[Summary view] [Print] [Text view]

   1  #!/usr/bin/perl
   2  
   3  # Version du 16/09/06
   4  #   - Recherche des comptes présents dans ou=People et membre d'aucun groupe.
   5  #   - déplacement vers ou=Trash
   6  
   7  use Se;
   8  use Crypt::SmbHash;
   9  
  10  # Connexion LDAP
  11  # ==============
  12  $lcs_ldap = Net::LDAP->new("$slapdIp");
  13  $lcs_ldap->bind(
  14          dn       => $adminDn,
  15          password => $adminPw,
  16          version  => '3'
  17             );
  18  
  19  # Création de la poubelle le cas échéant
  20  # ======================================
  21  $trashOuName = 'Trash';
  22  $trashRdn    = "ou=$trashOuName";
  23  $trashDn     = "$trashRdn,$baseDn";
  24  $trashSearch = $lcs_ldap->search(base     => "$baseDn",
  25                   scope    => 'one',
  26                   filter   => "$trashRdn");
  27  warn $trashSearch->error if $trashSearch->code;
  28  unless (($trashSearch->entries)[0]) {
  29    # Création
  30    # --------
  31    @trashAttributes = ( 'objectClass', 'organizationalUnit',
  32                 'ou',          "$trashOuName" );
  33    $creationTrash = $lcs_ldap->add( "$trashDn",
  34                     attrs => \@trashAttributes );
  35    warn $creationTrash->error if $creationTrash->code;
  36  }
  37  
  38  # Recherche des utilisateurs concernés et Action
  39  # ==============================================
  40  #
  41  # Recherche de tous les utilisateurs
  42  # ----------------------------------
  43  $peoples = $lcs_ldap->search(base     => "$peopleDn",
  44                   scope    => 'one',
  45                   filter   => 'uid=*');
  46  foreach $people ($peoples->entries) {
  47    $dn  = $people->dn;
  48    $uid = $people->get_value('uid');
  49    next if ($uid eq 'admin' or $uid eq 'webmaster.etab' or $uid eq 'wetab' or $uid eq 'etabw' or $uid eq 'ldapadm');
  50    # Vérification de l'appartenance à des groupes
  51    # --------------------------------------------
  52    $memberOfAGroupOfNames = $lcs_ldap->search(base     => "$groupsDn",
  53                           scope    => 'one',
  54                           filter   => "member=$dn");
  55    warn $memberOfAGroupOfNames->error if $memberOfAGroupOfNames->code;
  56    next if ($memberOfAGroupOfNames->entries)[0];
  57    $memberOfAPosixGroup   = $lcs_ldap->search(base     => "$groupsDn",
  58                           scope    => 'one',
  59                           filter   => "(&(!(cn=overfill))(memberUid=$uid))");
  60    warn $memberOfAPosixGroup->error if $memberOfAPosixGroup->code;
  61    next if ($memberOfAPosixGroup->entries)[0];
  62    # Désactivation du compte SAMBA et déplacement le cas échéant
  63    # -----------------------------------------------------------
  64    $sambaDesactiv = $lcs_ldap->modify(
  65      $dn,
  66      replace => {
  67        sambaacctFlags => '[UD         ]',
  68  
  69      }
  70    );
  71    warn $sambaDesactiv->error if $sambaDesactiv->code;
  72    $trashSearch = $lcs_ldap->search(base     => "$trashDn",
  73                     scope    => 'one',
  74                     filter   => "uid=$uid");
  75    if (($trashSearch->entries)[0]) {
  76      $emptyTrash = $lcs_ldap->delete(($trashSearch->entries)[0]);
  77      warn $emptyTrash->error if $emptyTrash->code;
  78    }
  79    $move2trash = $lcs_ldap->moddn( $dn,
  80                    newrdn      => "uid=$uid",
  81                    newsuperior => "$trashDn");
  82    warn $move2trash->error if $move2trash->code;
  83  }
  84  
  85  $lcs_ldap->unbind();
  86  
  87  sub emptyTrash {
  88    # Vidage de la poubelle
  89    # ---------------------
  90    $trashSearch = $lcs_ldap->search(base     => "$trashDn",
  91                     scope    => 'one',
  92                     filter   => "uid=*");
  93    foreach $entry ($trashSearch->entries) {
  94      $emptyTrash = $lcs_ldap->delete($entry);
  95      warn $emptyTrash->error if $emptyTrash->code;
  96    }
  97  }