#!/bin/bash

# Define the role to search for
TARGET_ROLE="student:school:mejneschool2"

echo "Searching for users with role: ${TARGET_ROLE}"
echo "-----------------------------------------------------"

univention-ldapsearch "ucsschoolRole=${TARGET_ROLE}" dn | \
grep '^dn: ' | \
sed 's/^dn: //' | \
while IFS= read -r user_dn
do
  if [ -n "$user_dn" ]; then
    echo "Processing user: ${user_dn}"
    udm users/user modify --dn "${user_dn}" \
      --set isOxUser=Not \
      --set UniventionOffice365Enabled=0
    
    if [ $? -eq 0 ]; then
      echo "User successfully disabled for OX and M365."
    else
      echo "ERROR modifying user: ${user_dn}" >&2
    fi
    echo "-----------------------------------------------------"
  fi
done

echo "Script completed."