[Samba] migrating smbpasswd backend to ldap backend
Matt Hyclak
hyclak at math.ohiou.edu
Wed Sep 20 14:22:59 GMT 2006
On Wed, Sep 20, 2006 at 05:59:54PM +0300, Peter Collins Wasenda enlightened us:
> i would like to use an ldap backend in place of my existing smbpasswd
> backend because i just can't get unix password synchronization to work.
>
> Any suggestions on how i can make this smooth migration ?
I wrote a script to do it, attached. You'll have to fill in the blanks, of
course, and you might modify it a bit if you're comfortable with python. It
currently outputs individual LDIF files for each user. For me that was ok
because I only had about 20 users to migrate, but if you have more, you
might want to change the output to a single LDIF file.
Matt
--
Matt Hyclak
Department of Mathematics
Department of Social Work
Ohio University
(740) 593-1263
-------------- next part --------------
#!/usr/bin/env python
passwdfile="/etc/passwd"
shadowfile="/etc/shadow"
smbpassfile="/etc/samba/smbpasswd"
import os, pwd, re, string
userdic = {}
shadowdic = {}
smbdic = {}
for record in pwd.getpwall():
userdic[record[0]] = record
sfh = open(shadowfile, 'r')
for line in sfh:
fields = line.strip().split(':')
shadowdic[fields[0]] = fields[1]
sfh.close()
smfh = open(smbpassfile, 'r')
for line in smfh:
fields = line.strip().split(':')
smbdic[fields[0]] = fields
smfh.close()
for i in userdic.keys():
if int(userdic[i][2]) > 500 and int(userdic[i][2]) < 1000:
if i[-1] == '$':
group = "Computers"
else:
group = "People"
namelist = userdic[i][4].split(' ')
lastname = namelist[-1]
firstname = ' '.join(namelist[:-1])
ldifentries = [
"version: 1\n\n",
"dn: uid=%s,ou=%s,dc=example,dc=com\n" % (i, group),
"uid: %s\n" % i,
"cn: %s\n" % userdic[i][4],
"loginShell: %s\n" % userdic[i][6],
"uidNumber: %s\n" % userdic[i][2],
"gidNumber: %s\n" % userdic[i][3],
"homeDirectory: %s\n" % userdic[i][5],
"sambaSID: S-1-5-21-XXXXXXXXXXX-XXXXXXXXX-XXXXXXXXX-%s\n" % str(int(userdic[i][2]) * 2 + 10)
"sambaPwdMustChange: 2147483647\n",
"sambaAcctFlags: %s\n" % smbdic[i][4],
"sambaPwdCanChange: 1094045290\n"
"sambaNTPassword: %s\n" % smbdic[i][3],
"sambaPwdLastSet: 1094045290\n",
"userPassword: {crypt}%s\n" % shadowdic[i],
]
if group == "People":
addlentries = [
"givenName: %s\n" % firstname,
"sn: %s\n" % lastname,
"mail: %s at example.com\n" % i,
"shadowMax: 99999\n",
"shadowWarning: 7\n",
"objectClass: person\nobjectClass: organizationalPerson\nobjectClass: inetOrgPerson\nobjectClass: posixAccount\nobjectClass: top\nobjectClass: shadowAccount\nobjectClass: sambaSamAccount\n",
"gecos: %s\n" % userdic[i][4],
"sambaPrimaryGroupSID: S-1-5-21-XXXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-%s\n" % userdic[i][3],
"sambaLMPassword: %s\n" % smbdic[i][2],
"shadowLastChange: 13397\n"
]
else:
addlentries = [
"objectClass: account\nobjectClass: posixAccount\nobjectClass: sambaSamAccount\n",
"sambaDomainName: EXAMPLE\n",
"sambaPrimaryGroupSID: S-1-5-21-XXXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-515\n",
]
ldifentries = ldifentries + addlentries
print ldifentries
lfh = open("/root/migration/%s.ldif" % i, "w")
lfh.writelines(ldifentries)
lfh.close()
else:
continue
# vim:tabstop=4
More information about the samba
mailing list