diff --git a/bin/synchronize_vshare_Users.pl b/bin/synchronize_vshare_Users.pl
new file mode 100755
index 0000000000000000000000000000000000000000..2869df6b0669b88ca34dd929d34743246e9c0e6b
--- /dev/null
+++ b/bin/synchronize_vshare_Users.pl
@@ -0,0 +1,417 @@
+#!/usr/bin/perl
+
+# ------------------------------------------------------------------------------
+# $Id$
+#
+# ------------------------------------------------------------------------------
+
+use strict;
+use warnings;
+use Getopt::Long;
+use Data::Dumper;
+use Config::IniFiles;
+use Net::LDAP;
+use File::Copy;
+use File::Basename;
+use Sys::Hostname;
+use Cwd;
+use Net::OpenSSH::Compat 'Net::SSH2';
+
+# unbuffered output:
+$| = 1;
+
+use lib ( new Config::IniFiles( -file => "/opt/etc/ini/global.ini" )->val( 'APPLICATION', 'LIBRARY' ) );
+
+BEGIN {
+ my $iniFile = new Config::IniFiles( -file => "/opt/etc/ini/global.ini" );
+ push( @INC, $iniFile->val( 'APPLICATION', 'LIBRARY' ) );
+}
+
+use SNET::common;
+use SNET::snmpd;
+use SNET::LdapNS qw(:all);
+use SNET::SSHDeviceInterfacer::Linux;
+
+use vars qw($verbose $debug $help $force $cli_mode $dry_run );
+$verbose = 0;
+$debug = 0;
+$cli_mode = 1;
+
+my $PROGNAME = basename( $0 );
+$PROGNAME =~ s/\.p[lm]$//;
+
+my %options = (
+ "help" => \$help,
+ "debug" => \$debug,
+ "verbose" => \$verbose,
+ "force" => \$force,
+ "dry-run" => \$dry_run,
+);
+
+my $SNMP_ENTERPRISEOID = "99";
+my $SNMP_OID = "1.3.6.1.4.1.99999.$SNMP_ENTERPRISEOID";
+my $SNMP_GEN = "6";
+my $SNMP_SPE = "1";
+my $msg = '';
+my $title = "Cacti ImportUser";
+
+help() if !GetOptions( %options ) or $help;
+$verbose = 1 if $debug;
+
+# ldap_find_users_and_groups()
+#
+# Read users and groups from SNet LDAP.
+
+sub ldap_find_users_and_groups ($$$$$$$$$$)
+{
+ my (
+ $cfg_ldap_server, $cfg_ldap_user, $cfg_ldap_passwd, $cfg_ldap_group_search, $cfg_ldap_search_scope,
+ $cfg_ldap_group_search_filter, $cfg_ldap_group_attribute, $cfg_ldap_groupname, $hostname, $cfg_ldap_cafile
+ ) = @_;
+
+ my %users;
+
+ # Connect to the LDAP server
+ metaprint( 'verbose', "Initiating connection to LDAP server <$cfg_ldap_server>:" ) if $verbose;
+ my $ldap = Net::LDAP->new(
+ $cfg_ldap_server,
+ async => 0,
+ onerror => (
+ ( $debug == 0 ) ? sub { return $_[0] } : sub {
+ my $message = shift;
+ my $error = defined( $message->error_desc ) ? $message->error_desc : $message->error();
+ $msg = "Ldap: Unable to process request: $error.";
+ metaprint( 'error', $title . ": " . $msg );
+ snmp_trap_send_multi_vars( $SNMP_OID, $SNMP_GEN, $SNMP_SPE, [ $hostname, $title, $msg ] );
+ return $message;
+ }
+ ),
+ );
+ if ( !$ldap ) {
+ $msg = "LDAP connection to <$cfg_ldap_server> failed.";
+ metaprint( 'error', $title . ": " . $msg ) if $verbose;
+ snmp_trap_send_multi_vars( $SNMP_OID, $SNMP_GEN, $SNMP_SPE, [ $hostname, $title, $msg ] );
+ exit 1;
+ }
+ metaprint( 'verbose', "* LDAP connection completed successfully." ) if $verbose;
+
+ my $message;
+ eval {
+ print STDERR 'Starting tls' . "\n" if ( $debug );
+ $message = $ldap->start_tls( verify => 'require',
+ cafile => $cfg_ldap_cafile, );
+ if ( $message->is_error() ) {
+ $msg = "Could not encrypt LDAP connection.";
+ metaprint( 'error', $title . ": " . $msg ) if $verbose;
+ snmp_trap_send_multi_vars( $SNMP_OID, $SNMP_GEN, $SNMP_SPE, [ $hostname, $title, $msg ] );
+ exit 1;
+ }
+ };
+ if ( $@ ) {
+ $msg = "Crash - Could not encrypt LDAP connection.";
+ metaprint( 'error', $title . ": " . $msg ) if $verbose;
+ snmp_trap_send_multi_vars( $SNMP_OID, $SNMP_GEN, $SNMP_SPE, [ $hostname, $title, $msg ] );
+ exit 1;
+ }
+
+ eval {
+ print STDERR 'binding' . "\n" if ( $debug );
+ $message = $ldap->bind(
+ $cfg_ldap_user,
+ password => $cfg_ldap_passwd,
+ version => 3,
+ );
+ if ( $message->is_error() ) {
+ $msg = "LDAP bind error occurred.";
+ metaprint( 'error', $title . ": " . $msg ) if $verbose;
+ snmp_trap_send_multi_vars( $SNMP_OID, $SNMP_GEN, $SNMP_SPE, [ $hostname, $title, $msg ] );
+ exit 1;
+ }
+ };
+ if ( $@ ) {
+ $msg = "Crash - LDAP bind error occurred ('" . $message->error_name . "').";
+ metaprint( 'error', $title . ": " . $msg ) if $verbose;
+ snmp_trap_send_multi_vars( $SNMP_OID, $SNMP_GEN, $SNMP_SPE, [ $hostname, $title, $msg ] );
+ exit 1;
+ }
+
+ metaprint( 'verbose', "* LDAP bind operation completed successfully." ) if $verbose;
+
+ # Search AD for objects in a particular group using LDAP
+
+ metaprint( 'info', "Getting the LDAP member with expiration." ) if $verbose;
+ my %searchargs;
+ $searchargs{base} = $cfg_ldap_group_search;
+ $searchargs{scope} = $cfg_ldap_search_scope;
+ $searchargs{filter} = $cfg_ldap_group_search_filter;
+ $searchargs{attrs} = $cfg_ldap_group_attribute;
+
+ print Dumper( \%searchargs ) if $verbose;
+
+ my $results;
+ eval { $results = $ldap->search( %searchargs ); };
+ if ( $@ ) {
+ my $title = "Check Password";
+ my $msg = "Crash - LDAP Users Search.";
+ metaprint( 'error', $title . ": " . $msg ) if $verbose;
+ snmp_trap_send_multi_vars( $SNMP_OID, $SNMP_GEN, $SNMP_SPE, [ $hostname, $title, $msg ] );
+ exit 1;
+ }
+
+ if ( $results->is_error() ) {
+ metaprint( 'error', 'search failed: ' . $results->error_text );
+ metaprint( 'error', 'search failed: ' . $results->code );
+ metaprint( 'error', 'search failed: ' . $results->error );
+ } elsif ( $results->count() == 0 ) {
+ metaprint( 'error', 'no result' );
+ } else {
+ metaprint( 'verbose', "* Search returned " . $results->count . " object." ) if $verbose;
+ print Dumper( $results->as_struct() ) if $verbose;
+ my $ldap_hash = $results->as_struct();
+
+ my $attribute = $searchargs{attrs}[0];
+ if ( defined( $ldap_hash->{ "cn=$cfg_ldap_groupname," . $searchargs{base} }{$attribute} ) ) {
+ foreach my $url ( @{ $ldap_hash->{ "cn=$cfg_ldap_groupname," . $searchargs{base} }{$attribute} } ) {
+
+ print "$url\n" if $verbose;
+ push( @{ $users{$url}{'groups'} }, $cfg_ldap_groupname );
+
+ # fetch the user gecos
+ my %usersearch;
+ $usersearch{base} = $cfg_ldap_group_search;
+ $usersearch{base} =~ s/groups/people/;
+ $usersearch{attrs} = [ 'gecos', 'uid' ];
+ $usersearch{scope} = 'sub';
+ $usersearch{filter} = '(&(objectClass=posixAccount)(uid=' . $url . '))';
+ print Dumper( \%usersearch ) if $verbose;
+
+ my $userresults;
+ eval { $userresults = $ldap->search( %usersearch ); };
+ if ( $@ ) {
+ my $title = "Check Password";
+ my $msg = "Crash - LDAP Mail Users Search.";
+ metaprint( 'error', $title . ": " . $msg ) if $verbose;
+ snmp_trap_send_multi_vars( $SNMP_OID, $SNMP_GEN, $SNMP_SPE, [ $hostname, $title, $msg ] );
+ exit 1;
+ }
+ if ( $userresults->is_error() ) {
+ metaprint( 'error', 'search failed: ' . $userresults->error_text );
+ metaprint( 'error', 'search failed: ' . $userresults->code );
+ metaprint( 'error', 'search failed: ' . $userresults->error );
+ } elsif ( $userresults->count() == 0 ) {
+ metaprint( 'error', 'no result' );
+ } else {
+ metaprint( 'info', "* Search returned " . $userresults->count . " url for '$url'." ) if $verbose;
+ print Dumper ( $userresults ) if $verbose;
+
+ foreach my $uid ( $userresults->entries ) {
+ print "'" . $uid->get_value( 'uid' ) . "'\n" if $verbose;
+ if ( !defined( $uid->get_value( 'gecos' ) ) ) {
+ $users{ $uid->get_value( 'uid' ) } = '';
+ } else {
+ $users{ $uid->get_value( 'uid' ) }{'gecos'} = $uid->get_value( 'gecos' );
+ }
+ }
+ }
+
+ }
+ } else {
+ metaprint( 'error', "Could not parse the hash result: {" . "cn=$cfg_ldap_groupname," . $searchargs{base} . "} { " . $attribute . " }" );
+ }
+ }
+
+ print "\nClosing LDAP connection.\n" if $verbose;
+ $ldap->unbind;
+ return %users;
+}
+
+#
+# Global Declarations
+#
+# load the INI
+metaprint( "info", "Loading INI file Parameters" );
+my $global_iniFile = new Config::IniFiles( -file => "/opt/etc/ini/global.ini" );
+
+my $CiniFile = new Config::IniFiles( -file => $global_iniFile->val( 'INI', 'RME' ) );
+metaprint( "error", "error value of CiniFile is undefined" ) if ( !defined( $CiniFile ) );
+
+my $outpath = $CiniFile->val( 'GLOBAL', 'OUTPATH' );
+metaprint( "error", "The defined outpath is not valid, please correct-it" ) if ( !defined( $outpath ) );
+
+my $AiniFile = new Config::IniFiles( -file => $global_iniFile->val( 'INI', 'LDAP' ) );
+metaprint( "error", "error value of AiniFile is undefined" ) if ( !defined( $AiniFile ) );
+
+my $cfg_ldap_server = $AiniFile->val( 'LDAP_SNET_NG', 'SERVER' );
+metaprint( "error", "error value of cfg_ldap_server is undefined" ) if ( !defined( $cfg_ldap_server ) );
+my $cfg_ldap_user = $AiniFile->val( 'LDAP_SNET_NG', 'USER' );
+metaprint( "error", "error value of cfg_ldap_user is undefined" ) if ( !defined( $cfg_ldap_user ) );
+my $cfg_ldap_passwd = $AiniFile->val( 'LDAP_SNET_NG', 'PASSWORD' );
+metaprint( "error", "error value of cfg_ldap_passwd is undefined" ) if ( !defined( $cfg_ldap_passwd ) );
+my $cfg_ldap_group_search = $AiniFile->val( 'LDAP_SNET_NG', 'GRP_SEARCH' );
+metaprint( "error", "error value of cfg_ldap_group_search is undefined" ) if ( !defined( $cfg_ldap_group_search ) );
+my $cfg_ldap_group_search_filter = $AiniFile->val( 'LDAP_SNET_NG', 'FILTER' );
+metaprint( "error", "error value of cfg_ldap_group_search_filter is undefined" ) if ( !defined( $cfg_ldap_group_search_filter ) );
+$cfg_ldap_group_search_filter = "(&(objectclass=posixGroup)(cn=REPLACE))";
+my $cfg_ldap_group_attribute = $AiniFile->val( 'LDAP_SNET_NG', 'GRP_ATTRIBUTE' );
+metaprint( "error", "error value of cfg_ldap_group_attribute is undefined" ) if ( !defined( $cfg_ldap_group_attribute ) );
+$cfg_ldap_group_attribute = ["memberuid"];
+my $cfg_ldap_search_scope = $AiniFile->val( 'LDAP_SNET_NG', 'SEARCH_SCOPE' );
+metaprint( "error", "error value of cfg_ldap_search_scope is undefined" ) if ( !defined( $cfg_ldap_search_scope ) );
+my $cfg_ldap_cafile = $AiniFile->val( 'LDAP_SNET_NG', 'CA' );
+metaprint( "error", "error value of cfg_ldap_cafile is undefined" ) if ( !defined( $cfg_ldap_cafile ) );
+
+# vSHARE credentails configuration
+my $LiniFile = new Config::IniFiles( -file => $global_iniFile->val( 'INI', 'RME' ) );
+metaprint( "error", "error value of LiniFile is undefined" ) if ( !defined( $LiniFile ) );
+my $vshare_servers = $LiniFile->val( 'vshare', 'SERVERS' );
+metaprint( "error", "error value of vshare_servers is undefined" ) if ( !defined( $vshare_servers ) );
+my $vshare_user = $LiniFile->val( 'vshare', 'USER' );
+metaprint( "error", "error value of vshare_user is undefined" ) if ( !defined( $vshare_user ) );
+my $vshare_passwd = $LiniFile->val( 'vshare', 'PASSWD' );
+metaprint( "error", "error value of vshare_passwd is undefined" ) if ( !defined( $vshare_passwd ) );
+
+my @filters;
+push( @filters, 'com' );
+push( @filters, 'mgt' );
+push( @filters, 'net' );
+push( @filters, 'pi' );
+push( @filters, 'pm' );
+push( @filters, 'sd' );
+push( @filters, 'sec' );
+push( @filters, 'ss' );
+push( @filters, 'tda' );
+push( @filters, 'officials' );
+
+my $hostname = hostname();
+
+# test DVE
+#snmp_trap_send_multi_vars( $SNMP_OID, $SNMP_GEN, $SNMP_SPE, [ $hostname, "DVE TEST", "Crash - Ack test." ] );
+#exit 1;
+
+# Main Application
+metaprint( "info", "Starting users synchro" );
+
+my $errors = 0;
+
+my $already_defined_users = {};
+my $ssh;
+my $out;
+
+metaprint( 'info', "processing vshare servers..." );
+foreach my $server ( split( /,/, $vshare_servers ) ) {
+
+ # SSH to server.
+ metaprint 'info', 'Working on ' . $server . '...';
+ $ssh = new SNET::SSHDeviceInterfacer::Linux( $debug, $server, $vshare_user, $vshare_passwd );
+ if ( !$cli_mode ) {
+ $ssh->set_webmode( 1 );
+ }
+
+ if ( $ssh->openSSHConnection() ) {
+ metaprint 'info', "-> ok connected";
+ } else {
+ metaprint 'error', "-> connection failed";
+ $errors++;
+ next;
+ }
+
+ my $cln = ();
+ $cln->{'uid'} = 3;
+ $cln->{'gid'} = 4;
+ $cln->{'name'} = 9;
+
+ $out = $ssh->sendCMD( "/bin/ls -aildn /opt/home/*" );
+ if ( $out =~ m/\s\/opt\/home\/\w+/i ) {
+ foreach my $line ( split( /\n/, $out ) ) {
+ chomp $line;
+ next if ( $line =~ /ls -aildn/ );
+ next if ( $line =~ /\/export\/home\/snet/ );
+ next if ( $line =~ /lost\+found/ );
+ $line =~ s/^\s*//;
+ print Dumper ( $line ) if $debug;
+
+ my $tmp = ();
+ @$tmp = split( /\s+/, $line );
+ $tmp->[ $cln->{'name'} ] =~ s/\/*$//g;
+ $tmp->[ $cln->{'name'} ] =~ s/^\/.*\///;
+ print Dumper ( $tmp ) if $debug;
+
+ # 3 : uid
+ # 4 : gid
+ # 9 : name
+ foreach my $pos ( keys %$cln ) {
+ $already_defined_users->{ $tmp->[ $cln->{'name'} ] }{$pos} = $tmp->[ $cln->{$pos} ];
+ }
+ }
+ last;
+ } else {
+ $errors++;
+ next;
+ }
+
+}
+
+if ( $errors ) {
+ metaprint( 'error', "Some errors have been found, please contact SS Team!" . nl() . "Please copy/paste the output to the email!" );
+ exit 1;
+}
+
+#Print Users from Cacti
+print Dumper ( $already_defined_users ) if $verbose;
+
+# -- Create the import file
+my $cpt = 0;
+my $cpt_del = 0;
+
+foreach my $filter ( @filters ) {
+
+ metaprint "info", "Checking groups '$filter'.";
+ my $cfg_ldap_group_search_f = $cfg_ldap_group_search_filter;
+ $cfg_ldap_group_search_f =~ s/REPLACE/$filter/;
+ print "$cfg_ldap_group_search_f\n" if $verbose;
+ my %ldap_users = ldap_find_users_and_groups( $cfg_ldap_server, $cfg_ldap_user, $cfg_ldap_passwd, $cfg_ldap_group_search, $cfg_ldap_search_scope,
+ $cfg_ldap_group_search_f, $cfg_ldap_group_attribute, $filter, $hostname, $cfg_ldap_cafile );
+
+ print Dumper ( \%ldap_users ) if $verbose;
+
+ foreach my $u ( keys %ldap_users ) {
+ if ( defined( $already_defined_users->{$u} ) && ( $already_defined_users->{$u} ) ) {
+ metaprint( "info", "Skipping user $u import, user is already defined, but user need to be checked." ) if $verbose;
+
+ # TODO check uid:gid
+ $already_defined_users->{$u}{'found'} = 1;
+ next;
+ }
+
+ next if ( $ldap_users{$u} =~ /^$/ );
+ my $cmd = "sudo mkdir /opt/home/$u && sudo chown $u:snmc /opt/home/$u";
+ metaprint( "info", "$u need to be created: '$cmd'." );
+ if ( !$dry_run ) {
+ eval { $out = $ssh->sendCMD( $cmd ); };
+ if ( $out =~ m/password/i ) {
+ $out = $ssh->sendCMD( $vshare_passwd );
+ }
+ print $out;
+ }
+ $cpt++;
+ }
+}
+
+metaprint "info", "Checking all others vshare home directory users defined.";
+foreach my $u ( keys %$already_defined_users ) {
+ if ( defined( $already_defined_users->{$u} )
+ && ( $already_defined_users->{$u} )
+ && defined( $already_defined_users->{$u}{'found'} )
+ && ( $already_defined_users->{$u}{'found'} ) ) {
+ next;
+ } else {
+ metaprint( "error", "User $u need to be deleted manually." );
+ $cpt_del++;
+ }
+}
+eval { $out = $ssh->sendCMD( "exit" ); };
+
+metaprint( "info", "$cpt user(s) created." );
+metaprint( "info", "$cpt_del user(s) need to be deleted." );
+metaprint( "info", "--- Process Done ---" );
+exit( 0 );