samba-bounces+alaslavic=havertys.com@lists.samba.org wrote on 03/29/2005
02:29:37 AM:
> Hi
>
> it's possible with wbinfo that get a information:
>
> 1- Get all users of one Active Directory Group
> 2- Get all groups of one username ?
>
>
> (i want create a small perl script for add automatiquely user into
> Squidguard, other user say me that Squidguard can't directly
> get the Active DIrectory Group (only use username)
>
> Thanks for your help
I have the same setup going, so I'll show you how I am doing it.
Please excuse, its kind of a hack, but it has worked flawlessly for a long
time, so I never cleaned it up.
The script below dumps an alphabetical list of users contained in a group.
It mostly uses "getent group", with some regular expressions to pull
out
only the usernames.
-----------ntgroup.pl--------------
#!/usr/bin/perl
#useage: ntgroup.pl <windows group>
$group = shift(@ARGV);
$groupstring = `/usr/bin/getent group | /usr/bin/grep -e "^$group:"`;
$groupstring=~s/^.*:x:[0-9].*://;
@list = split /,/,$groupstring;
@sortlist = sort @list;
for (@sortlist) {
chomp($_);
print "$_\n";
}
exit
------------end of ntgroup.pl----------
You are correct that squidguard can't access Active Directory, it has to
read from a file containing a list of usernames. What I did at this point
is created a "proxyUsers" domain group. I then ran the script above,
"ntgroup.pl proxyUsers > /var/squidguard/proxyUser.list". I then
put in a
cron job that peroidically checked to see if the list had changed, and if
it had, added the new users, and reloaded squidguard to put the new users
in effect.
This is getting OT now, so if you have any more squidguard related
questions, you can contact me off-list.
~alex
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba