#!/usr/bin/perl # Author: Brad Marshall (bmarshal@pisoftware.com) # Date: 20010803 # This script is released under the GNU GPL. See http://www.gnu.org/copyleft/gpl.html # for full licensing details. # TODO: # Give pulldown that contains gid options # Check user doesn't already exist # Better error checking - is ldap server up, etc # Better error reporting use CGI; use CGI::Carp qw(fatalsToBrowser carpout); use Net::LDAP; # Set to 1 for debugging information my($debug) = 1; # Set to your base dn my($basedn) = "dc=gumby"; # Set to the ip or dns entry of your ldap server my($ldaphost) = "eta"; # Set to your mail domain my($maildomain) = "gumby"; # Set to the default group id that you want users to have my($defaultgid) = 100; my($adminuser) = "cn=admin,ou=People," . $basedn; my($adminpasswd) = "admin"; my($query) = new CGI(); if ($query->param('user')) { $user = $query->param('user'); $newpasswd1 = $query->param('newpasswd1'); $newpasswd2 = $query->param('newpasswd2'); $givenname = $query->param('givenname'); $sn = $query->param('sn'); $shell = $query->param('shell'); $homedir = $query->param('homedir'); $uidnumber = $query->param('uidnumber'); print $query->header(-type=>"text/html"), $query->start_html(-title=>'LDAP Add User', -BGCOLOR=>"white"), "\n", $query->h1("Adding User"); $userdn = "uid=$user,ou=People,$basedn"; print "User is uid=$user,ou=People,$basedn" if $debug; print $query->br if $debug; my($ldap) = Net::LDAP->new("$ldaphost") or die "Can't bind to $ldaphost: $!\n"; $mesg = $ldap->bind( dn => $adminuser, password => $adminpasswd, ); if ($mesg->code) { # Can't bind print "Sorry, can't bind to ldap server"; print $query->br; } else { print "Bound to ldap server as admin" if $debug; print $query->br if $debug; if ($newpasswd1 ne $newpasswd2) { # passwords don't match, deal with asking for it again print "Sorry, new password does not match"; print $query->br; } else { # passwords do match print "And new passwords match" if $debug; print $query->br if $debug; $salt = join '', ('.', '/', 0..9, 'A'..'Z','a'..'z')[rand 64, rand 64]; print "salt = ", $salt if $debug; print $query->br if $debug; $cryptpass = crypt($newpasswd1,$salt); $msg = $ldap->add( dn => $userdn, attr => [ 'uid' => $user, 'cn' => "$givenname $sn", 'givenName' => $givenname, 'sn' => $sn, 'userPassword' => "{crypt}$cryptpass", 'loginShell' => $shell, 'homeDirectory' => $homedir, 'gecos' => "$givenname $sn,,,", 'mail' => $user . "\@" . $maildomain, 'uidNumber' => $uidnumber, 'gidNumber' => $defaultgid, 'objectClass' => [ 'person', 'organizationalPerson', 'inetOrgPerson', 'account', 'posixAccount', 'top' ] ] ); if ($msg->code) { print "Can't add ldap user: $msg->error"; } else { print "Congratulations, you have now added " . $user; print $query->br; } } } } else { print $query->header(-type=>"text/html"), $query->start_html(-title=>'LDAP Change Password', -BGCOLOR=>"white"), "\n"; print $query->hr, "\n", "