diff --git a/ldap_NS_adduser.pl b/ldap_NS_adduser.pl
index d30e478cfe10cfc41803a18043fbb1612040dadd..05ba1d807b25cedf5d28e4defeb38b46093182a0 100755
--- a/ldap_NS_adduser.pl
+++ b/ldap_NS_adduser.pl
@@ -28,30 +28,30 @@ use SNET::ActiveDirectory;
use vars qw($verbose $debug $help $env $script $cli_mode $action $IM $username $belongs_iss3 $belongs_network $belongs_security $belongs_admin $migration $ldap_admin $ldap_passwd);
$debug = 0;
$verbose = 0;
-($script) = split(/\./,basename($0));
+( $script ) = split( /\./, basename( $0 ) );
-my $title = "LDAP Add User";
+my $title = "LDAP Add User";
my $function = $title;
-$function =~s/\s/_/g;
-my $href = "";
-my $header = "";
+$function =~ s/\s/_/g;
+my $href = "";
+my $header = "";
my $html_msg = "";
my $global_iniFile = new Config::IniFiles( -file => "/opt/etc/ini/global.ini" );
-$env = "test"; # "prod";
-($html_msg) = Access_snet_script_head( $script, $global_iniFile, $ENV, $env );
+$env = "test"; # "prod";
+( $html_msg ) = Access_snet_script_head( $script, $global_iniFile, $ENV, $env );
# Get current user
my $run_user = '';
-if (defined($ENV{"HTTP_AUTHUSER"})) {
+if ( defined( $ENV{"HTTP_AUTHUSER"} ) ) {
$run_user = $ENV{"HTTP_AUTHUSER"};
}
-if ( $cli_mode && ($run_user eq '') ) {
+if ( $cli_mode && ( $run_user eq '' ) ) {
$run_user = $ENV{"USERNAME"};
}
-if (defined($run_user)) {
+if ( defined( $run_user ) ) {
$run_user =~ s/uid=//;
$run_user =~ s/,.*$//g;
}
@@ -74,52 +74,64 @@ if (defined($run_user)) {
sub print_prompt ($$$$)
{
- my ($ldap_admin, $ldap_passwd, $username, $IM) = @_;
+ my ( $ldap_admin, $ldap_passwd, $username, $IM ) = @_;
- print start_form(-enctype=>&CGI::MULTIPART);
+ print start_form( -enctype => &CGI::MULTIPART );
print "<em>Administrator uid (or full dn): </em>";
- print textfield(-name=>'ldap_admin',
- -default=>($ldap_admin ?
- $ldap_admin :
- 'cn=administrator,ou=people,ou=management,dc=ec,dc=europa,dc=eu'),
- -size=>50,
- -maxlength=>80);
+ print textfield(
+ -name => 'ldap_admin',
+ -default => (
+ $ldap_admin
+ ? $ldap_admin
+ : 'cn=administrator,ou=people,ou=management,dc=ec,dc=europa,dc=eu'
+ ),
+ -size => 50,
+ -maxlength => 80
+ );
print nl();
print nl();
print "<em>Administrator password: </em>";
- print password_field(-name=>'ldap_passwd',
- -default=>($ldap_passwd?$ldap_passwd:''),
- -size=>50,
- -maxlength=>100);
+ print password_field(
+ -name => 'ldap_passwd',
+ -default => ( $ldap_passwd ? $ldap_passwd : '' ),
+ -size => 50,
+ -maxlength => 100
+ );
print nl();
print nl();
print "<em>Login name (same as net1): </em>";
- print textfield(-name=>'username',
- -default=>($username?$username:''),
- -size=>50,
- -maxlength=>80);
+ print textfield(
+ -name => 'username',
+ -default => ( $username ? $username : '' ),
+ -size => 50,
+ -maxlength => 80
+ );
print nl();
print nl();
print "<em>IM (Full SMT ticket number): </em>";
- print textfield(-name=>'IM',
- -default=>($IM?$IM:''),
- -override=>1,
- -size=>50,
- -maxlength=>100);
+ print textfield(
+ -name => 'IM',
+ -default => ( $IM ? $IM : '' ),
+ -override => 1,
+ -size => 50,
+ -maxlength => 100
+ );
print nl();
print nl();
- print "<em>Options: </em>".nl();
- print checkbox_group(-name=>'belongs',
- -values=>['administrator','iss3','network','security','migration','verbose','debug'],
- -linebreak=>'true');
+ print "<em>Options: </em>" . nl();
+ print checkbox_group(
+ -name => 'belongs',
+ -values => [ 'administrator', 'iss3', 'network', 'security', 'migration', 'verbose', 'debug' ],
+ -linebreak => 'true'
+ );
print nl();
- print "<p>",submit('action','Submit'),reset;
+ print "<p>", submit( 'action', 'Submit' ), reset;
print end_form();
}
@@ -134,50 +146,50 @@ sub print_prompt ($$$$)
sub do_work ()
{
- my(@values,$key);
+ my ( @values, $key );
- return if (!param);
+ return if ( !param );
print "<h2>Here are the current settings used for the $title processor</h2>";
- foreach $key (param) {
- next if ( $key =~/passw/i );
+ foreach $key ( param ) {
+ next if ( $key =~ /passw/i );
print "<strong>$key</strong> -> ";
- @values = param($key);
- print join(", ",@values).nl();
+ @values = param( $key );
+ print join( ", ", @values ) . nl();
}
- print nl().nl();
+ print nl() . nl();
}
$action = '';
-my $old_people_tree = "ou=People,dc=snmc,dc=cec,dc=eu,dc=int";
-my $new_people_tree = "ou=people,ou=SNet,ou=2,ou=C,o=DIGIT,dc=ec,dc=europa,dc=eu";
+my $old_people_tree = "ou=People,dc=snmc,dc=cec,dc=eu,dc=int";
+my $new_people_tree = "ou=people,ou=SNet,ou=2,ou=C,o=DIGIT,dc=ec,dc=europa,dc=eu";
my $new_dead_people_tree = "ou=expired,ou=SNet,ou=2,ou=C,o=DIGIT,dc=ec,dc=europa,dc=eu";
-$IM = param('IM') if (defined(param('IM')) && (param('IM') !~ /^$/) && (param('IM') =~ /^IM\d+$/) );
-$action = param('action') if (defined(param('action')) && (param('action') !~ /^$/) && (param('action') =~ /^\w+$/) );
-$username = param('username') if (defined(param('username')) && (param('username') !~ /^$/) && (param('username')=~ /^[\w-]+$/ ) );
-if (defined(param('ldap_admin')) && (param('ldap_admin') !~ /^$/) && (param('ldap_admin')=~ /^[\w=,-]+$/ ) ) {
- $ldap_admin = param('ldap_admin');
- if ($ldap_admin !~ /,/) {
- $ldap_admin='uid='.$ldap_admin.','.$new_people_tree;
+$IM = param( 'IM' ) if ( defined( param( 'IM' ) ) && ( param( 'IM' ) !~ /^$/ ) && ( param( 'IM' ) =~ /^IM\d+$/ ) );
+$action = param( 'action' ) if ( defined( param( 'action' ) ) && ( param( 'action' ) !~ /^$/ ) && ( param( 'action' ) =~ /^\w+$/ ) );
+$username = param( 'username' ) if ( defined( param( 'username' ) ) && ( param( 'username' ) !~ /^$/ ) && ( param( 'username' ) =~ /^[\w-]+$/ ) );
+if ( defined( param( 'ldap_admin' ) ) && ( param( 'ldap_admin' ) !~ /^$/ ) && ( param( 'ldap_admin' ) =~ /^[\w=,-]+$/ ) ) {
+ $ldap_admin = param( 'ldap_admin' );
+ if ( $ldap_admin !~ /,/ ) {
+ $ldap_admin = 'uid=' . $ldap_admin . ',' . $new_people_tree;
}
}
-$ldap_passwd = param('ldap_passwd') if (defined(param('ldap_passwd')) && (param('ldap_passwd') !~ /^$/) );
+$ldap_passwd = param( 'ldap_passwd' ) if ( defined( param( 'ldap_passwd' ) ) && ( param( 'ldap_passwd' ) !~ /^$/ ) );
-$belongs_admin = 0;
-$belongs_iss3 = 0;
-$belongs_network = 0;
+$belongs_admin = 0;
+$belongs_iss3 = 0;
+$belongs_network = 0;
$belongs_security = 0;
-$migration = 0;
+$migration = 0;
my $pcount = 0;
-if ( ( defined (param('belongs') ) && (param('belongs') !~ /^$/ ) ) ) {
- my @values = param('belongs');
- my $belongs = join(", ",@values);
- $belongs =~s/\n//;
- $belongs =~s/\r//;
- $belongs =~s/\s+//;
+if ( ( defined( param( 'belongs' ) ) && ( param( 'belongs' ) !~ /^$/ ) ) ) {
+ my @values = param( 'belongs' );
+ my $belongs = join( ", ", @values );
+ $belongs =~ s/\n//;
+ $belongs =~ s/\r//;
+ $belongs =~ s/\s+//;
if ( $belongs =~ /administrator/ ) {
$belongs_admin = 1;
}
@@ -194,14 +206,12 @@ if ( ( defined (param('belongs') ) && (param('belongs') !~ /^$/ ) ) ) {
$pcount++;
}
- $verbose = 1 if ( $belongs =~ /verbose/ );
- $debug = 1 if ( $belongs =~ /debug/ );
+ $verbose = 1 if ( $belongs =~ /verbose/ );
+ $debug = 1 if ( $belongs =~ /debug/ );
$migration = 1 if ( $belongs =~ /migration/ );
}
-print header(
- -charset => 'UTF-8',
- );
+print header( -charset => 'UTF-8', );
dg_header_html( $title, 1, 0, $href, $header );
print $html_msg . nl();
@@ -211,36 +221,43 @@ print $html_msg . nl();
#$belongs_network = 0;
#$belongs_security = 0;
-if ( defined($username) && ($username !~ /^$/) && ($username =~ /^[\w-]+$/ ) && defined($IM) && ($IM !~ /^$/) && ( $IM =~ /^IM\d{10}$/ ) && (defined($action)) && ($action eq "Submit") && ($pcount <= 1) ) {
+if ( defined( $username )
+ && ( $username !~ /^$/ )
+ && ( $username =~ /^[\w-]+$/ )
+ && defined( $IM )
+ && ( $IM !~ /^$/ )
+ && ( $IM =~ /^IM\d{10}$/ )
+ && ( defined( $action ) )
+ && ( $action eq "Submit" )
+ && ( $pcount <= 1 ) ) {
do_work();
my $AiniFile = new Config::IniFiles( -file => $global_iniFile->val( 'INI', 'AD' ) );
my $adserver = $AiniFile->val( 'AD_NET1', 'SERVER' );
- print "error value of adserver is undefined" if ( !defined($adserver) );
- my $aduser = $AiniFile->val( 'AD_NET1', 'USER' );
- print "error value of aduser is undefined" if ( !defined($aduser) );
- my $adpasswd = $AiniFile->val( 'AD_NET1', 'PASSWORD');
- print "error value of adpasswd is undefined" if ( !defined($adpasswd) );
-
+ print "error value of adserver is undefined" if ( !defined( $adserver ) );
+ my $aduser = $AiniFile->val( 'AD_NET1', 'USER' );
+ print "error value of aduser is undefined" if ( !defined( $aduser ) );
+ my $adpasswd = $AiniFile->val( 'AD_NET1', 'PASSWORD' );
+ print "error value of adpasswd is undefined" if ( !defined( $adpasswd ) );
my $attrs = [ 'displayName', 'mail' ];
my ( $mail, $name ) = ( '', '' );
- print "Searching Net1 for userlogin : '$username'".nl();
+ print "Searching Net1 for userlogin : '$username'" . nl();
my $ad = Net::LDAP->new( $adserver )
or die "Could not connect to AD: $adserver!";
- $ad->bind($aduser, password=>$adpasswd);
+ $ad->bind( $aduser, password => $adpasswd );
#my $searchbase = 'OU=Users_ITIC,OU=DIGIT,OU=DGs,DC=net1,DC=cec,DC=eu,DC=int';
my $searchbase = 'OU=DIGIT,OU=DGs,DC=net1,DC=cec,DC=eu,DC=int';
- my $filter = "sAMAccountName=$username";
+ my $filter = "sAMAccountName=$username";
- my $results = $ad->search(base=>$searchbase,filter=>$filter,attrs=>$attrs);
+ my $results = $ad->search( base => $searchbase, filter => $filter, attrs => $attrs );
if ( ( $results->code ) && ( $results->code != 32 ) ) {
- print "Code:" . $results->code . " '" . $results->error ."'" .nl();
+ print "Code:" . $results->code . " '" . $results->error . "'" . nl();
$ad->unbind;
exit 1;
}
@@ -251,67 +268,65 @@ if ( defined($username) && ($username !~ /^$/) && ($username =~ /^[\w-]+$/ ) &&
$ad->unbind;
exit;
} else {
- print "'$count' record fetched from Net1.".nl();
+ print "'$count' record fetched from Net1." . nl();
}
my $entry = $results->entry( 0 );
- $mail = $entry->get_value('mail');
- $name = $entry->get_value('displayName');
- $name =~s/\s\(.*$//;
+ $mail = $entry->get_value( 'mail' );
+ $name = $entry->get_value( 'displayName' );
+ $name =~ s/\s\(.*$//;
$mail = lc( $mail );
$ad->unbind;
undef $results;
- print "Pursuing the addition of user '$username' with parameters:".nl();
- print " - Realname: '$name'".nl();
- print " - Email: '$mail'".nl();
+ print "Pursuing the addition of user '$username' with parameters:" . nl();
+ print " - Realname: '$name'" . nl();
+ print " - Email: '$mail'" . nl();
print br;
-
# Check if username already exist
- my $ldap_server = 'ldap.snmc.cec.eu.int';
- my $homeserver = "home.snmc.cec.eu.int";
+ my $ldap_server = 'ldap.snmc.cec.eu.int';
+ my $homeserver = "home.snmc.cec.eu.int";
my $ldap_min_uid = 2000;
my $ldap_max_uid = 10000;
- print "Connecting to $ldap_server...".nl();
+ print "Connecting to $ldap_server..." . nl();
- my $ldap = Net::LDAP->new( $ldap_server,
- onerror => sub { print "oups! ".$_[0]->error().nl(); return undef; }, ) or die "$@";
+ my $ldap = Net::LDAP->new( $ldap_server, onerror => sub { print "oups! " . $_[0]->error() . nl(); return undef; }, ) or die "$@";
$ldap->start_tls( verify => 'require',
- cafile => '/usr/share/ca-certificates/cec.eu.int/cec.eu.int_CA.crt',
- );
- $ldap->bind ( $ldap_admin, password => $ldap_passwd );
-
- print "Searching directory for existing uid: $username".nl();
-
- $results = $ldap->search( base => $new_people_tree, filter => "(uid=$username)", attrs => ["cn", "uidNumber"]);
+ cafile => '/usr/share/ca-certificates/cec.eu.int/cec.eu.int_CA.crt', );
+ $ldap->bind( $ldap_admin, password => $ldap_passwd );
+
+ print "Searching directory for existing uid: $username" . nl();
+
+ $results = $ldap->search( base => $new_people_tree, filter => "(uid=$username)", attrs => [ "cn", "uidNumber" ] );
- if (defined($results)) {
+ if ( defined( $results ) ) {
$results->code && die $results->error;
$count = $results->count;
if ( $count != 0 ) {
print "Account already exist ('$count') in SNet LDAP. stopping process." . nl();
$entry = $results->entry( 0 );
- print "cn: " . $entry->get_value('cn') . " uid " . $entry->get_value('uidNumber') .nl();
+ print "cn: " . $entry->get_value( 'cn' ) . " uid " . $entry->get_value( 'uidNumber' ) . nl();
$ldap->unbind;
exit;
- }
+ }
undef $results;
} else {
- print "Did not found any existing entry in the LDAP SNet directory.".nl();
+ print "Did not found any existing entry in the LDAP SNet directory." . nl();
}
- $results = $ldap->search( base => $new_dead_people_tree, filter => "(uid=$username)", attrs => ["cn", "uidNumber"]);
+ $results = $ldap->search( base => $new_dead_people_tree, filter => "(uid=$username)", attrs => [ "cn", "uidNumber" ] );
+
+ if ( defined( $results ) ) {
- if (defined($results)) {
# TODO: branch does not yet exist...
if ( ( $results->code ) && ( $results->code != 32 ) ) {
- print "Code:" . $results->code . " '" . $results->error ."'" .nl();
+ print "Code:" . $results->code . " '" . $results->error . "'" . nl();
$ldap->unbind;
exit 1;
}
@@ -322,7 +337,7 @@ if ( defined($username) && ($username !~ /^$/) && ($username =~ /^[\w-]+$/ ) &&
$ldap->unbind;
exit;
} else {
- print "Did not found any existing entry in the LDAP SNet old members directory.".nl();
+ print "Did not found any existing entry in the LDAP SNet old members directory." . nl();
}
}
@@ -330,8 +345,8 @@ if ( defined($username) && ($username !~ /^$/) && ($username =~ /^[\w-]+$/ ) &&
my $old_ldap;
my $old_ldap_server = 'snmc-ldapns.snmc.cec.eu.int';
- my $old_admin = 'cn=Directory Manager';
- my $old_passwd = 'DirectoryM!';
+ my $old_admin = 'cn=Directory Manager';
+ my $old_passwd = 'DirectoryM!';
my $old_password;
my $old_uidnumber;
@@ -340,83 +355,78 @@ if ( defined($username) && ($username !~ /^$/) && ($username =~ /^[\w-]+$/ ) &&
my $next_free_uidnumber;
- if ($migration) {
+ if ( $migration ) {
- print "Checking if this is a migration from old directory...".nl();
+ print "Checking if this is a migration from old directory..." . nl();
eval {
- $old_ldap = Net::LDAP->new( $old_ldap_server,
- onerror => sub { print "oupsi! ".$_[0]->error().nl(); return undef; }, )
- or die "Could not connect to $old_ldap_server!";
- $old_ldap->bind($old_admin, password => $old_passwd);
+ $old_ldap = Net::LDAP->new( $old_ldap_server, onerror => sub { print "oupsi! " . $_[0]->error() . nl(); return undef; }, )
+ or die "Could not connect to $old_ldap_server!";
+ $old_ldap->bind( $old_admin, password => $old_passwd );
- $results = $old_ldap->search( base => $old_people_tree, filter => "(uid=$username)", attrs => ["userPassword", "uidNumber", "description"]);
- if (defined($results) && ($results->count == 1)) {
- $old_password = $results->entry->get_value( 'userPassword' );
- $old_uidnumber = $results->entry->get_value( 'uidNumber' );
+ $results = $old_ldap->search( base => $old_people_tree, filter => "(uid=$username)", attrs => [ "userPassword", "uidNumber", "description" ] );
+ if ( defined( $results ) && ( $results->count == 1 ) ) {
+ $old_password = $results->entry->get_value( 'userPassword' );
+ $old_uidnumber = $results->entry->get_value( 'uidNumber' );
@old_description = $results->entry->get_value( 'description' );
- print "Found an uid matching with uidnumber : $old_uidnumber".nl();
- if (defined($old_uidnumber)) {
+ print "Found an uid matching with uidnumber : $old_uidnumber" . nl();
+ if ( defined( $old_uidnumber ) ) {
undef $results;
- $results = $ldap->search( base => $new_people_tree, filter => "(uidNumber=$old_uidnumber)", attrs => ["cn"]);
- if ($results->count != 0) {
+ $results = $ldap->search( base => $new_people_tree, filter => "(uidNumber=$old_uidnumber)", attrs => ["cn"] );
+ if ( $results->count != 0 ) {
undef $old_uidnumber;
- }
- else {
+ } else {
$next_free_uidnumber = $old_uidnumber;
}
undef $results;
}
$old_result = 1;
- }
- else {
- print "seems to be a new user".nl();
+ } else {
+ print "seems to be a new user" . nl();
}
$old_ldap->unbind;
};
- if ($@) {
- print "oupsi! $@".nl();
+ if ( $@ ) {
+ print "oupsi! $@" . nl();
$old_ldap->unbind;
}
}
undef $results;
- if (!(defined($old_uidnumber))) {
+ if ( !( defined( $old_uidnumber ) ) ) {
- print "Allocating a new uidNumber...".nl();
+ print "Allocating a new uidNumber..." . nl();
# fetching all the uid, to find the next available uid
# first tree... the living one...
- $results = $ldap->search( base => $new_people_tree, filter => "(&(objectClass=posixAccount)(uid=*))", attrs => ["cn", "uidNumber"]);
+ $results = $ldap->search( base => $new_people_tree, filter => "(&(objectClass=posixAccount)(uid=*))", attrs => [ "cn", "uidNumber" ] );
- exit 1 unless defined($results);
+ exit 1 unless defined( $results );
if ( ( $results->code ) && ( $results->code != 32 ) ) {
- print "Code:" . $results->code . " '" . $results->error ."'" .nl();
+ print "Code:" . $results->code . " '" . $results->error . "'" . nl();
$ldap->unbind;
exit 1;
}
-
$count = $results->count;
- if ($count != 0) {
- print "found $count already used uid(s)".nl();
+ if ( $count != 0 ) {
+ print "found $count already used uid(s)" . nl();
}
my %blah;
- foreach my $entry ($results->entries) {
+ foreach my $entry ( $results->entries ) {
# $entry->dump;
- my $uid=$entry->get_value( 'cn' );
- my $uidnumber=$entry->get_value( 'uidNumber');
+ my $uid = $entry->get_value( 'cn' );
+ my $uidnumber = $entry->get_value( 'uidNumber' );
- if (defined($blah{$uidnumber})) {
- $blah{$uidnumber}=$blah{$uidnumber} + 1;
- }
- else {
- if (($uidnumber >= $ldap_min_uid) && ($uidnumber < 10000)) {
+ if ( defined( $blah{$uidnumber} ) ) {
+ $blah{$uidnumber} = $blah{$uidnumber} + 1;
+ } else {
+ if ( ( $uidnumber >= $ldap_min_uid ) && ( $uidnumber < 10000 ) ) {
$blah{$uidnumber} = 1;
}
}
@@ -425,25 +435,24 @@ if ( defined($username) && ($username !~ /^$/) && ($username =~ /^[\w-]+$/ ) &&
undef $results;
# searching the dead one...
- $results = $ldap->search( base => $new_dead_people_tree, filter => "(uid=*)", attrs => ["cn", "uidNumber"]);
- if (defined($results)) {
+ $results = $ldap->search( base => $new_dead_people_tree, filter => "(uid=*)", attrs => [ "cn", "uidNumber" ] );
+ if ( defined( $results ) ) {
if ( ( $results->code ) && ( $results->code != 32 ) ) {
- print "Code:" . $results->code . " '" . $results->error ."'" .nl();
+ print "Code:" . $results->code . " '" . $results->error . "'" . nl();
$ldap->unbind;
exit 1;
}
- foreach my $entry ($results->entries) {
+ foreach my $entry ( $results->entries ) {
# $entry->dump;
- my $uid=$entry->get_value( 'cn' );
- my $uidnumber=$entry->get_value( 'uidNumber');
+ my $uid = $entry->get_value( 'cn' );
+ my $uidnumber = $entry->get_value( 'uidNumber' );
- if (defined($blah{$uidnumber})) {
- $blah{$uidnumber}=$blah{$uidnumber} + 1;
- }
- else {
- if (($uidnumber >= $ldap_min_uid) && ($uidnumber < $ldap_max_uid)) {
+ if ( defined( $blah{$uidnumber} ) ) {
+ $blah{$uidnumber} = $blah{$uidnumber} + 1;
+ } else {
+ if ( ( $uidnumber >= $ldap_min_uid ) && ( $uidnumber < $ldap_max_uid ) ) {
$blah{$uidnumber} = 1;
}
}
@@ -452,90 +461,87 @@ if ( defined($username) && ($username !~ /^$/) && ($username =~ /^[\w-]+$/ ) &&
undef $results;
}
- foreach my $key (sort { $a <=> $b } (keys(%blah))) {
- if ($blah{$key} > 1) {
+ foreach my $key ( sort { $a <=> $b } ( keys( %blah ) ) ) {
+ if ( $blah{$key} > 1 ) {
print "WARNING : uid number $key is used several time!" . nl();
}
}
- for ($next_free_uidnumber = $ldap_min_uid; $next_free_uidnumber <= $ldap_max_uid; $next_free_uidnumber++) {
- if (!defined($blah{$next_free_uidnumber})) {
+ for ( $next_free_uidnumber = $ldap_min_uid ; $next_free_uidnumber <= $ldap_max_uid ; $next_free_uidnumber++ ) {
+ if ( !defined( $blah{$next_free_uidnumber} ) ) {
last;
}
}
}
- if ($next_free_uidnumber < $ldap_max_uid) {
+ if ( $next_free_uidnumber < $ldap_max_uid ) {
print "next free uid number : $next_free_uidnumber" . nl();
- }
- else {
+ } else {
print "No more uid number available!" . nl();
exit 1;
}
my $uidn = $next_free_uidnumber;
- my $gidn = 3500; # gid is snmc...
+ my $gidn = 3500; # gid is snmc...
my $description = ();
- my $folder = '';
+ my $folder = '';
if ( $belongs_admin ) {
$belongs_admin = 'cn=admin,ou=groups,ou=SNet,ou=2,ou=C,o=DIGIT,dc=ec,dc=europa,dc=eu';
}
if ( $belongs_network ) {
- if ($old_result) {
+ if ( $old_result ) {
push( @$description, @old_description );
- }
- else {
- push ( @$description, 'RPRO' );
- push ( @$description, 'PSRO' );
- push ( @$description, 'CWRW' );
+ } else {
+ push( @$description, 'RPRO' );
+ push( @$description, 'PSRO' );
+ push( @$description, 'CWRW' );
}
$folder = 'cn=network,ou=groups,ou=SNet,ou=2,ou=C,o=DIGIT,dc=ec,dc=europa,dc=eu';
} elsif ( $belongs_security ) {
- if ($old_result) {
+ if ( $old_result ) {
push( @$description, @old_description );
- }
- else {
- push ( @$description, 'RPRW' );
- push ( @$description, 'PSRW' );
- push ( @$description, 'CWRO' );
+ } else {
+ push( @$description, 'RPRW' );
+ push( @$description, 'PSRW' );
+ push( @$description, 'CWRO' );
}
$folder = 'cn=security,ou=groups,ou=SNet,ou=2,ou=C,o=DIGIT,dc=ec,dc=europa,dc=eu';
} elsif ( $belongs_iss3 ) {
- if ($old_result) {
+ if ( $old_result ) {
push( @$description, @old_description );
- }
- else {
- push ( @$description, 'RPRW' );
- push ( @$description, 'PSRW' );
- push ( @$description, 'CWRA' );
+ } else {
+ push( @$description, 'RPRW' );
+ push( @$description, 'PSRW' );
+ push( @$description, 'CWRA' );
}
$folder = 'cn=iss3,ou=groups,ou=SNet,ou=2,ou=C,o=DIGIT,dc=ec,dc=europa,dc=eu';
- }
- else {
- print "ignoring old attributes as no group membership was specified".nl();
+ } else {
+ print "ignoring old attributes as no group membership was specified" . nl();
+
#if ($old_result) {
# push( @$description, @old_description );
#}
#else {
- push ( @$description, 'RPRO' );
- push ( @$description, 'PSRO' );
- push ( @$description, 'CWRO' );
+ push( @$description, 'RPRO' );
+ push( @$description, 'PSRO' );
+ push( @$description, 'CWRO' );
+
#}
}
#my $uid_dn = "uid=${username},ou=${folder},".$new_people_tree;
- my $uid_dn = "uid=${username},".$new_people_tree;
-
- print "Creating user '$username' using the following parameters:".nl();
- print " - Realname: '$name'".nl();
- print " - Email: '$mail'".nl();
- print " - UID number: '$uidn'" .nl();
- print " - GID number: '$gidn'" .nl();
- print " - description: " . Dumper ( $description ) . nl();
- print " - uid_dn: '$uid_dn'".nl();
- print " - AUDIT: '$IM;$run_user;A;".time."'".nl();
+ my $uid_dn = "uid=${username}," . $new_people_tree;
+
+ print "Creating user '$username' using the following parameters:" . nl();
+ print " - Realname: '$name'" . nl();
+ print " - Email: '$mail'" . nl();
+ print " - UID number: '$uidn'" . nl();
+ print " - GID number: '$gidn'" . nl();
+ print " - description: " . Dumper( $description ) . nl();
+ print " - uid_dn: '$uid_dn'" . nl();
+ print " - AUDIT: '$IM;$run_user;A;" . time . "'" . nl();
print br;
# Need to SSH to home.snmc.cec.eu.int
@@ -546,99 +552,93 @@ if ( defined($username) && ($username !~ /^$/) && ($username =~ /^[\w-]+$/ ) &&
# }
my $attr = [
- 'cn' => $username,
- 'sn' => $username,
- 'uid' => $username,
- 'uidNumber' => $uidn,
- 'gidNumber' => $gidn,
- 'description' => $description,
- 'mail' => $mail,
- 'gecos' => $name,
- 'homeDirectory' => "/home/$username",
- 'loginShell' => '/bin/ksh',
- 'shadowLastChange' => '11640',
- 'shadowFlag' => '0',
- 'auditInformation' => "$IM;$run_user;A;".time,
- 'objectClass' => ['inetOrgPerson', 'organizationalPerson', 'person', 'posixAccount', 'shadowAccount', 'simpleSecurityObject', 'Audit', 'top' ],
- ];
+ 'cn' => $username,
+ 'sn' => $username,
+ 'uid' => $username,
+ 'uidNumber' => $uidn,
+ 'gidNumber' => $gidn,
+ 'description' => $description,
+ 'mail' => $mail,
+ 'gecos' => $name,
+ 'homeDirectory' => "/home/$username",
+ 'loginShell' => '/bin/ksh',
+ 'shadowLastChange' => '11640',
+ 'shadowFlag' => '0',
+ 'auditInformation' => "$IM;$run_user;A;" . time,
+ 'objectClass' => [ 'inetOrgPerson', 'organizationalPerson', 'person', 'posixAccount', 'shadowAccount', 'simpleSecurityObject', 'Audit', 'top' ],
+ ];
my $pass;
- if ($old_result && defined($old_password)) {
+ if ( $old_result && defined( $old_password ) ) {
$pass = $old_password;
my $ppolicy = "cn=migration,ou=policies,ou=SNet,ou=2,ou=C,o=DIGIT,dc=ec,dc=europa,dc=eu";
- unshift(@{$attr}, 'pwdConstraintSubentry' => $ppolicy, 'pwdPolicySubentry' => $ppolicy);
- }
- else {
- $pass = '{CLEARTEXT}P@ssword01'
+ unshift( @{$attr}, 'pwdConstraintSubentry' => $ppolicy, 'pwdPolicySubentry' => $ppolicy );
+ } else {
+ $pass = '{CLEARTEXT}P@ssword01';
}
- unshift(@{$attr}, 'userPassword' => $pass);
+ unshift( @{$attr}, 'userPassword' => $pass );
- print "adding to the SNet LDAP server '$ldap_server'".nl();
+ print "adding to the SNet LDAP server '$ldap_server'" . nl();
- $results = $ldap->add ( $uid_dn,
- attr => $attr,
- );
+ $results = $ldap->add( $uid_dn, attr => $attr, );
if ( ( $results->code ) && ( $results->code != 32 ) ) {
- print "Code:" . $results->code . " '" . $results->error ."'" .nl();
+ print "Code:" . $results->code . " '" . $results->error . "'" . nl();
$ldap->unbind;
exit 1;
}
- $results->code && warn "failed to add entry: ", $results->error ;
+ $results->code && warn "failed to add entry: ", $results->error;
undef $results;
-# $result = $ldap->modify( "cn=snmc,ou=group,dc=snmc,dc=cec,dc=eu,dc=int", add => { memberUid => $username } );
-# $result->code && warn "failed to modify group snmc: ", $result->error ;
-# $result = $ldap->modify( "cn=NS,ou=group,dc=snmc,dc=cec,dc=eu,dc=int", add => { memberUid => $username } );
-# $result->code && warn "failed to modify group: ", $result->error ;
+ # $result = $ldap->modify( "cn=snmc,ou=group,dc=snmc,dc=cec,dc=eu,dc=int", add => { memberUid => $username } );
+ # $result->code && warn "failed to modify group snmc: ", $result->error ;
+ # $result = $ldap->modify( "cn=NS,ou=group,dc=snmc,dc=cec,dc=eu,dc=int", add => { memberUid => $username } );
+ # $result->code && warn "failed to modify group: ", $result->error ;
- print "User '$username' created.".nl();
+ print "User '$username' created." . nl();
if ( $belongs_admin ) {
- $results = $ldap->modify( $belongs_admin, add => { member => [ $uid_dn ] } );
- if (defined($results)) {
- print "user added to admin group".nl();
+ $results = $ldap->modify( $belongs_admin, add => { member => [$uid_dn] } );
+ if ( defined( $results ) ) {
+ print "user added to admin group" . nl();
undef $results;
- }
- else {
- print "fail to add user to admin group".nl();
+ } else {
+ print "fail to add user to admin group" . nl();
}
}
- if ( $belongs_network || $belongs_security || $belongs_iss3 ) {
- $results = $ldap->modify( $folder, add => { memberUid => [ $username ] } );
+ if ( $belongs_network || $belongs_security || $belongs_iss3 ) {
+ $results = $ldap->modify( $folder, add => { memberUid => [$username] } );
$folder =~ s/^cn=//;
$folder =~ s/,.*//;
- if (defined($results)) {
- print "user added to $folder group".nl();
+ if ( defined( $results ) ) {
+ print "user added to $folder group" . nl();
undef $results;
+ } else {
+ print "fail to add user to $folder group" . nl();
}
- else {
- print "fail to add user to $folder group".nl();
- }
- }
- else {
- print "user was added without group membership".nl();
+ } else {
+ print "user was added without group membership" . nl();
}
} else {
- if ( (defined($action)) && ($action eq "Submit") ) {
+ if ( ( defined( $action ) ) && ( $action eq "Submit" ) ) {
- if ($pcount > 1) {
- print "ERROR: only 1 base group is valid".nl();
+ if ( $pcount > 1 ) {
+ print "ERROR: only 1 base group is valid" . nl();
}
- if ( defined($username) && ($username !~ /^$/) && ($username !~ /^[\w-]+$/ ) ) {
- print "ERROR: username contains some unsupported characters.".nl();
+ if ( defined( $username ) && ( $username !~ /^$/ ) && ( $username !~ /^[\w-]+$/ ) ) {
+ print "ERROR: username contains some unsupported characters." . nl();
}
- if ( defined($IM) && ($IM !~ /^$/) && ( $IM !~ /^IM\d{10}$/ ) ) {
- print "ERROR: IM is not a valid IM number.".nl();
+ if ( defined( $IM ) && ( $IM !~ /^$/ ) && ( $IM !~ /^IM\d{10}$/ ) ) {
+ print "ERROR: IM is not a valid IM number." . nl();
}
- if (defined($ldap_admin) && ($ldap_admin !~ /^$/) && ($ldap_admin !~ /^[\w=,-]+$/)) {
- print "ERROR: admin dn contains some unsupported characters.".nl();
+ if ( defined( $ldap_admin ) && ( $ldap_admin !~ /^$/ ) && ( $ldap_admin !~ /^[\w=,-]+$/ ) ) {
+ print "ERROR: admin dn contains some unsupported characters." . nl();
}
}
- print_prompt($ldap_admin, $ldap_passwd, $username, $IM);
+ print_prompt( $ldap_admin, $ldap_passwd, $username, $IM );
}
print '</div>';
print "<hr> <address>Snet NS Team</address><br> <a href=\"\">Home Page</a>";