2025-02-25 17:57:42 +03:00 · 2009-06-19 13:57:13 +10:00 · 2009-06-19 13:57:13 +10:00 · e5a15e6589
commit e5a15e6589
parent 19723ed0fc
1 changed files with 119 additions and 0 deletions
--- a/examples/scripts/idmap/idmap_nis.sh
+++ b/examples/scripts/idmap/idmap_nis.sh
@ -0,0 +1,119 @@
+#!/bin/bash
+# idmap script to map SIDs to UIDs/GIDs using NIS
+# tridge@samba.org June 2009
+
+DOMAIN=$(ypdomainname)
+
+(
+    date
+    echo $*
+) >> /var/log/samba/idmap.log
+
+cmd=$1
+shift
+
+PATH=/usr/bin:bin:$PATH
+
+shopt -s nocasematch || {
+    echo "shell option nocasematch not supported"
+    exit 1
+}
+
+# map from a domain and name to a uid/gid
+map_name() {
+    domain="$1"
+    name="$2"
+    ntype="$3"
+    case $ntype in
+	1)
+	    rtype="UID"
+	    map="passwd"
+	    ;;
+	2)
+	    rtype="GID"
+	    map="group"
+	    ;;
+	*)
+	    echo "ERR: bad name type $ntype"
+	    exit 1
+	    ;;
+    esac
+    id=$(ypmatch "$name" "$map".byname 2>/dev/null | cut -d: -f3)
+    [ -z "$id" ] && {
+	echo "ERR: bad match for $name in map $map"
+	exit 1
+    }
+    echo "$rtype":"$id"
+}
+
+# map from a unix id to a name
+map_id() {
+    ntype="$1"
+    id="$2"
+    case $ntype in
+	UID)
+	    map="passwd.byuid"
+	    ;;
+	GID)
+	    map="group.bygid"
+	    ;;
+	*)
+	    echo "ERR: bad name type $ntype"
+	    exit 1
+	    ;;
+    esac
+    name="$(ypmatch "$id" "$map" 2>/dev/null | cut -d: -f1)"
+    [ -z "$name" ] && {
+	echo "ERR: bad match for $name in map $map"
+	exit 1
+    }
+    echo "$name"
+}
+
+
+case $cmd in
+    SIDTOID)
+	sid=$1
+	rid=`echo $sid | cut -d- -f8`
+	[ -z "$rid" ] && {
+	    echo "ERR: bad rid in SID $sid"
+	    exit 1
+	}
+	
+	unset _NO_WINBINDD
+	# oh, this is ugly. Shell is just not meant for parsing text
+	fullname=`wbinfo -s $sid 2> /dev/null`
+	domain=`echo $fullname | cut -d'\' -f1`
+	[[ "$domain" = $DOMAIN ]] || {
+	    echo "ERR: bad domain $domain"
+	    exit 1
+	}
+	name=`echo $fullname | cut -d'\' -f2`
+	nwords=`echo $name | wc -w`
+	ntype=`echo $name | cut -d' ' -f$nwords`
+	nminusone=`expr $nwords - 1`
+	name=`echo $name | cut -d' ' -f-$nminusone`
+	[ -z "$name" ] && {
+	    echo "ERR: bad name $fullname for SID $sid"
+	    exit 1
+	}
+	map_name "$domain" "$name" "$ntype"
+	;;
+    IDTOSID)
+	ntype=$1
+	id=$2
+	name="$(map_id "$ntype" "$id")"
+	sid="$(wbinfo -n "$name" 2>/dev/null | cut -d' ' -f1)"
+	[ -z "$sid" ] && {
+	    echo "ERR: name $name not found in ADS"
+	    exit 1
+	}
+	echo "SID:$sid"
+	;;
+    *)
+	echo "ERR: Unknown command $cmd"
+	exit 1;
+	;;
+esac
+
+exit 0