#!/usr/bin/env php
, BzzWare AS, Norway
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
$script = $argv[0] ;
while (is_link ($script))
$script = readlink($argv[0]) ;
$dir = dirname(dirname(realpath($script))) ;
if (is_file ($dir . '/lib/functions.php'))
$includedir = $dir . '/lib' ;
elseif (is_file ($dir . '/web/functions.php'))
$includedir = $dir . '/web' ;
elseif (is_file ("/usr/share/lliurex-lwat/web/functions.php'))
$includedir = "/usr/share/lliurex-lwat//web" ;
require_once ($includedir . '/functions.php') ;
loadConfig () ;
for ($i = 1 ; $i < $argc ; $i++) {
switch (strtolower($argv[$i])) {
case "--template":
$i++ ;
$template = $argv[$i] ;
break ;
case "--cn":
$i++ ;
$cn = $argv[$i] ;
break ;
case "--username":
$i++ ;
$username = $argv[$i] ;
break ;
case "--userpw":
$i++ ;
$userpw = $argv[$i] ;
break ;
case "--groups":
$i++ ;
$groups = $argv[$i] ;
break ;
case "--admin":
$i++ ;
$admin = $argv[$i] ;
break ;
}
}
if (empty($template))
printf (_("You need to specify a user template\n"));
if (empty($cn))
printf (_("You need to specify a cn (fullname)\n"));
if (empty ($template) || empty ($cn))
exit ;
if (empty($userpw))
$userpw = pwgen () ;
if (empty($admin))
$admin = "admin" ;
$adminpw = $_ENV["LWAT_ADMINPW"] ;
while (ob_end_flush ()) ;
if (empty ($adminpw)) {
printf (_("You need to enter a password user %s to connect to ldap:\n"),
$admin) ;
$fp = popen ("read -s; echo \$REPLY", "r") ;
$adminpw = trim(fgets ($fp));
pclose ($fp) ;
}
$ldap=ldap_connect ($ldaphost);
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
@ldap_start_tls($ldap) ;
$loginbase = $base ;
$filter = '(|(&(objectClass=posixAccount)(uid=' . $admin . '))(&(objectClass=simpleSecurityObject)(cn=' . $admin . ')))' ;
$want = array ("dn") ;
$authenticated = false ;
while (!empty ($loginbase) && !$authenticated) {
$result = @ldap_search($ldap, $loginbase, $filter, $want);
$entries = @ldap_get_entries ($ldap, $result);
$admindn = htmlspecialchars($entries[0]['dn']) ;
$bind = @ldap_bind ($ldap, $admindn, $adminpw);
if ($bind) {
$authenticated = true ;
} else {
$loginbase = ldap_explode_dn ($loginbase,0) ;
array_splice ($loginbase, 0,2) ;
$loginbase = implode (",", $loginbase) ;
}
}
if (empty($username))
$username = get_username ($ldap, $cn) ;
ldapAddUser ($ldap, $cn, $template, $username, $userpw, $groups) ;
printf ("Added user %s\nusername: %s\nPassword: %s\nMember of: %s\n",
$cn, $username, $userpw, $groups) ;
?>