#!/usr/bin/perl -w

package esmith;
        
use strict;
use Errno;
use esmith::ConfigDB;
use esmith::AccountsDB;
use esmith::util;

my $a = esmith::AccountsDB->open_ro || die "Couldn't open accounts db\n";

my $event = $ARGV [0] || die "Event name arg missing\n";;
my @groups;

if ($ARGV[1])
{

    my $groupName = $ARGV [1];
    my $g = $a->get($groupName) ||
        die "Group $groupName not found in accounts db\n";

    my $type = $g->prop('type');
    if ($type =~ /^group/)
    {
        @groups = `/usr/bin/net groupmap list`;
        foreach my $group (@groups) {
            chomp $group;
            if ($group =~ /^.*? \((S-.*)\) -> $groupName$/) {
                system('/usr/bin/net','groupmap','delete',"sid=$1");
            }
        }

        @groups = `/usr/bin/net groupmap list`;
        foreach my $smbgroup (@groups) {
            chomp $smbgroup;
            if ($smbgroup =~ /^Domain Admins \((S-.*)\) -> -1$/) {
                system('/usr/bin/net','groupmap','modify','ntgroup=Domain Admins','unixgroup=admin','type=d');
            } elsif ($smbgroup =~ /^Domain Users \((S-.*)\) -> -1$/) {
                system('/usr/bin/net','groupmap','modify','ntgroup=Domain Users','unixgroup=shared','type=d');
            } elsif ($smbgroup =~ /^Domain Guests \((S-.*)\) -> -1$/) {
                system('/usr/bin/net','groupmap','modify','ntgroup=Domain Guests','unixgroup=nobody','type=d');
            }
        }
    }
    else
    {
        die "Expected a group, got: $type\n";
    }
}
else
{
    die "Groupname argument missing.";
}

exit (0);
