#!/bin/sh

#
# changes the LDAP password (Unix and Samba) of a user.
# If the user haven't a sambaSamAccount,
# it will be added
#
# need to  run as root (for smbldap-usermod)
#

if [ `id -u` -ne 0 ]; then
    echo "$0 must run as root"
    exit 1
fi

user=$1
if [ -z "$user" ]; then
	echo "Usage: $0 <username>" >&2
	exit 1
fi

if ! ldapsearch -H ldap://ldap -x -Z -LLL "(&(uid=$user)(objectClass=sambaSamAccount))" objectclass |
        grep  -q 'objectClass:.*sambaSamAccount'; then
    # add sambaSamAccount to user
    smbldap-usermod -a $user
fi
exec smbldap-passwd $user
