From 3d2241b4e8f58b5710f8e25fe75e76df7a674211 Mon Sep 17 00:00:00 2001 From: katagia Date: Tue, 12 Aug 2003 19:45:24 +0000 Subject: [PATCH] Fixed serveral things in lamdaemon. objectClasses are now checked Removed small bug when DN has to be changed --- lam/docs/README.lamdaemon.pl | 27 +++++++- lam/lib/account.inc | 122 ++++++++++++++++++++++++++++++----- lam/lib/lamdaemon.pl | 17 +++-- lam/templates/account.php | 93 +++++++++++++++++++++++--- 4 files changed, 223 insertions(+), 36 deletions(-) diff --git a/lam/docs/README.lamdaemon.pl b/lam/docs/README.lamdaemon.pl index 970500f2..349a43c9 100644 --- a/lam/docs/README.lamdaemon.pl +++ b/lam/docs/README.lamdaemon.pl @@ -6,13 +6,21 @@ thins to get it work. 1. Set values in LDAP Account manager * Set the remote or local host in the configuration (e.g. 127.0.0.1) - + * Path to lamdaemon.pl, e.g. /srv/www/htdocs/lam/lib/lamdaemon.pl + +2. Set up SSH + I don't know if this step is really needed but I had some + problems using Net::SSH without keys. + * Log in on remote host as $admin + * run "ssh-keygen -t dsa" to create all needed keys + if not yet done 3. Set up sudo The perlskript has to run as root (very ugly I know but I haven't found any other solution). Therefor we need a wrapper, sudo. - Edit /etc/sudoers and add the following line: + Edit /etc/sudoers on host homedirs or quotas should be used + and add the following line: $admin All= NOPASSWD: $path $admin is the adminuser from lam and $path is the path include the filename of lamdaemon.pl @@ -24,11 +32,24 @@ thins to get it work. perl -MCPAN -e shell install Quota install Net::LDAP - install Net:SSH + install Net::SSH::Perl Please answer all questions to describe your system Every additional needed module should be installed automaticly + I installed Math::Pari, a needed module, by hand. + I had many problems to install Math::Pari, a module needed + by Net:SSH::Perl. The reason is a bug in gcc 3.3 (In my case). + I found the following solution to prevent this bug: + * Download and untar pari (http://www.parigp-home.de) + * Download and untar Math::Pari + * run perl Makefile.PL + * edit Makefile and libPARI/Makefile + Replace line "OPTIMIZE = -O3 --pipe" with + "OPTIMIZE = -O1 --pipe". + * run make + * run make install + 5. Set up lamdaemon.pl Make all needed changes in lamdaemon.pl diff --git a/lam/lib/account.inc b/lam/lib/account.inc index ca86f3cb..f728eb76 100644 --- a/lam/lib/account.inc +++ b/lam/lib/account.inc @@ -25,6 +25,7 @@ $Id$ class account { // This class keeps all needed values for any account // General Settings + var $general_objectClass; // Array, contains old objectclasses of loaded account var $general_username; // string Username, Hostname or Groupname var $general_uidNumber; // string UIDNumber(user|host) GIDNumber(group) only natural numbers allowed var $general_surname; // string Surname (user) @@ -516,7 +517,7 @@ function setquotas($values,$type,$values_old=false) { // Whis function will set } $i++; } - if ($i!=0) exec($$_SESSION['config']->scriptPath." $towrite", $vals); + if ($i!=0) exec($_SESSION['config']->scriptPath." $towrite", $vals); //if ($i!=0) exec("/usr/bin/ssh ".$_SESSION['config']->scriptServer." sudo ".$_SESSION['config']->scriptPath." $towrite", $vals); } @@ -717,6 +718,11 @@ function loaduser($dn) { // Will load all needed values from an existing account else $return->unix_host = $return->unix_host . ', ' . $attr['host'][$i]; $i++; } + $i=0; + while (isset($attr['objectClass'][$i])) { + $return->general_objectClass[$i] = $attr['objectClass'][$i]; + $i++; + } if ($_SESSION['config']->samba3 == 'yes') { if (isset($attr['sambaAcctFlags'][0])) { if (strrpos($attr['sambaAcctFlags'][0], 'W')) $return->smb_flagsW=true; @@ -779,6 +785,11 @@ function loadhost($dn) { // Will load all needed values from an existing account $entry = ldap_first_entry($_SESSION['ldap']->server(), $result); $return->general_dn = (ldap_get_dn($_SESSION['ldap']->server(), $entry)); $attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry); + $i=0; + while (isset($attr['objectClass'][$i])) { + $return->general_objectClass[$i] = $attr['objectClass'][$i]; + $i++; + } if (isset($attr['uid'][0])) $return->general_username = $attr['uid'][0]; if (isset($attr['uidNumber'][0])) $return->general_uidNumber = $attr['uidNumber'][0]; if (isset($attr['shadowLastChange'][0])) $return->unix_shadowLastChange = $attr['shadowLastChange'][0]; @@ -839,16 +850,28 @@ function loadgroup($dn) { // Will load all needed values from an existing group $entry = ldap_first_entry($_SESSION['ldap']->server(), $result); $return->general_dn = (ldap_get_dn($_SESSION['ldap']->server(), $entry)); $attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry); + $i=0; + while (isset($attr['objectClass'][$i])) { + $return->general_objectClass[$i] = $attr['objectClass'][$i]; + $i++; + } if (isset($attr['gidNumber'][0])) $return->general_uidNumber = $attr['gidNumber'][0]; if (isset($attr['description'][0])) $return->general_gecos = $attr['description'][0]; if (isset($attr['cn'][0])) { $return->general_username = $attr['cn'][0]; if ($_SESSION['config']->scriptServer) getquotas('group',$attr['cn'][0]); } - if (isset($attr['memberUid'])) $return->general_memberUid = $attr['memberUid']; + if (isset($attr['memberUid'][0])) $return->general_memberUid = $attr['memberUid'][0]; if (is_array($return->general_memberUid)) array_shift($return->general_memberUid); - if (isset($attr['sambaSID'])) $return->smb_mapgroup = $attr['sambaSID']; - if (isset($attr['displayName'])) $return->smb_displayName = $attr['displayName']; + if (isset($attr['sambaSID'][0])) { + $return->smb_mapgroup = $attr['sambaSID'][0]; + $temp = explode('-', $attr['sambaSID'][0]); + $SID = $temp[0].'-'.$temp[1].'-'.$temp[2].'-'.$temp[3].'-'.$temp[4].'-'.$temp[5].'-'.$temp[6]; + $samba3domains = $_SESSION['ldap']->search_domains($_SESSION[config]->get_domainSuffix()); + for ($i=0; $iSID) $return->smb_domain = $samba3domains[$i]; + } + if (isset($attr['displayName'][0])) $return->smb_displayName = $attr['displayName'][0]; if ($_SESSION['config']->scriptServer) { $values = getquotas('group',$return->general_username); if (is_object($values)) { @@ -961,7 +984,7 @@ function createuser($values) { // Will create the LDAP-Account $hosts = explode (',', $values->unix_host); $i=0; while(isset($hosts[$i])) { - $attr['host'][$i] = $hosts[$i]; + if ($hosts[$i]!='') $attr['host'][$i] = $hosts[$i]; $i++; } if ($values->unix_pwdminage!='') $attr['shadowMin'] = $values->unix_pwdminage; // shadowAccount_may @@ -976,7 +999,7 @@ function createuser($values) { // Will create the LDAP-Account $success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr); if (!$success) return 4; if ($_SESSION['config']->scriptServer) { - setquotas($values->general_username,'user'); + setquotas($values,'user'); addhomedir($values->general_username); } // Add User to Additional Groups @@ -1136,7 +1159,7 @@ function modifyuser($values,$values_old) { // Will modify the LDAP-Account $j=0; while(isset($hosts[$i])) { if ($hosts[$i]!='') { - $attr['host'][$j] = $hosts[$i]; + if ($hosts[$i]!='') $attr['host'][$j] = $hosts[$i]; $j++; } $i++; @@ -1145,7 +1168,7 @@ function modifyuser($values,$values_old) { // Will modify the LDAP-Account $j=0; while(isset($hosts_old[$i])) { if ($hosts_old[$i]!='') { - $attr_rem['host'][$j] = $hosts_old[$i]; + if ($hosts_old[$i]!='') $attr_rem['host'][$j] = $hosts_old[$i]; $j++; } $i++; @@ -1212,6 +1235,32 @@ function modifyuser($values,$values_old) { // Will modify the LDAP-Account if ($values->general_givenname!=$values_old->general_givenname) $attr['givenName'] = $values->general_givenname; if ($values->general_surname!=$values_old->general_surname) $attr['sn'] = $values->general_surname; + if ( (!in_array('posixAccount', $_SESSION['account_old']->general_objectClass)) || + (!in_array('shadowAccount', $_SESSION['account_old']->general_objectClass)) || + (!in_array('inetOrgPerson', $_SESSION['account_old']->general_objectClass)) || + (($_SESSION['config']->samba3 =='yes') && (!in_array('sambaSamAccount', $_SESSION['account_old']->general_objectClass))) || + (($_SESSION['config']->samba3 !='yes') && (!in_array('sambaAccount', $_SESSION['account_old']->general_objectClass)))) { + + $result = ldap_search($_SESSION['ldap']->server(), $values_old->general_dn, "objectclass=PosixGroup"); + $entry = ldap_first_entry($_SESSION['ldap']->server(), $result); + $attr_old = ldap_get_attributes($_SESSION['ldap']->server(), $entry); + // remove "count" from array + unset($attr_old['count']); + for ($i=0; $i < sizeof($attr_old); $i++) unset($attr_old[$i]); + $keys = array_keys($attr_old); + for ($i=0; $i < sizeof($keys); $i++) + unset($attr_old[$keys[$i]]['count']); + unset ($attr_old['objectClass']); + $attr_old['objectClass'][0] = 'posixAccount'; + $attr_old['objectClass'][1] = 'shadowAccount'; + $attr_old['objectClass'][2] = 'inetOrgPerson'; + if ($_SESSION['config']->samba3 !='yes') $attr_old['objectClass'][3] = 'sambaSamAccount'; + else $attr_old['objectClass'][3] = 'sambaAccount'; + $success = ldap_delete($_SESSION['ldap']->server(),$values_old->general_dn); + if ($success) $success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr_old); + else return 5; + } + if ($attr_rem) { $success = ldap_mod_del($_SESSION['ldap']->server(),$values_old->general_dn, $attr_rem); if (!$success) return 5; @@ -1265,7 +1314,7 @@ function modifyuser($values,$values_old) { // Will modify the LDAP-Account } $entry = ldap_next_entry($_SESSION['ldap']->server(), $entry); } - if ($_SESSION['config']->scriptServer) setquotas($values->general_username,'user',$values_old->general_username); + if ($_SESSION['config']->scriptServer) setquotas($values,'user',$values_old); return 3; } @@ -1396,6 +1445,32 @@ function modifyhost($values,$values_old) { // Will modify the LDAP-Account $attr['displayName'] = $values->general_gecos; // sambaAccount_may } + if ( (!in_array('posixAccount', $_SESSION['account_old']->general_objectClass)) || + (!in_array('shadowAccount', $_SESSION['account_old']->general_objectClass)) || + (!in_array('account', $_SESSION['account_old']->general_objectClass)) || + (($_SESSION['config']->samba3 =='yes') && (!in_array('sambaSamAccount', $_SESSION['account_old']->general_objectClass))) || + (($_SESSION['config']->samba3 !='yes') && (!in_array('sambaAccount', $_SESSION['account_old']->general_objectClass)))) { + + $result = ldap_search($_SESSION['ldap']->server(), $values_old->general_dn, "objectclass=PosixGroup"); + $entry = ldap_first_entry($_SESSION['ldap']->server(), $result); + $attr_old = ldap_get_attributes($_SESSION['ldap']->server(), $entry); + // remove "count" from array + unset($attr_old['count']); + for ($i=0; $i < sizeof($attr_old); $i++) unset($attr_old[$i]); + $keys = array_keys($attr_old); + for ($i=0; $i < sizeof($keys); $i++) + unset($attr_old[$keys[$i]]['count']); + unset ($attr_old['objectClass']); + $attr_old['objectClass'][0] = 'posixAccount'; + $attr_old['objectClass'][1] = 'shadowAccount'; + $attr_old['objectClass'][2] = 'account'; + if ($_SESSION['config']->samba3 !='yes') $attr_old['objectClass'][3] = 'sambaSamAccount'; + else $attr_old['objectClass'][3] = 'sambaAccount'; + $success = ldap_delete($_SESSION['ldap']->server(),$values_old->general_dn); + if ($success) $success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr_old); + else return 5; + } + if ($attr_rem) { $success = ldap_mod_del($_SESSION['ldap']->server(),$values_old->general_dn, $attr_rem); if (!$success) return 5; @@ -1405,7 +1480,7 @@ function modifyhost($values,$values_old) { // Will modify the LDAP-Account if (!$success) return 5; } if ($values->general_dn != $values_old->general_dn) {// Hostname hasn't changed - $result = ldap_search($_SESSION['ldap']->server(), $dn, "objectclass=PosixAccount"); + $result = ldap_search($_SESSION['ldap']->server(), $values_old->general_dn, "objectclass=PosixAccount"); $entry = ldap_first_entry($_SESSION['ldap']->server(), $result); $attr_old = ldap_get_attributes($_SESSION['ldap']->server(), $entry); // remove "count" from array @@ -1416,8 +1491,8 @@ function modifyhost($values,$values_old) { // Will modify the LDAP-Account unset($attr_old[$keys[$i]]['count']); $success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr_old); if ($success) $success = ldap_delete($_SESSION['ldap']->server(),$values_old->general_dn); + if (!$success) return 5; } - if (!$success) return 5; return 3; } @@ -1454,7 +1529,7 @@ function creategroup($values) { // Will create the LDAP-Group if ($values->smb_displayName) $attr['displayName'] = $values->smb_displayName; } $success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr); - if ($_SESSION['config']->scriptServer) setquotas($attr['uid'][0],'group'); + if ($_SESSION['config']->scriptServer) setquotas($values,'group'); if ($success) return 1; else return 4; } @@ -1492,12 +1567,29 @@ function modifygroup($values,$values_old) { // Will modify the LDAP-Group $success = ldap_mod_del($_SESSION['ldap']->server(),$values_old->general_dn, $attr_rem); if (!$success) return 5; } + if (($_SESSION['config']->samba3 = 'yes') && (!in_array('sambaGroupMapping', $_SESSION['account_old']->general_objectClass))) { + $result = ldap_search($_SESSION['ldap']->server(), $values_old->general_dn, "objectclass=PosixGroup"); + $entry = ldap_first_entry($_SESSION['ldap']->server(), $result); + $attr_old = ldap_get_attributes($_SESSION['ldap']->server(), $entry); + // remove "count" from array + unset($attr_old['count']); + for ($i=0; $i < sizeof($attr_old); $i++) unset($attr_old[$i]); + $keys = array_keys($attr_old); + for ($i=0; $i < sizeof($keys); $i++) + unset($attr_old[$keys[$i]]['count']); + unset ($attr_old['objectClass']); + $attr_old['objectClass'][0] = 'posixGroup'; + $attr_old['objectClass'][1] = 'sambaGroupMapping'; + $success = ldap_delete($_SESSION['ldap']->server(),$values_old->general_dn); + if ($success) $success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr_old); + else return 5; + } if ($attr) { $success = ldap_mod_replace($_SESSION['ldap']->server(),$values->general_dn, $attr); if (!$success) return 5; } if ($values->general_dn != $values_old->general_dn) {// Groupname hasn't changed - $result = ldap_search($_SESSION['ldap']->server(), $dn, "objectclass=PosixGroup"); + $result = ldap_search($_SESSION['ldap']->server(), $values_old->general_dn, "objectclass=PosixGroup"); $entry = ldap_first_entry($_SESSION['ldap']->server(), $result); $attr_old = ldap_get_attributes($_SESSION['ldap']->server(), $entry); // remove "count" from array @@ -1509,8 +1601,8 @@ function modifygroup($values,$values_old) { // Will modify the LDAP-Group $success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr_old); if ($success) ldap_delete($_SESSION['ldap']->server(),$values_old->general_dn); if ($success) $success = ldap_mod_replace($_SESSION['ldap']->server(),$values->general_dn, $attr); + if (!$success) return 5; } - if (!$success) return 5; if ( $_SESSION['final_changegids']==true ) { $result = ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_UserSuffix(), 'gidNumber=' . $values_old->general_uidNumber, array('gidNumber')); $entry = ldap_first_entry($_SESSION['ldap']->server(), $result); @@ -1520,7 +1612,7 @@ function modifygroup($values,$values_old) { // Will modify the LDAP-Group $entry = ldap_next_entry($_SESSION['ldap']->server(), $entry); } } - if ($_SESSION['config']->scriptServer) setquotas($attr['uid'][0],'group'); + if ($_SESSION['config']->scriptServer) setquotas($values,'group',$values_old); return 3; } diff --git a/lam/lib/lamdaemon.pl b/lam/lib/lamdaemon.pl index a8221cc0..f43e333e 100755 --- a/lam/lib/lamdaemon.pl +++ b/lam/lib/lamdaemon.pl @@ -25,19 +25,19 @@ # Configure-Options # change only variables starting from here # list of valid admins -@admins = ('cn=Manager,dc=my-domain,dc=com'); +@admins = ('cn=Manager,dc=my-domain,dc=com', + 'uid=test,ou=people,dc=my-domain,dc=com'); $server_ldap="127.0.0.1"; # IP or DNS of ldap-server $server_ssh="127.0.0.1"; # IP or DNS of host to create homedirs, quota, .... -$server_ssh_ident = "/var/lib/wwwrun/.ssh/id_dsa"; -$server_ssh_known = "/var/lib/wwwrun/.ssh/knownhosts"; - +$server_ssh_ident = "/var/lib/wwwrun/.ssh/id_dsa"; # SSH-Key to use +$path = "/srv/www/htdocs/lam/lib/lamdaemon.pl"; # path to ldap on remote-host $server_ldap_port='389'; # Port used from ldap $server_tls='no'; # Use TLS? $server_tls_verify='require'; # none,optional or require a valid server certificated $server_tls_clientcert=''; # path to client certificate $server_tls_clientkey=''; # path to client certificate $server_tls_decryptkey=''; # To to decrypt clientkey -$server_tls_cafile=''; # Path to CA-File +$server_tls_cafile='/etc/certificates/ca.cert'; # Path to CA-File $debug=true; # Show debug messages # Don't change anything below this line @@ -182,7 +182,7 @@ if ($found==true) { $i=0; ($<, $>) = ($>, $<); # Get root privileges while ($quota_usr[$i][0]) { - $dev = Quota::getqcarg($quota[$i][1]); + $dev = Quota::getqcarg($quota[$i][0]); $return = Quota::setqlim($dev,$user[2],$quota[$i][1],$quota[$i][2],$quota[$i][3],$quota[$i][4],1,$group); $i++; } @@ -223,10 +223,9 @@ else { $username[0] =~ s/uid=//; my $ssh = Net::SSH::Perl->new($server_ssh, options=>[ "IdentityFile $server_ssh_ident", - "UserKnownHostsFile $server_ssh_known" + "UserKnownHostsFile /dev/null" ]); $ssh->login($username[0], $vals[1]); - #$path = "/srv/www/htdocs/lam/lib/lamdaemon.pl"; - ($stdout, $stderr, $exit) = $ssh->cmd("sudo $0 @ARGV"); + ($stdout, $stderr, $exit) = $ssh->cmd("sudo $path @ARGV"); print "$stdout"; } \ No newline at end of file diff --git a/lam/templates/account.php b/lam/templates/account.php index e8cb7153..c54d3464 100644 --- a/lam/templates/account.php +++ b/lam/templates/account.php @@ -152,10 +152,7 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch else $_SESSION['account']->smb_flagsD = false; if ($_POST['f_smb_flagsX']) $_SESSION['account']->smb_flagsX = true; else $_SESSION['account']->smb_flagsX = false; - if ($_POST['f_smb_mapgroup'] == _('Domain Guests')) $_SESSION['account']->smb_mapgroup = $_SESSION[config]->get_domainSID() . "-" . '514'; - if ($_POST['f_smb_mapgroup'] == _('Domain Users')) $_SESSION['account']->smb_mapgroup = $_SESSION[config]->get_domainSID() . "-" . '513'; - if ($_POST['f_smb_mapgroup'] == _('Domain Admins')) $_SESSION['account']->smb_mapgroup = $_SESSION[config]->get_domainSID() . "-" . '512'; - if (isset($_POST['f_smb_domain'])) $_SESSION['account']->smb_displayName = $_POST['f_smb_domain']; + if (isset($_POST['f_smb_displayName'])) $_SESSION['account']->smb_displayName = $_POST['f_smb_displayName']; else $_SESSION['account']->smb_displayName = ''; if ($_SESSION['config']->samba3 == 'yes') { @@ -164,6 +161,9 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch if ($_POST['f_smb_domain'] == $samba3domains[$i]->name) { $_SESSION['account']->smb_domain = $samba3domains[$i]; } + if ($_POST['f_smb_mapgroup'] == _('Domain Guests')) $_SESSION['account']->smb_mapgroup = $_SESSION['account']->smb_domain->SID . "-" . '514'; + if ($_POST['f_smb_mapgroup'] == _('Domain Users')) $_SESSION['account']->smb_mapgroup = $_SESSION['account']->smb_domain->SID . "-" . '513'; + if ($_POST['f_smb_mapgroup'] == _('Domain Admins')) $_SESSION['account']->smb_mapgroup = $_SESSION['account']->smb_domain->SID . "-" . '512'; } else { if (isset($_POST['f_smb_domain'])) $_SESSION['account']->smb_domain = $_POST['f_smb_domain']; @@ -828,7 +828,7 @@ switch ($select_local) { // Select which part of page will be loaded echo ''; echo _('Windows well known group'); echo ''."\n".''. + ''. ''. ''._('Help').''. - ''."\n"; + ''."\n".''; + echo _('Domain'); + echo ''; echo ''; @@ -1023,6 +1034,33 @@ switch ($select_local) { // Select which part of page will be loaded 'mv ' . $_SESSION['account_old' ]->general_homedir . ' ' . $_SESSION['account']->general_homedir); echo ''."\n"; } + if (!in_array('posixAccount', $_SESSION['account_old']->general_objectClass)) { + echo ''; + StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.')); + echo "\n"; + } + if (!in_array('shadowAccount', $_SESSION['account_old']->general_objectClass)) { + echo ''; + StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.')); + echo "\n"; + } + if (!in_array('inetOrgPerson', $_SESSION['account_old']->general_objectClass)) { + echo ''; + StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.')); + echo "\n"; + } + if ($_SESSION['config']->samba3 == 'yes') { + if (!in_array('sambaSamAccount', $_SESSION['account_old']->general_objectClass)) { + echo ''; + StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.')); + echo "\n"; + }} + else + if (!in_array('sambaAccount', $_SESSION['account_old']->general_objectClass)) { + echo ''; + StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.')); + echo "\n"; + } break; case 'group' : if (($_SESSION['account_old']) && ($_SESSION['account']->general_uidNumber != $_SESSION['account_old']->general_uidNumber)) { @@ -1037,6 +1075,16 @@ switch ($select_local) { // Select which part of page will be loaded echo _('Change GID-Number of all users in group to new value'); echo ''."\n"; } + if (($_SESSION['config']->samba3 == 'yes') && (!in_array('sambaGroupMapping', $_SESSION['account_old']->general_objectClass))) { + echo ''; + StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.')); + echo "\n"; + } + if (!in_array('posixGroup', $_SESSION['account_old']->general_objectClass)) { + echo ''; + StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.')); + echo "\n"; + } break; case 'host': if (($_SESSION['account_old']) && ($_SESSION['account']->general_uidNumber != $_SESSION['account_old']->general_uidNumber)) { @@ -1045,6 +1093,33 @@ switch ($select_local) { // Select which part of page will be loaded 'find / -gid ' . $_SESSION['account_old' ]->general_uidNumber . ' -exec chown ' . $_SESSION['account']->general_uidNumber . ' {} \;'); echo ''."\n"; } + if (!in_array('posixAccount', $_SESSION['account_old']->general_objectClass)) { + echo ''; + StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.')); + echo "\n"; + } + if (!in_array('shadowAccount', $_SESSION['account_old']->general_objectClass)) { + echo ''; + StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.')); + echo "\n"; + } + if (!in_array('account', $_SESSION['account_old']->general_objectClass)) { + echo ''; + StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.')); + echo "\n"; + } + if ($_SESSION['config']->samba3 == 'yes') { + if (!in_array('sambaSamAccount', $_SESSION['account_old']->general_objectClass)) { + echo ''; + StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.')); + echo "\n"; + }} + else + if (!in_array('sambaAccount', $_SESSION['account_old']->general_objectClass)) { + echo ''; + StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.')); + echo "\n"; + } break; } echo ''.