a pastebin project

Paste Description for addusers.pl

This script was written to add users in a batch to an Open Directory LDAP server on Max OSX 10.4.

It expects a list of people to add in the form of First Name [TAB] Last Name [TAB] password [TAB] age. You can modify this to suit your needs; I needed to set groups based on the user's age, but you can do it however you need.

I had to install gcc via the xtools package (available for free from ADC) in order to compile Text::Unidecode

addusers.pl

  1. #!/usr/bin/perl
  2. use warnings;
  3. use strict;
  4. use utf8;
  5. use Text::Unidecode;
  6. use Encode;
  7. ####
  8. # Coded by Daenyth
  9. # Daenyth@gmail.com
  10. ##
  11.  
  12. checkusage();
  13. ####
  14. # Configuration
  15. #
  16. # dauser is the Open Directory Administrator account, eg diradmin
  17. # dapass should not be set (storing passwords in plaintext is bad), but undef can be replaced by the quoted password if you really need to
  18. # startuid is the UniqueID to start checking at. In other words, what is the _lowest_ UID you want to use.
  19. # ldap is the source we are adding users to
  20. # If verbose is on, print a list of successfully added users (to STDOUT)
  21. ##
  22. my $dauser= 'diradmin';
  23. my $ldap = '/LDAPv3/127.0.0.1';
  24. my $dapass = getpass() || undef;
  25. my $startuid = 20000;
  26. my $verbose = 1;
  27.  
  28. ####
  29. # Was the program invoked correctly?
  30. ##
  31. sub checkusage {
  32.         if (@ARGV != 1) { usage() }
  33.         if ($ARGV[0] =~ /^-+[h?]/) { usage() }
  34. }
  35.  
  36. sub usage {
  37.         print "Usage: $0 <input file>\n";
  38.         exit 1;
  39. }
  40.  
  41. ####
  42. # Make a list of users to add, based on CLI input
  43. # return AoA, with form of
  44. # $return = [ ["Full Name", "password", age], [], ]
  45. ##
  46. sub getlist {
  47.         my @userlist;
  48.         my $infile = shift @ARGV;
  49.         open(INFILE, "< $infile") or die "$!\n";
  50.         local $/ = "\r";
  51.         while (my $line = <INFILE>) {
  52.                 chomp $line;
  53.                
  54.                 if ($line =~ /^(.+?)\t(.+?)\t(\S+)\t(\d\d\.\d+)$/) {
  55.                         push( @userlist, ["$1 $2", "$3", $4] );
  56.                 }
  57.                 else {
  58.                         print STDERR "Couldn't match regex to line $. from $infile\n";
  59.                 }
  60.         }
  61.         close INFILE or die "Couldn't close input file: $? $!\n";
  62.  
  63.         return @userlist;
  64.  
  65. }
  66.  
  67. ####
  68. # Ask for the admin password
  69. ##
  70. sub getpass {
  71.         print "Please enter the password for '$dauser' at '$ldap': ";
  72.         my $stty_orig=`stty -g`;
  73.         system "stty -echo";
  74.         my $pass = <STDIN>;
  75.         chomp $pass;
  76.         system "stty $stty_orig";
  77.         print "\n";
  78.         return $pass;
  79. }
  80.  
  81. ####
  82. # Find the next available UID and return it
  83. ##
  84. sub finduid {
  85.         for (my $testuid = $startuid; $testuid < 65535; $testuid++) {
  86.                 if (0 == `dscl '$ldap' -search /Users UniqueID '$testuid' | wc -l`) {
  87.                         return $testuid;
  88.                 }
  89.         }
  90.         die "Cannot find a usable UniqueID between $startuid and 65535!\n";
  91. }
  92.  
  93. ####
  94. # Check for user conflicts.
  95. # If there is a conflict, call faileduser() to note it
  96. # Returns 0  = No conflicts found
  97. #         1+ = Number of conflicts found
  98. ##
  99. sub checkuser {
  100.         my ($shortname, $longname) = @_;
  101.         my $fails = 0;
  102.        
  103.         if ('' eq "$shortname")                                                 { faileduser(@_, 'null shortname', ++$fails)        }
  104.         if ('' eq "$longname")         { faileduser(@_, 'null longname', ++$fails)            }
  105.         if (0 != `dscl '$ldap' -search /Users RecordName '$shortname' | wc -l`) { faileduser(@_, 'shortname already exists', ++$fails)  }
  106.         if (0 != `dscl '$ldap' -search /Users RealName '$longname' | wc -l`)    { faileduser(@_, 'longname already exists', ++$fails)       }
  107.        
  108.         return $fails;
  109. }
  110.  
  111. ####
  112. # Call this sub to note an error adding a user
  113. ##
  114. sub faileduser {
  115.         my ($shortname, $longname, $failtype, $fails) = @_;
  116.         print STDERR "ERROR: ['$longname' ('$shortname') $fails] $failtype\n";
  117.  
  118.         return 0; #OK
  119. }
  120.  
  121. ####
  122. # The main part of the program, adds a user to the Open Directory Database
  123. ##
  124. sub adduser {
  125.         my ($longname, $password, $age) = @_;
  126.         $longname = decode("MacRoman", $longname);
  127.         my $shortname = shortdecode("$longname");
  128.         my $group = ($age > (30-1/12)) ? 'execs' : 'mainlab';
  129.         my $uid = finduid();
  130.        
  131.         return 1 if checkuser("$shortname", "$longname");
  132.  
  133.         system "dscl -u '$dauser' -P '$dapass' '$ldap' -create '/Users/$shortname'";
  134.         system "dscl -u '$dauser' -P '$dapass' '$ldap' -create '/Users/$shortname' RealName '$longname'";
  135.         system "dscl -u '$dauser' -P '$dapass' '$ldap' -create '/Users/$shortname' UniqueID '$uid'" ;
  136.         system "dscl -u '$dauser' -P '$dapass' '$ldap' -passwd '/Users/$shortname' '$password'" ;
  137.         system "dscl -u '$dauser' -P '$dapass' '$ldap' -create '/Users/$shortname' NFSHomeDirectory '/Network/Servers/executive.nese.com/Library/NESE_Accounts/$shortname'" ;
  138.         system "dscl -u '$dauser' -P '$dapass' '$ldap' -create '/Users/$shortname' UserShell '/bin/bash'";
  139.         system "dscl -u '$dauser' -P '$dapass' '$ldap' -create '/Users/$shortname' PrimaryGroupID 20" ;
  140.         system "dscl -u '$dauser' -P '$dapass' '$ldap' -append '/Groups/$group' GroupMembership '$shortname'";
  141.         print "OK: $longname ($shortname)\n" if $verbose;
  142.        
  143.         return 0; #OK
  144. }
  145.        
  146. ####
  147. # Take the potentially-unicode long name, and turn it into something we can use for a shortname
  148. ##
  149. sub shortdecode {
  150.         local $_ = shift;
  151.  
  152.         s/\s//g;
  153.         s/\x{8e}/e/;
  154.         s/-//;
  155.         $_ = unidecode("$_");
  156.         return lc $_;
  157. }
  158.  
  159. my @addusers = getlist();
  160. for (my $i=0; $i<@addusers; $i++) {
  161.         adduser( "$addusers[$i]->[0]", "$addusers[$i]->[1]", $addusers[$i]->[2] );
  162. }

advertising

Create a Paste

Please enter your new post below (or upload a file instead):





Please note that information posted here will not expire by default. If you want it to expire, please set the expiry time above. If it is set to expire, web search engines will not be allowed to index it prior to it expiring. Items that are not marked to expire will be indexable by search engines. Be careful with your passwords.

fantasy-obligation
worth-right
worth-right