Web lists-archives.com

Re: [Samba] Migration to samba4 ad and sync to openldap.




Hi,

And if you're more into php, here is the script I created for our migration, using php. Perhaps you can adjust it for your requirements:

<?php

ini_set('display_errors', 'Off');
error_reporting(E_ALL);

$samba3_server = "1.2.3.4";
$samba3_port = 389;
$samba3_dn = 'ou=users,dc=company,dc=com';
$samba3_filter="(uid=*)";
$samba3_fields = array("mail", "uid");

$samba4_server = 'ldap://192.168.122.102';
$samba4_user = 'Administrator@REALM.SAMBA4';
$samba4_pass = 'very_secret';
$samba4_port = 389;
$samba4_dn = 'CN=users,DC=company,DC=samba4';
$samba4_fields = array("mail", "cn", "dn", "otherMailbox");
$samba4_realm = 'realm.samba4';

// samba 3 init, accessed anonymously
$samba3 = ldap_connect($samba3_server, $samba3_port)
 or die('Cannot Connect to $samba3_server');
 ldap_set_option($samba3, LDAP_OPT_PROTOCOL_VERSION, 3);
$samba3Bind = ldap_bind($samba3);
  if (!$samba3Bind) {die('Cannot Bind to samba3');}

// samba 4 init, bind with a password, non-ssl
$samba4 = ldap_connect($samba4_server, $samba4_port)
 or die('Cannot Connect to $samba4_server');
 ldap_set_option($samba4, LDAP_OPT_PROTOCOL_VERSION, 3);
 ldap_set_option($samba4, LDAP_OPT_REFERRALS, 0);
$samba4Bind = ldap_bind($samba4, $samba4_user, $samba4_pass);
  if (!$samba4Bind) {die('Cannot Bind to $samba4_server');}

$s3_search_result=ldap_search($samba3, $samba3_dn, $samba3_filter);

$s3_count = ldap_count_entries($samba3, $s3_search_result);
echo "Total number of ldap records found: $s3_count<br />";

$uid = ldap_first_entry($samba3, $s3_search_result);

//actual work is done below
while ($uid) {
    $s3_uid = ldap_get_values($samba3, $uid, 'uid');
    $s3_mail = ldap_get_values($samba3, $uid, 'mail');
    $s3_homedirectory =  ldap_get_values($samba3, $uid, 'homeDirectory');
    $s3_givenName = @ldap_get_values($samba3, $uid, 'givenName');
    $s3_sn = ldap_get_values($samba3, $uid, 'sn');
    $s3_description = @ldap_get_values($samba3, $uid, 'description');
    $s3_initials = @ldap_get_values($samba3, $uid, 'initials');
    $s3_sambahomepath =  @ldap_get_values($samba3, $uid, 'sambaHomePath');
    $s3_sambahomedrive =  @ldap_get_values($samba3, $uid, 'sambaHomedrive');
    $s3_sambalogonscript =  @ldap_get_values($samba3, $uid, 'sambaLogonScript');
    $s3_gecos = @ldap_get_values($samba3, $uid, 'gecos');
    $s3_displayname = @ldap_get_values($samba3, $uid, 'displayName');

    $hoeveel_mail = $s3_mail["count"];
    $hoeveel_uid = $s3_uid["count"];
        echo "This uid: $s3_uid[0], how many addresses defined: $hoeveel_mail | ";

// find matching AD account
    $samba4_filter="(sAMAccountName=$s3_uid[0])";
    $s4_search_result=ldap_search($samba4, $samba4_dn, $samba4_filter);
    $s4_count = ldap_count_entries($samba4, $s4_search_result);
    $s4_entry = ldap_get_entries($samba4, $s4_search_result);
    $s4_dn = $s4_entry[0]["dn"];

    echo "  || Samba4 dn: $s4_dn | ";

    $info["otherMailbox"] = array();
    $info["mail"] = array();

// below we fill the $info array with values from samba3
    $info["userPrincipalName"] = ($s3_uid[0] . '@' . $samba4_realm);
    $info["sn"] = $s3_sn[0];
    $info["uid"] = $s3_uid[0];
    $info["msSFU30Name"] = $s3_uid[0];
    $info["unixHomeDirectory"] = $s3_homedirectory[0];
    $info["homeDirectory"] = $s3_sambahomepath[0];
    $info["homeDrive"] = $s3_sambahomedrive[0];
    $info["scriptPath"] = $s3_sambalogonscript[0];
// below fields are not always filled
    if(isset($s3_givenName[0])) { $info["givenName"] = $s3_givenName[0]; }
    if(isset($s3_initials[0])) { $info["initials"] = $s3_initials[0]; }
    if(isset($s3_mail[0])) { $info["mail"] = $s3_mail[0]; }
    if(isset($s3_description[0])) { $info["description"] = $s3_description[0]; }
    if(isset($s3_gecos[0])) { $info["gecos"] = $s3_gecos[0]; }
    if(isset($s3_displayname[0])) { $info["displayName"] = $s3_displayname[0]; }

    echo "Has the following additional mail fields: ";
    for ($i=1; $i < $hoeveel_mail; $i++) {
        echo ($i. ": ") . $s3_mail[$i]. ", ";
        $info["otherMailbox"][$i-1] = $s3_mail[$i];
    }
    echo "<br />";

// put $info array in the AD
    ldap_mod_replace($samba4, $s4_dn, $info);

// and proceed with the next samba3 record
    $uid = ldap_next_entry($samba3, $uid);
}

ldap_close($samba4);
ldap_close($samba3);

?>


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba