referential integrity overlay
This commit is contained in:
parent
39e5cf1985
commit
21d0b7eb02
|
@ -1,4 +1,5 @@
|
||||||
March 2018 6.3
|
March 2018 6.3
|
||||||
|
- Server profile: added option if referential integrity overlay is active to sip cleanup actions
|
||||||
- LAM Pro:
|
- LAM Pro:
|
||||||
-> Support custom structural object classes with new custom type
|
-> Support custom structural object classes with new custom type
|
||||||
-> Support dynamic lists
|
-> Support dynamic lists
|
||||||
|
|
|
@ -368,24 +368,49 @@
|
||||||
|
|
||||||
<para><emphasis role="bold">Advanced options</emphasis></para>
|
<para><emphasis role="bold">Advanced options</emphasis></para>
|
||||||
|
|
||||||
<para>Sometimes, you may not want to display the server address on the
|
<para>Display name: Sometimes, you may not want to display the server
|
||||||
login page. In this case you can setup a display name here (e.g.
|
address on the login page. In this case you can setup a display name
|
||||||
"Production").</para>
|
here (e.g. "Production").</para>
|
||||||
|
|
||||||
<para>By default LAM will not follow LDAP referrals. This is ok for
|
<para>Follow referrals: By default LAM will not follow LDAP referrals.
|
||||||
most installations. If you use LDAP referrals please activate the
|
This is ok for most installations. If you use LDAP referrals please
|
||||||
referral option in advanced settings.</para>
|
activate the referral option in advanced settings.</para>
|
||||||
|
|
||||||
<para>Paged results should be activated only if you encounter any
|
<para>Paged results: Paged results should be activated only if you
|
||||||
problems regarding size limits on Active Directory. LAM will then
|
encounter any problems regarding size limits on Active Directory. LAM
|
||||||
query LDAP to return results in chunks of 999 entries.</para>
|
will then query LDAP to return results in chunks of 999
|
||||||
|
entries.</para>
|
||||||
|
|
||||||
|
<para>Referential integrity overlay: Activate this checkbox if you
|
||||||
|
have any server side extension for referential integrity in place. In
|
||||||
|
this case the server will cleanup references to LDAP entries that are
|
||||||
|
deleted.</para>
|
||||||
|
|
||||||
|
<para>The following actions are skipped in this case:</para>
|
||||||
|
|
||||||
|
<itemizedlist>
|
||||||
|
<listitem>
|
||||||
|
<para>Users: group of (unique) names: memberships are not deleted
|
||||||
|
when user is deleted</para>
|
||||||
|
</listitem>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>Users: organizational roles: role assignments are not
|
||||||
|
deleted when user is deleted</para>
|
||||||
|
</listitem>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>Groups: groupOf(Unique)Names: memberships are not deleted
|
||||||
|
when group is deleted</para>
|
||||||
|
</listitem>
|
||||||
|
</itemizedlist>
|
||||||
|
|
||||||
<literallayout>
|
<literallayout>
|
||||||
</literallayout>
|
</literallayout>
|
||||||
|
|
||||||
<para>LAM is translated to many different languages. Here you can
|
<para>LAM is translated to many different languages. Here you can
|
||||||
select the default language for this server profile. The language
|
select the default language for this server profile. The language
|
||||||
setting may be overriden at the LAM login page.</para>
|
setting may be overridden at the LAM login page.</para>
|
||||||
|
|
||||||
<para>Please also set your time zone here.</para>
|
<para>Please also set your time zone here.</para>
|
||||||
|
|
||||||
|
|
Binary file not shown.
Before Width: | Height: | Size: 35 KiB After Width: | Height: | Size: 39 KiB |
|
@ -904,6 +904,11 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
for ($i = 0; $i < sizeof($groups); $i++) {
|
for ($i = 0; $i < sizeof($groups); $i++) {
|
||||||
$return[$groups[$i]['dn']]['remove']['memberUid'][] = $this->attributes['uid'][0];
|
$return[$groups[$i]['dn']]['remove']['memberUid'][] = $this->attributes['uid'][0];
|
||||||
}
|
}
|
||||||
|
// stop here if referential integrity overlay is active
|
||||||
|
$config = $this->getAccountContainer()->get_type()->getTypeManager()->getConfig();
|
||||||
|
if ($config->isReferentialIntegrityOverlayActive()) {
|
||||||
|
return $return;
|
||||||
|
}
|
||||||
// remove from group of names
|
// remove from group of names
|
||||||
$dn = $this->getAccountContainer()->dn_orig;
|
$dn = $this->getAccountContainer()->dn_orig;
|
||||||
$gons = searchLDAPByFilter('(|(member=' . $dn . ')(uniqueMember=' . $dn . '))', array('member', 'uniqueMember'), array('group', 'gon'));
|
$gons = searchLDAPByFilter('(|(member=' . $dn . ')(uniqueMember=' . $dn . '))', array('member', 'uniqueMember'), array('group', 'gon'));
|
||||||
|
|
Loading…
Reference in New Issue