Hi Tobias,
> My crude hack at a solution, but it works for me so here
> goes . . . . .
That works really well! I tweaked your code a bit to recursively list
groups within groups, and it works almost perfectly - it only seems to
break if there's a username with a space in it, because wbinfo doesn't
escape the spaces when it prints the name. You could probably work
around it, but we don't have many names with spaces so it doesn't
bother me too much. Apart from that though, it's great!
Thanks,
Adam.
Modified code:
#!/bin/sh
# /usr/local/bin/get_grp_mem <domain group>
#
# <domain sid> is derived from:
#
# wbinfo -n <domain account>
#
# S-1-2-33-4444444444-555555555-666666666-XXXXX User (1)
#
# <domain sid> = S-1-2-33-4444444444-555555555-666666666
#
if [ "$1" == "" ]; then
echo "Usage: get_grp_mem <groupname>"
exit 1
fi
DOMAIN_SID='S-1-2-33-4444444444-555555555-666666666'
DOMAIN_CONTROLLER='AD01'
function listUsers()
{
GROUP_SID=`wbinfo -n "$1"`
if [ "$?" -ne 0 ]; then
echo ERROR: $GROUP_SID
exit 1
fi
grpid=`echo $GROUP_SID | sed "s/${DOMAIN_SID}-//" | sed 's/
Domain..*//'`
RIDLIST=`rpcclient -W <domain> -U <username>%<password> -c
"querygroupmem $grpid" $DOMAIN_CONTROLLER | tr -s '\t' ' ' | sed 's/^
rid:\[0x//g' | sed 's/\] attr:\[0x7\]//g'`
for i in $RIDLIST; do
DATA=`wbinfo -s ${DOMAIN_SID}-\`printf %d 0x${i}\``
eval `echo $DATA | awk '{print "USERNAME='"'"'"$1"'"'"';
TYPE="$2}'` if [ "$TYPE" == "2" ]; then
# This is a subgroup
listUsers "$USERNAME"
else
# This is either a user, or the name had spaces in it
(which wbinfo doesn't escape)
echo "$USERNAME"
fi
done
}
# List the main group
listUsers $1
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
