#!/bin/bash
# Script to modify the next RID

# Configuration variables from Ansible
TARGET_HOSTNAME="{{ target_hostname }}"
DOMAIN_DN="{{ samba_realm.split('.') | map('regex_replace', '^(.*)$', 'DC=\\1') | join(',') }}"

{% raw %}
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
CYAN='\033[0;36m'
NC='\033[0m' # No Color

set_next_rid() {
    local new_rid=$1
    local pool_size=500

    if [ -z "$new_rid" ]; then
        echo -e "${RED}Usage: set_next_rid <new_rid>${NC}"
        return 1
    fi

    if [ $new_rid -lt 1000 ]; then
        echo -e "${RED}❌ Error: RID must be >= 1000 (RIDs < 1000 are reserved for system)${NC}"
        return 1
    fi

    echo -e "${CYAN}🎯 Current configuration:${NC}"
    ldbsearch -H /var/lib/samba/private/sam.ldb \
      -b "CN=RID Set,CN=${TARGET_HOSTNAME},OU=Domain Controllers,${DOMAIN_DN}" \
      rIDNextRID rIDAllocationPool | grep -E "(rIDNextRID|rIDAllocationPool)"

    echo ""
    echo -e "${YELLOW}🔄 New configuration:${NC}"
    echo -e "  ${CYAN}rIDNextRID:${NC} $new_rid"
    echo -e "  ${CYAN}rIDAllocationPool:${NC} $new_rid-$((new_rid + pool_size - 1))"
    echo ""

    echo -n -e "${YELLOW}Continue? (y/N): ${NC}"
    read confirm
    if [ "$confirm" != "y" ]; then
        echo -e "${YELLOW}🚫 Cancelled${NC}"
        return 1
    fi

    echo -e "${CYAN}🛑 Stopping Samba...${NC}"
    systemctl stop samba-ad-dc

    # Create LDIF file
    cat > /tmp/set-next-rid.ldif << EOF
dn: CN=RID Set,CN=${TARGET_HOSTNAME},OU=Domain Controllers,${DOMAIN_DN}
changetype: modify
replace: rIDNextRID
rIDNextRID: $new_rid
-
replace: rIDAllocationPool
rIDAllocationPool: $new_rid-$((new_rid + pool_size - 1))
-
replace: rIDPreviousAllocationPool
rIDPreviousAllocationPool: $new_rid-$((new_rid + pool_size - 1))
EOF

    # Apply changes
    if ldbmodify -H /var/lib/samba/private/sam.ldb /tmp/set-next-rid.ldif; then
        echo -e "${GREEN}✅ RID modified successfully${NC}"
    else
        echo -e "${RED}❌ Error during modification${NC}"
        systemctl start samba-ad-dc
        return 1
    fi

    echo -e "${CYAN}🚀 Restarting Samba...${NC}"
    systemctl start samba-ad-dc

    # Verification
    sleep 3
    echo ""
    echo -e "${CYAN}🔍 Verification:${NC}"
    ldbsearch -H /var/lib/samba/private/sam.ldb \
      -b "CN=RID Set,CN=${TARGET_HOSTNAME},OU=Domain Controllers,${DOMAIN_DN}" \
      rIDNextRID rIDAllocationPool | grep -E "(rIDNextRID|rIDAllocationPool)"

    rm -f /tmp/set-next-rid.ldif
}

# Usage
case "$1" in
    "show")
        echo -e "${CYAN}📊 Current RID status:${NC}"
        ldbsearch -H /var/lib/samba/private/sam.ldb \
          -b "CN=RID Set,CN=${TARGET_HOSTNAME},OU=Domain Controllers,${DOMAIN_DN}" \
          rIDNextRID rIDAllocationPool rIDUsedPool | \
          grep -E "(rIDNextRID|rIDAllocationPool|rIDUsedPool)"
        ;;
    "set")
        set_next_rid $2
        ;;
    *)
        echo -e "${YELLOW}Usage: $0 {show|set <new_rid>}${NC}"
        echo ""
        echo -e "${CYAN}Examples:${NC}"
        echo -e "  ${GREEN}$0 show${NC}          # Show current status"
        echo -e "  ${GREEN}$0 set 2000${NC}      # Force next RID to 2000"
        echo -e "  ${GREEN}$0 set 5000${NC}      # Force next RID to 5000"
        ;;
esac
{% endraw %}