Merge branch 'develop' into webauthn
This commit is contained in:
commit
0ed0d17676
|
@ -36,12 +36,15 @@ files=`ls -a *.jpg`
|
||||||
for file in $files; do
|
for file in $files; do
|
||||||
cp $file /var/lib/ldap-account-manager/config/templates/pdf/logos/$file
|
cp $file /var/lib/ldap-account-manager/config/templates/pdf/logos/$file
|
||||||
done
|
done
|
||||||
if [ ! -h /usr/share/ldap-account-manager/config ]; then\
|
if [ ! -h /usr/share/ldap-account-manager/config ]; then
|
||||||
ln -s /var/lib/ldap-account-manager/config /usr/share/ldap-account-manager/config; fi
|
ln -s /var/lib/ldap-account-manager/config /usr/share/ldap-account-manager/config
|
||||||
if [ ! -h /usr/share/ldap-account-manager/sess ]; then\
|
fi
|
||||||
ln -s /var/lib/ldap-account-manager/sess /usr/share/ldap-account-manager/sess; fi
|
if [ ! -h /usr/share/ldap-account-manager/sess ]; then
|
||||||
if [ ! -h /usr/share/ldap-account-manager/tmp ]; then\
|
ln -s /var/lib/ldap-account-manager/sess /usr/share/ldap-account-manager/sess
|
||||||
ln -s /var/lib/ldap-account-manager/tmp /usr/share/ldap-account-manager/tmp; fi
|
fi
|
||||||
|
if [ ! -h /usr/share/ldap-account-manager/tmp ]; then
|
||||||
|
ln -s /var/lib/ldap-account-manager/tmp /usr/share/ldap-account-manager/tmp
|
||||||
|
fi
|
||||||
chown www-data /etc/ldap-account-manager/config.cfg
|
chown www-data /etc/ldap-account-manager/config.cfg
|
||||||
chmod 600 /etc/ldap-account-manager/config.cfg
|
chmod 600 /etc/ldap-account-manager/config.cfg
|
||||||
chown www-data /var/lib/ldap-account-manager/sess
|
chown www-data /var/lib/ldap-account-manager/sess
|
||||||
|
@ -51,9 +54,14 @@ chown www-data /var/lib/ldap-account-manager/tmp/internal
|
||||||
chmod 700 /var/lib/ldap-account-manager/tmp
|
chmod 700 /var/lib/ldap-account-manager/tmp
|
||||||
chown -R www-data /var/lib/ldap-account-manager/config
|
chown -R www-data /var/lib/ldap-account-manager/config
|
||||||
chmod 700 /var/lib/ldap-account-manager/config
|
chmod 700 /var/lib/ldap-account-manager/config
|
||||||
if [ ! -f /var/lib/ldap-account-manager/config/lam.conf ]; \
|
set +e
|
||||||
then cp /var/lib/ldap-account-manager/config/unix.conf.sample /var/lib/ldap-account-manager/config/lam.conf; \
|
ls -l /var/lib/ldap-account-manager/config/*.conf &> /dev/null
|
||||||
chown www-data /var/lib/ldap-account-manager/config/lam.conf; fi
|
cfgFilesExist=$?
|
||||||
|
set -e
|
||||||
|
if [ $cfgFilesExist -ne 0 ]; then
|
||||||
|
cp /var/lib/ldap-account-manager/config/unix.conf.sample /var/lib/ldap-account-manager/config/lam.conf
|
||||||
|
chown www-data /var/lib/ldap-account-manager/config/lam.conf
|
||||||
|
fi
|
||||||
chmod 600 /var/lib/ldap-account-manager/config/*.conf
|
chmod 600 /var/lib/ldap-account-manager/config/*.conf
|
||||||
if [ "$1" = "configure" ]; then
|
if [ "$1" = "configure" ]; then
|
||||||
db_get "ldap-account-manager/alias"
|
db_get "ldap-account-manager/alias"
|
||||||
|
|
|
@ -14,3 +14,4 @@ for phpThirdPartyLib in $phpThirdPartyLibs; do
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
|
||||||
|
#DEBHELPER#
|
||||||
|
|
|
@ -1,3 +1,9 @@
|
||||||
|
#
|
||||||
|
# LAM setup
|
||||||
|
#
|
||||||
|
# skip LAM preconfiguration (lam.conf + config.cfg), values: (true/false)
|
||||||
|
# If set to false the other variables below have no effect.
|
||||||
|
LAM_SKIP_PRECONFIGURE=false
|
||||||
# domain of LDAP database root entry, will be converted to dc=...,dc=...
|
# domain of LDAP database root entry, will be converted to dc=...,dc=...
|
||||||
LDAP_DOMAIN=my-domain.com
|
LDAP_DOMAIN=my-domain.com
|
||||||
# LDAP base DN to overwrite value generated by LDAP_DOMAIN
|
# LDAP base DN to overwrite value generated by LDAP_DOMAIN
|
||||||
|
@ -6,13 +12,17 @@ LDAP_BASE_DN=dc=my-domain,dc=com
|
||||||
LDAP_SERVER=ldap://ldap:389
|
LDAP_SERVER=ldap://ldap:389
|
||||||
# LDAP admin user (set as login user for LAM)
|
# LDAP admin user (set as login user for LAM)
|
||||||
LDAP_USER=cn=admin,dc=my-domain,dc=com
|
LDAP_USER=cn=admin,dc=my-domain,dc=com
|
||||||
# LDAP admin password
|
# default language, e.g. en_US, de_DE, fr_FR, ...
|
||||||
LDAP_ADMIN_PASSWORD=adminpw
|
LAM_LANG=en_US
|
||||||
|
|
||||||
# LAM configuration master password and password for server profile "lam"
|
# LAM configuration master password and password for server profile "lam"
|
||||||
LAM_PASSWORD=lam
|
LAM_PASSWORD=lam
|
||||||
|
|
||||||
# docker-compose only, LDAP organisation name for OpenLDAP
|
#
|
||||||
|
# docker-compose only, LDAP server setup
|
||||||
|
#
|
||||||
|
# LDAP organisation name for OpenLDAP
|
||||||
LDAP_ORGANISATION="LDAP Account Manager Demo"
|
LDAP_ORGANISATION="LDAP Account Manager Demo"
|
||||||
# docker-compose only, password for LDAP read-only user
|
# LDAP admin password
|
||||||
|
LDAP_ADMIN_PASSWORD=adminpw
|
||||||
|
# password for LDAP read-only user
|
||||||
LDAP_READONLY_USER_PASSWORD=readonlypw
|
LDAP_READONLY_USER_PASSWORD=readonlypw
|
||||||
|
|
|
@ -23,10 +23,13 @@
|
||||||
set -eu # unset variables are errors & non-zero return values exit the whole script
|
set -eu # unset variables are errors & non-zero return values exit the whole script
|
||||||
[ "$DEBUG" ] && set -x
|
[ "$DEBUG" ] && set -x
|
||||||
|
|
||||||
|
LAM_SKIP_PRECONFIGURE="${LAM_SKIP_PRECONFIGURE:-false}"
|
||||||
|
if [ "$LAM_SKIP_PRECONFIGURE" != "true" ]; then
|
||||||
|
|
||||||
LAM_LANG="${LAM_LANG:-en_US}"
|
LAM_LANG="${LAM_LANG:-en_US}"
|
||||||
export LAM_PASSWORD="${LAM_PASSWORD:-lam}"
|
export LAM_PASSWORD="${LAM_PASSWORD:-lam}"
|
||||||
LAM_PASSWORD_SSHA=$(php -r '$password = getenv("LAM_PASSWORD"); mt_srand((microtime() * 1000000)); $rand = abs(hexdec(bin2hex(openssl_random_pseudo_bytes(5)))); $salt0 = substr(pack("h*", md5($rand)), 0, 8); $salt = substr(pack("H*", sha1($salt0 . $password)), 0, 4); print "{SSHA}" . base64_encode(pack("H*", sha1($password . $salt))) . " " . base64_encode($salt) . "\n";')
|
LAM_PASSWORD_SSHA=$(php -r '$password = getenv("LAM_PASSWORD"); mt_srand((microtime() * 1000000)); $rand = abs(hexdec(bin2hex(openssl_random_pseudo_bytes(5)))); $salt0 = substr(pack("h*", md5($rand)), 0, 8); $salt = substr(pack("H*", sha1($salt0 . $password)), 0, 4); print "{SSHA}" . base64_encode(pack("H*", sha1($password . $salt))) . " " . base64_encode($salt) . "\n";')
|
||||||
LDAP_HOST="${LDAP_HOST:-ldap://ldap:389}"
|
LDAP_SERVER="${LDAP_SERVER:-ldap://ldap:389}"
|
||||||
LDAP_DOMAIN="${LDAP_DOMAIN:-my-domain.com}"
|
LDAP_DOMAIN="${LDAP_DOMAIN:-my-domain.com}"
|
||||||
LDAP_BASE_DN="${LDAP_BASE_DN:-dc=${LDAP_DOMAIN//\./,dc=}}"
|
LDAP_BASE_DN="${LDAP_BASE_DN:-dc=${LDAP_DOMAIN//\./,dc=}}"
|
||||||
LDAP_ADMIN_USER="${LDAP_USER:-cn=admin,${LDAP_BASE_DN}}"
|
LDAP_ADMIN_USER="${LDAP_USER:-cn=admin,${LDAP_BASE_DN}}"
|
||||||
|
@ -37,7 +40,7 @@ EOF
|
||||||
unset LAM_PASSWORD
|
unset LAM_PASSWORD
|
||||||
|
|
||||||
sed -i -f- /var/lib/ldap-account-manager/config/lam.conf <<- EOF
|
sed -i -f- /var/lib/ldap-account-manager/config/lam.conf <<- EOF
|
||||||
s|^ServerURL:.*|ServerURL: ${LDAP_HOST}|;
|
s|^ServerURL:.*|ServerURL: ${LDAP_SERVER}|;
|
||||||
s|^Admins:.*|Admins: ${LDAP_ADMIN_USER}|;
|
s|^Admins:.*|Admins: ${LDAP_ADMIN_USER}|;
|
||||||
s|^Passwd:.*|Passwd: ${LAM_PASSWORD_SSHA}|;
|
s|^Passwd:.*|Passwd: ${LAM_PASSWORD_SSHA}|;
|
||||||
s|^treesuffix:.*|treesuffix: ${LDAP_BASE_DN}|;
|
s|^treesuffix:.*|treesuffix: ${LDAP_BASE_DN}|;
|
||||||
|
@ -46,6 +49,8 @@ sed -i -f- /var/lib/ldap-account-manager/config/lam.conf <<- EOF
|
||||||
s|^.*suffix_group:.*|types: suffix_group: ${LDAP_BASE_DN}|;
|
s|^.*suffix_group:.*|types: suffix_group: ${LDAP_BASE_DN}|;
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
echo "Starting Apache"
|
echo "Starting Apache"
|
||||||
rm -f /run/apache2/apache2.pid
|
rm -f /run/apache2/apache2.pid
|
||||||
set +u
|
set +u
|
||||||
|
|
|
@ -66,7 +66,9 @@ class windowsHost extends baseModule {
|
||||||
// managed object classes
|
// managed object classes
|
||||||
$return['objectClasses'] = array('computer', 'securityPrincipal');
|
$return['objectClasses'] = array('computer', 'securityPrincipal');
|
||||||
// managed attributes
|
// managed attributes
|
||||||
$return['attributes'] = array('cn', 'description', 'location', 'sAMAccountName', 'managedBy', 'operatingSystem', 'operatingSystemVersion', 'dNSHostName');
|
$return['attributes'] = array('cn', 'description', 'location', 'sAMAccountName', 'managedBy',
|
||||||
|
'operatingSystem', 'operatingSystemVersion', 'dNSHostName', 'pwdLastSet', 'lastLogonTimestamp',
|
||||||
|
'logonCount');
|
||||||
// help Entries
|
// help Entries
|
||||||
$return['help'] = array(
|
$return['help'] = array(
|
||||||
'cn' => array(
|
'cn' => array(
|
||||||
|
@ -85,6 +87,18 @@ class windowsHost extends baseModule {
|
||||||
"Headline" => _('Managed by'), 'attr' => 'managedBy',
|
"Headline" => _('Managed by'), 'attr' => 'managedBy',
|
||||||
"Text" => _('The host is managed by this contact person.')
|
"Text" => _('The host is managed by this contact person.')
|
||||||
),
|
),
|
||||||
|
'pwdLastSet' => array(
|
||||||
|
"Headline" => _('Last password change'), 'attr' => 'pwdLastSet',
|
||||||
|
"Text" => _('Time of user\'s last password change.')
|
||||||
|
),
|
||||||
|
'lastLogonTimestamp' => array(
|
||||||
|
"Headline" => _('Last login'), 'attr' => 'lastLogonTimestamp',
|
||||||
|
"Text" => _('Time of user\'s last login.')
|
||||||
|
),
|
||||||
|
'logonCount' => array(
|
||||||
|
"Headline" => _('Logon count'), 'attr' => 'logonCount',
|
||||||
|
"Text" => _('This is the number of logins using this account.')
|
||||||
|
),
|
||||||
);
|
);
|
||||||
// upload fields
|
// upload fields
|
||||||
$return['upload_columns'] = array(
|
$return['upload_columns'] = array(
|
||||||
|
@ -141,6 +155,33 @@ class windowsHost extends baseModule {
|
||||||
$this->addSimpleInputTextField($container, 'cn', _('Host name'), true);
|
$this->addSimpleInputTextField($container, 'cn', _('Host name'), true);
|
||||||
$this->addSimpleInputTextField($container, 'description', _('Description'), false);
|
$this->addSimpleInputTextField($container, 'description', _('Description'), false);
|
||||||
$this->addSimpleInputTextField($container, 'location', _('Location'), false);
|
$this->addSimpleInputTextField($container, 'location', _('Location'), false);
|
||||||
|
// last password change
|
||||||
|
if (!empty($this->attributes['pwdLastSet'])) {
|
||||||
|
$container->addLabel(new htmlOutputText(_('Last password change')));
|
||||||
|
$pwdLastSetGroup = new htmlGroup();
|
||||||
|
$pwdLastSetGroup->addElement(new htmlOutputText($this->formatFileTime($this->attributes['pwdLastSet'][0])));
|
||||||
|
$pwdLastSetGroup->addElement(new htmlSpacer('0.5rem', null));
|
||||||
|
$pwdLastSetGroup->addElement(new htmlHelpLink('pwdLastSet'));
|
||||||
|
$container->addField($pwdLastSetGroup);
|
||||||
|
}
|
||||||
|
// last login
|
||||||
|
if (!empty($this->attributes['lastLogonTimestamp'])) {
|
||||||
|
$container->addLabel(new htmlOutputText(_('Last login')));
|
||||||
|
$lastLogonTimestampGroup = new htmlGroup();
|
||||||
|
$lastLogonTimestampGroup->addElement(new htmlOutputText($this->formatFileTime($this->attributes['lastLogonTimestamp'][0])));
|
||||||
|
$lastLogonTimestampGroup->addElement(new htmlSpacer('0.5rem', null));
|
||||||
|
$lastLogonTimestampGroup->addElement(new htmlHelpLink('lastLogonTimestamp'));
|
||||||
|
$container->addField($lastLogonTimestampGroup);
|
||||||
|
}
|
||||||
|
// logon count
|
||||||
|
if (!empty($this->attributes['logonCount'])) {
|
||||||
|
$container->addLabel(new htmlOutputText(_('Logon count')));
|
||||||
|
$logonCountGroup = new htmlGroup();
|
||||||
|
$logonCountGroup->addElement(new htmlOutputText($this->attributes['logonCount'][0]));
|
||||||
|
$logonCountGroup->addElement(new htmlSpacer('0.5rem', null));
|
||||||
|
$logonCountGroup->addElement(new htmlHelpLink('logonCount'));
|
||||||
|
$container->addField($logonCountGroup);
|
||||||
|
}
|
||||||
// managed by
|
// managed by
|
||||||
$container->addLabel(new htmlOutputText(_('Managed by')));
|
$container->addLabel(new htmlOutputText(_('Managed by')));
|
||||||
$managedBy = '-';
|
$managedBy = '-';
|
||||||
|
@ -296,6 +337,23 @@ class windowsHost extends baseModule {
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Formats a value in file time (100 ns since 1601-01-01).
|
||||||
|
*
|
||||||
|
* @param integer $value time value
|
||||||
|
* @return String formatted value
|
||||||
|
*/
|
||||||
|
private function formatFileTime($value) {
|
||||||
|
if (empty($value) || ($value == '-1')) {
|
||||||
|
return '';
|
||||||
|
}
|
||||||
|
$seconds = substr($value, 0, -7);
|
||||||
|
$time = new DateTime('1601-01-01', new DateTimeZone('UTC'));
|
||||||
|
$time->add(new DateInterval('PT' . $seconds . 'S'));
|
||||||
|
$time->setTimezone(getTimeZone());
|
||||||
|
return $time->format('Y-m-d H:i:s');
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
Binary file not shown.
File diff suppressed because it is too large
Load Diff
Binary file not shown.
File diff suppressed because it is too large
Load Diff
Binary file not shown.
File diff suppressed because it is too large
Load Diff
|
@ -45,6 +45,10 @@ printHeaderContents(_("Configuration overview"), '../..');
|
||||||
?>
|
?>
|
||||||
</head>
|
</head>
|
||||||
<body class="admin">
|
<body class="admin">
|
||||||
|
<?php
|
||||||
|
// include all JavaScript files
|
||||||
|
printJsIncludes('../..');
|
||||||
|
?>
|
||||||
<table class="lamTop ui-corner-all">
|
<table class="lamTop ui-corner-all">
|
||||||
<tr>
|
<tr>
|
||||||
<td align="left">
|
<td align="left">
|
||||||
|
|
Loading…
Reference in New Issue