#!/bin/sh
# 15.01.2010 Tobias Koenig
# Version 1.0 New Script for Admin Menu created
#
# 
#  
# Contact : itsupport@tobiaskoenig.de
###########################################################

#Config Area

#Setting LDAP Parameter
dc0=`/usr/local/bin/ldapsearch -LLL -x -h 127.0.0.1|grep "dn: ou=People"|awk -F, '{print $2}'`
dc1=`/usr/local/bin/ldapsearch -LLL -x -h 127.0.0.1|grep "dn: ou=People"|awk -F, '{print $3}'`
dc=$dc0,$dc1

##Module Area DO NOT CHANGE ANY THERE ;-)

#######################
showInfo() {
read -p "Please enter a Username: " username

user_count=`/usr/local/bin/ldapsearch -x -h 127.0.0.1 -b uid=$username,ou=People,$dc |grep uid:|wc -l`

if [ $user_count = 0 ] ; then
echo "******************************"
echo "Sorry Username not found"
echo "******************************"
menu
  else
  clear
  kadmin_checkexpire
  echo ""
  menu
fi
}
#######################

#######################
setExpired() {
read -p "Please enter a Username: " username

user_count=`/usr/local/bin/ldapsearch -x -h 127.0.0.1 -b uid=$username,ou=People,$dc |grep uid:|wc -l`

if [ $user_count = 0 ] ; then
echo "******************************"
echo "Sorry Username not found"
echo "******************************"
menu
  else
  read -p "Please enter the days until the account expired: " days
  kadmin_expired 
  echo ""
  echo "********************************************"
  kadmin_checkexpire|grep "Password expiration date:"
  echo "********************************************"
  echo ""
  menu
fi
}
#######################

#######################
setPass() {
read -p "Please enter the Username: " username

user_count=`/usr/local/bin/ldapsearch -x -h 127.0.0.1 -b uid=$username,ou=People,$dc |grep uid:|wc -l`

if [ $user_count = 0 ] ; then
echo "Sorry Username not exist"
menu
  else
    if [ $pwchoose = "man" ] ; then
    read -s -p "Please enter a new Passwort for $username : " userpw
      else
      userpw=`date +%j%N`
    fi
fi

kadmin_change

if [ $pwchoose = "auto" ] ; then
  echo "********************************************"
  echo "$username is changed to Passwort $userpw "
  echo "********************************************"
    else
    echo "********************************************"
    echo "$username is changed to Passwort you enter."
    echo "********************************************"
    echo ""
fi
menu
}
#######################
removeUser() {

read -p "Please enter Username to delete:  " username

user_count=`/usr/local/bin/ldapsearch -x -h 127.0.0.1 -b uid=$username,ou=People,$dc |grep uid:|wc -l`

if [ $user_count = 0 ] ; then
echo "******************************"
echo "Sorry Username not exist"
echo "******************************"
menu
  else
ldapremove
kadmin_remove
  fi
menu
} 
#######################
newUser() {

id=`/usr/local/bin/ldapsearch -LLL -x -h 127.0.0.1 -b "ou=People,$dc"|grep "uidNumber:"| sed 's/uidNumber: //'|tail -1`
id=`expr $id + 1`

read -p "Please enter a new Username: " username

user_count=`/usr/local/bin/ldapsearch -x -h 127.0.0.1 -b uid=$username,ou=People,$dc |grep uid:|wc -l`

if [ $user_count = 1 ] ; then
echo "******************************"
echo "Sorry Username exist"
echo "******************************"
menu
  else
  if [ $pwchoose = "man" ] ; then
  read -s -p "Please enter a new Passwort for $username : " userpw
    else
    userpw=`date +%j%N`
  fi
  
ldapadd_add
      if [ $RETVAL = 0 ] ; then
      echo "LDAP ADD okay"
        else
	echo "Ldap add error above"
      fi

  kadmin_add
    if [ $RETVAL = 0 ] ; then
    echo "Kadmin okay"
      else
   echo "kadmin Problem above"
    fi

fi

  if [ $pwchoose = "auto" ] ; then
    echo "********************************************"
    echo "$username is created with Passwort $userpw "
    echo "********************************************"
    echo ""
    else
    echo "********************************************"
    echo "$username is created with Passwort you enter."
    echo "********************************************"
  fi
menu
}
#######################

#######################
ldapremove() {
ldapdelete -v -D "cn=Manager,$dc" -x -w "$adminpw" uid=$username,ou=People,$dc
}
#######################

#######################
ldapadd_add() {
ldapadd -D "cn=Manager,$dc" -x -w "$adminpw" <<EOF
dn: uid=$username,ou=People,$dc
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
objectClass: organizationalPerson
uid: $username
cn: ?
description: ?
displayName: $username
o: ?
mail: ?
givenName: $username
sn: $username
telephoneNumber: ?
uidNumber: $id
gidNumber: 65534
gecos: $username
homeDirectory: /home/$username
loginShell: /bin/false
EOF
RETVAL=$?
}
#######################

#######################
kadmin_add() {
kadmin.local <<EOR
add_principal -pw $userpw $username
EOR
RETVAL=$?
}
#######################

#######################
kadmin_remove() {
kadmin.local <<EOR
delete_principal -force $username
EOR
}
#######################

#######################
kadmin_change() {
/usr/local/sbin/kadmin.local <<EOF
change_password -pw $userpw $username
EOF
RETVAL=$?
}
#######################

#######################
kadmin_expired() {
/usr/local/sbin/kadmin.local <<EOF 
modprinc -pwexpire +"$days"day $username
EOF
RETVAL=$?
}
#######################

#######################
kadmin_checkexpire() {
/usr/local/sbin/kadmin.local <<EOF
getprinc $username
EOF
}
#######################

#######################
choose_pw() {
read -p "Please choose man or auto for Passwordpolicy: " pwchoose
case $pwchoose in
		man)
			;;
		auto)
			;;
		*)
		 choose_pw
			;;
esac
}
#######################


###Programm ###########
clear
echo "For Administration of the Zeroshell.."
read -s -p "Please enter the Admin PW: " adminpw
clear


menu() {
echo ""
echo "##############################"
echo ""
echo "Main Menu: "
echo ""
echo "1 Create new User"
echo "2 Set Password for User"
echo "3 Set Expired Date for User"
echo "4 Show Userinformations"
echo "5 Delete User"
echo ""
echo "Q Quit"
read -p "Please choose an Option: " menu

case $menu in
    1)
        newUser
        ;;
    2)
        setPass
        ;;
    3)
        setExpired
        ;;
    4)
        showInfo
        ;;
    5)
        removeUser
        ;;
    Q)
	exit
	;;
    *)
      echo "Please choose on of the Options above..."
	menu
      ;;    

esac
}
choose_pw
menu