WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fixed serveral things in lamdaemon. 

objectClasses are now checked
Removed small bug when DN has to be changed
This commit is contained in:
katagia 2003-08-12 19:45:24 +00:00
parent dcf11d1ee7
commit 3d2241b4e8
4 changed files with 223 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
lam/docs/README.lamdaemon.pl
View File

@ -6,13 +6,21 @@ thins to get it work.
1. Set values in LDAP Account manager
* Set the remote or local host in the configuration
(e.g. 127.0.0.1)
* Path to lamdaemon.pl, e.g. /srv/www/htdocs/lam/lib/lamdaemon.pl
2. Set up SSH
I don't know if this step is really needed but I had some
problems using Net::SSH without keys.
* Log in on remote host as $admin
* run "ssh-keygen -t dsa" to create all needed keys
if not yet done
3. Set up sudo
The perlskript has to run as root (very ugly I know but
I haven't found any other solution). Therefor we need
a wrapper, sudo.
Edit /etc/sudoers and add the following line:
Edit /etc/sudoers on host homedirs or quotas should be used
and add the following line:
$admin All= NOPASSWD: $path
$admin is the adminuser from lam and $path
is the path include the filename of lamdaemon.pl
@ -24,11 +32,24 @@ thins to get it work.
perl -MCPAN -e shell
install Quota
install Net::LDAP
install Net:SSH
install Net::SSH::Perl
Please answer all questions to describe your system
Every additional needed module should be installed
automaticly
I installed Math::Pari, a needed module, by hand.
I had many problems to install Math::Pari, a module needed
by Net:SSH::Perl. The reason is a bug in gcc 3.3 (In my case).
I found the following solution to prevent this bug:
* Download and untar pari (http://www.parigp-home.de)
* Download and untar Math::Pari
* run perl Makefile.PL
* edit Makefile and libPARI/Makefile
Replace line "OPTIMIZE = -O3 --pipe" with
"OPTIMIZE = -O1 --pipe".
* run make
* run make install
5. Set up lamdaemon.pl
Make all needed changes in lamdaemon.pl

122
lam/lib/account.inc
View File

@ -25,6 +25,7 @@ $Id$
class account { // This class keeps all needed values for any account
// General Settings
var $general_objectClass; // Array, contains old objectclasses of loaded account
var $general_username; // string Username, Hostname or Groupname
var $general_uidNumber; // string UIDNumber(user|host) GIDNumber(group) only natural numbers allowed
var $general_surname; // string Surname (user)
@ -516,7 +517,7 @@ function setquotas($values,$type,$values_old=false) { // Whis function will set
}
$i++;
}
if ($i!=0) exec($$_SESSION['config']->scriptPath." $towrite", $vals);
if ($i!=0) exec($_SESSION['config']->scriptPath." $towrite", $vals);
//if ($i!=0) exec("/usr/bin/ssh ".$_SESSION['config']->scriptServer." sudo ".$_SESSION['config']->scriptPath." $towrite", $vals);
}
@ -717,6 +718,11 @@ function loaduser($dn) { // Will load all needed values from an existing account
else $return->unix_host = $return->unix_host . ', ' . $attr['host'][$i];
$i++;
}
$i=0;
while (isset($attr['objectClass'][$i])) {
$return->general_objectClass[$i] = $attr['objectClass'][$i];
$i++;
}
if ($_SESSION['config']->samba3 == 'yes') {
if (isset($attr['sambaAcctFlags'][0])) {
if (strrpos($attr['sambaAcctFlags'][0], 'W')) $return->smb_flagsW=true;
@ -779,6 +785,11 @@ function loadhost($dn) { // Will load all needed values from an existing account
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
$return->general_dn = (ldap_get_dn($_SESSION['ldap']->server(), $entry));
$attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
$i=0;
while (isset($attr['objectClass'][$i])) {
$return->general_objectClass[$i] = $attr['objectClass'][$i];
$i++;
}
if (isset($attr['uid'][0])) $return->general_username = $attr['uid'][0];
if (isset($attr['uidNumber'][0])) $return->general_uidNumber = $attr['uidNumber'][0];
if (isset($attr['shadowLastChange'][0])) $return->unix_shadowLastChange = $attr['shadowLastChange'][0];
@ -839,16 +850,28 @@ function loadgroup($dn) { // Will load all needed values from an existing group
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
$return->general_dn = (ldap_get_dn($_SESSION['ldap']->server(), $entry));
$attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
$i=0;
while (isset($attr['objectClass'][$i])) {
$return->general_objectClass[$i] = $attr['objectClass'][$i];
$i++;
}
if (isset($attr['gidNumber'][0])) $return->general_uidNumber = $attr['gidNumber'][0];
if (isset($attr['description'][0])) $return->general_gecos = $attr['description'][0];
if (isset($attr['cn'][0])) {
$return->general_username = $attr['cn'][0];
if ($_SESSION['config']->scriptServer) getquotas('group',$attr['cn'][0]);
}
if (isset($attr['memberUid'])) $return->general_memberUid = $attr['memberUid'];
if (isset($attr['memberUid'][0])) $return->general_memberUid = $attr['memberUid'][0];
if (is_array($return->general_memberUid)) array_shift($return->general_memberUid);
if (isset($attr['sambaSID'])) $return->smb_mapgroup = $attr['sambaSID'];
if (isset($attr['displayName'])) $return->smb_displayName = $attr['displayName'];
if (isset($attr['sambaSID'][0])) {
$return->smb_mapgroup = $attr['sambaSID'][0];
$temp = explode('-', $attr['sambaSID'][0]);
$SID = $temp[0].'-'.$temp[1].'-'.$temp[2].'-'.$temp[3].'-'.$temp[4].'-'.$temp[5].'-'.$temp[6];
$samba3domains = $_SESSION['ldap']->search_domains($_SESSION[config]->get_domainSuffix());
for ($i=0; $i<sizeof($samba3domains); $i++)
if ($SID == $samba3domains[$i]->SID) $return->smb_domain = $samba3domains[$i];
}
if (isset($attr['displayName'][0])) $return->smb_displayName = $attr['displayName'][0];
if ($_SESSION['config']->scriptServer) {
$values = getquotas('group',$return->general_username);
if (is_object($values)) {
@ -961,7 +984,7 @@ function createuser($values) { // Will create the LDAP-Account
$hosts = explode (',', $values->unix_host);
$i=0;
while(isset($hosts[$i])) {
$attr['host'][$i] = $hosts[$i];
if ($hosts[$i]!='') $attr['host'][$i] = $hosts[$i];
$i++;
}
if ($values->unix_pwdminage!='') $attr['shadowMin'] = $values->unix_pwdminage; // shadowAccount_may
@ -976,7 +999,7 @@ function createuser($values) { // Will create the LDAP-Account
$success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr);
if (!$success) return 4;
if ($_SESSION['config']->scriptServer) {
setquotas($values->general_username,'user');
setquotas($values,'user');
addhomedir($values->general_username);
}
// Add User to Additional Groups
@ -1136,7 +1159,7 @@ function modifyuser($values,$values_old) { // Will modify the LDAP-Account
$j=0;
while(isset($hosts[$i])) {
if ($hosts[$i]!='') {
$attr['host'][$j] = $hosts[$i];
if ($hosts[$i]!='') $attr['host'][$j] = $hosts[$i];
$j++;
}
$i++;
@ -1145,7 +1168,7 @@ function modifyuser($values,$values_old) { // Will modify the LDAP-Account
$j=0;
while(isset($hosts_old[$i])) {
if ($hosts_old[$i]!='') {
$attr_rem['host'][$j] = $hosts_old[$i];
if ($hosts_old[$i]!='') $attr_rem['host'][$j] = $hosts_old[$i];
$j++;
}
$i++;
@ -1212,6 +1235,32 @@ function modifyuser($values,$values_old) { // Will modify the LDAP-Account
if ($values->general_givenname!=$values_old->general_givenname) $attr['givenName'] = $values->general_givenname;
if ($values->general_surname!=$values_old->general_surname) $attr['sn'] = $values->general_surname;
if ( (!in_array('posixAccount', $_SESSION['account_old']->general_objectClass)) ||
(!in_array('shadowAccount', $_SESSION['account_old']->general_objectClass)) ||
(!in_array('inetOrgPerson', $_SESSION['account_old']->general_objectClass)) ||
(($_SESSION['config']->samba3 =='yes') && (!in_array('sambaSamAccount', $_SESSION['account_old']->general_objectClass))) ||
(($_SESSION['config']->samba3 !='yes') && (!in_array('sambaAccount', $_SESSION['account_old']->general_objectClass)))) {
$result = ldap_search($_SESSION['ldap']->server(), $values_old->general_dn, "objectclass=PosixGroup");
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
$attr_old = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
// remove "count" from array
unset($attr_old['count']);
for ($i=0; $i < sizeof($attr_old); $i++) unset($attr_old[$i]);
$keys = array_keys($attr_old);
for ($i=0; $i < sizeof($keys); $i++)
unset($attr_old[$keys[$i]]['count']);
unset ($attr_old['objectClass']);
$attr_old['objectClass'][0] = 'posixAccount';
$attr_old['objectClass'][1] = 'shadowAccount';
$attr_old['objectClass'][2] = 'inetOrgPerson';
if ($_SESSION['config']->samba3 !='yes') $attr_old['objectClass'][3] = 'sambaSamAccount';
else $attr_old['objectClass'][3] = 'sambaAccount';
$success = ldap_delete($_SESSION['ldap']->server(),$values_old->general_dn);
if ($success) $success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr_old);
else return 5;
}
if ($attr_rem) {
$success = ldap_mod_del($_SESSION['ldap']->server(),$values_old->general_dn, $attr_rem);
if (!$success) return 5;
@ -1265,7 +1314,7 @@ function modifyuser($values,$values_old) { // Will modify the LDAP-Account
}
$entry = ldap_next_entry($_SESSION['ldap']->server(), $entry);
}
if ($_SESSION['config']->scriptServer) setquotas($values->general_username,'user',$values_old->general_username);
if ($_SESSION['config']->scriptServer) setquotas($values,'user',$values_old);
return 3;
}
@ -1396,6 +1445,32 @@ function modifyhost($values,$values_old) { // Will modify the LDAP-Account
$attr['displayName'] = $values->general_gecos; // sambaAccount_may
}
if ( (!in_array('posixAccount', $_SESSION['account_old']->general_objectClass)) ||
(!in_array('shadowAccount', $_SESSION['account_old']->general_objectClass)) ||
(!in_array('account', $_SESSION['account_old']->general_objectClass)) ||
(($_SESSION['config']->samba3 =='yes') && (!in_array('sambaSamAccount', $_SESSION['account_old']->general_objectClass))) ||
(($_SESSION['config']->samba3 !='yes') && (!in_array('sambaAccount', $_SESSION['account_old']->general_objectClass)))) {
$result = ldap_search($_SESSION['ldap']->server(), $values_old->general_dn, "objectclass=PosixGroup");
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
$attr_old = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
// remove "count" from array
unset($attr_old['count']);
for ($i=0; $i < sizeof($attr_old); $i++) unset($attr_old[$i]);
$keys = array_keys($attr_old);
for ($i=0; $i < sizeof($keys); $i++)
unset($attr_old[$keys[$i]]['count']);
unset ($attr_old['objectClass']);
$attr_old['objectClass'][0] = 'posixAccount';
$attr_old['objectClass'][1] = 'shadowAccount';
$attr_old['objectClass'][2] = 'account';
if ($_SESSION['config']->samba3 !='yes') $attr_old['objectClass'][3] = 'sambaSamAccount';
else $attr_old['objectClass'][3] = 'sambaAccount';
$success = ldap_delete($_SESSION['ldap']->server(),$values_old->general_dn);
if ($success) $success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr_old);
else return 5;
}
if ($attr_rem) {
$success = ldap_mod_del($_SESSION['ldap']->server(),$values_old->general_dn, $attr_rem);
if (!$success) return 5;
@ -1405,7 +1480,7 @@ function modifyhost($values,$values_old) { // Will modify the LDAP-Account
if (!$success) return 5;
}
if ($values->general_dn != $values_old->general_dn) {// Hostname hasn't changed
$result = ldap_search($_SESSION['ldap']->server(), $dn, "objectclass=PosixAccount");
$result = ldap_search($_SESSION['ldap']->server(), $values_old->general_dn, "objectclass=PosixAccount");
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
$attr_old = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
// remove "count" from array
@ -1416,8 +1491,8 @@ function modifyhost($values,$values_old) { // Will modify the LDAP-Account
unset($attr_old[$keys[$i]]['count']);
$success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr_old);
if ($success) $success = ldap_delete($_SESSION['ldap']->server(),$values_old->general_dn);
if (!$success) return 5;
}
if (!$success) return 5;
return 3;
}
@ -1454,7 +1529,7 @@ function creategroup($values) { // Will create the LDAP-Group
if ($values->smb_displayName) $attr['displayName'] = $values->smb_displayName;
}
$success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr);
if ($_SESSION['config']->scriptServer) setquotas($attr['uid'][0],'group');
if ($_SESSION['config']->scriptServer) setquotas($values,'group');
if ($success) return 1;
else return 4;
}
@ -1492,12 +1567,29 @@ function modifygroup($values,$values_old) { // Will modify the LDAP-Group
$success = ldap_mod_del($_SESSION['ldap']->server(),$values_old->general_dn, $attr_rem);
if (!$success) return 5;
}
if (($_SESSION['config']->samba3 = 'yes') && (!in_array('sambaGroupMapping', $_SESSION['account_old']->general_objectClass))) {
$result = ldap_search($_SESSION['ldap']->server(), $values_old->general_dn, "objectclass=PosixGroup");
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
$attr_old = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
// remove "count" from array
unset($attr_old['count']);
for ($i=0; $i < sizeof($attr_old); $i++) unset($attr_old[$i]);
$keys = array_keys($attr_old);
for ($i=0; $i < sizeof($keys); $i++)
unset($attr_old[$keys[$i]]['count']);
unset ($attr_old['objectClass']);
$attr_old['objectClass'][0] = 'posixGroup';
$attr_old['objectClass'][1] = 'sambaGroupMapping';
$success = ldap_delete($_SESSION['ldap']->server(),$values_old->general_dn);
if ($success) $success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr_old);
else return 5;
}
if ($attr) {
$success = ldap_mod_replace($_SESSION['ldap']->server(),$values->general_dn, $attr);
if (!$success) return 5;
}
if ($values->general_dn != $values_old->general_dn) {// Groupname hasn't changed
$result = ldap_search($_SESSION['ldap']->server(), $dn, "objectclass=PosixGroup");
$result = ldap_search($_SESSION['ldap']->server(), $values_old->general_dn, "objectclass=PosixGroup");
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
$attr_old = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
// remove "count" from array
@ -1509,8 +1601,8 @@ function modifygroup($values,$values_old) { // Will modify the LDAP-Group
$success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr_old);
if ($success) ldap_delete($_SESSION['ldap']->server(),$values_old->general_dn);
if ($success) $success = ldap_mod_replace($_SESSION['ldap']->server(),$values->general_dn, $attr);
if (!$success) return 5;
}
if (!$success) return 5;
if ( $_SESSION['final_changegids']==true ) {
$result = ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_UserSuffix(), 'gidNumber=' . $values_old->general_uidNumber, array('gidNumber'));
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
@ -1520,7 +1612,7 @@ function modifygroup($values,$values_old) { // Will modify the LDAP-Group
$entry = ldap_next_entry($_SESSION['ldap']->server(), $entry);
}
}
if ($_SESSION['config']->scriptServer) setquotas($attr['uid'][0],'group');
if ($_SESSION['config']->scriptServer) setquotas($values,'group',$values_old);
return 3;
}

17
lam/lib/lamdaemon.pl
View File

@ -25,19 +25,19 @@
# Configure-Options
# change only variables starting from here
# list of valid admins
@admins = ('cn=Manager,dc=my-domain,dc=com');
@admins = ('cn=Manager,dc=my-domain,dc=com',
'uid=test,ou=people,dc=my-domain,dc=com');
$server_ldap="127.0.0.1"; # IP or DNS of ldap-server
$server_ssh="127.0.0.1"; # IP or DNS of host to create homedirs, quota, ....
$server_ssh_ident = "/var/lib/wwwrun/.ssh/id_dsa";
$server_ssh_known = "/var/lib/wwwrun/.ssh/knownhosts";
$server_ssh_ident = "/var/lib/wwwrun/.ssh/id_dsa"; # SSH-Key to use
$path = "/srv/www/htdocs/lam/lib/lamdaemon.pl"; # path to ldap on remote-host
$server_ldap_port='389'; # Port used from ldap
$server_tls='no'; # Use TLS?
$server_tls_verify='require'; # none,optional or require a valid server certificated
$server_tls_clientcert=''; # path to client certificate
$server_tls_clientkey=''; # path to client certificate
$server_tls_decryptkey=''; # To to decrypt clientkey
$server_tls_cafile=''; # Path to CA-File
$server_tls_cafile='/etc/certificates/ca.cert'; # Path to CA-File
$debug=true; # Show debug messages
# Don't change anything below this line
@ -182,7 +182,7 @@ if ($found==true) {
$i=0;
($<, $>) = ($>, $<); # Get root privileges
while ($quota_usr[$i][0]) {
$dev = Quota::getqcarg($quota[$i][1]);
$dev = Quota::getqcarg($quota[$i][0]);
$return = Quota::setqlim($dev,$user[2],$quota[$i][1],$quota[$i][2],$quota[$i][3],$quota[$i][4],1,$group);
$i++;
}
@ -223,10 +223,9 @@ else {
$username[0] =~ s/uid=//;
my $ssh = Net::SSH::Perl->new($server_ssh, options=>[
"IdentityFile $server_ssh_ident",
"UserKnownHostsFile $server_ssh_known"
"UserKnownHostsFile /dev/null"
]);
$ssh->login($username[0], $vals[1]);
#$path = "/srv/www/htdocs/lam/lib/lamdaemon.pl";
($stdout, $stderr, $exit) = $ssh->cmd("sudo $0 @ARGV");
($stdout, $stderr, $exit) = $ssh->cmd("sudo $path @ARGV");
print "$stdout";
}

93
lam/templates/account.php
View File

@ -152,10 +152,7 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
else $_SESSION['account']->smb_flagsD = false;
if ($_POST['f_smb_flagsX']) $_SESSION['account']->smb_flagsX = true;
else $_SESSION['account']->smb_flagsX = false;
if ($_POST['f_smb_mapgroup'] == _('Domain Guests')) $_SESSION['account']->smb_mapgroup = $_SESSION[config]->get_domainSID() . "-" . '514';
if ($_POST['f_smb_mapgroup'] == _('Domain Users')) $_SESSION['account']->smb_mapgroup = $_SESSION[config]->get_domainSID() . "-" . '513';
if ($_POST['f_smb_mapgroup'] == _('Domain Admins')) $_SESSION['account']->smb_mapgroup = $_SESSION[config]->get_domainSID() . "-" . '512';
if (isset($_POST['f_smb_domain'])) $_SESSION['account']->smb_displayName = $_POST['f_smb_domain'];
if (isset($_POST['f_smb_displayName'])) $_SESSION['account']->smb_displayName = $_POST['f_smb_displayName'];
else $_SESSION['account']->smb_displayName = '';
if ($_SESSION['config']->samba3 == 'yes') {
@ -164,6 +161,9 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
if ($_POST['f_smb_domain'] == $samba3domains[$i]->name) {
$_SESSION['account']->smb_domain = $samba3domains[$i];
}
if ($_POST['f_smb_mapgroup'] == _('Domain Guests')) $_SESSION['account']->smb_mapgroup = $_SESSION['account']->smb_domain->SID . "-" . '514';
if ($_POST['f_smb_mapgroup'] == _('Domain Users')) $_SESSION['account']->smb_mapgroup = $_SESSION['account']->smb_domain->SID . "-" . '513';
if ($_POST['f_smb_mapgroup'] == _('Domain Admins')) $_SESSION['account']->smb_mapgroup = $_SESSION['account']->smb_domain->SID . "-" . '512';
}
else {
if (isset($_POST['f_smb_domain'])) $_SESSION['account']->smb_domain = $_POST['f_smb_domain'];
@ -828,7 +828,7 @@ switch ($select_local) { // Select which part of page will be loaded
echo '<tr><td>';
echo _('Windows well known group');
echo '</td>'."\n".'<td><select name="f_smb_mapgroup" >';
if ( $_SESSION['account']->smb_mapgroup == $_SESSION[config]->get_domainSID() . "-" . '514' ) {
if ( $_SESSION['account']->smb_mapgroup == $_SESSION['account']->smb_domain->SID . "-" . '514' ) {
echo '<option selected> ';
echo _('Domain Guests');
echo "</option>\n"; }
@ -837,7 +837,7 @@ switch ($select_local) { // Select which part of page will be loaded
echo _('Domain Guests');
echo "</option>\n";
}
if ( $_SESSION['account']->smb_mapgroup == $_SESSION[config]->get_domainSID() . "-" . '513' ) {
if ( $_SESSION['account']->smb_mapgroup == $_SESSION['account']->smb_domain->SID . "-" . '513' ) {
echo '<option selected> ';
echo _('Domain Users');
echo "</option>\n"; }
@ -846,7 +846,7 @@ switch ($select_local) { // Select which part of page will be loaded
echo _('Domain Users');
echo "</option>\n";
}
if ( $_SESSION['account']->smb_mapgroup == $_SESSION[config]->get_domainSID() . "-" . '512' ) {
if ( $_SESSION['account']->smb_mapgroup == $_SESSION['account']->smb_domain->SID . "-" . '512' ) {
echo '<option selected> ';
echo _('Domain Admins');
echo "</option>\n"; }
@ -860,14 +860,25 @@ switch ($select_local) { // Select which part of page will be loaded
'</td></tr>'."\n".'<tr><td>';
echo _('Windows Groupname');
echo '</td><td>'.
'<input name="f_smb_domain" type="text" size="30" maxlength="80" value="' . $_SESSION['account']->smb_displayName . '">'.
'<input name="f_smb_displayName" type="text" size="30" maxlength="80" value="' . $_SESSION['account']->smb_displayName . '">'.
'</td><td>'.
'<a href="help.php?HelpNumber=465" target="lamhelp">'._('Help').'</a>'.
'</td></tr>'."\n";
'</td></tr>'."\n".'<tr><td>';
echo _('Domain');
echo '</td><td><select name="f_smb_domain">';
for ($i=0; $i<sizeof($samba3domains); $i++) {
if ($_SESSION['account']->smb_domain->name) {
if ($_SESSION['account']->smb_domain->name == $samba3domains[$i]->name)
echo '<option selected>' . $samba3domains[$i]->name. '</option>';
else echo '<option>' . $samba3domains[$i]->name. '</option>';
}
else echo '<option>' . $samba3domains[$i]->name. '</option>';
}
break;
case 'host':
// set smb_flgasW true because account is host
$_SESSION['account']->smb_flagsW = 1;
if ($_SESSION['account']->smb_password_no) echo '<input name="f_smb_password_no" type="hidden" value="1l">';
echo '<input name="f_unix_password_no" type="hidden" value="';
if ($_SESSION['account']->unix_password_no) echo 'checked';
echo '">';
@ -1023,6 +1034,33 @@ switch ($select_local) { // Select which part of page will be loaded
'mv ' . $_SESSION['account_old' ]->general_homedir . ' ' . $_SESSION['account']->general_homedir);
echo '</tr>'."\n";
}
if (!in_array('posixAccount', $_SESSION['account_old']->general_objectClass)) {
echo '<tr>';
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
echo "</tr>\n";
}
if (!in_array('shadowAccount', $_SESSION['account_old']->general_objectClass)) {
echo '<tr>';
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
echo "</tr>\n";
}
if (!in_array('inetOrgPerson', $_SESSION['account_old']->general_objectClass)) {
echo '<tr>';
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
echo "</tr>\n";
}
if ($_SESSION['config']->samba3 == 'yes') {
if (!in_array('sambaSamAccount', $_SESSION['account_old']->general_objectClass)) {
echo '<tr>';
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
echo "</tr>\n";
}}
else
if (!in_array('sambaAccount', $_SESSION['account_old']->general_objectClass)) {
echo '<tr>';
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
echo "</tr>\n";
}
break;
case 'group' :
if (($_SESSION['account_old']) && ($_SESSION['account']->general_uidNumber != $_SESSION['account_old']->general_uidNumber)) {
@ -1037,6 +1075,16 @@ switch ($select_local) { // Select which part of page will be loaded
echo _('Change GID-Number of all users in group to new value');
echo '</td></tr>'."\n";
}
if (($_SESSION['config']->samba3 == 'yes') && (!in_array('sambaGroupMapping', $_SESSION['account_old']->general_objectClass))) {
echo '<tr>';
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
echo "</tr>\n";
}
if (!in_array('posixGroup', $_SESSION['account_old']->general_objectClass)) {
echo '<tr>';
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
echo "</tr>\n";
}
break;
case 'host':
if (($_SESSION['account_old']) && ($_SESSION['account']->general_uidNumber != $_SESSION['account_old']->general_uidNumber)) {
@ -1045,6 +1093,33 @@ switch ($select_local) { // Select which part of page will be loaded
'find / -gid ' . $_SESSION['account_old' ]->general_uidNumber . ' -exec chown ' . $_SESSION['account']->general_uidNumber . ' {} \;');
echo '</tr>'."\n";
}
if (!in_array('posixAccount', $_SESSION['account_old']->general_objectClass)) {
echo '<tr>';
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
echo "</tr>\n";
}
if (!in_array('shadowAccount', $_SESSION['account_old']->general_objectClass)) {
echo '<tr>';
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
echo "</tr>\n";
}
if (!in_array('account', $_SESSION['account_old']->general_objectClass)) {
echo '<tr>';
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
echo "</tr>\n";
}
if ($_SESSION['config']->samba3 == 'yes') {
if (!in_array('sambaSamAccount', $_SESSION['account_old']->general_objectClass)) {
echo '<tr>';
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
echo "</tr>\n";
}}
else
if (!in_array('sambaAccount', $_SESSION['account_old']->general_objectClass)) {
echo '<tr>';
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
echo "</tr>\n";
}
break;
}
echo '<tr><td>'.