if [ `/usr/bin/systemctl is-active samba` = active ]; then
    echo "Samba service is running!"
    exit 0
fi

if [ -f /etc/samba/samba.conf ]; then
    echo "Already provisioned?"
    exit 0
fi

if [ -f /etc/e-smith/templates/etc/samba/samba.conf/all ]; then
    echo "Already provisioned?"
    exit 0
fi

files=$(shopt -s nullglob dotglob; echo /var/lib/sambadc/*.*)
if (( ${#files} )); then
  echo "Already provisioned?"
  exit 0
fi

files=$(shopt -s nullglob dotglob; echo /var/lib/sambadc/private/*)
if (( ${#files} )); then
  echo "Already provisioned?"
  exit 0
fi

if [ "`/sbin/e-smith/db accounts show administrator | grep administrator=user`" != "" ]; then
    echo "User 'administrator' already exists!"
    exit 0
fi

LocalIP=`/sbin/e-smith/db configuration get LocalIP`
LocalNetmask=`/sbin/e-smith/db configuration get LocalNetmask`
DomainName=`/sbin/e-smith/db configuration get DomainName`
Workgroup=`/sbin/e-smith/db configuration getprop smb Workgroup`
SambaIP=`/sbin/e-smith/db configuration getprop samba SambaIP`
Password=`/sbin/e-smith/db configuration getprop samba Password`

if [ "$LocalIP" == "" ] || [ "$LocalNetmask" == "" ] || [ "$DomainName" == "" ] || [ "$Workgroup" == "" ]; then
    echo "System DB values missing!"
    exit 0
fi

if [ "$SambaIP" == "" ] || [ "$Password" == "" ]; then
    echo "You need to set up Samba DB first!"
    exit 0
fi

Domain=${Workgroup^^}
Realm=$Domain".INTERNAL"
Dns=${Realm,,}

if [ $Realm == ${DomainName^^} ]; then
    echo "Realm can't match DomainName!"
    exit 0
fi

if [ "`/usr/sbin/ip a |grep $SambaIP`" == "" ]; then
    /etc/e-smith/events/actions/update-ifcfg-1
    /usr/bin/systemctl restart network
fi
sleep 2
if [ "`/usr/sbin/ip a |grep $SambaIP`" == "" ]; then
    echo "Samba interface is down!"
    exit 0
fi

/sbin/e-smith/db domains set $Dns domain-remote Nameservers $SambaIP
/sbin/e-smith/db configuration setprop samba Realm $Dns
/sbin/e-smith/signal-event domain-modify

/usr/bin/systemctl stop samba
rm -rf /var/lib/sambadc         #WIPE AD!!
mkdir -p /var/lib/sambadc/lock
mkdir -p /var/lib/sambadc/private
mkdir -p /run/sambadc/ncalrpc
rm -f /etc/samba/smb.conf

/usr/bin/samba-tool domain provision --server-role=dc --dns-backend=SAMBA_INTERNAL --realm=$Realm --domain=$Domain --adminpass=$Password --host-name=DC "--option=disable netbios = yes" "--option=bind interfaces only = yes" "--option=interfaces = $SambaIP/$LocalNetmask" "--option=pid directory = /run/sambadc" "--option=lock directory = /var/lib/sambadc/lock" "--option=private dir = /var/lib/sambadc/private" "--option=state directory = /var/lib/sambadc" "--option=cache directory = /var/lib/sambadc" "--option=ntp signd socket directory = /var/lib/sambadc/ntp_signd" "--option=ncalrpc dir = /run/sambadc/ncalrpc"

mkdir -p /etc/e-smith/templates/etc/samba/samba.conf
mv -f /etc/samba/smb.conf /etc/e-smith/templates/etc/samba/samba.conf/all
/sbin/e-smith/expand-template /etc/samba/samba.conf
/sbin/e-smith/expand-template /etc/samba/smb.conf

cp -f /var/lib/sambadc/private/krb5.conf /etc/krb5.conf

/sbin/e-smith/db configuration setprop samba status enabled
/usr/bin/systemctl start samba

sleep 5

if [ `/usr/bin/systemctl is-active samba` != active ]; then
    /sbin/e-smith/db configuration setprop samba status disabled
    echo "Something went wrong!"
    exit 0
fi

/sbin/e-smith/db accounts set administrator system

/usr/bin/samba-tool domain passwordsettings set --complexity=off --history-length=0 --min-pwd-age=998 --max-pwd-age=0 -H ldap://$SambaIP/ --username=administrator --password=$Password

/usr/bin/samba-tool user setexpiry --noexpiry administrator -H ldap://$SambaIP/ --username=administrator --password=$Password

/usr/bin/samba-tool user add admin $Password -H ldap://$SambaIP/ --username=administrator --password=$Password

/usr/bin/samba-tool user setexpiry --noexpiry admin -H ldap://$SambaIP/ --username=administrator --password=$Password

/usr/bin/samba-tool group addmembers "Domain Admins" admin -H ldap://$SambaIP/ --username=administrator --password=$Password

accounts=`/sbin/e-smith/db accounts show | grep '\=user$'`
users=()
for i in $accounts; do users+=(`sed 's/=.*//' <<<$i`); done
for users in ${users[@]}
    do  if [ "$users" != Account ]
        then
        /usr/bin/samba-tool user add $users --random-password -H ldap://$SambaIP/ --username=administrator --password=$Password
        /usr/bin/samba-tool user disable $users -H ldap://$SambaIP/ --username=administrator --password=$Password
        fi
    done

/sbin/e-smith/db configuration setprop passwordaging Active yes PwdAge 365 PwdWarn 10
/sbin/e-smith/signal-event smeserver-password-update
