diff --git a/synchronize_users.pl b/synchronize_users.pl
index 76ef481ee36cc20357e388303cdeed61e914e553..4685de82a24601711e2f766fb0ae013d2f266652 100755
--- a/synchronize_users.pl
+++ b/synchronize_users.pl
@@ -12,9 +12,9 @@ use File::Basename;
use Net::LDAP;
use lib (
- new Config::IniFiles(
- -file => "/opt/etc/ini/global.ini"
- )->val( 'APPLICATION', 'LIBRARY' )
+ new Config::IniFiles(
+ -file => "/opt/etc/ini/global.ini"
+ )->val( 'APPLICATION', 'LIBRARY' )
);
use SNET::LdapNS qw(:all);
@@ -23,138 +23,110 @@ my $global_iniFile = new Config::IniFiles( -file => "/opt/etc/ini/global.ini" );
my $ldap_iniFile = new Config::IniFiles( -file => $global_iniFile->val( 'INI', 'LDAP' ) );
my $ldap_server = {
- 'uri' => $ldap_iniFile->val( 'LDAP_SNET', 'SERVER' ),
- 'base' => $ldap_iniFile->val( 'LDAP_SNET', 'BASE' ),
- 'user' => $ldap_iniFile->val( 'LDAP_CREDENTIALS', 'USER' ),
- 'password' => $ldap_iniFile->val( 'LDAP_CREDENTIALS', 'PASSWORD' ),
+ 'uri' => $ldap_iniFile->val( 'LDAP_SNET', 'SERVER' ),
+ 'base' => $ldap_iniFile->val( 'LDAP_SNET', 'BASE' ),
+ 'user' => $ldap_iniFile->val( 'LDAP_CREDENTIALS', 'USER' ),
+ 'password' => $ldap_iniFile->val( 'LDAP_CREDENTIALS', 'PASSWORD' ),
};
my $ldap_server_ng = {
- 'uri' => $ldap_iniFile->val( 'LDAP_NG', 'SERVER' ),
- 'base' => $ldap_iniFile->val( 'LDAP_NG', 'BASE' ),
- 'user' => $ldap_iniFile->val( 'LDAP_NG_CREDENTIALS', 'USER' ),
- 'password' => $ldap_iniFile->val( 'LDAP_NG_CREDENTIALS', 'PASSWORD' ),
+ 'uri' => $ldap_iniFile->val( 'LDAP_NG', 'SERVER' ),
+ 'base' => $ldap_iniFile->val( 'LDAP_NG', 'BASE' ),
+ 'user' => $ldap_iniFile->val( 'LDAP_NG_CREDENTIALS', 'USER' ),
+ 'password' => $ldap_iniFile->val( 'LDAP_NG_CREDENTIALS', 'PASSWORD' ),
};
-sub synchronize($$) {
+sub synchronize($$)
+{
- my ($cfrom, $cto) = @_;
+ my ( $cfrom, $cto ) = @_;
- die 'missing parameters' unless (
- (defined($cfrom) && defined($cto))
- &&
- (ref($cfrom) eq 'HASH')
- &&
- (ref($cto) eq 'HASH')
- );
+ die 'missing parameters' unless ( ( defined( $cfrom ) && defined( $cto ) )
+ && ( ref( $cfrom ) eq 'HASH' )
+ && ( ref( $cto ) eq 'HASH' ) );
- my $from = $cfrom->{'userInfos'};
- my $to = $cto->{'userInfos'};
+ my $from = $cfrom->{'userInfos'};
+ my $to = $cto->{'userInfos'};
- die 'missing userInfos' unless (
- defined($from)
- &&
- defined($to)
- );
+ die 'missing userInfos' unless ( defined( $from )
+ && defined( $to ) );
+ while ( my ( $k, $v ) = each %{$from} ) {
- while (my ($k, $v) = each %{$from}) {
+ my $uid = $cfrom->{'connection'}->clean_dn( $k );
+ my $dn = 'uid=' . $uid . ',ou=People,' . $cto->{'base'};
- my $uid = $cfrom->{'connection'}->clean_dn($k);
- my $dn = 'uid='.$uid.',ou=People,'.$cto->{'base'};
+ if ( !defined( $to->{$dn} ) ) {
+ print STDERR "$0: [warning] user `$dn' not found\n";
+ next;
+ }
- if (!defined($to->{$dn})) {
- print STDERR "$0: [warning] user `$dn' not found\n";
- next;
- }
+ my $entry = Net::LDAP::Entry->new( $dn );
+ $entry->changetype( 'modify' );
+ my $changes = 0;
- my $entry = Net::LDAP::Entry->new($dn);
- $entry->changetype('modify');
- my $changes = 0;
+ foreach my $attr ( 'userpassword', 'uidnumber' ) {
- foreach my $attr ('userpassword', 'uidnumber') {
+ next unless ( defined( $v->{$attr} )
+ && defined( $to->{$dn}->{$attr} ) );
- next unless (
- defined($v->{$attr})
- &&
- defined($to->{$dn}->{$attr})
- );
-
- my $from_attr = ${$v->{$attr}}[0];
- my $to_attr = ${$to->{$dn}->{$attr}}[0];
+ my $from_attr = ${ $v->{$attr} }[0];
+ my $to_attr = ${ $to->{$dn}->{$attr} }[0];
- if ($from_attr ne $to_attr) {
- $changes++;
- $entry->replace($attr => $from_attr);
- }
+ if ( $from_attr ne $to_attr ) {
+ $changes++;
+ $entry->replace( $attr => $from_attr );
+ }
- }
+ }
- if ($changes > 0) {
- my $result = $entry->update($cto->{'connection'}->{'connection'});
- if ($result->is_error()) {
- print STDERR "$0: [error] unable to synchronize $uid:".(
- defined($result->error_desc) ? $result->error_desc : $result->error()
- )."\n";
- }
- else {
- print STDERR "$0: [success] $uid synchronized\n";
- }
- }
+ if ( $changes > 0 ) {
+ my $result = $entry->update( $cto->{'connection'}->{'connection'} );
+ if ( $result->is_error() ) {
+ print STDERR "$0: [error] unable to synchronize $uid:" . ( defined( $result->error_desc ) ? $result->error_desc : $result->error() ) . "\n";
+ } else {
+ print STDERR "$0: [success] $uid synchronized\n";
+ }
+ }
- }
+ }
}
-
eval {
- foreach my $server ($ldap_server, $ldap_server_ng) {
- my $uri = $server->{'uri'};
- die "invalid uri `$uri'" unless ($uri =~ m/^(?:ldap:\/\/)?([^:]+)(?::389)?$/i);
- $server->{'server'} = $1;
- }
-
- SNET::LdapNS::ldapns_add_dn_exception($ldap_server->{'user'});
- SNET::LdapNS::ldapns_bind(
- $ldap_server->{'server'},
- $ldap_server->{'user'},
- $ldap_server->{'password'},
- $ldap_server->{'uri'},
- 'LDAPISS',
- 0, 0, 0
- );
- $ldap_server->{'connection'} = SNET::LdapNS::get_connection($ldap_server->{'uri'});
- $ldap_server->{'userInfos'} = $ldap_server->{'connection'}->search(
- base => 'ou=People,'.$ldap_server->{'base'},
- scope => 'sub',
- filter => '(objectClass=posixAccount)',
- attrs => ['uid', 'uidNumber', 'userPassword' ]
- );
- SNET::LdapNS::ldapns_del_dn_exception($ldap_server->{'user'});
-
- SNET::LdapNS::ldapns_bind(
- $ldap_server_ng->{'server'},
- $ldap_server_ng->{'user'},
- $ldap_server_ng->{'password'},
- $ldap_server_ng->{'uri'},
- 'LDAPISS',
- 1, 0, 0
- );
- $ldap_server_ng->{'connection'} = SNET::LdapNS::get_connection($ldap_server_ng->{'uri'});
- $ldap_server_ng->{'userInfos'} = $ldap_server_ng->{'connection'}->search(
- base => 'ou=People,'.$ldap_server_ng->{'base'},
- scope => 'sub',
- filter => '(objectClass=posixAccount)',
- attrs => ['uid', 'uidNumber', 'userPassword' ]
- );
-
- synchronize($ldap_server, $ldap_server_ng);
+ foreach my $server ( $ldap_server, $ldap_server_ng ) {
+ my $uri = $server->{'uri'};
+ die "invalid uri `$uri'" unless ( $uri =~ m/^(?:ldap:\/\/)?([^:]+)(?::389)?$/i );
+ $server->{'server'} = $1;
+ }
+
+ SNET::LdapNS::ldapns_add_dn_exception( $ldap_server->{'user'} );
+ SNET::LdapNS::ldapns_bind( $ldap_server->{'server'}, $ldap_server->{'user'}, $ldap_server->{'password'}, $ldap_server->{'uri'}, 'LDAPISS', 0, 0, 0 );
+ $ldap_server->{'connection'} = SNET::LdapNS::get_connection( $ldap_server->{'uri'} );
+ $ldap_server->{'userInfos'} = $ldap_server->{'connection'}->search(
+ base => 'ou=People,' . $ldap_server->{'base'},
+ scope => 'sub',
+ filter => '(objectClass=posixAccount)',
+ attrs => [ 'uid', 'uidNumber', 'userPassword' ]
+ );
+ SNET::LdapNS::ldapns_del_dn_exception( $ldap_server->{'user'} );
+
+ SNET::LdapNS::ldapns_bind( $ldap_server_ng->{'server'}, $ldap_server_ng->{'user'}, $ldap_server_ng->{'password'}, $ldap_server_ng->{'uri'}, 'LDAPISS', 1, 0, 0 );
+ $ldap_server_ng->{'connection'} = SNET::LdapNS::get_connection( $ldap_server_ng->{'uri'} );
+ $ldap_server_ng->{'userInfos'} = $ldap_server_ng->{'connection'}->search(
+ base => 'ou=People,' . $ldap_server_ng->{'base'},
+ scope => 'sub',
+ filter => '(objectClass=posixAccount)',
+ attrs => [ 'uid', 'uidNumber', 'userPassword' ]
+ );
+
+ synchronize( $ldap_server, $ldap_server_ng );
};
-if ($@) {
- print STDERR $@;
- exit 1;
+if ( $@ ) {
+ print STDERR $@;
+ exit 1;
}
exit 0;