feat(fusiondirectory-setup) Add option to remove supann root

New options removes the establishement node stored under root in previous version as this is not what SupAnn recommends. People migrating from FD<1.4 will need to run fusiondirectory-setup --remove-supann-root and then in FusionDirectory open the root establishment and check the "Root establishment" checkbox again. (The other order should work too) issue #6062

feat(fusiondirectory-setup) Add option to remove supann root
New options removes the establishement node stored under root in previous version as this is not what SupAnn recommends. People migrating from FD<1.4 will need to run fusiondirectory-setup --remove-supann-root and then in FusionDirectory open the root establishment and check the "Root establishment" checkbox again. (The other order should work too) issue #6062
88af82fe · Côme Chilliet · 2c2cc10b · 88af82fe
Unverified Commit 88af82fe authored 5 years ago by Côme Chilliet
Hide whitespace changes
Inline Side-by-side

Showing

with 48 additions and 0 deletions
+48 -0
--- a/contrib/bin/fusiondirectory-setup
+++ b/contrib/bin/fusiondirectory-setup
@@ -1637,6 +1637,53 @@ sub migrate_phones {
  $unbind->code && warn "! Unable to unbind from LDAP server: ", $unbind->error."\n";
 }
+# function that removes SupAnn root information from FD<1.4
+sub remove_supann_root {
+  # initiate the LDAP connexion
+  my %hash_ldap_param = get_ldap_connexion();
+  # LDAP's connection's parameters
+  my $base = $hash_ldap_param{base};
+  my $ldap = $hash_ldap_param{ldap};
+  my $mesg = $ldap->search(
+    filter  => '(&(objectClass=supannOrg)(objectClass=eduOrg))',
+    base    => $base,
+    scope   => 'one'
+  );
+  $mesg->code && die $mesg->error;
+  if ($mesg->count > 0) {
+    print ("There is an outdated SupAnn establishement stored under root node:\n");
+    my @entries = $mesg->entries;
+    foreach my $entry (@entries) {
+      print $entry->dn()."\n";
+    }
+    print ("You should remove this entry and check the 'Root establishment' checkbox\n");
+    print (" in FusionDirectory to save it in the root node instead.\n");
+    if (ask_yn_question("Remove this entry?")) {
+      foreach my $entry (@entries) {
+        $mesg = $ldap->delete($entry);
+        if ($mesg->code) {
+          print "Failed to delete entry '".$entry->dn."': ".$mesg->error."\n";
+        } else {
+          print "Deleted entry '".$entry->dn."'\n";
+        }
+      }
+    }
+  } else {
+    print ("There is no outdated SupAnn establishement stored under root node.\n");
+  }
+  # unbind to the LDAP server
+  my $unbind = $ldap->unbind;
+  $unbind->code && warn "! Unable to unbind from LDAP server: ", $unbind->error."\n";
+}
 # List LDAP attributes which have been deprecated
 sub list_deprecated {
  my ($obsolete_attrs, $obsolete_classes) = get_deprecated();
@@ -1879,6 +1926,7 @@ die ("! You have to run this script as root\n") if ($<!=0);
  $commands{"--migrate-systems"}      = ["Migrating your systems from FD < 1.1",          \&migrate_systems, 1];
  $commands{"--migrate-winstations"}  = ["Migrating your winstations from FD < 1.1",      \&migrate_winstations, 1];
  $commands{"--migrate-dhcp"}         = ["Migrating DHCP configurations for FD >= 1.0.17",\&migrate_dhcp, 1];
+  $commands{"--remove-supann-root"}   = ["Remove SupAnn root establishment from FD < 1.4",\&remove_supann_root, 1];
  $commands{"--delete-gosa-locks"}    = ["Delete lock tokens using old gosaLockEntry class", \&delete_gosa_locks];
  $commands{"--install-plugins"}      = ["Installing FusionDirectory's plugins",          \&install_plugins];
  $commands{"--encrypt-passwords"}    = ["Encrypt passwords in fusiondirectory.conf",     \&encrypt_passwords];