[Samba] Migration to samba4 ad and sync to openldap.

[mj]

Hi,

And if you're more into php, here is the script I created for our 
migration, using php. Perhaps you can adjust it for your requirements:

> <?php
> 
> ini_set('display_errors', 'Off');
> error_reporting(E_ALL);
> 
> $samba3_server = "1.2.3.4";
> $samba3_port = 389;
> $samba3_dn = 'ou=users,dc=company,dc=com';
> $samba3_filter="(uid=*)";
> $samba3_fields = array("mail", "uid");
> 
> $samba4_server = 'ldap://192.168.122.102';
> $samba4_user = 'Administrator at REALM.SAMBA4';
> $samba4_pass = 'very_secret';
> $samba4_port = 389;
> $samba4_dn = 'CN=users,DC=company,DC=samba4';
> $samba4_fields = array("mail", "cn", "dn", "otherMailbox");
> $samba4_realm = 'realm.samba4';
> 
> // samba 3 init, accessed anonymously
> $samba3 = ldap_connect($samba3_server, $samba3_port)
>  or die('Cannot Connect to $samba3_server');
>  ldap_set_option($samba3, LDAP_OPT_PROTOCOL_VERSION, 3);
> $samba3Bind = ldap_bind($samba3);
>   if (!$samba3Bind) {die('Cannot Bind to samba3');}
> 
> // samba 4 init, bind with a password, non-ssl
> $samba4 = ldap_connect($samba4_server, $samba4_port)
>  or die('Cannot Connect to $samba4_server');
>  ldap_set_option($samba4, LDAP_OPT_PROTOCOL_VERSION, 3);
>  ldap_set_option($samba4, LDAP_OPT_REFERRALS, 0);
> $samba4Bind = ldap_bind($samba4, $samba4_user, $samba4_pass);
>   if (!$samba4Bind) {die('Cannot Bind to $samba4_server');}
> 
> $s3_search_result=ldap_search($samba3, $samba3_dn, $samba3_filter);
> 
> $s3_count = ldap_count_entries($samba3, $s3_search_result);
> echo "Total number of ldap records found: $s3_count<br />";
> 
> $uid = ldap_first_entry($samba3, $s3_search_result);
> 
> //actual work is done below
> while ($uid) {
>     $s3_uid = ldap_get_values($samba3, $uid, 'uid');
>     $s3_mail = ldap_get_values($samba3, $uid, 'mail');
>     $s3_homedirectory =  ldap_get_values($samba3, $uid, 'homeDirectory');
>     $s3_givenName = @ldap_get_values($samba3, $uid, 'givenName');
>     $s3_sn = ldap_get_values($samba3, $uid, 'sn');
>     $s3_description = @ldap_get_values($samba3, $uid, 'description');
>     $s3_initials = @ldap_get_values($samba3, $uid, 'initials');
>     $s3_sambahomepath =  @ldap_get_values($samba3, $uid, 'sambaHomePath');
>     $s3_sambahomedrive =  @ldap_get_values($samba3, $uid, 'sambaHomedrive');
>     $s3_sambalogonscript =  @ldap_get_values($samba3, $uid, 'sambaLogonScript');
>     $s3_gecos = @ldap_get_values($samba3, $uid, 'gecos');
>     $s3_displayname = @ldap_get_values($samba3, $uid, 'displayName');
> 
>     $hoeveel_mail = $s3_mail["count"];
>     $hoeveel_uid = $s3_uid["count"];
>         echo "This uid: $s3_uid[0], how many addresses defined: $hoeveel_mail | ";
> 
> // find matching AD account
>     $samba4_filter="(sAMAccountName=$s3_uid[0])";
>     $s4_search_result=ldap_search($samba4, $samba4_dn, $samba4_filter);
>     $s4_count = ldap_count_entries($samba4, $s4_search_result);
>     $s4_entry = ldap_get_entries($samba4, $s4_search_result);
>     $s4_dn = $s4_entry[0]["dn"];
> 
>     echo "  || Samba4 dn: $s4_dn | ";
> 
>     $info["otherMailbox"] = array();
>     $info["mail"] = array();
> 
> // below we fill the $info array with values from samba3
>     $info["userPrincipalName"] = ($s3_uid[0] . '@' . $samba4_realm);
>     $info["sn"] = $s3_sn[0];
>     $info["uid"] = $s3_uid[0];
>     $info["msSFU30Name"] = $s3_uid[0];
>     $info["unixHomeDirectory"] = $s3_homedirectory[0];
>     $info["homeDirectory"] = $s3_sambahomepath[0];
>     $info["homeDrive"] = $s3_sambahomedrive[0];
>     $info["scriptPath"] = $s3_sambalogonscript[0];
> // below fields are not always filled
>     if(isset($s3_givenName[0])) { $info["givenName"] = $s3_givenName[0]; }
>     if(isset($s3_initials[0])) { $info["initials"] = $s3_initials[0]; }
>     if(isset($s3_mail[0])) { $info["mail"] = $s3_mail[0]; }
>     if(isset($s3_description[0])) { $info["description"] = $s3_description[0]; }
>     if(isset($s3_gecos[0])) { $info["gecos"] = $s3_gecos[0]; }
>     if(isset($s3_displayname[0])) { $info["displayName"] = $s3_displayname[0]; }
> 
>     echo "Has the following additional mail fields: ";
>     for ($i=1; $i < $hoeveel_mail; $i++) {
>         echo ($i. ": ") . $s3_mail[$i]. ", ";
>         $info["otherMailbox"][$i-1] = $s3_mail[$i];
>     }
>     echo "<br />";
> 
> // put $info array in the AD
>     ldap_mod_replace($samba4, $s4_dn, $info);
> 
> // and proceed with the next samba3 record
>     $uid = ldap_next_entry($samba3, $uid);
> }
> 
> ldap_close($samba4);
> ldap_close($samba3);
> 
> ?>