#!/bin/sh -e

. shell-error
. ldap-config
. alterator-kdc-princ-functions

[ -n "$(echo "$1"|grep '/etc/openldap')" ] && SLAPD_CONF="$1" && shift

ldap_config "$SLAPD_CONF"

[ "$#" -ne 2 ] || fatal "Usage: ${0##*/} USER"
user="$1"; shift

pw=
read -es pw

# setting ldap-password
samba_pw="$(mkntpasswd $pw)"
lm=${samba_pw%%:*}
nt=${samba_pw##*:}

lp="$(slappasswd -h '{CRYPT}' -c '$2a$05$%.24s' ${pw:+-s "$pw"})"

[ -n "$lp" ] || fatal "No password given"

#edit kdc
changepw "$user" "$pw"

#edit ldap
ldap-usermod "$user" <<EOF
userPassword:$lp
sambaLMPassword: $lm
sambaNTPassword: $nt
EOF
