#!/bin/bash
# add user to group for Kerberos/LDAP/NFS4
# paul@vandervlis.nl

# get variables
. /usr/local/sbin/variables

# ask user when not on commandline:
if test "$1" = ""; then
  read -p "Username(s): " user
else
  user=$1
fi
if test "$user" = ""; then
  echo no user.
  exit
fi

# ask group when not on commandline:
if test "$2" = ""; then
  read -p "Groupname(s): " group
else
  group=$2
fi
if test "$group" = ""; then
  echo no group.
  exit
fi

# do it:
for USER2 in $user; do
  for GROUP2 in $group; do
    TMPLDIF=$(tempfile)
    echo -n "" >$TMPLDIF
    echo "dn: cn=$GROUP2,ou=groups,$ldaproot" >>$TMPLDIF
    echo "changetype: modify" >>$TMPLDIF
    echo "add: memberUid" >>$TMPLDIF
    echo "memberUid: $USER2" >>$TMPLDIF
    echo "add $USER2 to $GROUP2:"
    ldapmodify -xD "cn=admin,$ldaproot" -w "$ldappw" -f $TMPLDIF
    rm $TMPLDIF
  done
  service nscd restart > /dev/null
  # make links for user
  mlist=`ls -1 /srv/nfs4/data/`
  for map in $mlist; do
    su $USER2 -c "ls /srv/nfs4/data/$map > /dev/null 2>&1"
    if test $? = 0; then
      ln -s /data/$map /srv/nfs4/home/$USER2/$map > /dev/null 2>&1
    fi
  done
done

# log
echo "`date` add user(s): $user to group(s): $group" >> /var/log/au.log