Last active
December 10, 2015 20:48
-
-
Save bufke/4490120 to your computer and use it in GitHub Desktop.
For migrating zentyal 2.2 to 3.0 user ldap attributues
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import base64 | |
| import binascii | |
| import subprocess | |
| import sys | |
| # Set these please! | |
| sam_file = "/var/lib/samba/private/sam.ldb.d/DC\=ZENTYAL\,DC\=EXAMPLE\,DC\=ORG.ldb" | |
| user_dn = "ou=Users,dc=zentyal,dc=example,dc=org" | |
| samba_dn = 'CN=Users,DC=zentyal,DC=example,DC=org' | |
| base_dn = "dc=zentyal,dc=example,dc=org" | |
| zentyal3_ldap_password = "" | |
| ldap_hashes = open( "hashes.txt", "r") | |
| # Also uncomment what the script should actually run at the bottom! | |
| # First get users in a reasonable format | |
| # Account for the order of the ldif being random | |
| result = [] | |
| uid = uidNumber = gidNumber = sambaSID = userPassword = sambaNTPassword = None | |
| for line in ldap_hashes: | |
| if line: | |
| if line[0] == "#": | |
| if uid and uidNumber and sambaSID and userPassword and sambaNTPassword and gidNumber: | |
| result += [[uid.strip('\n'),uidNumber.strip('\n'),sambaSID.strip('\n'),userPassword.strip().strip('\n'),sambaNTPassword.strip('\n'),gidNumber.strip('\n')]] | |
| else: | |
| print "error at %s" % uid | |
| uid = uidNumber = sambaSID = userPassword = sambaNTPassword = None | |
| elif line[0:4] == "uid:": | |
| uid = line[5:] | |
| elif line[0:10] == "uidNumber:": | |
| uidNumber = line[11:] | |
| elif line[0:9] == "sambaSID:": | |
| sambaSID = line[10:] | |
| elif line[0:13] == "userPassword:": | |
| userPassword = line[14:] | |
| elif line[0:13] == "sambaNTPasswo": | |
| sambaNTPassword = line[17:] | |
| elif line[0:10] == "gidNumber:": | |
| gidNumber = line[11:] | |
| if uid and uidNumber and sambaSID and userPassword and sambaNTPassword: | |
| result += [[uid.strip('\n'),uidNumber.strip('\n'),sambaSID.strip('\n'),userPassword.strip().strip('\n'),sambaNTPassword.strip('\n'),gidNumber.strip('\n')]] | |
| users = result[1:] # Skip first one | |
| def set_user_hashes(user_dn,uid,uidNumber,sambaSID,userPassword,sambaNTPassword,gidNumber): | |
| try: | |
| b64_hash = base64.b64encode(binascii.a2b_hex(sambaNTPassword)) | |
| decoded_userPassword = base64.b64decode(userPassword) | |
| cmd_unicodePwd = """ldbmodify -H %s --controls=local_oid:1.3.6.1.4.1.7165.4.3.12:0 <<EOF | |
| dn: CN=%s,%s | |
| changetype: modify | |
| replace: unicodePwd | |
| unicodePwd:: %s | |
| EOF""" % (sam_file, uid, samba_dn, b64_hash) | |
| cmd_userPassword = """ldapmodify -D 'cn=zentyal,%s' -w '%s' -p 390 -h localhost <<EOF | |
| dn: %s | |
| changetype: modify | |
| replace: userPassword | |
| userPassword: %s | |
| EOF""" % (base_dn, zentyal3_ldap_password, user_dn, decoded_userPassword) | |
| cmd_samba_uidNumber = """ldapmodify -D 'cn=zentyal,%s' -w '%s' -p 390 -h localhost <<EOF | |
| dn: %s | |
| changetype: modify | |
| replace: uidNumber | |
| uidNumber: %s | |
| EOF""" % (base_dn, zentyal3_ldap_password, user_dn, uidNumber) | |
| cmd_uidNumber = """ldapmodify -D 'cn=zentyal,%s' -w '%s' -p 390 -h localhost <<EOF | |
| dn: %s | |
| changetype: modify | |
| replace: uidNumber | |
| uidNumber: %s | |
| EOF""" % (base_dn, zentyal3_ldap_password, user_dn, uidNumber) | |
| cmd_sambaSID = """ldapmodify -D 'cn=zentyal,%s' -w '%s' -p 390 -h localhost <<EOF | |
| dn: %s | |
| changetype: modify | |
| replace: sambaSID | |
| sambaSID: %s | |
| EOF""" % (base_dn, zentyal3_ldap_password, user_dn, sambaSID) | |
| cmd_gidNumber = """ldapmodify -D 'cn=zentyal,%s' -w '%s' -p 390 -h localhost <<EOF | |
| dn: %s | |
| changetype: modify | |
| replace: gidNumber | |
| gidNumber: %s | |
| EOF""" % (base_dn, zentyal3_ldap_password, user_dn, gidNumber) | |
| #print cmd_unicodePwd | |
| #print cmd_samba_uidNumber | |
| #print cmd_userPassword | |
| #print cmd_uidNumber | |
| #print cmd_sambaSID | |
| #print cmd_gidNumber | |
| #subprocess.call(cmd_unicodePwd, shell=True) | |
| #subprocess.call(cmd_samba_uidNumber, shell=True) | |
| #subprocess.call(cmd_userPassword, shell=True) | |
| #subprocess.call(cmd_uidNumber, shell=True) | |
| #subprocess.call(cmd_sambaSID, shell=True) | |
| #subprocess.call(cmd_gidNumber, shell=True) | |
| except: | |
| print "!!!! UNKNOWN ERROR ON %s !!!!" % user_dn | |
| print "%s %s %s %s %s" % (user_dn,uidNumber,sambaSID,userPassword,sambaNTPassword) | |
| print sys.exc_info()[0] | |
| print sys.exc_info()[1] | |
| print "-----------------------------" | |
| for user in users: | |
| user_user_dn = "uid=%s,%s" % (user[0], user_dn) | |
| set_user_hashes(user_user_dn, user[0], user[1], user[2], user[3], user[4], user[5]) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment