Fixed serveral things in lamdaemon.
objectClasses are now checked Removed small bug when DN has to be changed
This commit is contained in:
parent
dcf11d1ee7
commit
3d2241b4e8
|
@ -6,13 +6,21 @@ thins to get it work.
|
|||
1. Set values in LDAP Account manager
|
||||
* Set the remote or local host in the configuration
|
||||
(e.g. 127.0.0.1)
|
||||
* Path to lamdaemon.pl, e.g. /srv/www/htdocs/lam/lib/lamdaemon.pl
|
||||
|
||||
2. Set up SSH
|
||||
I don't know if this step is really needed but I had some
|
||||
problems using Net::SSH without keys.
|
||||
* Log in on remote host as $admin
|
||||
* run "ssh-keygen -t dsa" to create all needed keys
|
||||
if not yet done
|
||||
|
||||
3. Set up sudo
|
||||
The perlskript has to run as root (very ugly I know but
|
||||
I haven't found any other solution). Therefor we need
|
||||
a wrapper, sudo.
|
||||
Edit /etc/sudoers and add the following line:
|
||||
Edit /etc/sudoers on host homedirs or quotas should be used
|
||||
and add the following line:
|
||||
$admin All= NOPASSWD: $path
|
||||
$admin is the adminuser from lam and $path
|
||||
is the path include the filename of lamdaemon.pl
|
||||
|
@ -24,11 +32,24 @@ thins to get it work.
|
|||
perl -MCPAN -e shell
|
||||
install Quota
|
||||
install Net::LDAP
|
||||
install Net:SSH
|
||||
install Net::SSH::Perl
|
||||
Please answer all questions to describe your system
|
||||
Every additional needed module should be installed
|
||||
automaticly
|
||||
|
||||
I installed Math::Pari, a needed module, by hand.
|
||||
I had many problems to install Math::Pari, a module needed
|
||||
by Net:SSH::Perl. The reason is a bug in gcc 3.3 (In my case).
|
||||
I found the following solution to prevent this bug:
|
||||
* Download and untar pari (http://www.parigp-home.de)
|
||||
* Download and untar Math::Pari
|
||||
* run perl Makefile.PL
|
||||
* edit Makefile and libPARI/Makefile
|
||||
Replace line "OPTIMIZE = -O3 --pipe" with
|
||||
"OPTIMIZE = -O1 --pipe".
|
||||
* run make
|
||||
* run make install
|
||||
|
||||
5. Set up lamdaemon.pl
|
||||
Make all needed changes in lamdaemon.pl
|
||||
|
||||
|
|
|
@ -25,6 +25,7 @@ $Id$
|
|||
|
||||
class account { // This class keeps all needed values for any account
|
||||
// General Settings
|
||||
var $general_objectClass; // Array, contains old objectclasses of loaded account
|
||||
var $general_username; // string Username, Hostname or Groupname
|
||||
var $general_uidNumber; // string UIDNumber(user|host) GIDNumber(group) only natural numbers allowed
|
||||
var $general_surname; // string Surname (user)
|
||||
|
@ -516,7 +517,7 @@ function setquotas($values,$type,$values_old=false) { // Whis function will set
|
|||
}
|
||||
$i++;
|
||||
}
|
||||
if ($i!=0) exec($$_SESSION['config']->scriptPath." $towrite", $vals);
|
||||
if ($i!=0) exec($_SESSION['config']->scriptPath." $towrite", $vals);
|
||||
//if ($i!=0) exec("/usr/bin/ssh ".$_SESSION['config']->scriptServer." sudo ".$_SESSION['config']->scriptPath." $towrite", $vals);
|
||||
}
|
||||
|
||||
|
@ -717,6 +718,11 @@ function loaduser($dn) { // Will load all needed values from an existing account
|
|||
else $return->unix_host = $return->unix_host . ', ' . $attr['host'][$i];
|
||||
$i++;
|
||||
}
|
||||
$i=0;
|
||||
while (isset($attr['objectClass'][$i])) {
|
||||
$return->general_objectClass[$i] = $attr['objectClass'][$i];
|
||||
$i++;
|
||||
}
|
||||
if ($_SESSION['config']->samba3 == 'yes') {
|
||||
if (isset($attr['sambaAcctFlags'][0])) {
|
||||
if (strrpos($attr['sambaAcctFlags'][0], 'W')) $return->smb_flagsW=true;
|
||||
|
@ -779,6 +785,11 @@ function loadhost($dn) { // Will load all needed values from an existing account
|
|||
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
|
||||
$return->general_dn = (ldap_get_dn($_SESSION['ldap']->server(), $entry));
|
||||
$attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
|
||||
$i=0;
|
||||
while (isset($attr['objectClass'][$i])) {
|
||||
$return->general_objectClass[$i] = $attr['objectClass'][$i];
|
||||
$i++;
|
||||
}
|
||||
if (isset($attr['uid'][0])) $return->general_username = $attr['uid'][0];
|
||||
if (isset($attr['uidNumber'][0])) $return->general_uidNumber = $attr['uidNumber'][0];
|
||||
if (isset($attr['shadowLastChange'][0])) $return->unix_shadowLastChange = $attr['shadowLastChange'][0];
|
||||
|
@ -839,16 +850,28 @@ function loadgroup($dn) { // Will load all needed values from an existing group
|
|||
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
|
||||
$return->general_dn = (ldap_get_dn($_SESSION['ldap']->server(), $entry));
|
||||
$attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
|
||||
$i=0;
|
||||
while (isset($attr['objectClass'][$i])) {
|
||||
$return->general_objectClass[$i] = $attr['objectClass'][$i];
|
||||
$i++;
|
||||
}
|
||||
if (isset($attr['gidNumber'][0])) $return->general_uidNumber = $attr['gidNumber'][0];
|
||||
if (isset($attr['description'][0])) $return->general_gecos = $attr['description'][0];
|
||||
if (isset($attr['cn'][0])) {
|
||||
$return->general_username = $attr['cn'][0];
|
||||
if ($_SESSION['config']->scriptServer) getquotas('group',$attr['cn'][0]);
|
||||
}
|
||||
if (isset($attr['memberUid'])) $return->general_memberUid = $attr['memberUid'];
|
||||
if (isset($attr['memberUid'][0])) $return->general_memberUid = $attr['memberUid'][0];
|
||||
if (is_array($return->general_memberUid)) array_shift($return->general_memberUid);
|
||||
if (isset($attr['sambaSID'])) $return->smb_mapgroup = $attr['sambaSID'];
|
||||
if (isset($attr['displayName'])) $return->smb_displayName = $attr['displayName'];
|
||||
if (isset($attr['sambaSID'][0])) {
|
||||
$return->smb_mapgroup = $attr['sambaSID'][0];
|
||||
$temp = explode('-', $attr['sambaSID'][0]);
|
||||
$SID = $temp[0].'-'.$temp[1].'-'.$temp[2].'-'.$temp[3].'-'.$temp[4].'-'.$temp[5].'-'.$temp[6];
|
||||
$samba3domains = $_SESSION['ldap']->search_domains($_SESSION[config]->get_domainSuffix());
|
||||
for ($i=0; $i<sizeof($samba3domains); $i++)
|
||||
if ($SID == $samba3domains[$i]->SID) $return->smb_domain = $samba3domains[$i];
|
||||
}
|
||||
if (isset($attr['displayName'][0])) $return->smb_displayName = $attr['displayName'][0];
|
||||
if ($_SESSION['config']->scriptServer) {
|
||||
$values = getquotas('group',$return->general_username);
|
||||
if (is_object($values)) {
|
||||
|
@ -961,7 +984,7 @@ function createuser($values) { // Will create the LDAP-Account
|
|||
$hosts = explode (',', $values->unix_host);
|
||||
$i=0;
|
||||
while(isset($hosts[$i])) {
|
||||
$attr['host'][$i] = $hosts[$i];
|
||||
if ($hosts[$i]!='') $attr['host'][$i] = $hosts[$i];
|
||||
$i++;
|
||||
}
|
||||
if ($values->unix_pwdminage!='') $attr['shadowMin'] = $values->unix_pwdminage; // shadowAccount_may
|
||||
|
@ -976,7 +999,7 @@ function createuser($values) { // Will create the LDAP-Account
|
|||
$success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr);
|
||||
if (!$success) return 4;
|
||||
if ($_SESSION['config']->scriptServer) {
|
||||
setquotas($values->general_username,'user');
|
||||
setquotas($values,'user');
|
||||
addhomedir($values->general_username);
|
||||
}
|
||||
// Add User to Additional Groups
|
||||
|
@ -1136,7 +1159,7 @@ function modifyuser($values,$values_old) { // Will modify the LDAP-Account
|
|||
$j=0;
|
||||
while(isset($hosts[$i])) {
|
||||
if ($hosts[$i]!='') {
|
||||
$attr['host'][$j] = $hosts[$i];
|
||||
if ($hosts[$i]!='') $attr['host'][$j] = $hosts[$i];
|
||||
$j++;
|
||||
}
|
||||
$i++;
|
||||
|
@ -1145,7 +1168,7 @@ function modifyuser($values,$values_old) { // Will modify the LDAP-Account
|
|||
$j=0;
|
||||
while(isset($hosts_old[$i])) {
|
||||
if ($hosts_old[$i]!='') {
|
||||
$attr_rem['host'][$j] = $hosts_old[$i];
|
||||
if ($hosts_old[$i]!='') $attr_rem['host'][$j] = $hosts_old[$i];
|
||||
$j++;
|
||||
}
|
||||
$i++;
|
||||
|
@ -1212,6 +1235,32 @@ function modifyuser($values,$values_old) { // Will modify the LDAP-Account
|
|||
if ($values->general_givenname!=$values_old->general_givenname) $attr['givenName'] = $values->general_givenname;
|
||||
if ($values->general_surname!=$values_old->general_surname) $attr['sn'] = $values->general_surname;
|
||||
|
||||
if ( (!in_array('posixAccount', $_SESSION['account_old']->general_objectClass)) ||
|
||||
(!in_array('shadowAccount', $_SESSION['account_old']->general_objectClass)) ||
|
||||
(!in_array('inetOrgPerson', $_SESSION['account_old']->general_objectClass)) ||
|
||||
(($_SESSION['config']->samba3 =='yes') && (!in_array('sambaSamAccount', $_SESSION['account_old']->general_objectClass))) ||
|
||||
(($_SESSION['config']->samba3 !='yes') && (!in_array('sambaAccount', $_SESSION['account_old']->general_objectClass)))) {
|
||||
|
||||
$result = ldap_search($_SESSION['ldap']->server(), $values_old->general_dn, "objectclass=PosixGroup");
|
||||
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
|
||||
$attr_old = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
|
||||
// remove "count" from array
|
||||
unset($attr_old['count']);
|
||||
for ($i=0; $i < sizeof($attr_old); $i++) unset($attr_old[$i]);
|
||||
$keys = array_keys($attr_old);
|
||||
for ($i=0; $i < sizeof($keys); $i++)
|
||||
unset($attr_old[$keys[$i]]['count']);
|
||||
unset ($attr_old['objectClass']);
|
||||
$attr_old['objectClass'][0] = 'posixAccount';
|
||||
$attr_old['objectClass'][1] = 'shadowAccount';
|
||||
$attr_old['objectClass'][2] = 'inetOrgPerson';
|
||||
if ($_SESSION['config']->samba3 !='yes') $attr_old['objectClass'][3] = 'sambaSamAccount';
|
||||
else $attr_old['objectClass'][3] = 'sambaAccount';
|
||||
$success = ldap_delete($_SESSION['ldap']->server(),$values_old->general_dn);
|
||||
if ($success) $success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr_old);
|
||||
else return 5;
|
||||
}
|
||||
|
||||
if ($attr_rem) {
|
||||
$success = ldap_mod_del($_SESSION['ldap']->server(),$values_old->general_dn, $attr_rem);
|
||||
if (!$success) return 5;
|
||||
|
@ -1265,7 +1314,7 @@ function modifyuser($values,$values_old) { // Will modify the LDAP-Account
|
|||
}
|
||||
$entry = ldap_next_entry($_SESSION['ldap']->server(), $entry);
|
||||
}
|
||||
if ($_SESSION['config']->scriptServer) setquotas($values->general_username,'user',$values_old->general_username);
|
||||
if ($_SESSION['config']->scriptServer) setquotas($values,'user',$values_old);
|
||||
return 3;
|
||||
}
|
||||
|
||||
|
@ -1396,6 +1445,32 @@ function modifyhost($values,$values_old) { // Will modify the LDAP-Account
|
|||
$attr['displayName'] = $values->general_gecos; // sambaAccount_may
|
||||
}
|
||||
|
||||
if ( (!in_array('posixAccount', $_SESSION['account_old']->general_objectClass)) ||
|
||||
(!in_array('shadowAccount', $_SESSION['account_old']->general_objectClass)) ||
|
||||
(!in_array('account', $_SESSION['account_old']->general_objectClass)) ||
|
||||
(($_SESSION['config']->samba3 =='yes') && (!in_array('sambaSamAccount', $_SESSION['account_old']->general_objectClass))) ||
|
||||
(($_SESSION['config']->samba3 !='yes') && (!in_array('sambaAccount', $_SESSION['account_old']->general_objectClass)))) {
|
||||
|
||||
$result = ldap_search($_SESSION['ldap']->server(), $values_old->general_dn, "objectclass=PosixGroup");
|
||||
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
|
||||
$attr_old = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
|
||||
// remove "count" from array
|
||||
unset($attr_old['count']);
|
||||
for ($i=0; $i < sizeof($attr_old); $i++) unset($attr_old[$i]);
|
||||
$keys = array_keys($attr_old);
|
||||
for ($i=0; $i < sizeof($keys); $i++)
|
||||
unset($attr_old[$keys[$i]]['count']);
|
||||
unset ($attr_old['objectClass']);
|
||||
$attr_old['objectClass'][0] = 'posixAccount';
|
||||
$attr_old['objectClass'][1] = 'shadowAccount';
|
||||
$attr_old['objectClass'][2] = 'account';
|
||||
if ($_SESSION['config']->samba3 !='yes') $attr_old['objectClass'][3] = 'sambaSamAccount';
|
||||
else $attr_old['objectClass'][3] = 'sambaAccount';
|
||||
$success = ldap_delete($_SESSION['ldap']->server(),$values_old->general_dn);
|
||||
if ($success) $success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr_old);
|
||||
else return 5;
|
||||
}
|
||||
|
||||
if ($attr_rem) {
|
||||
$success = ldap_mod_del($_SESSION['ldap']->server(),$values_old->general_dn, $attr_rem);
|
||||
if (!$success) return 5;
|
||||
|
@ -1405,7 +1480,7 @@ function modifyhost($values,$values_old) { // Will modify the LDAP-Account
|
|||
if (!$success) return 5;
|
||||
}
|
||||
if ($values->general_dn != $values_old->general_dn) {// Hostname hasn't changed
|
||||
$result = ldap_search($_SESSION['ldap']->server(), $dn, "objectclass=PosixAccount");
|
||||
$result = ldap_search($_SESSION['ldap']->server(), $values_old->general_dn, "objectclass=PosixAccount");
|
||||
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
|
||||
$attr_old = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
|
||||
// remove "count" from array
|
||||
|
@ -1416,8 +1491,8 @@ function modifyhost($values,$values_old) { // Will modify the LDAP-Account
|
|||
unset($attr_old[$keys[$i]]['count']);
|
||||
$success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr_old);
|
||||
if ($success) $success = ldap_delete($_SESSION['ldap']->server(),$values_old->general_dn);
|
||||
}
|
||||
if (!$success) return 5;
|
||||
}
|
||||
return 3;
|
||||
}
|
||||
|
||||
|
@ -1454,7 +1529,7 @@ function creategroup($values) { // Will create the LDAP-Group
|
|||
if ($values->smb_displayName) $attr['displayName'] = $values->smb_displayName;
|
||||
}
|
||||
$success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr);
|
||||
if ($_SESSION['config']->scriptServer) setquotas($attr['uid'][0],'group');
|
||||
if ($_SESSION['config']->scriptServer) setquotas($values,'group');
|
||||
if ($success) return 1;
|
||||
else return 4;
|
||||
}
|
||||
|
@ -1492,12 +1567,29 @@ function modifygroup($values,$values_old) { // Will modify the LDAP-Group
|
|||
$success = ldap_mod_del($_SESSION['ldap']->server(),$values_old->general_dn, $attr_rem);
|
||||
if (!$success) return 5;
|
||||
}
|
||||
if (($_SESSION['config']->samba3 = 'yes') && (!in_array('sambaGroupMapping', $_SESSION['account_old']->general_objectClass))) {
|
||||
$result = ldap_search($_SESSION['ldap']->server(), $values_old->general_dn, "objectclass=PosixGroup");
|
||||
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
|
||||
$attr_old = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
|
||||
// remove "count" from array
|
||||
unset($attr_old['count']);
|
||||
for ($i=0; $i < sizeof($attr_old); $i++) unset($attr_old[$i]);
|
||||
$keys = array_keys($attr_old);
|
||||
for ($i=0; $i < sizeof($keys); $i++)
|
||||
unset($attr_old[$keys[$i]]['count']);
|
||||
unset ($attr_old['objectClass']);
|
||||
$attr_old['objectClass'][0] = 'posixGroup';
|
||||
$attr_old['objectClass'][1] = 'sambaGroupMapping';
|
||||
$success = ldap_delete($_SESSION['ldap']->server(),$values_old->general_dn);
|
||||
if ($success) $success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr_old);
|
||||
else return 5;
|
||||
}
|
||||
if ($attr) {
|
||||
$success = ldap_mod_replace($_SESSION['ldap']->server(),$values->general_dn, $attr);
|
||||
if (!$success) return 5;
|
||||
}
|
||||
if ($values->general_dn != $values_old->general_dn) {// Groupname hasn't changed
|
||||
$result = ldap_search($_SESSION['ldap']->server(), $dn, "objectclass=PosixGroup");
|
||||
$result = ldap_search($_SESSION['ldap']->server(), $values_old->general_dn, "objectclass=PosixGroup");
|
||||
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
|
||||
$attr_old = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
|
||||
// remove "count" from array
|
||||
|
@ -1509,8 +1601,8 @@ function modifygroup($values,$values_old) { // Will modify the LDAP-Group
|
|||
$success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr_old);
|
||||
if ($success) ldap_delete($_SESSION['ldap']->server(),$values_old->general_dn);
|
||||
if ($success) $success = ldap_mod_replace($_SESSION['ldap']->server(),$values->general_dn, $attr);
|
||||
}
|
||||
if (!$success) return 5;
|
||||
}
|
||||
if ( $_SESSION['final_changegids']==true ) {
|
||||
$result = ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_UserSuffix(), 'gidNumber=' . $values_old->general_uidNumber, array('gidNumber'));
|
||||
$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
|
||||
|
@ -1520,7 +1612,7 @@ function modifygroup($values,$values_old) { // Will modify the LDAP-Group
|
|||
$entry = ldap_next_entry($_SESSION['ldap']->server(), $entry);
|
||||
}
|
||||
}
|
||||
if ($_SESSION['config']->scriptServer) setquotas($attr['uid'][0],'group');
|
||||
if ($_SESSION['config']->scriptServer) setquotas($values,'group',$values_old);
|
||||
return 3;
|
||||
}
|
||||
|
||||
|
|
|
@ -25,19 +25,19 @@
|
|||
# Configure-Options
|
||||
# change only variables starting from here
|
||||
# list of valid admins
|
||||
@admins = ('cn=Manager,dc=my-domain,dc=com');
|
||||
@admins = ('cn=Manager,dc=my-domain,dc=com',
|
||||
'uid=test,ou=people,dc=my-domain,dc=com');
|
||||
$server_ldap="127.0.0.1"; # IP or DNS of ldap-server
|
||||
$server_ssh="127.0.0.1"; # IP or DNS of host to create homedirs, quota, ....
|
||||
$server_ssh_ident = "/var/lib/wwwrun/.ssh/id_dsa";
|
||||
$server_ssh_known = "/var/lib/wwwrun/.ssh/knownhosts";
|
||||
|
||||
$server_ssh_ident = "/var/lib/wwwrun/.ssh/id_dsa"; # SSH-Key to use
|
||||
$path = "/srv/www/htdocs/lam/lib/lamdaemon.pl"; # path to ldap on remote-host
|
||||
$server_ldap_port='389'; # Port used from ldap
|
||||
$server_tls='no'; # Use TLS?
|
||||
$server_tls_verify='require'; # none,optional or require a valid server certificated
|
||||
$server_tls_clientcert=''; # path to client certificate
|
||||
$server_tls_clientkey=''; # path to client certificate
|
||||
$server_tls_decryptkey=''; # To to decrypt clientkey
|
||||
$server_tls_cafile=''; # Path to CA-File
|
||||
$server_tls_cafile='/etc/certificates/ca.cert'; # Path to CA-File
|
||||
$debug=true; # Show debug messages
|
||||
|
||||
# Don't change anything below this line
|
||||
|
@ -182,7 +182,7 @@ if ($found==true) {
|
|||
$i=0;
|
||||
($<, $>) = ($>, $<); # Get root privileges
|
||||
while ($quota_usr[$i][0]) {
|
||||
$dev = Quota::getqcarg($quota[$i][1]);
|
||||
$dev = Quota::getqcarg($quota[$i][0]);
|
||||
$return = Quota::setqlim($dev,$user[2],$quota[$i][1],$quota[$i][2],$quota[$i][3],$quota[$i][4],1,$group);
|
||||
$i++;
|
||||
}
|
||||
|
@ -223,10 +223,9 @@ else {
|
|||
$username[0] =~ s/uid=//;
|
||||
my $ssh = Net::SSH::Perl->new($server_ssh, options=>[
|
||||
"IdentityFile $server_ssh_ident",
|
||||
"UserKnownHostsFile $server_ssh_known"
|
||||
"UserKnownHostsFile /dev/null"
|
||||
]);
|
||||
$ssh->login($username[0], $vals[1]);
|
||||
#$path = "/srv/www/htdocs/lam/lib/lamdaemon.pl";
|
||||
($stdout, $stderr, $exit) = $ssh->cmd("sudo $0 @ARGV");
|
||||
($stdout, $stderr, $exit) = $ssh->cmd("sudo $path @ARGV");
|
||||
print "$stdout";
|
||||
}
|
|
@ -152,10 +152,7 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
|
|||
else $_SESSION['account']->smb_flagsD = false;
|
||||
if ($_POST['f_smb_flagsX']) $_SESSION['account']->smb_flagsX = true;
|
||||
else $_SESSION['account']->smb_flagsX = false;
|
||||
if ($_POST['f_smb_mapgroup'] == _('Domain Guests')) $_SESSION['account']->smb_mapgroup = $_SESSION[config]->get_domainSID() . "-" . '514';
|
||||
if ($_POST['f_smb_mapgroup'] == _('Domain Users')) $_SESSION['account']->smb_mapgroup = $_SESSION[config]->get_domainSID() . "-" . '513';
|
||||
if ($_POST['f_smb_mapgroup'] == _('Domain Admins')) $_SESSION['account']->smb_mapgroup = $_SESSION[config]->get_domainSID() . "-" . '512';
|
||||
if (isset($_POST['f_smb_domain'])) $_SESSION['account']->smb_displayName = $_POST['f_smb_domain'];
|
||||
if (isset($_POST['f_smb_displayName'])) $_SESSION['account']->smb_displayName = $_POST['f_smb_displayName'];
|
||||
else $_SESSION['account']->smb_displayName = '';
|
||||
|
||||
if ($_SESSION['config']->samba3 == 'yes') {
|
||||
|
@ -164,6 +161,9 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
|
|||
if ($_POST['f_smb_domain'] == $samba3domains[$i]->name) {
|
||||
$_SESSION['account']->smb_domain = $samba3domains[$i];
|
||||
}
|
||||
if ($_POST['f_smb_mapgroup'] == _('Domain Guests')) $_SESSION['account']->smb_mapgroup = $_SESSION['account']->smb_domain->SID . "-" . '514';
|
||||
if ($_POST['f_smb_mapgroup'] == _('Domain Users')) $_SESSION['account']->smb_mapgroup = $_SESSION['account']->smb_domain->SID . "-" . '513';
|
||||
if ($_POST['f_smb_mapgroup'] == _('Domain Admins')) $_SESSION['account']->smb_mapgroup = $_SESSION['account']->smb_domain->SID . "-" . '512';
|
||||
}
|
||||
else {
|
||||
if (isset($_POST['f_smb_domain'])) $_SESSION['account']->smb_domain = $_POST['f_smb_domain'];
|
||||
|
@ -828,7 +828,7 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
echo '<tr><td>';
|
||||
echo _('Windows well known group');
|
||||
echo '</td>'."\n".'<td><select name="f_smb_mapgroup" >';
|
||||
if ( $_SESSION['account']->smb_mapgroup == $_SESSION[config]->get_domainSID() . "-" . '514' ) {
|
||||
if ( $_SESSION['account']->smb_mapgroup == $_SESSION['account']->smb_domain->SID . "-" . '514' ) {
|
||||
echo '<option selected> ';
|
||||
echo _('Domain Guests');
|
||||
echo "</option>\n"; }
|
||||
|
@ -837,7 +837,7 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
echo _('Domain Guests');
|
||||
echo "</option>\n";
|
||||
}
|
||||
if ( $_SESSION['account']->smb_mapgroup == $_SESSION[config]->get_domainSID() . "-" . '513' ) {
|
||||
if ( $_SESSION['account']->smb_mapgroup == $_SESSION['account']->smb_domain->SID . "-" . '513' ) {
|
||||
echo '<option selected> ';
|
||||
echo _('Domain Users');
|
||||
echo "</option>\n"; }
|
||||
|
@ -846,7 +846,7 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
echo _('Domain Users');
|
||||
echo "</option>\n";
|
||||
}
|
||||
if ( $_SESSION['account']->smb_mapgroup == $_SESSION[config]->get_domainSID() . "-" . '512' ) {
|
||||
if ( $_SESSION['account']->smb_mapgroup == $_SESSION['account']->smb_domain->SID . "-" . '512' ) {
|
||||
echo '<option selected> ';
|
||||
echo _('Domain Admins');
|
||||
echo "</option>\n"; }
|
||||
|
@ -860,14 +860,25 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
'</td></tr>'."\n".'<tr><td>';
|
||||
echo _('Windows Groupname');
|
||||
echo '</td><td>'.
|
||||
'<input name="f_smb_domain" type="text" size="30" maxlength="80" value="' . $_SESSION['account']->smb_displayName . '">'.
|
||||
'<input name="f_smb_displayName" type="text" size="30" maxlength="80" value="' . $_SESSION['account']->smb_displayName . '">'.
|
||||
'</td><td>'.
|
||||
'<a href="help.php?HelpNumber=465" target="lamhelp">'._('Help').'</a>'.
|
||||
'</td></tr>'."\n";
|
||||
'</td></tr>'."\n".'<tr><td>';
|
||||
echo _('Domain');
|
||||
echo '</td><td><select name="f_smb_domain">';
|
||||
for ($i=0; $i<sizeof($samba3domains); $i++) {
|
||||
if ($_SESSION['account']->smb_domain->name) {
|
||||
if ($_SESSION['account']->smb_domain->name == $samba3domains[$i]->name)
|
||||
echo '<option selected>' . $samba3domains[$i]->name. '</option>';
|
||||
else echo '<option>' . $samba3domains[$i]->name. '</option>';
|
||||
}
|
||||
else echo '<option>' . $samba3domains[$i]->name. '</option>';
|
||||
}
|
||||
break;
|
||||
case 'host':
|
||||
// set smb_flgasW true because account is host
|
||||
$_SESSION['account']->smb_flagsW = 1;
|
||||
if ($_SESSION['account']->smb_password_no) echo '<input name="f_smb_password_no" type="hidden" value="1l">';
|
||||
echo '<input name="f_unix_password_no" type="hidden" value="';
|
||||
if ($_SESSION['account']->unix_password_no) echo 'checked';
|
||||
echo '">';
|
||||
|
@ -1023,6 +1034,33 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
'mv ' . $_SESSION['account_old' ]->general_homedir . ' ' . $_SESSION['account']->general_homedir);
|
||||
echo '</tr>'."\n";
|
||||
}
|
||||
if (!in_array('posixAccount', $_SESSION['account_old']->general_objectClass)) {
|
||||
echo '<tr>';
|
||||
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
|
||||
echo "</tr>\n";
|
||||
}
|
||||
if (!in_array('shadowAccount', $_SESSION['account_old']->general_objectClass)) {
|
||||
echo '<tr>';
|
||||
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
|
||||
echo "</tr>\n";
|
||||
}
|
||||
if (!in_array('inetOrgPerson', $_SESSION['account_old']->general_objectClass)) {
|
||||
echo '<tr>';
|
||||
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
|
||||
echo "</tr>\n";
|
||||
}
|
||||
if ($_SESSION['config']->samba3 == 'yes') {
|
||||
if (!in_array('sambaSamAccount', $_SESSION['account_old']->general_objectClass)) {
|
||||
echo '<tr>';
|
||||
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
|
||||
echo "</tr>\n";
|
||||
}}
|
||||
else
|
||||
if (!in_array('sambaAccount', $_SESSION['account_old']->general_objectClass)) {
|
||||
echo '<tr>';
|
||||
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
|
||||
echo "</tr>\n";
|
||||
}
|
||||
break;
|
||||
case 'group' :
|
||||
if (($_SESSION['account_old']) && ($_SESSION['account']->general_uidNumber != $_SESSION['account_old']->general_uidNumber)) {
|
||||
|
@ -1037,6 +1075,16 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
echo _('Change GID-Number of all users in group to new value');
|
||||
echo '</td></tr>'."\n";
|
||||
}
|
||||
if (($_SESSION['config']->samba3 == 'yes') && (!in_array('sambaGroupMapping', $_SESSION['account_old']->general_objectClass))) {
|
||||
echo '<tr>';
|
||||
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
|
||||
echo "</tr>\n";
|
||||
}
|
||||
if (!in_array('posixGroup', $_SESSION['account_old']->general_objectClass)) {
|
||||
echo '<tr>';
|
||||
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
|
||||
echo "</tr>\n";
|
||||
}
|
||||
break;
|
||||
case 'host':
|
||||
if (($_SESSION['account_old']) && ($_SESSION['account']->general_uidNumber != $_SESSION['account_old']->general_uidNumber)) {
|
||||
|
@ -1045,6 +1093,33 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
'find / -gid ' . $_SESSION['account_old' ]->general_uidNumber . ' -exec chown ' . $_SESSION['account']->general_uidNumber . ' {} \;');
|
||||
echo '</tr>'."\n";
|
||||
}
|
||||
if (!in_array('posixAccount', $_SESSION['account_old']->general_objectClass)) {
|
||||
echo '<tr>';
|
||||
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
|
||||
echo "</tr>\n";
|
||||
}
|
||||
if (!in_array('shadowAccount', $_SESSION['account_old']->general_objectClass)) {
|
||||
echo '<tr>';
|
||||
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
|
||||
echo "</tr>\n";
|
||||
}
|
||||
if (!in_array('account', $_SESSION['account_old']->general_objectClass)) {
|
||||
echo '<tr>';
|
||||
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
|
||||
echo "</tr>\n";
|
||||
}
|
||||
if ($_SESSION['config']->samba3 == 'yes') {
|
||||
if (!in_array('sambaSamAccount', $_SESSION['account_old']->general_objectClass)) {
|
||||
echo '<tr>';
|
||||
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
|
||||
echo "</tr>\n";
|
||||
}}
|
||||
else
|
||||
if (!in_array('sambaAccount', $_SESSION['account_old']->general_objectClass)) {
|
||||
echo '<tr>';
|
||||
StatusMessage('WARN', _('ObjectClass doesn\'t fit.'), _('Have to recreate entry.'));
|
||||
echo "</tr>\n";
|
||||
}
|
||||
break;
|
||||
}
|
||||
echo '<tr><td>'.
|
||||
|
|
Loading…
Reference in New Issue