#!/bin/sh -e

. cl-config

[ "$#" -ge 2 ] || fatal "more arguments required"
config="$1"
group="$2"
shift 2

cl_slapd_config "$config"

gid="$(ldap-getent-group "$config" "$group"|cut -f3 -d:)"

[ -n "$gid" ] || fatal "cannot find group's gid"
message "group's gid - $gid"

local_getent_passwd|cut -f4 -d:|fgrep -xqs "$gid" && fatal "cannot remove user's primary group"
ldap-getent-passwd "$config"|cut -f4 -d:|fgrep -xqs "$gid" && fatal "cannot remove user's primary group"

ldapdelete -D "$binddn" $bindpw -x "cn=$group,ou=Group,$base"
