#!/bin/sh -f

# if we are not server 
[ -f /etc/sysconfig/system ] || exit 0

. /etc/sysconfig/system

[ -n "$SERVER_ROLE" ] || exit 0

authtool="/usr/sbin/system-auth"

. shell-quote
. shell-error

olddomain="$1" ; shift
newdomain="$1" ; shift

host_2_dn()
{
    local host="$1" ; shift
    host="$(echo $host|sed -e "s/^/dc=/"|sed -e "s/\./,dc=/g")"
    echo "$host"
}

# Return auth scheme ldap or krb5
ldap_server_type()
{
    $authtool status| cut -f1 -d' ' | grep -Ew 'ldap|krb5'
}

ldap_rename()
{
    local new="${2#*.}" ; shift
    [ -z "$new" ] && fatal "new domain must be set"

    uri="ldap://127.0.0.1"
    basedn="$(host_2_dn "$new")"

    $authtool write ldap "$basedn" "$uri"
}

# Rename domain only if their scheme is ldap or krb5 and server role is master
if [ "$SERVER_ROLE" = "master" -a -n "$(ldap_server_type)" ]; then
    ldap_rename "$olddomain" "$newdomain"
fi
