#!/bin/bash

LOG_FILE="/var/log/inspect.log"

RET_BLANK=""
RET_SUCCESS="yes"
RET_FAILURE="no"
TIP_OPERARION_RESULT="RESULT"
TIP_JOINED_DOMAIN="JOINED DOMAIN"
TIP_DOMAIN_CONTROL_STATUS="DOMAIN AVAILABLE"

Result=""

#AD״̬ Ѳ217ýűִ
if [ "$1" = "checkADDomain" ];then
    checkInfo=$( /usr/local/bin/nas_proto_auth -c show-join | grep \<join_state\>1\< )
    if [ "X$checkInfo" = "X" ];then
        echo "join_state:no"
    else
        echo "join_state:yes"
    fi
    HotPatchCheck=$(ls /var/huawei/patch/cur/sph/)
    if [ $? -ne 0 ];then
        echo "HotPatchCheck:Have no HotPatch"
        exit 0
    fi
    echo "HotPatchCheck:${HotPatchCheck}"
    exit 0
fi

function LOG 
{
   time=$(date)
   echo [${time}][$$]$@ >> $LOG_FILE
}

ad_joined_xml=$(/usr/local/bin/nas_proto_auth -c show-join|grep -E '<status>|<join_state>')
status=$(echo $ad_joined_xml|awk -F '<status>' '{print $2}'|awk -F '</status>' '{print $1}')
if [ "$status"x != "0"x ]; then
    LOG "[$FUNCNAME]nas_proto_auth show-join failed $status"
    Result="$TIP_OPERARION_RESULT:$RET_FAILURE||$TIP_JOINED_DOMAIN:$RET_BLANK||$TIP_DOMAIN_CONTROL_STATUS:$RET_BLANK"
    echo $Result
    exit 0
fi

ad_joined=$(echo $ad_joined_xml|awk -F '<join_state>' '{print $2}'|awk -F '</join_state>' '{print $1}')
if [ "$ad_joined"x != "1"x ]; then
    LOG "[$FUNCNAME]nas_proto_auth -c show-join false:$ad_joined"
    Result="$TIP_OPERARION_RESULT:$RET_SUCCESS||$TIP_JOINED_DOMAIN:$RET_FAILURE||$TIP_DOMAIN_CONTROL_STATUS:$RET_BLANK"
    echo $Result
    exit 0
fi

domain_fqdn_xml=$(/usr/local/bin/nas_proto_cfg -c get_ad_server|grep -E '<status>|<value>')
status=$(echo $domain_fqdn_xml|awk -F '<status>' '{print $2}'|awk -F '</status>' '{print $1}')
if [ "$status"x != "0"x ]; then
    LOG "[$FUNCNAME]nas_proto_cfg get_ad_server failed $status."
    Result="$TIP_OPERARION_RESULT:$RET_FAILURE||$TIP_JOINED_DOMAIN:$RET_SUCCESS||$TIP_DOMAIN_CONTROL_STATUS:$RET_BLANK"
    echo $Result
    exit 0
fi

domain_fqdn=$(echo $domain_fqdn_xml|awk -F '<value>' '{print $2}'|awk -F '</value>' '{print $1}')
kerbers_svc_rr="_kerberos._tcp.dc._msdcs"
dc_list=$(nslookup -q=srv $kerbers_svc_rr.$domain_fqdn|grep $kerbers_svc_rr|grep 'service ='|awk  '{print $NF}')
dc_num=$(echo $dc_list|awk '{print NF}')
alive_dc=0

#dc_num=0
if [ "X${dc_num}" == "X" -o "X${dc_num}" == "X0" ];then
    echo "[ERR]dc_iplist get failed ,the dc_num(${dc_num}) is empty or 0.ERRCODE(5)"
fi 

for((i=1;i<=$dc_num;i++));do
    dc_fqdn_raw=$(echo $dc_list|awk '{print $'$i'}')
    if [ -z "$dc_fqdn_raw" ]; then
        continue
    fi
    
    last_char=$(echo ${dc_fqdn_raw: -1})
    dc_fqdn=""
    if [ $last_char = "." ]; then
        dc_fqdn=$(echo ${dc_fqdn_raw%.*})
    else
        dc_fqdn=$dc_fqdn_raw
    fi
    dc_ip4_list=$(nslookup  $dc_fqdn|grep 'Address: '|awk  '{print $NF}')
    dc_ip4_num=$(echo $dc_ip4_list|awk '{print NF}')
    dc_ip6_list=$(nslookup  -q=AAAA $dc_fqdn|grep 'AAAA address '|awk  '{print $NF}')
    dc_ip6_num=$(echo $dc_ip6_list|awk '{print NF}')

    for ((j=1;j<=$dc_ip4_num;j++)); do
        dc_ip_raw=$(echo $dc_ip4_list|awk '{print $'$j'}')
        if [ -z "$dc_ip_raw" ]; then
            continue
        fi
        
        last_char=$(echo ${dc_ip_raw: -1})
        dc_ip=""
        if [ $last_char = "." ]; then
            dc_ip=$(echo ${dc_ip_raw%.*})
        else
            dc_ip=$dc_ip_raw
        fi
        
        LOG "[$FUNCNAME]check $j/$dc_num dc $dc_ip starting"
        ping_rsp=$(ping $dc_ip -c 3 -w 7 2> /dev/null |grep 'ttl='|wc -l)
        if [ $ping_rsp -gt 0 ]; then
            alive_dc=1
            LOG "[$FUNCNAME]dc $dc_ip is reachable"
            break
        else
            echo "[ERR]dc $dc_ip is unreachable.ERRCODE(4)"
            LOG "[$FUNCNAME]WARN:dc $dc_ip is unreachable"
        fi
    done
        if [ "$alive_dc"x != "0"x ]; then
            break
        fi

    for ((j=1;j<=$dc_ip6_num;j++)); do
        dc_ip_raw=$(echo $dc_ip6_list|awk '{print $'$j'}')
        if [ -z "$dc_ip_raw" ]; then
            continue
        fi
        
        last_char=$(echo ${dc_ip_raw: -1})
        dc_ip=""
        if [ $last_char = "." ]; then
            dc_ip=$(echo ${dc_ip_raw%.*})
        else
            dc_ip=$dc_ip_raw
        fi
        
        LOG "[$FUNCNAME]check $j/$dc_num dc $dc_ip starting"
        ping_rsp=$(ping6 $dc_ip -c 3 -w 7 2> /dev/null |grep 'ttl='|wc -l)
        if [ $ping_rsp -gt 0 ]; then
            alive_dc=1
            LOG "[$FUNCNAME]dc $dc_ip is reachable"
            break
        else
            echo "[ERR]dc $dc_ip is unreachable.ERRCODE(4)"
            LOG "[$FUNCNAME]WARN:dc $dc_ip is unreachable"
        fi
    done
        if [ "$alive_dc"x != "0"x ]; then
            break
        fi
done

if [ $alive_dc -eq 0 ]; then
    Result="$TIP_OPERARION_RESULT:$RET_SUCCESS||$TIP_JOINED_DOMAIN:$RET_SUCCESS||$TIP_DOMAIN_CONTROL_STATUS:$RET_FAILURE"
else
    Result="$TIP_OPERARION_RESULT:$RET_SUCCESS||$TIP_JOINED_DOMAIN:$RET_SUCCESS||$TIP_DOMAIN_CONTROL_STATUS:$RET_SUCCESS"
fi

echo $Result
exit 0
