#!/usr/local/bin/perl -w
# $Id: ldapMacosxPrefs.pl,v 1.1.2.1 2007/03/23 08:34:05 martin Exp $

use strict;

# Perl script to set authentication server LDAP preferences
# for Mac OS X LDAP/Password Server.
#
# Set $MacOSX_Password_Server to the fully-qualified host name
# of the Mac OS X Password Server, e.g.
# my $MacOSX_Password_Server = "server.company.com";
my $MacOSX_Password_Server = "server.company.com";

my $HELIOSDIR;
open(FD, "/etc/HELIOSInstallPath") || die "cannot find HELIOS product, check installation\n";
chop($HELIOSDIR = <FD>);
close(FD);
my $prefvalue = "$HELIOSDIR/bin/prefvalue";

system($prefvalue, "-k", "Programs/authsrv/NameServices", "-t", "str", "local,NIS,MACOSX");

system($prefvalue, "-k", "Programs/authsrv/LDAP_Server", "-t", "str", $MacOSX_Password_Server);

# ldap base DN to search users
my $userBase = "cn=users,dc=" . join(",dc=", split(/\./, $MacOSX_Password_Server));
system($prefvalue, "-k", "Programs/authsrv/LDAP_UserBase", "-t", "str", $userBase);

# ldap base DN to search groups
my $groupBase = "cn=groups,dc=" . join(",dc=", split(/\./, $MacOSX_Password_Server));
system($prefvalue, "-k", "Programs/authsrv/LDAP_GroupBase", "-t", "str", $groupBase);

# how to bind for requests, empty DN is anonymuous
system($prefvalue, "-k", "Programs/authsrv/LDAP_BindDN", "-t", "str", "");
system($prefvalue, "-k", "Programs/authsrv/LDAP_BindPassword", "-t", "str", "");

# -- LDAP FILTER --
system($prefvalue, "-k", "Programs/authsrv/LDAP_LongUserFilter", "-t", "str", "cn=%s");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UserFilter", "-t", "str", "uid=%s");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UserIDFilter", "-t", "str", "uidNumber=%d");

system($prefvalue, "-k", "Programs/authsrv/LDAP_GroupFilter", "-t", "str", "cn=%s");
system($prefvalue, "-k", "Programs/authsrv/LDAP_GroupIDFilter", "-t", "str", "gidNumber=%d");
system($prefvalue, "-k", "Programs/authsrv/LDAP_GroupMemberFilter", "-t", "str", "memberUid=%s");

#-- LDAP Attributes --
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_HeliosPassword", "-t", "str", "");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_ClearPassword", "-t", "str", "userPassword");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_NTPassword", "-t", "str", "");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_LMPassword", "-t", "str", "");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_Name", "-t", "str", "uid");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_LongName", "-t", "str", "cn");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_UID", "-t", "str", "uidNumber");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_PGID", "-t", "str", "gidNumber");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_HomeDirectory", "-t", "str", "homeDirectory");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_AppleID", "-t", "str", "authAuthority");

system($prefvalue, "-k", "Programs/authsrv/LDAP_GATTR_GID", "-t", "str", "gidNumber");
system($prefvalue, "-k", "Programs/authsrv/LDAP_GATTR_Name", "-t", "str", "cn");