#!/bin/bash DEFAULT_PASSWORD="Welcome123!" # Script to create Samba4 users from CSV file using ldbmodify # Usage: ./create_samba_users.sh # Set script directory for relative paths SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" CSV_FILE="$SCRIPT_DIR/Transfert/users.csv" TEMPLATE_FILE="$SCRIPT_DIR/user.ldif.orig" TEMP_LDIF="$SCRIPT_DIR/user.ldif" # Check if running as root if [[ $EUID -ne 0 ]]; then echo "Error: This script must be run as root to access Samba's LDB database." echo "Please run with: sudo $0" exit 1 fi # Check if required files exist if [[ ! -f "$CSV_FILE" ]]; then echo "Error: CSV file not found at $CSV_FILE" exit 1 fi if [[ ! -f "$TEMPLATE_FILE" ]]; then echo "Error: Template file not found at $TEMPLATE_FILE" exit 1 fi # Check if ldbmodify is available if ! command -v ldbmodify &> /dev/null; then echo "Error: ldbmodify command not found. Please ensure Samba4 is installed." exit 1 fi # Function to clean up temp file cleanup() { if [[ -f "$TEMP_LDIF" ]]; then rm -f "$TEMP_LDIF" echo "Cleaned up temporary file: $TEMP_LDIF" fi } # Set trap to cleanup on exit trap cleanup EXIT echo "Starting Samba4 user creation process..." echo "Reading users from: $CSV_FILE" echo "Using template: $TEMPLATE_FILE" echo "" # Counter for statistics total_users=0 successful_users=0 failed_users=0 # Read CSV file line by line (skip header) tail -n +2 "$CSV_FILE" | while IFS=',' read -r UGIVEN LOGIN OBJECTSID UNAME; do total_users=$((total_users + 1)) # Trim whitespace and newlines from variables UNAME=$(echo "$UNAME" | tr -d '\r\n' | xargs) echo "Processing user $total_users: $UGIVEN $UNAME (login: $LOGIN)" # Check if any required field is empty if [[ -z "$UGIVEN" || -z "$LOGIN" || -z "$OBJECTSID" || -z "$UNAME" ]]; then echo " Warning: Skipping user due to missing data (UGIVEN='$UGIVEN', LOGIN='$LOGIN', OBJECTSID='$OBJECTSID', UNAME='$UNAME')" failed_users=$((failed_users + 1)) continue fi # Create user.ldif from template by replacing placeholders cp "$TEMPLATE_FILE" "$TEMP_LDIF" # Use sed to replace placeholders (handle special characters properly) sed -i "s|UGIVEN|$UGIVEN|g" "$TEMP_LDIF" sed -i "s|LOGIN|$LOGIN|g" "$TEMP_LDIF" sed -i "s|OBJECTSID|$OBJECTSID|g" "$TEMP_LDIF" sed -i "s|UNAME|$UNAME|g" "$TEMP_LDIF" echo " Created LDIF file for user: $LOGIN" # Execute ldbmodify command if ldbmodify -H /var/lib/samba/private/sam.ldb --controls="local_oid:1.3.6.1.4.1.7165.4.3.12:0" "$TEMP_LDIF" 2>/dev/null; then echo " ✓ Successfully created user: $LOGIN" successful_users=$((successful_users + 1)) else echo " ✗ Failed to create user: $LOGIN" echo " You may need to run this script as root or check Samba permissions." failed_users=$((failed_users + 1)) fi # Set default password for the user as it cannot be read from previous export samba-tool user setpassword "$LOGIN" --newpassword="$DEFAULT_PASSWORD" 2>/dev/null echo "" done # Display final statistics echo "=========================================" echo "User creation process completed!" echo "Total users processed: $total_users" echo "Successfully created: $successful_users" echo "Failed: $failed_users" echo "=========================================" # Note about permissions if [[ $failed_users -gt 0 ]]; then echo "" echo "Note: If users failed to be created, you may need to:" echo "1. Run this script as root (sudo ./create_samba_users.sh)" echo "2. Check that Samba4 is properly configured" echo "3. Verify that /var/lib/samba/private/sam.ldb exists and is accessible" fi