Part of Slepp's ProjectsPastebinTURLImagebinFilebin
Feedback -- English French German Japanese
Create Upload Newest Tools Donate
Sign In | Create Account

Paste Description for addusers.pl

This script was written to add users in a batch to an Open Directory LDAP server on Max OSX 10.4.

It expects a list of people to add in the form of First Name [TAB] Last Name [TAB] password [TAB] age. You can modify this to suit your needs; I needed to set groups based on the user's age, but you can do it however you need.

I had to install gcc via the xtools package (available for free from ADC) in order to compile Text::Unidecode

addusers.pl
Wednesday, November 7th, 2007 at 8:55:50pm UTC 

  1. #!/usr/bin/perl
  2. use warnings;
  3. use strict;
  4. use utf8;
  5. use Text::Unidecode;
  6. use Encode;
  7. ####
  8. # Coded by Daenyth
  9. # [email protected]
  10. ##
  11.  
  12. checkusage();
  13. ####
  14. # Configuration
  15. #
  16. # dauser is the Open Directory Administrator account, eg diradmin
  17. # dapass should not be set (storing passwords in plaintext is bad), but undef can be replaced by the quoted password if you really need to
  18. # startuid is the UniqueID to start checking at. In other words, what is the _lowest_ UID you want to use.
  19. # ldap is the source we are adding users to
  20. # If verbose is on, print a list of successfully added users (to STDOUT)
  21. ##
  22. my $dauser= 'diradmin';
  23. my $ldap = '/LDAPv3/127.0.0.1';
  24. my $dapass = getpass() || undef;
  25. my $startuid = 20000;
  26. my $verbose = 1;
  27.  
  28. ####
  29. # Was the program invoked correctly?
  30. ##
  31. sub checkusage {
  32.         if (@ARGV != 1) { usage() }
  33.         if ($ARGV[0] =~ /^-+[h?]/) { usage() }
  34. }
  35.  
  36. sub usage {
  37.         print "Usage: $0 <input file>\n";
  38.         exit 1;
  39. }
  40.  
  41. ####
  42. # Make a list of users to add, based on CLI input
  43. # return AoA, with form of
  44. # $return = [ ["Full Name", "password", age], [], ]
  45. ##
  46. sub getlist {
  47.         my @userlist;
  48.         my $infile = shift @ARGV;
  49.         open(INFILE, "< $infile") or die "$!\n";
  50.         local $/ = "\r";
  51.         while (my $line = <INFILE>) {
  52.                 chomp $line;
  53.                
  54.                 if ($line =~ /^(.+?)\t(.+?)\t(\S+)\t(\d\d\.\d+)$/) {
  55.                         push( @userlist, ["$1 $2", "$3", $4] );
  56.                 }
  57.                 else {
  58.                         print STDERR "Couldn't match regex to line $. from $infile\n";
  59.                 }
  60.         }
  61.         close INFILE or die "Couldn't close input file: $? $!\n";
  62.  
  63.         return @userlist;
  64.  
  65. }
  66.  
  67. ####
  68. # Ask for the admin password
  69. ##
  70. sub getpass {
  71.         print "Please enter the password for '$dauser' at '$ldap': ";
  72.         my $stty_orig=`stty -g`;
  73.         system "stty -echo";
  74.         my $pass = <STDIN>;
  75.         chomp $pass;
  76.         system "stty $stty_orig";
  77.         print "\n";
  78.         return $pass;
  79. }
  80.  
  81. ####
  82. # Find the next available UID and return it
  83. ##
  84. sub finduid {
  85.         for (my $testuid = $startuid; $testuid < 65535; $testuid++) {
  86.                 if (0 == `dscl '$ldap' -search /Users UniqueID '$testuid' | wc -l`) {
  87.                         return $testuid;
  88.                 }
  89.         }
  90.         die "Cannot find a usable UniqueID between $startuid and 65535!\n";
  91. }
  92.  
  93. ####
  94. # Check for user conflicts.
  95. # If there is a conflict, call faileduser() to note it
  96. # Returns 0  = No conflicts found
  97. #         1+ = Number of conflicts found
  98. ##
  99. sub checkuser {
  100.         my ($shortname, $longname) = @_;
  101.         my $fails = 0;
  102.        
  103.         if ('' eq "$shortname")                                                 { faileduser(@_, 'null shortname', ++$fails)        }
  104.         if ('' eq "$longname")         { faileduser(@_, 'null longname', ++$fails)            }
  105.         if (0 != `dscl '$ldap' -search /Users RecordName '$shortname' | wc -l`) { faileduser(@_, 'shortname already exists', ++$fails)  }
  106.         if (0 != `dscl '$ldap' -search /Users RealName '$longname' | wc -l`)    { faileduser(@_, 'longname already exists', ++$fails)       }
  107.        
  108.         return $fails;
  109. }
  110.  
  111. ####
  112. # Call this sub to note an error adding a user
  113. ##
  114. sub faileduser {
  115.         my ($shortname, $longname, $failtype, $fails) = @_;
  116.         print STDERR "ERROR: ['$longname' ('$shortname') $fails] $failtype\n";
  117.  
  118.         return 0; #OK
  119. }
  120.  
  121. ####
  122. # The main part of the program, adds a user to the Open Directory Database
  123. ##
  124. sub adduser {
  125.         my ($longname, $password, $age) = @_;
  126.         $longname = decode("MacRoman", $longname);
  127.         my $shortname = shortdecode("$longname");
  128.         my $group = ($age > (30-1/12)) ? 'execs' : 'mainlab';
  129.         my $uid = finduid();
  130.        
  131.         return 1 if checkuser("$shortname", "$longname");
  132.  
  133.         system "dscl -u '$dauser' -P '$dapass' '$ldap' -create '/Users/$shortname'";
  134.         system "dscl -u '$dauser' -P '$dapass' '$ldap' -create '/Users/$shortname' RealName '$longname'";
  135.         system "dscl -u '$dauser' -P '$dapass' '$ldap' -create '/Users/$shortname' UniqueID '$uid'" ;
  136.         system "dscl -u '$dauser' -P '$dapass' '$ldap' -passwd '/Users/$shortname' '$password'" ;
  137.         system "dscl -u '$dauser' -P '$dapass' '$ldap' -create '/Users/$shortname' NFSHomeDirectory '/Network/Servers/executive.nese.com/Library/NESE_Accounts/$shortname'" ;
  138.         system "dscl -u '$dauser' -P '$dapass' '$ldap' -create '/Users/$shortname' UserShell '/bin/bash'";
  139.         system "dscl -u '$dauser' -P '$dapass' '$ldap' -create '/Users/$shortname' PrimaryGroupID 20" ;
  140.         system "dscl -u '$dauser' -P '$dapass' '$ldap' -append '/Groups/$group' GroupMembership '$shortname'";
  141.         print "OK: $longname ($shortname)\n" if $verbose;
  142.        
  143.         return 0; #OK
  144. }
  145.        
  146. ####
  147. # Take the potentially-unicode long name, and turn it into something we can use for a shortname
  148. ##
  149. sub shortdecode {
  150.         local $_ = shift;
  151.  
  152.         s/\s//g;
  153.         s/\x{8e}/e/;
  154.         s/-//;
  155.         $_ = unidecode("$_");
  156.         return lc $_;
  157. }
  158.  
  159. my @addusers = getlist();
  160. for (my $i=0; $i<@addusers; $i++) {
  161.         adduser( "$addusers[$i]->[0]", "$addusers[$i]->[1]", $addusers[$i]->[2] );
  162. }

Paste Details

Tags: perl mac apple

Update the Post

Either update this post and resubmit it with changes, or make a new post.

You may also comment on this post.

update paste below
details of the post (optional)

Note: Only the paste content is required, though the following information can be useful to others.

Save name / title?

(space separated, optional)



Please note that information posted here will expire by default in one month. If you do not want it to expire, please set the expiry time above. If it is set to expire, web search engines will not be allowed to index it prior to it expiring. Items that are not marked to expire will be indexable by search engines. Be careful with your passwords. All illegal activities will be reported and any information will be handed over to the authorities, so be good.

comments powered by Disqus
worth-right
worth-right