[Samba] Getting a list of users in a group - how?
Adam Nielsen
adam.nielsen at uq.edu.au
Mon Jun 26 06:48:33 GMT 2006
Hi Tobias,
> My crude hack at a solution, but it works for me so here
> goes . . . . .
That works really well! I tweaked your code a bit to recursively list
groups within groups, and it works almost perfectly - it only seems to
break if there's a username with a space in it, because wbinfo doesn't
escape the spaces when it prints the name. You could probably work
around it, but we don't have many names with spaces so it doesn't
bother me too much. Apart from that though, it's great!
Thanks,
Adam.
Modified code:
#!/bin/sh
# /usr/local/bin/get_grp_mem <domain group>
#
# <domain sid> is derived from:
#
# wbinfo -n <domain account>
#
# S-1-2-33-4444444444-555555555-666666666-XXXXX User (1)
#
# <domain sid> = S-1-2-33-4444444444-555555555-666666666
#
if [ "$1" == "" ]; then
echo "Usage: get_grp_mem <groupname>"
exit 1
fi
DOMAIN_SID='S-1-2-33-4444444444-555555555-666666666'
DOMAIN_CONTROLLER='AD01'
function listUsers()
{
GROUP_SID=`wbinfo -n "$1"`
if [ "$?" -ne 0 ]; then
echo ERROR: $GROUP_SID
exit 1
fi
grpid=`echo $GROUP_SID | sed "s/${DOMAIN_SID}-//" | sed 's/ Domain..*//'`
RIDLIST=`rpcclient -W <domain> -U <username>%<password> -c "querygroupmem $grpid" $DOMAIN_CONTROLLER | tr -s '\t' ' ' | sed 's/^ rid:\[0x//g' | sed 's/\] attr:\[0x7\]//g'`
for i in $RIDLIST; do
DATA=`wbinfo -s ${DOMAIN_SID}-\`printf %d 0x${i}\``
eval `echo $DATA | awk '{print "USERNAME='"'"'"$1"'"'"'; TYPE="$2}'` if [ "$TYPE" == "2" ]; then
# This is a subgroup
listUsers "$USERNAME"
else
# This is either a user, or the name had spaces in it (which wbinfo doesn't escape)
echo "$USERNAME"
fi
done
}
# List the main group
listUsers $1
More information about the samba
mailing list