#!/usr/local/bin/perl $basedn = "ou=People,dc=cs,dc=nctu,dc=edu,dc=tw"; $masteruri = "ldaps://ldapmaster.cs.nctu.edu.tw"; if ($< == 0) { die "ERROR: cannot execute as user 'root'"; } $user = $ENV{"USER"}; system "stty -echo"; print "UNIX password for user $user: "; chomp($oldpass=); print "\n"; system "stty echo"; chomp($dn=`ldapsearch -b '$basedn' -D 'uid=$user,$basedn' -w '$oldpass' '(uid=$user)' | sed -e '/^#/d' -e '/^\$/d' | head -1`); if ( ($dn eq '') || ($oldpass eq '') ) { print "Wrong password for user $user!\n"; exit (-1); } $type = ""; $unix = $win = 0; if($0 =~ /unixpasswd/) { $type = ' UNIX'; $unix = 1; } elsif($0 =~ /winpasswd/) { $type = ' Windows'; $win = 1; } else { $unix = $win = 1; } system "stty -echo"; print "New$type password for user $user: "; chomp($pass=); print "\n"; system "stty echo"; system "stty -echo"; print "Retype new$type password for user $user: "; chomp($pass2=); print "\n"; system "stty echo"; # MD5 password $random = join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64, rand 64, rand 64, rand 64, rand 64, rand 64, rand 64]; $bsalt = "\$1\$"; $esalt = "\$"; $modsalt = $bsalt.$random.$esalt; $password = crypt($pass, $modsalt); # Change time $shadowlastchange=int(time/24/3600); $pwdlastset=sprintf('%x',time); # LanManager and NT clear text passwords $ntpwd = `/usr/local/sbin/mkntpwd -L '$pass' -N '$pass'`; chomp($lmpassword = substr($ntpwd, 0, index($ntpwd, ':'))); chomp($ntpassword = substr($ntpwd, index($ntpwd, ':')+1)); $dn =~ s/dn: //; $FILE="|ldapmodify -H '$masteruri' -D '$dn' -w '$oldpass'"; open FILE or die; print FILE "dn: $dn\n"; if($unix == 1) { print FILE <