#!/usr/bin/perl -w
use strict;
use Net::LDAP;

# variable declarations
my $oldname;    # old username
my $newname;    # new username
my $uname;      # used for searches, may change.
my ( $odname, $oddsid );    # od attributes
my $oduser;                 # used for looping over LDAP results
my $odresult;               # stores LDAP results

my $server = 'jamaica.apple.com';    # LDAP server
my $admin  = 'diradmin';
my $base = "cn=users,dc=apple,dc=com";
my $adminpass;

my $output;                          # used and reused to collect output

my $od;                              # LDAP session object
my $odmesg;                          # LDAP session status messages

# functions
sub userlookup($);       # do an ldap search by short username
sub usernamecheck($);    # sanity check a username for characters / length

# get admin password
print "Please supply the password for $admin: ";
system("stty -echo");
chomp( $adminpass = <STDIN> );
system("stty echo");
print "\n";

# get user to rename
print "Pleaes enter the short username you wish to change: ";
chomp( $oldname = <STDIN> );

# open an LDAP session
# we bind with creds to OD since we need to write
$od = Net::LDAP->new("$server") or die "$@";
$odmesg = $od->bind( "uid=$admin,$base",
    password => "$adminpass", )
  or die "bind: $@";

# look up user info
&userlookup($oldname);

# don't allow renaming of shared accounts
if ( $oddsid == 0 ) {
    die("$uname is a shared account (DS ID = 0), contact Internet Operations.\n"
    );
}

# get new username
print "Enter the desired new username. Valid characters are a-z, A-Z, 0-9: ";
chomp( $newname = <STDIN> );

# sanity check the supplied username
&usernamecheck($newname);

# print confirmation
print
  "To summarize, we are targeting the account with the following attributes:\n"
. "Full Name: $odname\n" 
. "Short Name: $oldname\n"
. "DS ID: $oddsid\n"
. "Are you sure you wish to rename $oldname to $newname?\n"
. "Type control-c to cancel, return to continue: ";
$output = <STDIN>;

# change username (modrdn)
$odmesg = $od->moddn( "uid=$oldname,$base", newrdn => "uid=$newname", deleteoldrdn => 1);



# show new details

# notify about homedir

# subs
sub userlookup($) {
    $uname    = $_[0];
    $odresult = $od->search(
        base   => "cn=users,dc=apple,dc=com",
        filter => "(uid=$uname)",
        attrs  => [ 'cn', 'internationaliSDNNumber' ]
    );
    $odresult->code && die $odresult->error;
    foreach $oduser ( $odresult->entries ) {
        $odname = $oduser->get_value('cn');
        $oddsid = $oduser->get_value('internationaliSDNNumber');
    }
    if ( !defined $oddsid ) {
        die("$uname has no DS ID, exiting\n");
    }
    if ( !defined $odname ) {
        die("$uname not found, exiting\n");
    }
}

sub usernamecheck($) {
    $uname = $_[0];
    if ( $uname =~ /^[\w\-]*$/ ) {
        if ( $uname =~ /^.{2,10}$/ ) {
        }
        else {
            die("Username must be at least 2 and at most 10 characters long.\n"
            );
        }
    }
    else {
        die("Supplied username contains invalid characters, exiting\n");
    }
}