diff -Nur e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-modify-unix e-smith-base-5.2.0-optimize_user_modify_unix/root/etc/e-smith/events/actions/user-modify-unix
--- e-smith-base-5.2.0/root/etc/e-smith/events/actions/user-modify-unix	2013-01-30 21:29:34.003293926 +0100
+++ e-smith-base-5.2.0-optimize_user_modify_unix/root/etc/e-smith/events/actions/user-modify-unix	2013-01-30 21:31:10.221693946 +0100
@@ -22,7 +22,8 @@
 use Errno;
 use esmith::AccountsDB;
 use esmith::ConfigDB;
-use File::Temp;
+use Net::LDAP;
+use esmith::util;
 
 my $conf = esmith::ConfigDB->open or die "Could not open configuration db";
 
@@ -33,6 +34,18 @@
     || die("Couldn't determine domain name");
 $domain = $domain->value;
 
+# prepare LDAP bind
+my $pw = esmith::util::LdapPassword();
+my $base = esmith::util::ldapBase ($domain);
+
+my $ldap = Net::LDAP->new('localhost')
+    or die "$@";
+
+$ldap->bind(
+    dn => "cn=root,$base",
+    password => $pw
+);
+
 my $event = $ARGV [0];
 my $userName = $ARGV [1];
 
@@ -63,13 +76,14 @@
 	unless ( ($userName eq 'admin') or ($type eq 'user') );
 
     setpwent;
-    my ($comment, $shell) = (getpwnam($userName))[5,8];
+    my ($comment, $shell) = (getpwnam($userName))[6,8];
     endpwent;
     my $new_shell = $u->prop('Shell')
 		|| (($shell eq "/bin/sshell") ? "/usr/bin/rssh" : $shell);
 
     $u->set_prop('Shell', $new_shell);
 
+    my $result;
     #------------------------------------------------------------
     # Modify user's shell, if required, in /etc/passwd using "usermod"
     #------------------------------------------------------------
@@ -81,8 +95,13 @@
                 or ( $x = 255, warn "Failed to modify shell of (unix) account $userName.\n" );
         }
 
-        system("/usr/sbin/cpu", "usermod", '-s', "$new_shell", $userName) == 0
-            or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify shell of (ldap) account $userName.\n" );
+        my @new_shell = ($new_shell);
+        $result = $ldap->modify("uid=$userName,ou=Users,$base",
+                      replace => {
+                          loginShell => \@new_shell
+                      }
+        );
+        $result->code && ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify shell of (ldap) account $userName.\n" );
     }
 
     #------------------------------------------------------------
@@ -101,26 +120,37 @@
                 or ( $x = 255, warn "Failed to modify comment of (unix) account $userName.\n" );
         }
 
-        system("/usr/sbin/cpu", "usermod", "-f", "$first", "-E", "$last", $userName) == 0
-            or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify comment/name of (ldap) account $userName.\n" );
+        my @new_comment = ($new_comment);
+        my @first = ($first);
+        my @last = ($last);
+        $result = $ldap->modify("uid=$userName,ou=Users,$base",
+                      replace => {
+                          givenName => \@first,
+                          sn => \@last,
+                          cn => \@new_comment,
+                          displayName => \@new_comment
+                      }
+        );
+        $result->code && ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify comment/name of (ldap) account $userName.\n" );
     }
 
-    my $new_phone = $u->prop('Phone') || '';
-    my $new_company = $u->prop('Company') || '';
-    my $new_dept = $u->prop('Dept') || '';
-    my $new_city = $u->prop('City') || '';
-    my $new_street = $u->prop('Street') || '';
-
-    my $tmpattr = File::Temp->new();
-    print $tmpattr "telephoneNumber: $new_phone\n";
-    print $tmpattr "o: $new_company\n";
-    print $tmpattr "ou: $new_dept\n";
-    print $tmpattr "l: $new_city\n";
-    print $tmpattr "street: $new_street\n";
-    $tmpattr->flush();
-    system("/usr/sbin/cpu", "usermod", "-a", "$tmpattr", "-e", "$userName\@$domain", $userName) == 0
-        or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify email of (ldap) account $userName.\n" );
-    undef $tmpattr;
+    my @new_phone = ($u->prop('Phone')) || ();
+    my @new_company = ($u->prop('Company')) || ();
+    my @new_dept = ($u->prop('Dept')) || ();
+    my @new_city = ($u->prop('City')) || ();
+    my @new_street = ($u->prop('Street')) || ();
+    $result = $ldap->modify("uid=$userName,ou=Users,$base",
+                            replace => {
+                                telephoneNumber => \@new_phone,
+                                o => \@new_company,
+                                ou => \@new_dept,
+                                l => \@new_city,
+                                street => \@new_street
+                            }
+    );
+    $result->code && ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify email of (ldap) account $userName.\n" );
+
 }
 
+$ldap->unbind;
 exit ($x);