4 Copyright (C) Andrew Bartlett 2006
6 ** NOTE! The following LGPL license applies to the ldb
7 ** library. This does NOT imply that all of Samba is released
10 This library is free software; you can redistribute it and/or
11 modify it under the terms of the GNU Lesser General Public
12 License as published by the Free Software Foundation; either
13 version 3 of the License, or (at your option) any later version.
15 This library is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
20 You should have received a copy of the GNU Lesser General Public
21 License along with this library; if not, see <http://www.gnu.org/licenses/>.
27 * Component: ad2oLschema
29 * Description: utility to convert an AD schema into the format required by OpenLDAP
31 * Author: Andrew Bartlett
35 #include "ldb_includes.h"
36 #include "system/locale.h"
37 #include "lib/ldb/tools/cmdline.h"
38 #include "utils/schema_convert.h"
39 #include "param/param.h"
40 #include "lib/cmdline/popt_common.h"
41 #include "dsdb/samdb/samdb.h"
55 static void usage(void)
57 printf("Usage: ad2oLschema <options>\n");
58 printf("\nConvert AD-like LDIF to OpenLDAP schema format\n\n");
60 printf(" -I inputfile inputfile of mapped OIDs and skipped attributes/ObjectClasses");
61 printf(" -H url LDB or LDAP server to read schmea from\n");
62 printf(" -O outputfile outputfile otherwise STDOUT\n");
63 printf(" -o options pass options like modules to activate\n");
64 printf(" e.g: -o modules:timestamps\n");
66 printf("Converts records from an AD-like LDIF schema into an openLdap formatted schema\n\n");
70 static struct ldb_dn *find_schema_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ctx)
72 const char *rootdse_attrs[] = {"schemaNamingContext", NULL};
73 struct ldb_dn *schemadn;
74 struct ldb_dn *basedn = ldb_dn_new(mem_ctx, ldb, NULL);
75 struct ldb_result *rootdse_res;
76 struct ldb_result *schema_res;
83 /* Search for rootdse */
84 ldb_ret = ldb_search(ldb, basedn, LDB_SCOPE_BASE, NULL, rootdse_attrs, &rootdse_res);
85 if (ldb_ret != LDB_SUCCESS) {
86 ldb_ret = ldb_search(ldb, basedn, LDB_SCOPE_SUBTREE,
87 "(&(objectClass=dMD)(cn=Schema))",
90 printf("cn=Schema Search failed: %s\n", ldb_errstring(ldb));
94 talloc_steal(mem_ctx, schema_res);
96 if (schema_res->count != 1) {
97 talloc_free(schema_res);
98 printf("Failed to find rootDSE");
102 schemadn = talloc_steal(mem_ctx, schema_res->msgs[0]->dn);
103 talloc_free(schema_res);
107 if (rootdse_res->count != 1) {
108 printf("Failed to find rootDSE");
109 talloc_free(rootdse_res);
114 schemadn = ldb_msg_find_attr_as_dn(ldb, mem_ctx, rootdse_res->msgs[0], "schemaNamingContext");
115 talloc_free(rootdse_res);
125 #define IF_NULL_FAIL_RET(x) do { \
133 static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_target target, FILE *in, FILE *out)
135 /* Read list of attributes to skip, OIDs to map */
136 TALLOC_CTX *mem_ctx = talloc_new(ldb);
138 const char **attrs_skip = NULL;
144 int num_oid_maps = 0;
149 int num_attr_maps = 0;
150 struct dsdb_class *objectclass;
151 struct dsdb_attribute *attribute;
152 struct ldb_dn *schemadn;
153 struct schema_conv ret;
154 struct dsdb_schema *schema;
163 while ((line = afdgets(fileno(in), mem_ctx, 0))) {
165 if (line[0] == '\0') {
169 if (line[0] == '#') {
172 if (isdigit(line[0])) {
173 char *p = strchr(line, ':');
177 oid_map = talloc_realloc(mem_ctx, oid_map, struct oid_map, num_oid_maps + 2);
178 trim_string(line, " ", " ");
179 oid_map[num_oid_maps].old_oid = talloc_move(oid_map, &line);
180 trim_string(p, " ", " ");
181 oid_map[num_oid_maps].new_oid = p;
183 oid_map[num_oid_maps].old_oid = NULL;
185 char *p = strchr(line, ':');
187 /* remap attribute/objectClass */
190 attr_map = talloc_realloc(mem_ctx, attr_map, struct attr_map, num_attr_maps + 2);
191 trim_string(line, " ", " ");
192 attr_map[num_attr_maps].old_attr = talloc_move(attr_map, &line);
193 trim_string(p, " ", " ");
194 attr_map[num_attr_maps].new_attr = p;
196 attr_map[num_attr_maps].old_attr = NULL;
198 /* skip attribute/objectClass */
199 attrs_skip = talloc_realloc(mem_ctx, attrs_skip, const char *, num_skip + 2);
200 trim_string(line, " ", " ");
201 attrs_skip[num_skip] = talloc_move(attrs_skip, &line);
203 attrs_skip[num_skip] = NULL;
208 schemadn = find_schema_dn(ldb, mem_ctx);
210 printf("Failed to find schema DN: %s\n", ldb_errstring(ldb));
215 ldb_ret = dsdb_schema_from_schema_dn(mem_ctx, ldb,
216 lp_iconv_convenience(cmdline_lp_ctx),
217 schemadn, &schema, &error_string);
218 if (ldb_ret != LDB_SUCCESS) {
219 printf("Failed to load schema: %s\n", error_string);
225 case TARGET_OPENLDAP:
227 case TARGET_FEDORA_DS:
228 fprintf(out, "dn: cn=schema\n");
232 for (attribute=schema->attributes; attribute; attribute = attribute->next) {
233 const char *name = attribute->lDAPDisplayName;
234 const char *description = attribute->adminDescription;
235 const char *oid = attribute->attributeID_oid;
236 const char *syntax = attribute->attributeSyntax_oid;
237 bool single_value = attribute->isSingleValued;
239 const struct syntax_map *map = find_syntax_map_by_ad_oid(syntax);
240 char *schema_entry = NULL;
243 /* We have been asked to skip some attributes/objectClasses */
244 if (attrs_skip && str_list_check_ci(attrs_skip, name)) {
249 /* We might have been asked to remap this oid, due to a conflict */
250 for (j=0; oid && oid_map && oid_map[j].old_oid; j++) {
251 if (strcasecmp(oid, oid_map[j].old_oid) == 0) {
252 oid = oid_map[j].new_oid;
258 case TARGET_OPENLDAP:
259 schema_entry = talloc_asprintf(mem_ctx,
263 case TARGET_FEDORA_DS:
264 schema_entry = talloc_asprintf(mem_ctx,
265 "attributeTypes: (\n"
269 IF_NULL_FAIL_RET(schema_entry);
271 /* We might have been asked to remap this name, due to a conflict */
272 for (j=0; name && attr_map && attr_map[j].old_attr; j++) {
273 if (strcasecmp(name, attr_map[j].old_attr) == 0) {
274 name = attr_map[j].new_attr;
279 schema_entry = talloc_asprintf_append(schema_entry,
280 " NAME '%s'\n", name);
281 IF_NULL_FAIL_RET(schema_entry);
284 #if 0 /* If you want to re-enable this, you must first figure out a sane escaping of ' in the description */
285 schema_entry = talloc_asprintf_append(schema_entry,
286 " DESC '%s'\n", description);
287 IF_NULL_FAIL_RET(schema_entry);
292 const char *syntax_oid;
294 schema_entry = talloc_asprintf_append(schema_entry,
295 " EQUALITY %s\n", map->equality);
296 IF_NULL_FAIL_RET(schema_entry);
298 if (map->substring) {
299 schema_entry = talloc_asprintf_append(schema_entry,
300 " SUBSTR %s\n", map->substring);
301 IF_NULL_FAIL_RET(schema_entry);
303 syntax_oid = map->Standard_OID;
304 /* We might have been asked to remap this oid,
305 * due to a conflict, or lack of
307 for (j=0; syntax_oid && oid_map && oid_map[j].old_oid; j++) {
308 if (strcasecmp(syntax_oid, oid_map[j].old_oid) == 0) {
309 syntax_oid = oid_map[j].new_oid;
313 schema_entry = talloc_asprintf_append(schema_entry,
314 " SYNTAX %s\n", syntax_oid);
315 IF_NULL_FAIL_RET(schema_entry);
319 schema_entry = talloc_asprintf_append(schema_entry,
321 IF_NULL_FAIL_RET(schema_entry);
324 schema_entry = talloc_asprintf_append(schema_entry,
328 case TARGET_OPENLDAP:
329 fprintf(out, "%s\n\n", schema_entry);
331 case TARGET_FEDORA_DS:
332 fprintf(out, "%s\n", schema_entry);
338 /* This is already sorted to have 'top' and similar classes first */
339 for (objectclass=schema->classes; objectclass; objectclass = objectclass->next) {
340 const char *name = objectclass->lDAPDisplayName;
341 const char *description = objectclass->adminDescription;
342 const char *oid = objectclass->governsID_oid;
343 const char *subClassOf = objectclass->subClassOf;
344 int objectClassCategory = objectclass->objectClassCategory;
347 char *schema_entry = NULL;
348 const char *objectclass_name_as_list[] = {
349 objectclass->lDAPDisplayName,
354 /* We have been asked to skip some attributes/objectClasses */
355 if (attrs_skip && str_list_check_ci(attrs_skip, name)) {
360 may = dsdb_full_attribute_list(mem_ctx, schema, objectclass_name_as_list, DSDB_SCHEMA_ALL_MAY);
362 must = dsdb_full_attribute_list(mem_ctx, schema, objectclass_name_as_list, DSDB_SCHEMA_ALL_MUST);
364 /* We might have been asked to remap this oid, due to a conflict */
365 for (j=0; oid_map && oid_map[j].old_oid; j++) {
366 if (strcasecmp(oid, oid_map[j].old_oid) == 0) {
367 oid = oid_map[j].new_oid;
373 case TARGET_OPENLDAP:
374 schema_entry = talloc_asprintf(mem_ctx,
378 case TARGET_FEDORA_DS:
379 schema_entry = talloc_asprintf(mem_ctx,
384 IF_NULL_FAIL_RET(schema_entry);
390 /* We might have been asked to remap this name, due to a conflict */
391 for (j=0; name && attr_map && attr_map[j].old_attr; j++) {
392 if (strcasecmp(name, attr_map[j].old_attr) == 0) {
393 name = attr_map[j].new_attr;
398 schema_entry = talloc_asprintf_append(schema_entry,
399 " NAME '%s'\n", name);
400 IF_NULL_FAIL_RET(schema_entry);
402 if (!schema_entry) return ret;
405 schema_entry = talloc_asprintf_append(schema_entry,
406 " DESC '%s'\n", description);
407 IF_NULL_FAIL_RET(schema_entry);
411 schema_entry = talloc_asprintf_append(schema_entry,
412 " SUP %s\n", subClassOf);
413 IF_NULL_FAIL_RET(schema_entry);
416 switch (objectClassCategory) {
418 schema_entry = talloc_asprintf_append(schema_entry,
420 IF_NULL_FAIL_RET(schema_entry);
423 schema_entry = talloc_asprintf_append(schema_entry,
425 IF_NULL_FAIL_RET(schema_entry);
428 schema_entry = talloc_asprintf_append(schema_entry,
430 IF_NULL_FAIL_RET(schema_entry);
434 #define APPEND_ATTRS(attributes) \
437 for (k=0; attributes && attributes[k]; k++) { \
439 const char *attr_name = attributes[k]; \
440 /* We might have been asked to remap this name, due to a conflict */ \
441 for (attr_idx=0; attr_name && attr_map && attr_map[attr_idx].old_attr; attr_idx++) { \
442 if (strcasecmp(attr_name, attr_map[attr_idx].old_attr) == 0) { \
443 attr_name = attr_map[attr_idx].new_attr; \
448 schema_entry = talloc_asprintf_append(schema_entry, \
451 IF_NULL_FAIL_RET(schema_entry); \
452 if (attributes[k+1]) { \
453 schema_entry = talloc_asprintf_append(schema_entry, \
455 IF_NULL_FAIL_RET(schema_entry); \
456 if (target == TARGET_OPENLDAP && ((k+1)%5 == 0)) { \
457 schema_entry = talloc_asprintf_append(schema_entry, \
459 IF_NULL_FAIL_RET(schema_entry); \
466 schema_entry = talloc_asprintf_append(schema_entry,
468 IF_NULL_FAIL_RET(schema_entry);
472 schema_entry = talloc_asprintf_append(schema_entry,
474 IF_NULL_FAIL_RET(schema_entry);
478 schema_entry = talloc_asprintf_append(schema_entry,
480 IF_NULL_FAIL_RET(schema_entry);
484 schema_entry = talloc_asprintf_append(schema_entry,
486 IF_NULL_FAIL_RET(schema_entry);
489 schema_entry = talloc_asprintf_append(schema_entry,
493 case TARGET_OPENLDAP:
494 fprintf(out, "%s\n\n", schema_entry);
496 case TARGET_FEDORA_DS:
497 fprintf(out, "%s\n", schema_entry);
506 int main(int argc, const char **argv)
509 struct ldb_cmdline *options;
512 struct ldb_context *ldb;
513 struct schema_conv ret;
514 const char *target_str;
515 enum convert_target target;
517 ctx = talloc_new(NULL);
518 ldb = ldb_init(ctx, NULL);
520 options = ldb_cmdline_process(ldb, argc, argv, usage);
522 if (options->input) {
523 in = fopen(options->input, "r");
525 perror(options->input);
529 if (options->output) {
530 out = fopen(options->output, "w");
532 perror(options->output);
537 target_str = lp_parm_string(cmdline_lp_ctx, NULL, "convert", "target");
539 if (!target_str || strcasecmp(target_str, "openldap") == 0) {
540 target = TARGET_OPENLDAP;
541 } else if (strcasecmp(target_str, "fedora-ds") == 0) {
542 target = TARGET_FEDORA_DS;
544 printf("Unsupported target: %s\n", target_str);
548 ret = process_convert(ldb, target, in, out);
553 printf("Converted %d records (skipped %d) with %d failures\n", ret.count, ret.skipped, ret.failures);
git.samba.org / tprouty / samba.git / blob