e-smith-ldap/sme8/e-smith-ldap-5.2.0-better_ldif.patch

diff -ruN e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/ldap-update e-smith-ldap-5.2.0.new/root/etc/e-smith/events/actions/ldap-update
--- e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/ldap-update      2010-09-27 11:33:27.000000000 -0600
+++ e-smith-ldap-5.2.0.new/root/etc/e-smith/events/actions/ldap-update  2010-09-27 11:35:35.000000000 -0600
@@ -184,6 +184,7 @@
        {
            $dn = "uid=$key,ou=Users,$base";
        }
+       utf8::upgrade($dn);
        $updates->{$dn}->{objectClass} = ['posixAccount', 'shadowAccount'];
 
        # Read information from getent passwd
@@ -239,6 +240,7 @@
        # Do the group portion
        #------------------------------------------------------------
        $dn = "cn=$key,ou=Groups,$base";
+       utf8::upgrade($dn);
        $updates->{$dn}->{objectClass} = ['posixGroup'];
 
        # Read information from getent group
diff -ruN e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/10organisation e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/10organisation
--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/10organisation      2010-09-27 11:33:27.000000000 -0600
+++ e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/10organisation  1969-12-31 17:00:00.000000000 -0700
@@ -1,26 +0,0 @@
-{
-    my ($dc,undef) = split (/\./, $DomainName);
-    my $o = $ldap{defaultCompany} || $DomainName;
-
-    $OUT .= "dn: $ldapBase\n";
-    $OUT .= "dc: $dc\n";
-    $OUT .= "o: $o\n";
-    $OUT .= "objectClass: top\n";
-    $OUT .= "objectClass: organization\n";
-    $OUT .= "objectClass: dcObject\n\n";
-
-    $OUT .= "dn: ou=Users,$ldapBase\n";
-    $OUT .= "ou: Users\n";
-    $OUT .= "objectClass: top\n";
-    $OUT .= "objectClass: organizationalUnit\n\n";
-
-    $OUT .= "dn: ou=Groups,$ldapBase\n";
-    $OUT .= "ou: Groups\n";
-    $OUT .= "objectClass: top\n";
-    $OUT .= "objectClass: organizationalUnit\n\n";
-
-    $OUT .= "dn: ou=Computers,$ldapBase\n";
-    $OUT .= "ou: Computers\n";
-    $OUT .= "objectClass: top\n";
-    $OUT .= "objectClass: organizationalUnit\n\n";
-}
diff -ruN e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/20ldif e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/20ldif
--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/20ldif      1969-12-31 17:00:00.000000000 -0700
+++ e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/20ldif  2010-09-27 11:07:36.000000000 -0600
@@ -0,0 +1,19 @@
+{
+    foreach my $dn (keys %$ldif)
+    {   
+        $OUT .= "dn: $dn\n";
+        foreach my $attr ( keys %{$ldif->{$dn}} )
+        {
+            if (ref($ldif->{$dn}->{$attr}) eq 'ARRAY')
+            {
+                my %seen = ();
+                $OUT .= "$attr: $_\n" foreach grep { ! $seen{$_}++ } @{$ldif->{$dn}->{$attr}};
+            }
+            else
+            {
+                $OUT .= "$attr: ".$ldif->{$dn}->{$attr}."\n" if $ldif->{$dn}->{$attr};
+            }
+        }
+        $OUT .= "\n";
+    }
+}
diff -ruN e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50computers e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50computers
--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50computers 2010-09-27 11:33:27.000000000 -0600
+++ e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50computers     1969-12-31 17:00:00.000000000 -0700
@@ -1,40 +0,0 @@
-{
-    foreach my $comp ($a->get_all_by_prop(type => 'machine'))
-    {   
-       my $key = $comp->key;
-
-        if (exists $users->{$key})
-        {
-            $OUT .= "dn: uid=$key,ou=Computers,$ldapBase\n";
-            $OUT .= "objectClass: posixAccount\n";
-            $OUT .= "objectClass: shadowAccount\n";
-            $OUT .= "objectClass: account\n";
-            $OUT .= "objectClass: sambaSamAccount\n" if exists $users->{$key}->{sambaSID};
-            foreach my $attr ( keys %{$users->{$key}} )
-            {
-                $OUT .= utf8("$attr: ".$users->{$key}->{$attr})."\n" if $users->{$key}->{$attr};
-            }
-            $OUT .= "\n";
-        }
-
-        if (exists $groups->{$key})
-        {
-            $OUT .= "dn: cn=$key,ou=Groups,$ldapBase\n";
-            $OUT .= "objectClass: posixGroup\n";
-            $OUT .= "objectClass: sambaGroupMapping\n" if exists $groups->{$key}->{sambaSID};
-            foreach my $attr ( keys %{$groups->{$key}} )
-            {
-                if (ref($groups->{$key}->{$attr}) eq 'ARRAY')
-                {
-                    my %seen = ();
-                    $OUT .= utf8("$attr: $_\n") foreach (grep { ! $seen{$_}++ } @{$groups->{$key}->{$attr}});
-                }
-                else
-                {
-                    $OUT .= utf8("$attr: ".$groups->{$key}->{$attr})."\n" if $groups->{$key}->{$attr};
-                }
-            }
-            $OUT .= "\n";
-        }
-    }
-}
diff -ruN e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50groups e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50groups
--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50groups    2010-09-27 11:33:27.000000000 -0600
+++ e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50groups        1969-12-31 17:00:00.000000000 -0700
@@ -1,42 +0,0 @@
-{
-    foreach my $grp ($a->groups)
-    {   
-       my $key = $grp->key;
-
-        if (exists $users->{$key})
-        {
-            $OUT .= "dn: uid=$key,ou=Users,$ldapBase\n";
-            $OUT .= "objectClass: posixAccount\n";
-            $OUT .= "objectClass: shadowAccount\n";
-            $OUT .= "objectClass: account\n";
-            $OUT .= "objectClass: sambaSamAccount\n" if exists $users->{$key}->{sambaSID};
-            foreach my $attr ( keys %{$users->{$key}} )
-            {
-                $OUT .= utf8("$attr: ".$users->{$key}->{$attr})."\n" if $users->{$key}->{$attr};
-            }
-            $OUT .= "\n";
-        }
-
-        if (exists $groups->{$key})
-        {
-            $OUT .= "dn: cn=$key,ou=Groups,$ldapBase\n";
-            $OUT .= "objectClass: posixGroup\n";
-            $OUT .= "objectClass: mailboxRelatedObject\n";
-            $OUT .= "objectClass: sambaGroupMapping\n" if exists $groups->{$key}->{sambaSID};
-            foreach my $attr ( keys %{$groups->{$key}} )
-            {
-                if (ref($groups->{$key}->{$attr}) eq 'ARRAY')
-                {
-                    my %seen = ();
-                    $OUT .= utf8("$attr: $_\n") foreach grep { ! $seen{$_}++ } @{$groups->{$key}->{$attr}};
-                }
-                else
-                {
-                    $OUT .= utf8("$attr: ".$groups->{$key}->{$attr})."\n" if $groups->{$key}->{$attr};
-                }
-            }
-            $OUT .= "mail: $key\@$DomainName\n";
-            $OUT .= "\n";
-        }
-    }
-}
diff -ruN e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50ibays e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50ibays
--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50ibays     2010-09-27 11:33:27.000000000 -0600
+++ e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50ibays 1969-12-31 17:00:00.000000000 -0700
@@ -1,40 +0,0 @@
-{
-    foreach my $ibay ($a->ibays)
-    {   
-       my $key = $ibay->key;
-
-        if (exists $users->{$key})
-        {
-            $OUT .= "dn: uid=$key,ou=Users,$ldapBase\n";
-            $OUT .= "objectClass: posixAccount\n";
-            $OUT .= "objectClass: shadowAccount\n";
-            $OUT .= "objectClass: account\n";
-            $OUT .= "objectClass: sambaSamAccount\n" if exists $users->{$key}->{sambaSID};
-            foreach my $attr ( keys %{$users->{$key}} )
-            {
-                $OUT .= utf8("$attr: ".$users->{$key}->{$attr})."\n" if $users->{$key}->{$attr};
-            }
-            $OUT .= "\n";
-        }
-
-        if (exists $groups->{$key})
-        {
-            $OUT .= "dn: cn=$key,ou=Groups,$ldapBase\n";
-            $OUT .= "objectClass: posixGroup\n";
-            $OUT .= "objectClass: sambaGroupMapping\n" if exists $groups->{$key}->{sambaSID};
-            foreach my $attr ( keys %{$groups->{$key}} )
-            {
-                if (ref($groups->{$key}->{$attr}) eq 'ARRAY')
-                {
-                    my %seen = ();
-                    $OUT .= utf8("$attr: $_\n") foreach grep { ! $seen{$_}++ } @{$groups->{$key}->{$attr}};
-                }
-                else
-                {
-                    $OUT .= utf8("$attr: ".$groups->{$key}->{$attr})."\n" if $groups->{$key}->{$attr};
-                }
-            }
-            $OUT .= "\n";
-        }
-    }
-}
diff -ruN e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50users e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50users
--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50users     2010-09-27 11:33:27.000000000 -0600
+++ e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50users 1969-12-31 17:00:00.000000000 -0700
@@ -1,43 +0,0 @@
-{
-    my @users = $a->users;
-    push (@users,$a->get('admin'));
-    foreach my $user (@users)
-    {   
-       my $key = $user->key;
-
-        if (exists $users->{$key})
-        {
-            $OUT .= "dn: uid=$key,ou=Users,$ldapBase\n";
-            $OUT .= "objectClass: inetOrgPerson\n";
-            $OUT .= "objectClass: posixAccount\n";
-            $OUT .= "objectClass: shadowAccount\n";
-            $OUT .= "objectClass: sambaSamAccount\n" if exists $users->{$key}->{sambaSID};
-            foreach my $attr ( keys %{$users->{$key}} )
-            {
-                $OUT .= utf8("$attr: ".$users->{$key}->{$attr})."\n" if $users->{$key}->{$attr};
-            }
-            $OUT .= utf8("mail: $key\@$DomainName\n");
-            $OUT .= "\n";
-        }
-
-        if (exists $groups->{$key})
-        {
-            $OUT .= "dn: cn=$key,ou=Groups,$ldapBase\n";
-            $OUT .= "objectClass: posixGroup\n";
-            $OUT .= "objectClass: sambaGroupMapping\n" if exists $groups->{$key}->{sambaSID};
-            foreach my $attr ( keys %{$groups->{$key}} )
-            {
-                if (ref($groups->{$key}->{$attr}) eq 'ARRAY')
-                {
-                    my %seen = ();
-                    $OUT .= utf8("$attr: $_\n") foreach grep { ! $seen{$_}++ } @{$groups->{$key}->{$attr}};
-                }
-                else
-                {
-                    $OUT .= utf8("$attr: ".$groups->{$key}->{$attr})."\n" if $groups->{$key}->{$attr};
-                }
-            }
-            $OUT .= "\n";
-        }
-    }
-}
diff -ruN e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin
--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin      2010-09-27 11:33:27.000000000 -0600
+++ e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin  2010-09-27 11:34:20.000000000 -0600
@@ -4,86 +4,167 @@
     use Date::Parse;
 
     my $schema = '/etc/openldap/schema/samba.schema';
-    my $schema = '/usr/share/doc/samba-3.0.33/LDAP/samba.schema';
+
     $a = esmith::AccountsDB->open_ro;
     $ldapBase = esmith::util::ldapBase ($DomainName);
 
-    sub utf8
+    local ($dn, $dc, $obj, $attr, $account, $type);
+    ($dc) = split (/\./, $DomainName);
+
+    $ldif = ();
+
+    # Top domain object
+    utf8::upgrade($ldapBase);
+    $ldif->{$ldapBase}->{objectClass} = [ qw(top organization dcObject) ];
+    $ldif->{$ldapBase}->{dc} = $dc;
+    $ldif->{$ldapBase}->{o} = $ldap{defaultCompany} || $DomainName;
+
+    # Top level groups
+    foreach $obj ( qw(Users Groups Computers) )
     {
-       my $t = shift;
-       utf8::encode($t);
-       return $t;
+        $dn = "ou=$obj,$ldapBase";
+        utf8::upgrade($dn);
+
+        $ldif->{$dn}->{objectClass} = [ qw(top organizationalUnit) ];
+        $ldif->{$dn}->{ou} = $obj;
     }
 
-    $users = ();
+    local $dnmap = ();
+
+    # Read in user details
     while(my ($key,$pwd,$uid,$gid,undef,undef,$gecos,$dir,$shell) = getpwent())
     {
         # skip non sme users
-        my $account = $a->get($key) || next;
+        $account = $a->get($key) || next;
+        $type = $account->prop('type') || 'unknown';
+        next unless ($type =~ m{^(?:user|group|ibay|machine)$} or $key eq 'admin');
+
+        if ($type eq 'machine')
+        {
+            $dn = "uid=$key,ou=Computers,$ldapBase";
+            utf8::upgrade($dn);
+        }
+        else
+        {
+            $dn = "uid=$key,ou=Users,$ldapBase";
+            utf8::upgrade($dn);
+        }
+
+        $dnmap->{$key}->{user} = $dn;
 
-        $users->{$key}->{uid} = $key;
-        $users->{$key}->{userPassword} = ($pwd =~ m/^\{/) ? $pwd : "\{CRYPT\}$pwd";
-        $users->{$key}->{uidNumber} = $uid;
-        $users->{$key}->{gidNumber} = $gid;
-        $users->{$key}->{gecos} = $gecos;
-        $users->{$key}->{cn} = $gecos;
-        $users->{$key}->{homeDirectory} = $dir;
-        $users->{$key}->{loginShell} = $shell;
-        if (($account->prop('type') || 'unknown') eq 'user')
-        {
-            $users->{$key}->{givenName} = $account->prop('FirstName');
-            $users->{$key}->{sn} = $account->prop('LastName');
-            $users->{$key}->{telephoneNumber} = $account->prop('Phone');
-            $users->{$key}->{o} = $account->prop('Company');
-            $users->{$key}->{ou} = $account->prop('Department');
-            $users->{$key}->{l} = $account->prop('City');
-            $users->{$key}->{street} = $account->prop('Street');
+        $ldif->{$dn}->{objectClass} = [ qw(posixAccount shadowAccount) ];
+        $ldif->{$dn}->{uid} = $key;
+        $ldif->{$dn}->{userPassword} = ($pwd =~ m/^\{/) ? $pwd : "\{CRYPT\}$pwd";
+        $ldif->{$dn}->{uidNumber} = $uid;
+        $ldif->{$dn}->{gidNumber} = $gid;
+        $ldif->{$dn}->{gecos} = $gecos || '';
+        $ldif->{$dn}->{cn} = $gecos || '';
+        $ldif->{$dn}->{homeDirectory} = $dir;
+        $ldif->{$dn}->{loginShell} = $shell;
+
+        if ($type eq 'user' or $key eq 'admin')
+        {
+            push @{$ldif->{$dn}->{objectClass}}, 'inetOrgPerson';
+            $ldif->{$dn}->{mail} = "$key\@$DomainName";
+            $ldif->{$dn}->{givenName} = $account->prop('FirstName') || '';
+            $ldif->{$dn}->{sn} = $account->prop('LastName') || '';
+            $ldif->{$dn}->{telephoneNumber} = $account->prop('Phone') || '';
+            $ldif->{$dn}->{o} = $account->prop('Company') || '';
+            $ldif->{$dn}->{ou} = $account->prop('Department') || '';
+            $ldif->{$dn}->{l} = $account->prop('City') || '';
+            $ldif->{$dn}->{street} = $account->prop('Street') || '';
+        }
+        else
+        {
+            push @{$ldif->{$dn}->{objectClass}}, 'account';
         }
     }
     endpwent();
 
+    # Read in group details
+    while(my ($key,$pwd,$gid,$members) = getgrent())
+    {
+        # skip non sme groups
+        $account = $a->get($key) || next;
+        $type = $account->prop('type') || 'unknown';
+        next unless ($type =~ m{^(?:user|group|ibay|machine)$} or $key eq 'admin');
+
+        $dn = "cn=$key,ou=Groups,$ldapBase";
+        utf8::upgrade($dn);
+
+        $dnmap->{$key}->{group} = $dn;
+
+        $ldif->{$dn}->{objectClass} = [ qw(posixGroup) ];
+        $ldif->{$dn}->{cn} = $key;
+        $ldif->{$dn}->{userPassword} = ($pwd =~ m/^\{/) ? $pwd : "\{CRYPT\}$pwd";
+        $ldif->{$dn}->{gidNumber} = $gid;
+        $ldif->{$dn}->{description} = $ldif->{$dnmap->{$key}->{user}}->{cn} if exists $ldif->{$dnmap->{$key}->{user}}->{cn};
+        $ldif->{$dn}->{memberUid} = [ split /\s+/, $members ];
+
+        if ($type eq 'group')
+        {
+            push @{$ldif->{$dn}->{objectClass}}, 'mailboxRelatedObject';
+            $ldif->{$dn}->{mail} = "$key\@$DomainName";
+        }
+    }
+    endgrent();
+
+    # Read in samba user details
     if ( -f "$schema" and -x '/usr/bin/pdbedit' )
     {
         foreach my $line (`/usr/bin/pdbedit -Lw 2> /dev/null`)
         {
             my ($key,undef,$lmpass,$ntpass) = split(/:/,$line);
-            next unless exists $users->{$key};
-            $users->{$key}->{sambaLMPassword} = $lmpass;
-            $users->{$key}->{sambaNTPassword} = $ntpass;
+            next unless exists $dnmap->{$key};
+
+            push @{$ldif->{$dnmap->{$key}->{user}}->{objectClass}}, 'sambaSamAccount';
+            $ldif->{$dnmap->{$key}->{user}}->{sambaLMPassword} = $lmpass;
+            $ldif->{$dnmap->{$key}->{user}}->{sambaNTPassword} = $ntpass;
 
             foreach my $info (`/usr/bin/pdbedit -v '$key' 2> /dev/null`){
-                $users->{$key}->{sambaSID} = $1 if $info =~ m{User SID:\s+(S-.*)$};
-                $users->{$key}->{displayName} = $1 if $info =~ m{Full Name:\s+(.*)$};
-                $users->{$key}->{sambaPrimaryGroupSID} = $1 if $info =~ m{Primary Group SID:\s+(S-.*)$};
-                $users->{$key}->{sambaAcctFlags} = $1 if $info =~ m{Account Flags:\s+(.*)$};
-                $users->{$key}->{sambaPwdLastSet} = str2time($1) if $info =~ m{Password last set:\s+(.*)$};
+                $ldif->{$dnmap->{$key}->{user}}->{sambaSID} = $1 if $info =~ m{User SID:\s+(S-.*)$};
+                $ldif->{$dnmap->{$key}->{user}}->{displayName} = $1 if $info =~ m{Full Name:\s+(.*)$};
+                $ldif->{$dnmap->{$key}->{user}}->{sambaPrimaryGroupSID} = $1 if $info =~ m{Primary Group SID:\s+(S-.*)$};
+                $ldif->{$dnmap->{$key}->{user}}->{sambaAcctFlags} = $1 if $info =~ m{Account Flags:\s+(.*)$};
+                $ldif->{$dnmap->{$key}->{user}}->{sambaPwdLastSet} = str2time($1) if $info =~ m{Password last set:\s+(.*)$};
             }
         }
     }
 
-    $groups = ();
-    while(my ($key,$pwd,$gid,$members) = getgrent())
+    # Read in samba group mappings
+    if ( -f "$schema" and -x '/usr/bin/net' )
     {
-        # skip non sme groups
-        $a->get($key) || next;
-
-        $groups->{$key}->{cn} = $key;
-        $groups->{$key}->{userPassword} = ($pwd =~ m/^\{/) ? $pwd : "\{CRYPT\}$pwd";
-        $groups->{$key}->{gidNumber} = $gid;
-        $groups->{$key}->{description} = $users->{$key}->{cn} if exists $users->{$key}->{cn};
-        $groups->{$key}->{memberUid} = [ split /\s+/, $members ];
+        foreach (`/usr/bin/net groupmap list 2> /dev/null`){
+            chomp;
+            next if m{\(S-1-5-32-\d+\)};
+            if (/^(.*) \((S-.*-\d+)\) -> (.*)$/)
+            {
+                next unless exists $dnmap->{$3};
+
+                push @{$ldif->{$dnmap->{$3}->{group}}->{objectClass}}, 'sambaGroupMapping';
+                $ldif->{$dnmap->{$3}->{group}}->{displayName} = $1;
+                $ldif->{$dnmap->{$3}->{group}}->{sambaSID} = $2;
+                $ldif->{$dnmap->{$3}->{group}}->{sambaGroupType} = '2';
+            }
+        }
     }
-    endgrent();
 
-    foreach (`/usr/bin/net groupmap list 2> /dev/null`){
-        chomp;
-        next if m{\(S-1-5-32-\d+\)};
-        if (/^(.*) \((S-.*-\d+)\) -> (.*)$/)
-        {
-            next unless exists $groups->{$3};
-            $groups->{$3}->{displayName} = $1;
-            $groups->{$3}->{sambaSID} = $2;
-            $groups->{$3}->{sambaGroupType} = '2';
+    # Ensure that attributes are utf8
+    foreach $dn (keys %$ldif)
+    {
+        foreach $attr ( keys %{$ldif->{$dn}} )
+        {
+            if ( ref($ldif->{$dn}->{$attr}) eq 'ARRAY' )
+            {
+                for (my $c = 0; $c < scalar(@{$ldif->{$dn}->{$attr}}); $c++)
+                {
+                    utf8::upgrade($ldif->{$dn}->{$attr}[$c]);
+                }
+            }
+            else
+            {
+                utf8::upgrade($ldif->{$dn}->{$attr});
+            }
         }
     }
 
1	diff -ruN e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/ldap-update e-smith-ldap-5.2.0.new/root/etc/e-smith/events/actions/ldap-update
2	--- e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/ldap-update 2010-09-27 11:33:27.000000000 -0600
3	+++ e-smith-ldap-5.2.0.new/root/etc/e-smith/events/actions/ldap-update 2010-09-27 11:35:35.000000000 -0600
4	@@ -184,6 +184,7 @@
5	{
6	$dn = "uid=$key,ou=Users,$base";
7	}
8	+ utf8::upgrade($dn);
9	$updates->{$dn}->{objectClass} = ['posixAccount', 'shadowAccount'];
10
11	# Read information from getent passwd
12	@@ -239,6 +240,7 @@
13	# Do the group portion
14	#------------------------------------------------------------
15	$dn = "cn=$key,ou=Groups,$base";
16	+ utf8::upgrade($dn);
17	$updates->{$dn}->{objectClass} = ['posixGroup'];
18
19	# Read information from getent group
20	diff -ruN e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/10organisation e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/10organisation
21	--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/10organisation 2010-09-27 11:33:27.000000000 -0600
22	+++ e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/10organisation 1969-12-31 17:00:00.000000000 -0700
23	@@ -1,26 +0,0 @@
24	-{
25	- my ($dc,undef) = split (/\./, $DomainName);
26	- my $o = $ldap{defaultCompany} \|\| $DomainName;
27	-
28	- $OUT .= "dn: $ldapBase\n";
29	- $OUT .= "dc: $dc\n";
30	- $OUT .= "o: $o\n";
31	- $OUT .= "objectClass: top\n";
32	- $OUT .= "objectClass: organization\n";
33	- $OUT .= "objectClass: dcObject\n\n";
34	-
35	- $OUT .= "dn: ou=Users,$ldapBase\n";
36	- $OUT .= "ou: Users\n";
37	- $OUT .= "objectClass: top\n";
38	- $OUT .= "objectClass: organizationalUnit\n\n";
39	-
40	- $OUT .= "dn: ou=Groups,$ldapBase\n";
41	- $OUT .= "ou: Groups\n";
42	- $OUT .= "objectClass: top\n";
43	- $OUT .= "objectClass: organizationalUnit\n\n";
44	-
45	- $OUT .= "dn: ou=Computers,$ldapBase\n";
46	- $OUT .= "ou: Computers\n";
47	- $OUT .= "objectClass: top\n";
48	- $OUT .= "objectClass: organizationalUnit\n\n";
49	-}
50	diff -ruN e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/20ldif e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/20ldif
51	--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/20ldif 1969-12-31 17:00:00.000000000 -0700
52	+++ e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/20ldif 2010-09-27 11:07:36.000000000 -0600
53	@@ -0,0 +1,19 @@
54	+{
55	+ foreach my $dn (keys %$ldif)
56	+ {
57	+ $OUT .= "dn: $dn\n";
58	+ foreach my $attr ( keys %{$ldif->{$dn}} )
59	+ {
60	+ if (ref($ldif->{$dn}->{$attr}) eq 'ARRAY')
61	+ {
62	+ my %seen = ();
63	+ $OUT .= "$attr: $_\n" foreach grep { ! $seen{$_}++ } @{$ldif->{$dn}->{$attr}};
64	+ }
65	+ else
66	+ {
67	+ $OUT .= "$attr: ".$ldif->{$dn}->{$attr}."\n" if $ldif->{$dn}->{$attr};
68	+ }
69	+ }
70	+ $OUT .= "\n";
71	+ }
72	+}
73	diff -ruN e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50computers e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50computers
74	--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50computers 2010-09-27 11:33:27.000000000 -0600
75	+++ e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50computers 1969-12-31 17:00:00.000000000 -0700
76	@@ -1,40 +0,0 @@
77	-{
78	- foreach my $comp ($a->get_all_by_prop(type => 'machine'))
79	- {
80	- my $key = $comp->key;
81	-
82	- if (exists $users->{$key})
83	- {
84	- $OUT .= "dn: uid=$key,ou=Computers,$ldapBase\n";
85	- $OUT .= "objectClass: posixAccount\n";
86	- $OUT .= "objectClass: shadowAccount\n";
87	- $OUT .= "objectClass: account\n";
88	- $OUT .= "objectClass: sambaSamAccount\n" if exists $users->{$key}->{sambaSID};
89	- foreach my $attr ( keys %{$users->{$key}} )
90	- {
91	- $OUT .= utf8("$attr: ".$users->{$key}->{$attr})."\n" if $users->{$key}->{$attr};
92	- }
93	- $OUT .= "\n";
94	- }
95	-
96	- if (exists $groups->{$key})
97	- {
98	- $OUT .= "dn: cn=$key,ou=Groups,$ldapBase\n";
99	- $OUT .= "objectClass: posixGroup\n";
100	- $OUT .= "objectClass: sambaGroupMapping\n" if exists $groups->{$key}->{sambaSID};
101	- foreach my $attr ( keys %{$groups->{$key}} )
102	- {
103	- if (ref($groups->{$key}->{$attr}) eq 'ARRAY')
104	- {
105	- my %seen = ();
106	- $OUT .= utf8("$attr: $_\n") foreach (grep { ! $seen{$_}++ } @{$groups->{$key}->{$attr}});
107	- }
108	- else
109	- {
110	- $OUT .= utf8("$attr: ".$groups->{$key}->{$attr})."\n" if $groups->{$key}->{$attr};
111	- }
112	- }
113	- $OUT .= "\n";
114	- }
115	- }
116	-}
117	diff -ruN e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50groups e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50groups
118	--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50groups 2010-09-27 11:33:27.000000000 -0600
119	+++ e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50groups 1969-12-31 17:00:00.000000000 -0700
120	@@ -1,42 +0,0 @@
121	-{
122	- foreach my $grp ($a->groups)
123	- {
124	- my $key = $grp->key;
125	-
126	- if (exists $users->{$key})
127	- {
128	- $OUT .= "dn: uid=$key,ou=Users,$ldapBase\n";
129	- $OUT .= "objectClass: posixAccount\n";
130	- $OUT .= "objectClass: shadowAccount\n";
131	- $OUT .= "objectClass: account\n";
132	- $OUT .= "objectClass: sambaSamAccount\n" if exists $users->{$key}->{sambaSID};
133	- foreach my $attr ( keys %{$users->{$key}} )
134	- {
135	- $OUT .= utf8("$attr: ".$users->{$key}->{$attr})."\n" if $users->{$key}->{$attr};
136	- }
137	- $OUT .= "\n";
138	- }
139	-
140	- if (exists $groups->{$key})
141	- {
142	- $OUT .= "dn: cn=$key,ou=Groups,$ldapBase\n";
143	- $OUT .= "objectClass: posixGroup\n";
144	- $OUT .= "objectClass: mailboxRelatedObject\n";
145	- $OUT .= "objectClass: sambaGroupMapping\n" if exists $groups->{$key}->{sambaSID};
146	- foreach my $attr ( keys %{$groups->{$key}} )
147	- {
148	- if (ref($groups->{$key}->{$attr}) eq 'ARRAY')
149	- {
150	- my %seen = ();
151	- $OUT .= utf8("$attr: $_\n") foreach grep { ! $seen{$_}++ } @{$groups->{$key}->{$attr}};
152	- }
153	- else
154	- {
155	- $OUT .= utf8("$attr: ".$groups->{$key}->{$attr})."\n" if $groups->{$key}->{$attr};
156	- }
157	- }
158	- $OUT .= "mail: $key\@$DomainName\n";
159	- $OUT .= "\n";
160	- }
161	- }
162	-}
163	diff -ruN e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50ibays e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50ibays
164	--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50ibays 2010-09-27 11:33:27.000000000 -0600
165	+++ e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50ibays 1969-12-31 17:00:00.000000000 -0700
166	@@ -1,40 +0,0 @@
167	-{
168	- foreach my $ibay ($a->ibays)
169	- {
170	- my $key = $ibay->key;
171	-
172	- if (exists $users->{$key})
173	- {
174	- $OUT .= "dn: uid=$key,ou=Users,$ldapBase\n";
175	- $OUT .= "objectClass: posixAccount\n";
176	- $OUT .= "objectClass: shadowAccount\n";
177	- $OUT .= "objectClass: account\n";
178	- $OUT .= "objectClass: sambaSamAccount\n" if exists $users->{$key}->{sambaSID};
179	- foreach my $attr ( keys %{$users->{$key}} )
180	- {
181	- $OUT .= utf8("$attr: ".$users->{$key}->{$attr})."\n" if $users->{$key}->{$attr};
182	- }
183	- $OUT .= "\n";
184	- }
185	-
186	- if (exists $groups->{$key})
187	- {
188	- $OUT .= "dn: cn=$key,ou=Groups,$ldapBase\n";
189	- $OUT .= "objectClass: posixGroup\n";
190	- $OUT .= "objectClass: sambaGroupMapping\n" if exists $groups->{$key}->{sambaSID};
191	- foreach my $attr ( keys %{$groups->{$key}} )
192	- {
193	- if (ref($groups->{$key}->{$attr}) eq 'ARRAY')
194	- {
195	- my %seen = ();
196	- $OUT .= utf8("$attr: $_\n") foreach grep { ! $seen{$_}++ } @{$groups->{$key}->{$attr}};
197	- }
198	- else
199	- {
200	- $OUT .= utf8("$attr: ".$groups->{$key}->{$attr})."\n" if $groups->{$key}->{$attr};
201	- }
202	- }
203	- $OUT .= "\n";
204	- }
205	- }
206	-}
207	diff -ruN e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50users e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50users
208	--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50users 2010-09-27 11:33:27.000000000 -0600
209	+++ e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50users 1969-12-31 17:00:00.000000000 -0700
210	@@ -1,43 +0,0 @@
211	-{
212	- my @users = $a->users;
213	- push (@users,$a->get('admin'));
214	- foreach my $user (@users)
215	- {
216	- my $key = $user->key;
217	-
218	- if (exists $users->{$key})
219	- {
220	- $OUT .= "dn: uid=$key,ou=Users,$ldapBase\n";
221	- $OUT .= "objectClass: inetOrgPerson\n";
222	- $OUT .= "objectClass: posixAccount\n";
223	- $OUT .= "objectClass: shadowAccount\n";
224	- $OUT .= "objectClass: sambaSamAccount\n" if exists $users->{$key}->{sambaSID};
225	- foreach my $attr ( keys %{$users->{$key}} )
226	- {
227	- $OUT .= utf8("$attr: ".$users->{$key}->{$attr})."\n" if $users->{$key}->{$attr};
228	- }
229	- $OUT .= utf8("mail: $key\@$DomainName\n");
230	- $OUT .= "\n";
231	- }
232	-
233	- if (exists $groups->{$key})
234	- {
235	- $OUT .= "dn: cn=$key,ou=Groups,$ldapBase\n";
236	- $OUT .= "objectClass: posixGroup\n";
237	- $OUT .= "objectClass: sambaGroupMapping\n" if exists $groups->{$key}->{sambaSID};
238	- foreach my $attr ( keys %{$groups->{$key}} )
239	- {
240	- if (ref($groups->{$key}->{$attr}) eq 'ARRAY')
241	- {
242	- my %seen = ();
243	- $OUT .= utf8("$attr: $_\n") foreach grep { ! $seen{$_}++ } @{$groups->{$key}->{$attr}};
244	- }
245	- else
246	- {
247	- $OUT .= utf8("$attr: ".$groups->{$key}->{$attr})."\n" if $groups->{$key}->{$attr};
248	- }
249	- }
250	- $OUT .= "\n";
251	- }
252	- }
253	-}
254	diff -ruN e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin
255	--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin 2010-09-27 11:33:27.000000000 -0600
256	+++ e-smith-ldap-5.2.0.new/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/template-begin 2010-09-27 11:34:20.000000000 -0600
257	@@ -4,86 +4,167 @@
258	use Date::Parse;
259
260	my $schema = '/etc/openldap/schema/samba.schema';
261	- my $schema = '/usr/share/doc/samba-3.0.33/LDAP/samba.schema';
262	+
263	$a = esmith::AccountsDB->open_ro;
264	$ldapBase = esmith::util::ldapBase ($DomainName);
265
266	- sub utf8
267	+ local ($dn, $dc, $obj, $attr, $account, $type);
268	+ ($dc) = split (/\./, $DomainName);
269	+
270	+ $ldif = ();
271	+
272	+ # Top domain object
273	+ utf8::upgrade($ldapBase);
274	+ $ldif->{$ldapBase}->{objectClass} = [ qw(top organization dcObject) ];
275	+ $ldif->{$ldapBase}->{dc} = $dc;
276	+ $ldif->{$ldapBase}->{o} = $ldap{defaultCompany} \|\| $DomainName;
277	+
278	+ # Top level groups
279	+ foreach $obj ( qw(Users Groups Computers) )
280	{
281	- my $t = shift;
282	- utf8::encode($t);
283	- return $t;
284	+ $dn = "ou=$obj,$ldapBase";
285	+ utf8::upgrade($dn);
286	+
287	+ $ldif->{$dn}->{objectClass} = [ qw(top organizationalUnit) ];
288	+ $ldif->{$dn}->{ou} = $obj;
289	}
290
291	- $users = ();
292	+ local $dnmap = ();
293	+
294	+ # Read in user details
295	while(my ($key,$pwd,$uid,$gid,undef,undef,$gecos,$dir,$shell) = getpwent())
296	{
297	# skip non sme users
298	- my $account = $a->get($key) \|\| next;
299	+ $account = $a->get($key) \|\| next;
300	+ $type = $account->prop('type') \|\| 'unknown';
301	+ next unless ($type =~ m{^(?:user\|group\|ibay\|machine)$} or $key eq 'admin');
302	+
303	+ if ($type eq 'machine')
304	+ {
305	+ $dn = "uid=$key,ou=Computers,$ldapBase";
306	+ utf8::upgrade($dn);
307	+ }
308	+ else
309	+ {
310	+ $dn = "uid=$key,ou=Users,$ldapBase";
311	+ utf8::upgrade($dn);
312	+ }
313	+
314	+ $dnmap->{$key}->{user} = $dn;
315
316	- $users->{$key}->{uid} = $key;
317	- $users->{$key}->{userPassword} = ($pwd =~ m/^\{/) ? $pwd : "\{CRYPT\}$pwd";
318	- $users->{$key}->{uidNumber} = $uid;
319	- $users->{$key}->{gidNumber} = $gid;
320	- $users->{$key}->{gecos} = $gecos;
321	- $users->{$key}->{cn} = $gecos;
322	- $users->{$key}->{homeDirectory} = $dir;
323	- $users->{$key}->{loginShell} = $shell;
324	- if (($account->prop('type') \|\| 'unknown') eq 'user')
325	- {
326	- $users->{$key}->{givenName} = $account->prop('FirstName');
327	- $users->{$key}->{sn} = $account->prop('LastName');
328	- $users->{$key}->{telephoneNumber} = $account->prop('Phone');
329	- $users->{$key}->{o} = $account->prop('Company');
330	- $users->{$key}->{ou} = $account->prop('Department');
331	- $users->{$key}->{l} = $account->prop('City');
332	- $users->{$key}->{street} = $account->prop('Street');
333	+ $ldif->{$dn}->{objectClass} = [ qw(posixAccount shadowAccount) ];
334	+ $ldif->{$dn}->{uid} = $key;
335	+ $ldif->{$dn}->{userPassword} = ($pwd =~ m/^\{/) ? $pwd : "\{CRYPT\}$pwd";
336	+ $ldif->{$dn}->{uidNumber} = $uid;
337	+ $ldif->{$dn}->{gidNumber} = $gid;
338	+ $ldif->{$dn}->{gecos} = $gecos \|\| '';
339	+ $ldif->{$dn}->{cn} = $gecos \|\| '';
340	+ $ldif->{$dn}->{homeDirectory} = $dir;
341	+ $ldif->{$dn}->{loginShell} = $shell;
342	+
343	+ if ($type eq 'user' or $key eq 'admin')
344	+ {
345	+ push @{$ldif->{$dn}->{objectClass}}, 'inetOrgPerson';
346	+ $ldif->{$dn}->{mail} = "$key\@$DomainName";
347	+ $ldif->{$dn}->{givenName} = $account->prop('FirstName') \|\| '';
348	+ $ldif->{$dn}->{sn} = $account->prop('LastName') \|\| '';
349	+ $ldif->{$dn}->{telephoneNumber} = $account->prop('Phone') \|\| '';
350	+ $ldif->{$dn}->{o} = $account->prop('Company') \|\| '';
351	+ $ldif->{$dn}->{ou} = $account->prop('Department') \|\| '';
352	+ $ldif->{$dn}->{l} = $account->prop('City') \|\| '';
353	+ $ldif->{$dn}->{street} = $account->prop('Street') \|\| '';
354	+ }
355	+ else
356	+ {
357	+ push @{$ldif->{$dn}->{objectClass}}, 'account';
358	}
359	}
360	endpwent();
361
362	+ # Read in group details
363	+ while(my ($key,$pwd,$gid,$members) = getgrent())
364	+ {
365	+ # skip non sme groups
366	+ $account = $a->get($key) \|\| next;
367	+ $type = $account->prop('type') \|\| 'unknown';
368	+ next unless ($type =~ m{^(?:user\|group\|ibay\|machine)$} or $key eq 'admin');
369	+
370	+ $dn = "cn=$key,ou=Groups,$ldapBase";
371	+ utf8::upgrade($dn);
372	+
373	+ $dnmap->{$key}->{group} = $dn;
374	+
375	+ $ldif->{$dn}->{objectClass} = [ qw(posixGroup) ];
376	+ $ldif->{$dn}->{cn} = $key;
377	+ $ldif->{$dn}->{userPassword} = ($pwd =~ m/^\{/) ? $pwd : "\{CRYPT\}$pwd";
378	+ $ldif->{$dn}->{gidNumber} = $gid;
379	+ $ldif->{$dn}->{description} = $ldif->{$dnmap->{$key}->{user}}->{cn} if exists $ldif->{$dnmap->{$key}->{user}}->{cn};
380	+ $ldif->{$dn}->{memberUid} = [ split /\s+/, $members ];
381	+
382	+ if ($type eq 'group')
383	+ {
384	+ push @{$ldif->{$dn}->{objectClass}}, 'mailboxRelatedObject';
385	+ $ldif->{$dn}->{mail} = "$key\@$DomainName";
386	+ }
387	+ }
388	+ endgrent();
389	+
390	+ # Read in samba user details
391	if ( -f "$schema" and -x '/usr/bin/pdbedit' )
392	{
393	foreach my $line (`/usr/bin/pdbedit -Lw 2> /dev/null`)
394	{
395	my ($key,undef,$lmpass,$ntpass) = split(/:/,$line);
396	- next unless exists $users->{$key};
397	- $users->{$key}->{sambaLMPassword} = $lmpass;
398	- $users->{$key}->{sambaNTPassword} = $ntpass;
399	+ next unless exists $dnmap->{$key};
400	+
401	+ push @{$ldif->{$dnmap->{$key}->{user}}->{objectClass}}, 'sambaSamAccount';
402	+ $ldif->{$dnmap->{$key}->{user}}->{sambaLMPassword} = $lmpass;
403	+ $ldif->{$dnmap->{$key}->{user}}->{sambaNTPassword} = $ntpass;
404
405	foreach my $info (`/usr/bin/pdbedit -v '$key' 2> /dev/null`){
406	- $users->{$key}->{sambaSID} = $1 if $info =~ m{User SID:\s+(S-.*)$};
407	- $users->{$key}->{displayName} = $1 if $info =~ m{Full Name:\s+(.*)$};
408	- $users->{$key}->{sambaPrimaryGroupSID} = $1 if $info =~ m{Primary Group SID:\s+(S-.*)$};
409	- $users->{$key}->{sambaAcctFlags} = $1 if $info =~ m{Account Flags:\s+(.*)$};
410	- $users->{$key}->{sambaPwdLastSet} = str2time($1) if $info =~ m{Password last set:\s+(.*)$};
411	+ $ldif->{$dnmap->{$key}->{user}}->{sambaSID} = $1 if $info =~ m{User SID:\s+(S-.*)$};
412	+ $ldif->{$dnmap->{$key}->{user}}->{displayName} = $1 if $info =~ m{Full Name:\s+(.*)$};
413	+ $ldif->{$dnmap->{$key}->{user}}->{sambaPrimaryGroupSID} = $1 if $info =~ m{Primary Group SID:\s+(S-.*)$};
414	+ $ldif->{$dnmap->{$key}->{user}}->{sambaAcctFlags} = $1 if $info =~ m{Account Flags:\s+(.*)$};
415	+ $ldif->{$dnmap->{$key}->{user}}->{sambaPwdLastSet} = str2time($1) if $info =~ m{Password last set:\s+(.*)$};
416	}
417	}
418	}
419
420	- $groups = ();
421	- while(my ($key,$pwd,$gid,$members) = getgrent())
422	+ # Read in samba group mappings
423	+ if ( -f "$schema" and -x '/usr/bin/net' )
424	{
425	- # skip non sme groups
426	- $a->get($key) \|\| next;
427	-
428	- $groups->{$key}->{cn} = $key;
429	- $groups->{$key}->{userPassword} = ($pwd =~ m/^\{/) ? $pwd : "\{CRYPT\}$pwd";
430	- $groups->{$key}->{gidNumber} = $gid;
431	- $groups->{$key}->{description} = $users->{$key}->{cn} if exists $users->{$key}->{cn};
432	- $groups->{$key}->{memberUid} = [ split /\s+/, $members ];
433	+ foreach (`/usr/bin/net groupmap list 2> /dev/null`){
434	+ chomp;
435	+ next if m{\(S-1-5-32-\d+\)};
436	+ if (/^(.) \((S-.-\d+)\) -> (.*)$/)
437	+ {
438	+ next unless exists $dnmap->{$3};
439	+
440	+ push @{$ldif->{$dnmap->{$3}->{group}}->{objectClass}}, 'sambaGroupMapping';
441	+ $ldif->{$dnmap->{$3}->{group}}->{displayName} = $1;
442	+ $ldif->{$dnmap->{$3}->{group}}->{sambaSID} = $2;
443	+ $ldif->{$dnmap->{$3}->{group}}->{sambaGroupType} = '2';
444	+ }
445	+ }
446	}
447	- endgrent();
448
449	- foreach (`/usr/bin/net groupmap list 2> /dev/null`){
450	- chomp;
451	- next if m{\(S-1-5-32-\d+\)};
452	- if (/^(.) \((S-.-\d+)\) -> (.*)$/)
453	- {
454	- next unless exists $groups->{$3};
455	- $groups->{$3}->{displayName} = $1;
456	- $groups->{$3}->{sambaSID} = $2;
457	- $groups->{$3}->{sambaGroupType} = '2';
458	+ # Ensure that attributes are utf8
459	+ foreach $dn (keys %$ldif)
460	+ {
461	+ foreach $attr ( keys %{$ldif->{$dn}} )
462	+ {
463	+ if ( ref($ldif->{$dn}->{$attr}) eq 'ARRAY' )
464	+ {
465	+ for (my $c = 0; $c < scalar(@{$ldif->{$dn}->{$attr}}); $c++)
466	+ {
467	+ utf8::upgrade($ldif->{$dn}->{$attr}[$c]);
468	+ }
469	+ }
470	+ else
471	+ {
472	+ utf8::upgrade($ldif->{$dn}->{$attr});
473	+ }
474	}
475	}
476