#!/bin/bash
#
# test_winbind
#
# Winbind monitoring
#
# usage: test_winbind [-f]
#
#  Steps: wbinfo -m | wc -l
#         wbinfo -P
#
# -f -> Steps:
#   /etc/pam.d/common-auth
#   /etc/security/pam_winbind.conf
#   wbinfo -m
#   wbinfo --own-domain
#
#############################################################################
#
# Pruefen, ob wbinfo installiert ist, sonst Ende
if ! which wbinfo >/dev/null 2>&1
 then
  exit 0
fi
#
F=0
while getopts f? op
 do
  case "$op" in
   f) F=1;;
   *) echo "usage: `basename $0` [-f]"
      exit 1;;
  esac
done
shift $(( $OPTIND -1))
#
. `dirname $0`/uls_header
#
( echo "D;$DT;$ULSHOSTNAME;"
  HN=`hostname -s`
  if [[ $F = 1 ]]
   then
    #
    # wbinfo --own-domain
    echo "V;;;Security;Winbind;Own-Domain;`wbinfo --own-domain`; ;"
    #
    # wbinfo -m
    echo "V;;;;;Trusted-Domains;\"`wbinfo -m | egrep -iv "BUILTIN|$HN" `\"; ;adm"
    # /etc/pam.d/common-auth: winbind suchen
    echo "V;;;;;common-auth;\"`fgrep winbind /etc/pam.d/common-auth | sed 's/  */ /g'`\";_;adm"
    #
    # /etc/security/pam_winbind.conf: require_membership_of auswerten
    echo -n 'V;;;;;require_membership_of;"'
    awk -F ' *[=,] *' '$1 == "require_membership_of" { for( i=2; i <= NF; i++ )
                                                         print $i, i<NF ? "1" : "0"
                                                     }
      ' /etc/security/pam_winbind.conf | while read sid sep
     do
      NAME=`wbinfo -s $sid | cut -d ' ' -f 1`
      echo -n "${NAME:-$sid}"
      [[ $sep = 1 ]] && echo
    done
    echo '";_;adm'
  else
    # wbinfo -P
    echo "V;;;System;Winbind;Ping-DC;`wbinfo -P >/dev/null 2>&1; echo $?`;#;"
    #
    # wbinfo -m | wc -l
    echo "V;;;;;Trusted-Domains;`wbinfo -m | egrep -iv "BUILTIN|$HN" | wc -l`;#;"
  fi
) | send_test_tab
