Script to clonate ldap users to local users in AIX

AIX LDAP integration is not up to expectations. Its cache daemon, secldapclntd, has a lot of problems:it often crashes, queries are slow, etc...

To mitigate problems, one workaround could be create the most important users locally, using the KRB5files repository.

With this idea, this script will query a set of given groups from the AIX LDAP registry using the AIX command line tools (lsuser, lsgroup), and it will create them locally (mkgroup, mkuser).

To make it work, the host must be integrated with remote repository and must be able to resolve users and groups with LDAP method. You need LDAP method and KRB5files method configured. It can be easily changed to use other methods.

This script also supports nested groups from Active Directory.