#!/bin/bash

. ${TOOLKIT}-functions.sh

admin=`jtconf samba.admin`
admin_gid=`jtconf samba.admin_gid`

# if ldap_managed = true, or reply server, doesn't update ldap entries
#
ldap_managed=false
getconfirm ldap.managed && ldap_managed=true

repl=$(jtconf ldap.repl_number 2>/dev/null) || :
repl=${repl:-0}

[ $repl != 0 ] && ldap_managed=false

$ldap_managed && {
	# add ldap admin password to secrets.tdb
	#
	passwd=`jtconf ldap.admin_password` || exit_missing_define ldap.admin_password
	echo -n "  "
	smbpasswd -w $passwd

	echo "  running /usr/sbin/ku-smbldap-populate ..."
	/usr/sbin/ku-smbldap-populate || exit $?
}

echo
smbldap-grouplist -dS | grep 'S-1-5'



# checks existence of logon/profiles directories
#
# they are under 'pdc' subdir of shares folder, doesn't mess them
# up intereferring with unix homes folders
#
shares=`jtconf path.shares` || exit_missing_define 'path.shares'

create_dir --fixperms "$shares/pdc/netlogon" $admin:$admin_gid
create_dir --fixperms "$shares/pdc/profiles" $admin:$admin_gid 1777

exit 0
