--- e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/ldap-delete.users_groups_ous 2005-07-27 23:26:55.000000000 +0200 +++ e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/ldap-delete 2010-01-30 21:28:26.000000000 +0100 @@ -36,9 +36,9 @@ } my $event = $ARGV [0]; -my $userName = $ARGV [1]; +my $name = $ARGV [1]; -die "Username argument missing." unless defined ($userName); +die "Username argument missing." unless defined ($name); #------------------------------------------------------------ # Delete user from LDAP directory. First read LDAP password @@ -57,17 +57,30 @@ password => $pw ); -my @search_args = ( base => $base, filter => "uid=$userName" ); +my @search_args = ( base => "ou=Users,$base", filter => "uid=$name" ); my $mesg = $ldap->search(@search_args); $mesg->code && die "Failed ldap search: ", $mesg->error; if ($mesg->count > 1) { - die("LDAP search for $userName returned $mesg->count - 1 expected\n"); + die("LDAP search for $name returned $mesg->count - 1 expected\n"); } $ldap->delete($mesg->entry(0)); + +if ($event eq 'group-delete'){ + @search_args = ( base => "ou=Groups,$base", filter => "cn=$name" ); + $mesg = $ldap->search(@search_args); + $mesg->code && die "Failed ldap search: ", $mesg->error; + if ($mesg->count > 1) + { + die("LDAP search for $name returned $mesg->count - 1 expected\n"); + } + + $ldap->delete($mesg->entry(0)); +} + $ldap->unbind; exit (0); --- e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/ldap-update.users_groups_ous 2010-01-30 21:32:54.000000000 +0100 +++ e-smith-ldap-5.2.0/root/etc/e-smith/events/actions/ldap-update 2010-01-30 21:28:08.000000000 +0100 @@ -106,6 +106,7 @@ my $type = $acct->prop('type'); next unless ($type eq 'user' || $type eq 'group'); my @attrs = (); + my @groupAttrs = (); if (($type eq 'user') || ($key eq 'admin')) { my $name = $acct->prop('FirstName') . " " . $acct->prop('LastName'); @@ -147,6 +148,9 @@ my $key = $acct->key; my $desc = $acct->prop('Description') || ''; + my @members = split(/,/,($acct->prop('Members') || '')); + my $gid = $acct->prop('Gid'); + utf8::upgrade($desc); push @attrs, (cn => $desc) unless $desc =~ /^\s*$/; push @attrs, (mail => "$key\@$domain"); @@ -155,22 +159,40 @@ push @attrs, (ou => $dept) unless $dept =~ /^\s*$/; push @attrs, (l => $city) unless $city =~ /^\s*$/; push @attrs, (street => $street) unless $street =~ /^\s*$/; + + push @groupAttrs, (objectClass => 'posixGroup'); + push @groupAttrs, (cn => $key); + push @groupAttrs, (gidNumber => $gid); + push @groupAttrs, (description => $desc) unless $desc =~ /^\s*$/; + push @groupAttrs, (memberUid => \@members); } - my $dn = "uid=$key,$base"; + my $dn = "uid=$key,ou=Users,$base"; + my $groupDn = "cn=$key,ou=Groups,$base"; if (($event eq 'user-create') || ($event eq 'group-create')) { my $result = $ldap->add ($dn, attr => \@attrs); $result->code && warn "failed to add entry for $dn: ", $result->error ; + + $result = $ldap->add ($groupDn, attr => \@groupAttrs); + + $result->code && + warn "failed to add entry for $groupDn: ", $result->error ; } else { my %attrs = @attrs; + my %groupAttrs = @groupAttrs; my $result = $ldap->modify ($dn, replace => \%attrs); $result->code && warn "failed to modify entry for $dn: ", $result->error ; + + $result = $ldap->modify ($groupDn, replace => \%groupAttrs); + + $result->code && + warn "failed to modify entry for $groupDn: ", $result->error ; } } $ldap->unbind; --- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50users.users_groups_ous 2010-01-30 21:32:54.000000000 +0100 +++ e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50users 2010-01-30 21:25:43.000000000 +0100 @@ -15,7 +15,7 @@ my $password = $passwd{$key}; $OUT .= "\n"; - $OUT .= utf8("dn: uid=$key,$ldapBase\n"); + $OUT .= utf8("dn: uid=$key,ou=Users,$ldapBase\n"); $OUT .= utf8("objectClass: inetOrgPerson\n"); $OUT .= utf8("uid: $key\n"); $OUT .= utf8("cn: $name\n") if $name; --- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/10organisation.users_groups_ous 2010-01-30 21:32:54.000000000 +0100 +++ e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/10organisation 2010-01-30 21:24:27.000000000 +0100 @@ -4,7 +4,19 @@ $OUT .= "dn: $ldapBase\n"; $OUT .= "objectClass: organization\n"; + $OUT .= "objectClass: top\n"; $OUT .= "dc: $dc\n"; $OUT .= "o: $o\n"; $OUT .= "objectClass: dcObject\n"; + + $OUT .= "\n"; + $OUT .= "dn: ou=Users,$ldapBase\n"; + $OUT .= "objectClass: top\n"; + $OUT .= "objectClass: organizationalUnit\n"; + $OUT .= "ou: Users\n\n"; + $OUT .= "dn: ou=Groups,$ldapBase\n"; + $OUT .= "objectClass: top\n"; + $OUT .= "objectClass: organizationalUnit\n"; + $OUT .= "ou: Groups\n\n"; } + --- e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50groups.users_groups_ous 2010-01-30 21:32:54.000000000 +0100 +++ e-smith-ldap-5.2.0/root/etc/e-smith/templates/home/e-smith/db/ldap/ldif/50groups 2010-01-30 21:25:57.000000000 +0100 @@ -1,15 +1,28 @@ { foreach ($a->groups) - { - my $key = $_->key; - my $desc = $_->prop('Description'); + { + my $key = $_->key; + my $desc = $_->prop('Description') || ''; + my $gid = $_->prop('Gid'); + my @members = split( /,/, ($_->prop('Members') || '') ); - $OUT .= "\n"; - $OUT .= "dn: uid=$key,$ldapBase\n"; - $OUT .= "objectClass: inetOrgPerson\n"; - $OUT .= "mail: $key\@$DomainName\n"; - $OUT .= utf8("cn: $desc\n") if $desc; - $OUT .= "uid: $key\n"; - $OUT .= "sn: $key\n"; + $OUT .= "\n"; + $OUT .= "dn: uid=$key,ou=Users,$ldapBase\n"; + $OUT .= "objectClass: inetOrgPerson\n"; + $OUT .= "mail: $key\@$DomainName\n"; + $OUT .= utf8("cn: $desc\n") if $desc; + $OUT .= "uid: $key\n"; + $OUT .= "sn: $key\n"; + + $OUT .= "\n"; + $OUT .= "dn: cn=$key,ou=Groups,$ldapBase\n"; + $OUT .= "objectClass: posixGroup\n"; + $OUT .= "gidNumber: $gid\n"; + $OUT .= "cn: $key\n"; + $OUT .= "description: $desc"; + foreach my $member (@members){ + $OUT .= "memberUid: $member\n"; + } } } +