1 files changed, 159 insertions, 0 deletions
diff --git a/sc-ap/manageUser.cpp b/sc-ap/manageUser.cpp
new file mode 100755
index 0000000..395bfae
--- /dev/null
+++ b/sc-ap/manageUser.cpp
@@ -0,0 +1,159 @@
+/*
+  $Id: manageUser.cpp,v 1.1.1.1 2005/07/07 15:05:59 oflebbe Exp $
+
+  Copyright (C) 2003 Olaf Flebbe, Science and Computing AG
+  o.flebbe@science-computing.de
+
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free Software Foundation; either version 2 of the License, or
+  (at your option) any later version.
+
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+*/
+#include <algorithm>
+#include "ldapuser.h"
+#include "netusergroup.h"
+#include "utility.h"
+#include "manageUser.h"
+#include "reg.h"
+
+#define SCAPKEY L"Software\\science + computing\\scap"
+
+
+
+
+void
+manageLocalAccount( const mystring& userName, FILE *fp) {
+
+  Registry reg( SCAPKEY);
+  // get LDAP Servers
+  std::list<mystring> ldapservers = reg.getValues( L"servers");
+  if (ldapservers.size() == 0) {
+    if (fp)
+      fprintf( fp, "ldapservers empty: Please set REG_MULTI_SZ value in HKLM\\%S\\servers", SCAPKEY);
+    return;
+  }
+  mystring binddn = reg.getValue( L"binddn");
+  mystring bindpasswd = reg.getValue( L"bindpasswd");
+
+  // make bind
+  LDAPUser ld( ldapservers, fp, binddn, bindpasswd);
+	
+  mystring basedn = reg.getValue( L"basedn");
+  if (basedn == L"") {
+    if (fp)
+      fprintf( fp, "basedn empty: Please set REG_SZ in HKLM\\%S\\basedn", SCAPKEY);
+    return;
+  }
+  ld.setContext( basedn);
+
+  stringSet userAttrs;
+
+#define SAMBAHOMEPATH L"sambaHomePath"
+#define HOMEDIRECTORY L"homeDirectory"
+#define SAMBAHOMEDRIVE L"sambaHomeDrive"
+#define SAMBAPROFILEPATH L"sambaProfilePath"
+#define SAMBALOGONSCRIPT L"sambaLogonScript"
+
+  userAttrs.insert( SAMBAHOMEPATH);
+  userAttrs.insert( HOMEDIRECTORY);
+  userAttrs.insert( SAMBAHOMEDRIVE);
+  userAttrs.insert( SAMBAPROFILEPATH );
+  userAttrs.insert( SAMBALOGONSCRIPT);
+  userAttrs.insert( L"gidNumber");
+
+  stringMap userVals = ld.getAttribsByUserName( userName, userAttrs);
+
+  if (userVals.size() == 0 || (userVals.find( L"gidNumber") == userVals.end())) {
+	  // nothing found
+    if (fp) {
+      fprintf( fp, "user %S not found in LDAP: trying to delete user account\n", userName.c_str());
+      fflush( fp);
+    }
+    fprintf( fp, "isdisabled %d\n", isDisabledUser( userName));
+    // if local user exists and is disabled: delete!
+    if (isDisabledUser( userName) == 1)
+      delUser( userName);
+    return;
+  }
+  if (fp) {
+    fprintf( fp, "add user %S\n", userName.c_str());
+    fflush( fp);
+  }
+  mystring gid = userVals[ L"gid"];
+
+  // homepath
+  mystring homePath;
+  if (userVals.find( SAMBAHOMEPATH) != userVals.end()) {
+	homePath = userVals[ SAMBAHOMEPATH]; // use first Element
+  } else {
+	if (userVals.find( HOMEDIRECTORY) != userVals.end()) {
+		homePath = userVals[ HOMEDIRECTORY];
+	} else {
+	    homePath =  reg.getValue( L"homepath");
+	}
+	// search and replace with registry keys
+	homePath = searchAndReplace( convertSlashes( homePath), L"homepathreplace", reg, fp);
+  }
+
+  // homedrive
+  mystring homeDrive;
+  if (userVals.find( SAMBAHOMEDRIVE) != userVals.end()) {
+	homeDrive = *(userVals[ SAMBAHOMEDRIVE].begin()); // use first Element
+  } else {
+	homeDrive = reg.getValue( L"homedrive");
+  }
+
+  // profilePath
+  mystring profilePath;
+  if (userVals.find( SAMBAPROFILEPATH) != userVals.end()) {
+	  profilePath = userVals[ SAMBAPROFILEPATH];
+  } else {
+	  if (homeDrive != L"") {
+		  profilePath= homeDrive + reg.getValue( L"profilepath");
+	  } else {
+		  profilePath = homePath + reg.getValue( L"profilepath");
+		  profilePath = searchAndReplace( profilePath, L"profilereplace", reg, fp);
+	  }
+  }
+  //logonscript
+  mystring logonScript;
+  if (userVals.find( SAMBALOGONSCRIPT) != userVals.end()) {
+	  logonScript = userVals[ SAMBALOGONSCRIPT];
+  } else {
+      logonScript = reg.getValue( L"logonscript");
+  }
+
+
+
+  // add user only if it does not exists before. 
+  // Do not clutter Event Log
+  if (-1 == isDisabledUser( userName))
+	addUser(  userName, homePath, homeDrive, profilePath, logonScript ); 
+  stringSet ldapList = ld.getGroupsByUserName( userName, gid);
+  stringSet ntList = listGroups( userName);
+  stringSet worker;
+  std::set_difference( ldapList.begin(), ldapList.end(), ntList.begin(), ntList.end(), std::inserter(worker, worker.begin()));
+  // worker is now Groups containe not in ntlist but ldapList -> add to user
+
+  for (stringSet::const_iterator ptr = worker.begin(); ptr != worker.end(); ptr++) {
+    fprintf( fp, "add to group %S\n", ptr->c_str());
+    addUserToGroup( userName, *ptr);
+  }
+  std::set_difference( ntList.begin(), ntList.end(), ldapList.begin(), ldapList.end(), std::inserter(worker, worker.begin()));
+  // worker is now Groups containe not in ntlist but ldapList -> add to user
+  for (stringSet::const_iterator ptr = worker.begin(); ptr != worker.end(); ptr++) {
+    fprintf( fp, "remove from group %S\n", ptr->c_str());
+    delUserFromGroup( userName, *ptr);
+  }
+  fflush( fp);
+}