arif/xcat-core
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

-Add delclusteruser implementation to active directory

Browse Source 
git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@5389 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
This commit is contained in:
jbjohnso 2010-03-05 14:25:56 +00:00
parent 95500a737a
commit 08ca4627af
2 changed files with 103 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
xCAT-server/lib/perl/xCAT/ADUtils.pm
View File

@ -80,6 +80,77 @@ replace: userAccountControl
userAccountControl: 512';
sub del_user_account {
my %args = @_;
my $directoryserver = $args{directoryserver};
my $dnsdomain = $args{dnsdomain};
my $account = $args{username};
unless ($dnsdomain and $directoryserver and $account) {
die "Invalid arguments $dnsdomain and $directoryserver and $account";
}
my $domain_components = $dnsdomain;
$domain_components =~ s/^\.//;
$domain_components =~ s/\./,dc=/g;
$domain_components =~ s/^/dc=/;
my @searchcmd = qw/ldapsearch -H /;
push @searchcmd,"ldaps://$directoryserver","-b",$domain_components;
push @searchcmd,"(sAMAccountname=$account)","dn";
my $searchout;
my $searchin;
my $searcherr = gensym;
my $search = open3($searchin,$searchout,$searcherr,@searchcmd);
print $searchout;
print $searchin;
my $searchselect = IO::Select->new($searchout,$searcherr);
my @handles;
my $failure;
my $dn;
while (@handles = $searchselect->can_read()) {
foreach (@handles) {
my $line = <$_>;
print $line;
if (not defined $line) {
$searchselect->remove($_);
next;
}
print $line;
if ($_ == $searcherr) {
if ($line =~ /error/i or $line =~ /problem/i) {
return {error=>$line};
}
} elsif ($line =~ /^dn: (.*)$/) {
if ($dn) { die "TODO: identify these cases, let xcat-user know this can happen"; }
$dn = $1;
}
}
}
my $ldif = "dn: $dn
changetype: delete";
my $deletein;
my $deleteout;
my $deleteerr = gensym;
my $deletion = open3($deletein,$deleteout,$deleteerr,'ldapmodify','-H',"ldaps://$directoryserver");
print $deletein $ldif."\n";
close($deletein);
print $ldif;
my $delselect = IO::Select->new($deleteout,$deleteerr);
while (@handles = $delselect->can_read()) {
foreach (@handles) {
my $line = <$_>;
print $line;
if (not defined $line) {
$delselect->remove($_);
next;
}
if ($_ == $deleteerr) {
if ($line =~ /error/i or $line =~ /problem/i) {
return {error=> $line};
}
}
}
}
}
sub list_user_accounts { #provide enough data to construct an /etc/passwd looking output
my %args = @_;
my $directoryserver = $args{directoryserver};
@ -98,7 +169,7 @@ sub list_user_accounts { #provide enough data to construct an /etc/passwd lookin
my $searchin;
my $searcherr = gensym;
my $search = open3($searchin,$searchout,$searcherr,@searchcmd);
my $searchselect = IO::Select->new($searchout,$searchin);
my $searchselect = IO::Select->new($searchout,$searcherr);
my @handles;
my $failure;
my %currvalues =();

31
xCAT-server/lib/xcat/plugins/activedirectory.pm
View File

@ -107,6 +107,37 @@ sub process_request {
sendmsg($account);
}
}
} elsif ($command =~ /del.*user/) {
my $username = shift @{$request->{arg}};
if (scalar @{$request->{arg}}) {
die "TODO: usage";
}
if ($username =~ /@/) {
($username,$domain) = split /@/,$username;
$domain = lc($domain);
}
unless ($domain) {
sendmsg([1,"Unable to determine domain from arguments or site table"]);
return undef;
}
#my $domainstab = xCAT::Table->new('domains');
#$realm = $domainstab->getAttribs({domain=>$domain},
unless ($realm) {
$realm = uc($domain);
$realm =~ s/\.$//; #remove trailing dot if provided
}
my $err = xCAT::ADUtils::krb_login(username=>$adpent->{username},password=>$adpent->{password},realm=>$realm);
if ($err) {
sendmsg([1,"Error authenticating to Active Directory"]);
return 1;
}
my $ret = xCAT::ADUtils::del_user_account(
username => $username,
dnsdomain => $domain,
directoryserver=> $server,
);
} elsif ($command =~ /add.*user/) { #user management command, adding
my $homedir;
my $fullname;