initial commit of file from CVS for e-smith-ldap on Wed 12 Jul 08:58:23 BST 2023

root/etc/e-smith/events/actions/cleanup-unix-user-group

@@ -0,0 +1,20 @@
+#!/bin/bash -e
+
+ldapauth=$(/sbin/e-smith/config getprop ldap Authentication || echo disabled)
+
+# Exit unless ldap auth is enabled
+[ "$ldapauth" == "enabled" ] || exit 0
+
+# Users and group accounts are now stored in LDAP, so we need to delete them
+# from the old passwd / group / shadow database
+
+for USER in $(/usr/bin/getent passwd | sort | cut -d':' -f1 | uniq -d); do
+    /usr/sbin/luserdel -G $USER
+done
+
+for GROUP in $(/usr/bin/getent group | sort | cut -d':' -f1 | uniq -d); do
+    /usr/sbin/lgroupdel $GROUP
+done
+
+# And add the admin back in the root group, which is not in the LDAP database
+/usr/bin/gpasswd -a admin root