| 1 |
diff -up e-smith-ldap-5.2.0/createlinks.unix-cleanup e-smith-ldap-5.2.0/createlinks |
| 2 |
--- e-smith-ldap-5.2.0/createlinks.unix-cleanup 2010-11-02 09:15:20.000000000 -0600 |
| 3 |
+++ e-smith-ldap-5.2.0/createlinks 2010-11-02 09:14:30.000000000 -0600 |
| 4 |
@@ -30,6 +30,7 @@ event_link("ldap-update", "ibay-modify", |
| 5 |
event_link("ldap-delete", "ibay-delete", "25"); |
| 6 |
|
| 7 |
event_link("ldap-update", "bootstrap-ldap-save", "25"); |
| 8 |
+event_link("cleanup-unix-user-group", "bootstrap-ldap-save", "98"); |
| 9 |
|
| 10 |
event_link("ldap-update", "machine-account-create", "25"); |
| 11 |
|
| 12 |
diff -up e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/cleanup-unix-user-group.unix-cleanup e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/cleanup-unix-user-group |
| 13 |
--- e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/cleanup-unix-user-group.unix-cleanup 2010-11-02 09:13:34.000000000 -0600 |
| 14 |
+++ e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/cleanup-unix-user-group 2010-11-02 09:13:20.000000000 -0600 |
| 15 |
@@ -0,0 +1,20 @@ |
| 16 |
+#!/bin/bash -e |
| 17 |
+ |
| 18 |
+ldapauth=$(/sbin/e-smith/config getprop ldap Authentication || echo disabled) |
| 19 |
+ |
| 20 |
+# Exit unless ldap auth is enabled |
| 21 |
+[ "$ldapauth" == "enabled" ] || exit 0 |
| 22 |
+ |
| 23 |
+# Users and group accounts are now stored in LDAP, so we need to delete them |
| 24 |
+# from the old passwd / group / shadow database |
| 25 |
+ |
| 26 |
+for USER in $(/usr/bin/getent passwd | sort | cut -d':' -f1 | uniq -d); do |
| 27 |
+ /usr/sbin/luserdel -G $USER |
| 28 |
+done |
| 29 |
+ |
| 30 |
+for GROUP in $(/usr/bin/getent group | sort | cut -d':' -f1 | uniq -d); do |
| 31 |
+ /usr/sbin/lgroupdel $GROUP |
| 32 |
+done |
| 33 |
+ |
| 34 |
+# And add the admin back in the root group, which is not in the LDAP database |
| 35 |
+/usr/bin/gpasswd -a admin root |
Parent Directory
| 
Revision Log
| 
Revision Graph
