#!/bin/bash -e

ldapauth=$(/sbin/e-smith/config getprop ldap Authentication || echo disabled)

# Exit unless ldap auth is enabled
[ "$ldapauth" == "enabled" ] || exit 0

# Users and group accounts are now stored in LDAP, so we need to delete them
# from the old passwd / group / shadow database

for USER in $(/usr/bin/getent passwd | sort | cut -d':' -f1 | uniq -d); do
    /usr/sbin/luserdel -G $USER
done

for GROUP in $(/usr/bin/getent group | sort | cut -d':' -f1 | uniq -d); do
    /usr/sbin/lgroupdel $GROUP
done

# And add the admin back in the root group, which is not in the LDAP database
/usr/bin/gpasswd -a admin root