#!/usr/local/bin/perl -w
# $Id: ldapOpenLDAPPrefs.pl,v 1.1.2.3 2007/03/26 11:38:59 martin Exp $

use strict;

# Perl script to set authentication server LDAP preferences
# for the OpenLDAP server.
#
# Set $OpenLDAP_Server to the host name or IP address
# of the OpenLDAP Server, e.g.
# my $OpenLDAP_Server = "server.company.com";
#
# Set $OpenLDAP_BindDN and $OpenLDAP_BindPassword
# to the user name and password for the simple LDAP authentication, e.g.
# my $OpenLDAP_Administrator = "cn=Manager,dc=my-domain,dc=com";
# my $OpenLDAP_Password = "secret";
#
# Set $OpenLDAP_UsersOU and $OpenLDAP_GroupsOU to the organizational
# units used for users and groups, e.g.
# my $OpenLDAP_UsersOU = "ou=users,dc=my-domain,dc=com";
# my $OpenLDAP_GroupsOU = "ou=groups,dc=my-domain,dc=com";
#
my $OpenLDAP_Server = "server.company.com";
my $OpenLDAP_BindDN = "cn=Manager,dc=my-domain,dc=com";
my $OpenLDAP_BindPassword = "secret";
my $OpenLDAP_UsersOU = "ou=users,dc=my-domain,dc=com";
my $OpenLDAP_GroupsOU = "ou=groups,dc=my-domain,dc=com";

my $HELIOSDIR;
open(FD, "/etc/HELIOSInstallPath") || die "cannot find HELIOS product, check installation\n";
chop($HELIOSDIR = <FD>);
close(FD);
my $prefvalue = "$HELIOSDIR/bin/prefvalue";

system($prefvalue, "-k", "Programs/authsrv/NameServices", "-t", "str", "local,NIS,LDAP");

system($prefvalue, "-k", "Programs/authsrv/LDAP_Server", "-t", "str", $OpenLDAP_Server);

# ldap base DN to search users 
system($prefvalue, "-k", "Programs/authsrv/LDAP_UserBase", "-t", "str", $OpenLDAP_UsersOU);

# ldap base DN to search groups
system($prefvalue, "-k", "Programs/authsrv/LDAP_GroupBase", "-t", "str", $OpenLDAP_GroupsOU);

# how to bind for requests, empty DN is anonymuous
system($prefvalue, "-k", "Programs/authsrv/LDAP_BindDN", "-t", "str", $OpenLDAP_BindDN);
system($prefvalue, "-k", "Programs/authsrv/LDAP_BindPassword", "-t", "str", $OpenLDAP_BindPassword);

# -- LDAP FILTER --
system($prefvalue, "-k", "Programs/authsrv/LDAP_LongUserFilter", "-t", "str", "cn=%s");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UserFilter", "-t", "str", "uid=%s");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UserIDFilter", "-t", "str", "uidNumber=%d");

system($prefvalue, "-k", "Programs/authsrv/LDAP_GroupFilter", "-t", "str", "cn=%s");
system($prefvalue, "-k", "Programs/authsrv/LDAP_GroupIDFilter", "-t", "str", "gidNumber=%d");
system($prefvalue, "-k", "Programs/authsrv/LDAP_GroupMemberFilter", "-t", "str", "memberUid=uid=%s,$OpenLDAP_UsersOU");

#-- LDAP Attributes --
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_HeliosPassword", "-t", "str", "HeliosPassword");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_ClearPassword", "-t", "str", "");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_NTPassword", "-t", "str", "");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_LMPassword", "-t", "str", "");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_Name", "-t", "str", "uid");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_LongName", "-t", "str", "cn");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_UID", "-t", "str", "uidNumber");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_PGID", "-t", "str", "gidNumber");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_HomeDirectory", "-t", "str", "homeDirectory");
system($prefvalue, "-k", "Programs/authsrv/LDAP_UATTR_AppleID", "-t", "str", "");

system($prefvalue, "-k", "Programs/authsrv/LDAP_GATTR_GID", "-t", "str", "gidNumber");
system($prefvalue, "-k", "Programs/authsrv/LDAP_GATTR_Name", "-t", "str", "cn");