diff --git a/lam/help/help.inc b/lam/help/help.inc index 7c18da72..1b7f4eb3 100644 --- a/lam/help/help.inc +++ b/lam/help/help.inc @@ -289,7 +289,11 @@ $helpArray = array ( "462" => array ("ext" => "FALSE", "Headline" => _("Suffix"), "Text" => _("Suffix")), "463" => array ("ext" => "FALSE", "Headline" => _("Suffix"), - "Text" => _("Suffix")) + "Text" => _("Suffix")), + "464" => array ("ext" => "FALSE", "Headline" => _("Windows Well Known Group"), + "Text" => _("Windows Well Known Group")), + "465" => array ("ext" => "FALSE", "Headline" => _("Windows Groupname"), + "Text" => _("Windows Groupname")) /* This is a sample help entry. Just copy this line an modify the vakues between the [] brackets. Help text is located in the array: "[Helpnumber]" => array ("ext" => "FALSE", "Headline" => _("[Headline]"), "Text" => _("[Text]"), "SeeAlso" => "[SeeAlso link]"), diff --git a/lam/lib/account.inc b/lam/lib/account.inc index 7ffca7be..6f52e38a 100644 --- a/lam/lib/account.inc +++ b/lam/lib/account.inc @@ -63,6 +63,8 @@ class account { // This class keeps all needed values for any account var $smb_flagsW; // string (1|0) account is host? (user|host) var $smb_flagsD; // string (1|0) account is disabled? (user|host) var $smb_flagsX; // string (1|0) password doesn'T expire (user|host) + var $smb_mapgroup; // decimal ID for groups + var $smb_displayName; // GRoupname displayed by samba // Quota Settins var $quota; // array[][] First array is an index for every chare with active quotas // second array Contains values for every share: @@ -357,6 +359,8 @@ function checksamba($values, $type) { // This function checks all samba account $return->smb_password = $values->unix_password; $return->smb_flagsW = 1; break; + case 'group' : + break; } if ((!$values->smb_domain=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[-])+$', $values->smb_domain)) $errors[] = array('ERROR', _('Domain Name'), _('Domain Name contents invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.')); @@ -818,7 +822,8 @@ function loadgroup($dn) { // Will load all needed values from an existing group } if ($attr['memberUid']) $return->general_memberUid = $attr['memberUid']; if (is_array($return->general_memberUid)) array_shift($return->general_memberUid); - $return->general_dn = $dn; + if ($attr['sambaSID']) $return->smb_mapgroup = $attr['sambaSID']; + if ($attr['displayName']) $return->smb_displayName = $attr['displayName']; if ($_SESSION['config']->scriptServer) { $values = getquotas('group',$return->general_username); if (is_object($values)) { @@ -1510,11 +1515,17 @@ function creategroup($values) { // Will create the LDAP-Group $values->smb_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($values->smb_password), MCRYPT_MODE_ECB, $iv); $values->smb_password = str_replace(chr(00), '', $values->smb_password); } - $attr['objectClass'] = 'posixGroup'; + $attr['objectClass'][0] = 'posixGroup'; $attr['cn'] = $values->general_username; $attr['gidNumber'] = $values->general_uidNumber; $attr['description'] = $values->general_gecos; if ($values->general_memeberUid) $attr['memberUid'] = $values->general_memberUid; + if ($_SESSION['config']->samba3 =='yes') { + $attr['objectClass'][1] = 'sambaGroupMapping'; + $attr['sambaSID'] = $values->smb_mapgroup; + $attr['sambaGroupType'] = '2'; + if ($values->smb_displayName) $attr['displayName'] = $values->smb_displayName; + } $success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr); if ($_SESSION['config']->scriptServer) setquotas($attr['uid'][0],'group'); if ($success) return 1; @@ -1542,6 +1553,18 @@ function modifygroup($values,$values_old) { // Will modify the LDAP-Group if ($values->general_uidNumber != $values_old->general_uidNumber) $attr['gidNumber'] = $values->general_uidNumber; if ($values->general_gecos != $values_old->general_gecos) $attr['description'] = $values->general_gecos; if ($values->general_memeberUid != $values_old->general_memberUid) $attr['memberUid'] = $values->general_memberUid; + if ($_SESSION['config']->samba3 =='yes') { + if ($values->smb_mapgroup != $values_old->smb_mapgroup) + $attr['sambaSID'] = $values->smb_mapgroup; + if (($values->smb_displayName!='') && ($values->smb_displayName!=$values_old->smb_displayName)) + $attr['displayName'] = $values->smb_displayName; + if (($values->smb_displayName=='') && ($values->smb_displayName!=$values_old->smb_displayName)) + $attr_rem['displayName'] = $values->smb_displayName; + } + if ($attr_rem) { + $success = ldap_mod_del($_SESSION['ldap']->server(),$values_old->general_dn, $attr_rem); + if (!$success) return 5; + } if ($attr) { $success = ldap_mod_replace($_SESSION['ldap']->server(),$values->general_dn, $attr); if (!$success) return 5; diff --git a/lam/templates/account.php b/lam/templates/account.php index bd15b3b0..80159831 100644 --- a/lam/templates/account.php +++ b/lam/templates/account.php @@ -72,7 +72,8 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch if ($_POST['next'] && ($errors=='')) switch ($_SESSION['type2']) { case 'user': $select_local = 'unix'; break; - case 'group': $select_local = 'quota'; break; + case 'group': if ($_SESSION['config']->samba3=='yes') $select_local = 'samba'; + else $select_local = 'quota'; break; case 'host': $select_local = 'unix'; break; } } @@ -157,6 +158,11 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch else $_SESSION['account']->smb_flagsD = false; if ($_POST['f_smb_flagsX']) $_SESSION['account']->smb_flagsX = $_POST['f_smb_flagsX']; else $_SESSION['account']->smb_flagsX = false; + if ($_POST['f_smb_mapgroup'] == _('Domain Guests')) $_SESSION['account']->smb_mapgroup = $_SESSION[config]->get_domainSID() . "-" . '514'; + if ($_POST['f_smb_mapgroup'] == _('Domain Users')) $_SESSION['account']->smb_mapgroup = $_SESSION[config]->get_domainSID() . "-" . '513'; + if ($_POST['f_smb_mapgroup'] == _('Domain Admins')) $_SESSION['account']->smb_mapgroup = $_SESSION[config]->get_domainSID() . "-" . '512'; + if ($_POST['f_smb_domain']) $_SESSION['account']->smb_displayName = $_POST['f_smb_domain']; + else $_SESSION['account']->smb_displayName = ''; // Check if values are OK and set automatic values. if not error-variable will be set list($values, $errors) = checksamba($_SESSION['account'], $_SESSION['type2']); // account.inc if (is_object($values)) { @@ -164,11 +170,16 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch if ($val) $_SESSION['account']->$key = $val; } // Check which part Site should be displayed next - if ($_POST['back']) $select_local = 'unix'; + if ($_POST['back']) + switch ($_SESSION['type2']) { + case 'user': $select_local = 'unix'; break; + case 'group': $select_local = 'general'; break; + } else if ($_POST['next']) if($errors=='') switch ($_SESSION['type2']) { case 'user': $select_local = 'quota'; break; + case 'group': $select_local = 'quota'; break; case 'host': $select_local = 'final'; break; } else $select_local = 'samba'; @@ -193,7 +204,8 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch if ($_POST['back']) switch ($_SESSION['type2']) { case 'user': $select_local = 'samba'; break; - case 'group': $select_local = 'general'; break; + case 'group': if ($_SESSION['config']->samba3=='yes') $select_local = 'samba'; + else $select_local = 'general'; break; } else if ($_POST['next']) if ($errors=='') @@ -377,7 +389,6 @@ if ($select_local != 'pdf') { for ($i=0; $i'._('Help').' '."\n"; break; + case 'group': + echo ''; + echo _('Windows well known group'); + echo ''."\n".''."\n".' + '._('Help').' + '."\n".''; + echo _('Windows Groupname'); + echo ' + + + '._('Help').' + '."\n"; + break; case 'host': // set smb_flgasW true because account is host $_SESSION['account']->smb_flagsW = 1;