summaryrefslogtreecommitdiffstats
path: root/sc-ap/manageUser.cpp
diff options
context:
space:
mode:
authorTimothy Pearson <kb9vqf@pearsoncomputing.net>2013-03-26 10:35:25 -0500
committerTimothy Pearson <kb9vqf@pearsoncomputing.net>2013-03-26 10:35:25 -0500
commit6610cd15cf186fe1f8e82628f6f12aa2c490bac2 (patch)
treeb90a0c31fdb5bdb33a0711b1f28ab26d0ef735d1 /sc-ap/manageUser.cpp
downloadwindows-ldap-integration-6610cd15cf186fe1f8e82628f6f12aa2c490bac2.tar.gz
windows-ldap-integration-6610cd15cf186fe1f8e82628f6f12aa2c490bac2.zip
Initial import of abandoned sc-ap project
Diffstat (limited to 'sc-ap/manageUser.cpp')
-rwxr-xr-xsc-ap/manageUser.cpp159
1 files changed, 159 insertions, 0 deletions
diff --git a/sc-ap/manageUser.cpp b/sc-ap/manageUser.cpp
new file mode 100755
index 0000000..395bfae
--- /dev/null
+++ b/sc-ap/manageUser.cpp
@@ -0,0 +1,159 @@
+/*
+ $Id: manageUser.cpp,v 1.1.1.1 2005/07/07 15:05:59 oflebbe Exp $
+
+ Copyright (C) 2003 Olaf Flebbe, Science and Computing AG
+ o.flebbe@science-computing.de
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+*/
+#include <algorithm>
+#include "ldapuser.h"
+#include "netusergroup.h"
+#include "utility.h"
+#include "manageUser.h"
+#include "reg.h"
+
+#define SCAPKEY L"Software\\science + computing\\scap"
+
+
+
+
+void
+manageLocalAccount( const mystring& userName, FILE *fp) {
+
+ Registry reg( SCAPKEY);
+ // get LDAP Servers
+ std::list<mystring> ldapservers = reg.getValues( L"servers");
+ if (ldapservers.size() == 0) {
+ if (fp)
+ fprintf( fp, "ldapservers empty: Please set REG_MULTI_SZ value in HKLM\\%S\\servers", SCAPKEY);
+ return;
+ }
+ mystring binddn = reg.getValue( L"binddn");
+ mystring bindpasswd = reg.getValue( L"bindpasswd");
+
+ // make bind
+ LDAPUser ld( ldapservers, fp, binddn, bindpasswd);
+
+ mystring basedn = reg.getValue( L"basedn");
+ if (basedn == L"") {
+ if (fp)
+ fprintf( fp, "basedn empty: Please set REG_SZ in HKLM\\%S\\basedn", SCAPKEY);
+ return;
+ }
+ ld.setContext( basedn);
+
+ stringSet userAttrs;
+
+#define SAMBAHOMEPATH L"sambaHomePath"
+#define HOMEDIRECTORY L"homeDirectory"
+#define SAMBAHOMEDRIVE L"sambaHomeDrive"
+#define SAMBAPROFILEPATH L"sambaProfilePath"
+#define SAMBALOGONSCRIPT L"sambaLogonScript"
+
+ userAttrs.insert( SAMBAHOMEPATH);
+ userAttrs.insert( HOMEDIRECTORY);
+ userAttrs.insert( SAMBAHOMEDRIVE);
+ userAttrs.insert( SAMBAPROFILEPATH );
+ userAttrs.insert( SAMBALOGONSCRIPT);
+ userAttrs.insert( L"gidNumber");
+
+ stringMap userVals = ld.getAttribsByUserName( userName, userAttrs);
+
+ if (userVals.size() == 0 || (userVals.find( L"gidNumber") == userVals.end())) {
+ // nothing found
+ if (fp) {
+ fprintf( fp, "user %S not found in LDAP: trying to delete user account\n", userName.c_str());
+ fflush( fp);
+ }
+ fprintf( fp, "isdisabled %d\n", isDisabledUser( userName));
+ // if local user exists and is disabled: delete!
+ if (isDisabledUser( userName) == 1)
+ delUser( userName);
+ return;
+ }
+ if (fp) {
+ fprintf( fp, "add user %S\n", userName.c_str());
+ fflush( fp);
+ }
+ mystring gid = userVals[ L"gid"];
+
+ // homepath
+ mystring homePath;
+ if (userVals.find( SAMBAHOMEPATH) != userVals.end()) {
+ homePath = userVals[ SAMBAHOMEPATH]; // use first Element
+ } else {
+ if (userVals.find( HOMEDIRECTORY) != userVals.end()) {
+ homePath = userVals[ HOMEDIRECTORY];
+ } else {
+ homePath = reg.getValue( L"homepath");
+ }
+ // search and replace with registry keys
+ homePath = searchAndReplace( convertSlashes( homePath), L"homepathreplace", reg, fp);
+ }
+
+ // homedrive
+ mystring homeDrive;
+ if (userVals.find( SAMBAHOMEDRIVE) != userVals.end()) {
+ homeDrive = *(userVals[ SAMBAHOMEDRIVE].begin()); // use first Element
+ } else {
+ homeDrive = reg.getValue( L"homedrive");
+ }
+
+ // profilePath
+ mystring profilePath;
+ if (userVals.find( SAMBAPROFILEPATH) != userVals.end()) {
+ profilePath = userVals[ SAMBAPROFILEPATH];
+ } else {
+ if (homeDrive != L"") {
+ profilePath= homeDrive + reg.getValue( L"profilepath");
+ } else {
+ profilePath = homePath + reg.getValue( L"profilepath");
+ profilePath = searchAndReplace( profilePath, L"profilereplace", reg, fp);
+ }
+ }
+ //logonscript
+ mystring logonScript;
+ if (userVals.find( SAMBALOGONSCRIPT) != userVals.end()) {
+ logonScript = userVals[ SAMBALOGONSCRIPT];
+ } else {
+ logonScript = reg.getValue( L"logonscript");
+ }
+
+
+
+ // add user only if it does not exists before.
+ // Do not clutter Event Log
+ if (-1 == isDisabledUser( userName))
+ addUser( userName, homePath, homeDrive, profilePath, logonScript );
+ stringSet ldapList = ld.getGroupsByUserName( userName, gid);
+ stringSet ntList = listGroups( userName);
+ stringSet worker;
+ std::set_difference( ldapList.begin(), ldapList.end(), ntList.begin(), ntList.end(), std::inserter(worker, worker.begin()));
+ // worker is now Groups containe not in ntlist but ldapList -> add to user
+
+ for (stringSet::const_iterator ptr = worker.begin(); ptr != worker.end(); ptr++) {
+ fprintf( fp, "add to group %S\n", ptr->c_str());
+ addUserToGroup( userName, *ptr);
+ }
+ std::set_difference( ntList.begin(), ntList.end(), ldapList.begin(), ldapList.end(), std::inserter(worker, worker.begin()));
+ // worker is now Groups containe not in ntlist but ldapList -> add to user
+ for (stringSet::const_iterator ptr = worker.begin(); ptr != worker.end(); ptr++) {
+ fprintf( fp, "remove from group %S\n", ptr->c_str());
+ delUserFromGroup( userName, *ptr);
+ }
+ fflush( fp);
+}