#!/usr/bin/perl
use strict;
use warnings;

use Term::ReadKey;
use Net::LDAP;

our $MANAGER = 'cn=Manager,dc=example,dc=com';
our $SERVER  = 'ldap.example.com';
$SIG{INT}= sub { ReadMode 0; exit; };

my $base = shift
  or die "usage: $0 base\n";

my $LDAP = Net::LDAP->new( $SERVER )
  or die "Can't connect to server '$SERVER'\n";

print "$MANAGER password: ";
my $pw = read_password();

$LDAP->bind( $MANAGER, password => $pw );
my $schema = $LDAP->schema();

my $s = $LDAP->search( base => $base, filter => '(objectclass=*)' );

while( my $e = $s->shift_entry() ) {
  my @classes = $e->get_value( 'objectclass' );

  my %orig_classes = map { ($_, 1) } @classes;
  my %seen = ( top => 1 );
  while( my $class = shift @classes ) {
    $seen{$class}++;
    push @classes, $schema->superclass( $class );
  }

  my @classes_to_add = grep !$orig_classes{$_}, keys %seen;
  $e->add( objectclass => \@classes_to_add )
    if @classes_to_add;

  $e->update( $LDAP );
}

sub read_password {
  my $pw;
  ReadMode 2;
  chomp( $pw = <STDIN>);
  ReadMode 0;
  $pw;
}