#!/usr/bin/perl
# Purpose: Creates an LDIF which adds all the default ACLs back onto user
#          objects  
#
# Version: 5.0
#
# Author:  Jim Schnitter
#
# Usage:   acl5.pl input output 
# input - ldif with the dn's of users missing their default acls
# output - ldif that adds these default acls back
#

use warnings;

sub usage();

# Check for the right number of command line arguments

if (@ARGV < 2) {
        usage();
}

# Make sure the files can be opened correctly

open (IN, "$ARGV[0]") or die "Can't open $ARGV[0] for reading";
open (OUT, ">$ARGV[1]") or die "Can't open $ARGV[1] for writing";

while ( $line = <IN> ) {
	chomp $line;
	if ($line =~ m/dn: (.*)/) {
	print OUT $line;
	print OUT "\nchangetype: modify\n";
	print OUT "add: ACL\n";
        print OUT "ACL: 2#subtree#", $1, "#[All Attributes Rights]\n\n";

	print OUT $line;
	print OUT "\nchangetype: modify\n";
	print OUT "add: ACL\n";
	print OUT "ACL: 2#entry#[Public]#messageServer\n\n";

	print OUT $line;
	print OUT "\nchangetype: modify\n";
	print OUT "add: ACL\n";
	print OUT "ACL: 2#entry#[Root]#groupMembership\n\n";

	print OUT $line;
	print OUT "\nchangetype: modify\n";
	print OUT "add: ACL\n";
	print OUT "ACL: 2#entry#[Root]#networkAddress\n\n";

	print OUT $line;
	print OUT "\nchangetype: modify\n";
	print OUT "add: ACL\n";
	print OUT "ACL: 6#entry#", $1, "#printJobConfiguration\n\n";

	print OUT $line;
        print OUT "\nchangetype: modify\n";
        print OUT "add: ACL\n";
	print OUT "ACL: 6#entry#", $1, "#loginScript\n\n";
	}
}

close (IN);
close (OUT);

sub usage() {
die ("\nacl5.pl input output\ninput - ldif with the dn's of users missing their default acls\noutput - ldif that adds these default acls back\n\n");
}