#! /usr/bin/perl
#

#ldapsearch -H ldap://tbn06.nikhef.nl/ \
#	-b "ou=poolaccounts,dc=farmnet,dc=nikhef,dc=nl" -LLL -x \
#	description | \
#	awk -F: '/export/ {print "mkdir $NF" }' | \
#	xargs mkdir 

use Net::LDAP qw(:all);                  # for all code
use Net::LDAP::Util qw(ldap_error_name
                       ldap_error_text); # for error handling

use Getopt::Long;

@optdef=qw( v:i );

$0 =~ s/.*\///;
$Getopt::Long::ignorecase=0;
&GetOptions(@optdef);

$ldap = Net::LDAP->new( "tbn06.nikhef.nl", port=>389, timeout=>20 );
$ldap or
        die "Cannot contact remote tbn06: $!\n".
        "  $ldap_error_name $ldap_error_text\n";

$results=$ldap->search(
		base=>"ou=poolaccounts,dc=farmnet,dc=nikhef,dc=nl",
		scope=>"sub",
		filter=>"(objectclass=*)"
		);

my @entries=$results->entries;

foreach $entry ( @entries ) {
  $desc=$entry->get_value("description");
  ($dir=$desc)=~s/.*://;
  $dir=~/\/export\// or next;

  $uid=$entry->get_value("uidNumber");
  $gid=$entry->get_value("gidNumber");


  print "mkdir -p $dir ; mkdir $dir/.ssh ; mkdir $dir/.globus\n";
  print "ssh-keygen -f $dir/.ssh/id_rsa -q -t rsa -N \"\" -C \"autogenerated\" < /dev/null\n";
  print "cat $dir/.ssh/id_rsa.pub > $dir/.ssh/authorized_keys2\n";
  print "chmod 755 $dir\n";
  print "chmod 755 $dir/.ssh\n";
  print "chown -R $uid:$gid $dir\n";
}