#!/bin/sh -e

. shell-error
. /etc/cl-user.conf

[ "$#" -eq 1 ] || fatal "more arguments required"
group="$1"; shift

[ -n "$bindpw" ] && bindpw="-w $bindpw" || bindpw="-W"

gid="$(getent group "$group"|cut -f3 -d:)"

message "group's gid - $gid"

getent passwd|cut -f4 -d:|fgrep -xqs "$gid" && fatal "cannot remove user's primary group"

ldapdelete -D "$binddn" $bindpw -x -H "ldap://${host:-localhost}" "cn=$group,ou=Group,$base"
