#!/bin/sh

#  ldapdeletegroup : deletes a POSIX group account from LDAP

#  Copyright (C) 2005 Ganal LAPLANCHE - Linagora
#
#  This program is free software; you can redistribute it and/or
#  modify it under the terms of the GNU General Public License
#  as published by the Free Software Foundation; either version 2
#  of the License, or (at your option) any later version.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program; if not, write to the Free Software
#  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
#  USA.

if [ "$1" = "" ]
then
  echo "Usage : $0 <groupname | gid>"
  exit 1
fi

# Read configuration
if [ ! -f /etc/ldapscripts/ldapscripts.conf ]
then
  echo "Unable to read configuration file from /etc/ldapscripts/ldapscripts.conf, exiting..." | tee -a "$LOGFILE"
  exit 1
fi

. /etc/ldapscripts/ldapscripts.conf

# Find groupname : $1, must exist in LDAP !
_ENTRY=`$LDAPSEARCHBIN -w "$BINDPWD" -D "$BINDDN" -b "$GSUFFIX,$SUFFIX" -xH "ldap://$SERVER" -s sub -LLL "(&(objectClass=posixGroup)(|(cn=$1)(gidNumber=$1)))" dn 2>>"$LOGFILE" | grep "dn: " | head -n 1 | sed -e "s|dn: ||"`
if [ "$_ENTRY" = "" ] # Group not found
then
  echo "Group $1 not found in LDAP" | tee -a "$LOGFILE"
  exit 1
fi

# Delete entry
$LDAPDELETEBIN -w "$BINDPWD" -D "$BINDDN" -xH "ldap://$SERVER" "$_ENTRY" 2>>"$LOGFILE" 1>/dev/null

if [ $? -ne 0 ]
then
  echo "Error deleting group $_ENTRY from LDAP" | tee -a "$LOGFILE"
  exit 1
fi

echo "Successfully deleted group $_ENTRY from LDAP" | tee -a "$LOGFILE"
exit 0
