.  I've added and removed users over time,
and now I need a way to update the 'smbpasswd' file without losing the
encrypted passwords that are already in place (ie. I don't want to just run
'makesmbpasswd.sh' again).

        So, I've written the included Perl script to do just that.  This
script,
'synchpasswd', will add all of the new users from your Unix password file to
your SMB password file.  In addition, system users will be removed, as well as
any accounts that are no longer valid (ie. removed Unix accounts that are
still
in smbpasswd).

        You will need the 'addtosmbpass' script, and it is assumed that your
original password file was created with the 'makesmbpasswd.sh' script.  If
not,
then modify the code where it skips the top 3 header lines of the smbpasswd
file.

Cheers,
-- Shawn Clifford


----------  Cut here   --------------

#!/usr/local/bin/perl
# 
# Title: synchpasswd 
# Author: Shawn A. Clifford <sac at nuphase.com> 
# Date: 2-July-1998 
# Purpose: Adds all users in the Unix password file to the SMB 
# password file. If the user is already listed in 
# the SMB password, then no change is made to that entry. 
# All invalid accounts, either no longer present or system 
# accounts, will be removed from the SMB password file.
# It is assumed that the SMB password file was created with
# the 'maksmbpasswd.sh' script, because the top 3 lines of
# the smbpasswd file are omitted as header.
# 
# Externals: Michal Jaegermann's 'addtosmbpass' awk/nawk script, 
# included in the Samba distribution. Look in the 
# Samba binaries directory. Eg. /usr/local/samba/bin 
# 
# Disclaimer: I am not an expert Perl programmer. So this is perhaps 
# a brutish way to achieve our goal. Please feel free 
# to modify this script. I'd appreciate an email of any 
# revisions you make. 
# 
# I take no responsibility for any "adverse" behavior of 
# this script. USE AT YOUR OWN RISK !! 
#
# 
# Modify these definitions to match your site's installation, and 
# your preferences. 
# 
$smb_passwd = "/usr/local/samba/private/smbpasswd" 
$add_script = "/usr/local/samba/bin/addtosmbpass" 
$private_dir = "/usr/local/samba/bin/private" 
$system_id = 99; # Remove user ID's below this value from SMB
# 
# Let's go... 
# 
use Text::ParseWords; # For the 'quotewords' function 
chdir($private_dir);
# 
# Scan through /etc/passwd. Create an array of names to pass to 
# 'addtosmbpass', but omit all system accounts. 
# 
printf("\nCreating a list of Unix users:\n"); 
setpwent; # Initialize the scan 
while (@list = getpwent) { # Fetch the next entry 
($login,$uid) = @list[0,2]; # Grab login name and uid 
if ($uid <= $system_id) { 
printf ("\tOmmitting $login ...\n"); 
} else { 
@USERS = (@USERS, "$login"); 
} 
} 
endpwent; # End of scan
# 
# Add the users 
# 
printf ("\nMerging new users ...\n"); 
unless (fork) { 
exec "$add_script @USERS < $smb_passwd > synch.tmp" 
} 
wait; # Parent waits for child to complete
# 
# Remove all invalid entries from 'synch.tmp'. I check the uid again 
# because the SMB password file may have these entries from before. 
# 
printf ("\nRemoving invalid accounts:\n"); 
open(IN, 'synch.tmp') || die "Can't open temp file: synch.tmp" 
open(OUT, '>synch.out') || die "Can't create output file: synch.out" 
$dummy = <IN> 
$dummy = <IN> # Skip the first 3 lines (header) 
$dummy = <IN> 
while ($line = <IN>) { 
@tokens = quotewords(':', 0, $line); # Tokenize the fields 
($login,$uid) = @tokens[0,1]; # Grab login name & uid 
if ($uid <= $system_id) { # Remove system accounts 
printf ("\tRemoving $login ...\n"); 
next; 
} 
if ( (@validate = getpwnam("$login")) == NULL) { 
printf ("\tNo such user: $login\n"); 
next; 
} 
print OUT $line; # Keep this line 
}
# 
# Clean up the files and store final version of the SMB password file 
# 
close (OUT); 
close (IN); 
unlink ('synch.tmp'); 
rename ('synch.out', $smb_passwd);

---------   Cut here    -----------



====================================//======================================
Shawn A. Clifford                  //   Title: Senior Systems Analyst
Digital Video Systems             //   Email: sac at dvs.nuphase.com
2800 Biscayne Blvd., 10th Floor  //   Web: http://www.dvs.nuphase.com/~sac/
Miami, FL  33137                //   Work: 305-576-3103   Fax: 305-576-1445
===============================//===========================================
                   PGP public key available by finger  
-------------- next part --------------
HTML attachment scrubbed and removed

More information about the samba mailing list