WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

first try to support samba 3.0 groupmapping

This commit is contained in:
katagia 2003-06-30 12:06:44 +00:00
parent dadb3f7fbb
commit 3f6792329d
3 changed files with 86 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lam/help/help.inc
View File

@ -289,7 +289,11 @@ $helpArray = array (
"462" => array ("ext" => "FALSE", "Headline" => _("Suffix"), "462" => array ("ext" => "FALSE", "Headline" => _("Suffix"),
"Text" => _("Suffix")), "Text" => _("Suffix")),
"463" => array ("ext" => "FALSE", "Headline" => _("Suffix"), "463" => array ("ext" => "FALSE", "Headline" => _("Suffix"),
"Text" => _("Suffix")) "Text" => _("Suffix")),
"464" => array ("ext" => "FALSE", "Headline" => _("Windows Well Known Group"),
"Text" => _("Windows Well Known Group")),
"465" => array ("ext" => "FALSE", "Headline" => _("Windows Groupname"),
"Text" => _("Windows Groupname"))
/* This is a sample help entry. Just copy this line an modify the vakues between the [] brackets. /* This is a sample help entry. Just copy this line an modify the vakues between the [] brackets.
Help text is located in the array: Help text is located in the array:
"[Helpnumber]" => array ("ext" => "FALSE", "Headline" => _("[Headline]"), "Text" => _("[Text]"), "SeeAlso" => "[SeeAlso link]"), "[Helpnumber]" => array ("ext" => "FALSE", "Headline" => _("[Headline]"), "Text" => _("[Text]"), "SeeAlso" => "[SeeAlso link]"),

27
lam/lib/account.inc
View File

@ -63,6 +63,8 @@ class account { // This class keeps all needed values for any account
var $smb_flagsW; // string (1|0) account is host? (user|host) var $smb_flagsW; // string (1|0) account is host? (user|host)
var $smb_flagsD; // string (1|0) account is disabled? (user|host) var $smb_flagsD; // string (1|0) account is disabled? (user|host)
var $smb_flagsX; // string (1|0) password doesn'T expire (user|host) var $smb_flagsX; // string (1|0) password doesn'T expire (user|host)
var $smb_mapgroup; // decimal ID for groups
var $smb_displayName; // GRoupname displayed by samba
// Quota Settins // Quota Settins
var $quota; // array[][] First array is an index for every chare with active quotas var $quota; // array[][] First array is an index for every chare with active quotas
// second array Contains values for every share: // second array Contains values for every share:
@ -357,6 +359,8 @@ function checksamba($values, $type) { // This function checks all samba account
$return->smb_password = $values->unix_password; $return->smb_password = $values->unix_password;
$return->smb_flagsW = 1; $return->smb_flagsW = 1;
break; break;
case 'group' :
break;
} }
if ((!$values->smb_domain=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[-])+$', $values->smb_domain)) if ((!$values->smb_domain=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[-])+$', $values->smb_domain))
$errors[] = array('ERROR', _('Domain Name'), _('Domain Name contents invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.')); $errors[] = array('ERROR', _('Domain Name'), _('Domain Name contents invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.'));
@ -818,7 +822,8 @@ function loadgroup($dn) { // Will load all needed values from an existing group
} }
if ($attr['memberUid']) $return->general_memberUid = $attr['memberUid']; if ($attr['memberUid']) $return->general_memberUid = $attr['memberUid'];
if (is_array($return->general_memberUid)) array_shift($return->general_memberUid); if (is_array($return->general_memberUid)) array_shift($return->general_memberUid);
$return->general_dn = $dn; if ($attr['sambaSID']) $return->smb_mapgroup = $attr['sambaSID'];
if ($attr['displayName']) $return->smb_displayName = $attr['displayName'];
if ($_SESSION['config']->scriptServer) { if ($_SESSION['config']->scriptServer) {
$values = getquotas('group',$return->general_username); $values = getquotas('group',$return->general_username);
if (is_object($values)) { if (is_object($values)) {
@ -1510,11 +1515,17 @@ function creategroup($values) { // Will create the LDAP-Group
$values->smb_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($values->smb_password), MCRYPT_MODE_ECB, $iv); $values->smb_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($values->smb_password), MCRYPT_MODE_ECB, $iv);
$values->smb_password = str_replace(chr(00), '', $values->smb_password); $values->smb_password = str_replace(chr(00), '', $values->smb_password);
} }
$attr['objectClass'] = 'posixGroup'; $attr['objectClass'][0] = 'posixGroup';
$attr['cn'] = $values->general_username; $attr['cn'] = $values->general_username;
$attr['gidNumber'] = $values->general_uidNumber; $attr['gidNumber'] = $values->general_uidNumber;
$attr['description'] = $values->general_gecos; $attr['description'] = $values->general_gecos;
if ($values->general_memeberUid) $attr['memberUid'] = $values->general_memberUid; if ($values->general_memeberUid) $attr['memberUid'] = $values->general_memberUid;
if ($_SESSION['config']->samba3 =='yes') {
$attr['objectClass'][1] = 'sambaGroupMapping';
$attr['sambaSID'] = $values->smb_mapgroup;
$attr['sambaGroupType'] = '2';
if ($values->smb_displayName) $attr['displayName'] = $values->smb_displayName;
}
$success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr); $success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr);
if ($_SESSION['config']->scriptServer) setquotas($attr['uid'][0],'group'); if ($_SESSION['config']->scriptServer) setquotas($attr['uid'][0],'group');
if ($success) return 1; if ($success) return 1;
@ -1542,6 +1553,18 @@ function modifygroup($values,$values_old) { // Will modify the LDAP-Group
if ($values->general_uidNumber != $values_old->general_uidNumber) $attr['gidNumber'] = $values->general_uidNumber; if ($values->general_uidNumber != $values_old->general_uidNumber) $attr['gidNumber'] = $values->general_uidNumber;
if ($values->general_gecos != $values_old->general_gecos) $attr['description'] = $values->general_gecos; if ($values->general_gecos != $values_old->general_gecos) $attr['description'] = $values->general_gecos;
if ($values->general_memeberUid != $values_old->general_memberUid) $attr['memberUid'] = $values->general_memberUid; if ($values->general_memeberUid != $values_old->general_memberUid) $attr['memberUid'] = $values->general_memberUid;
if ($_SESSION['config']->samba3 =='yes') {
if ($values->smb_mapgroup != $values_old->smb_mapgroup)
$attr['sambaSID'] = $values->smb_mapgroup;
if (($values->smb_displayName!='') && ($values->smb_displayName!=$values_old->smb_displayName))
$attr['displayName'] = $values->smb_displayName;
if (($values->smb_displayName=='') && ($values->smb_displayName!=$values_old->smb_displayName))
$attr_rem['displayName'] = $values->smb_displayName;
}
if ($attr_rem) {
$success = ldap_mod_del($_SESSION['ldap']->server(),$values_old->general_dn, $attr_rem);
if (!$success) return 5;
}
if ($attr) { if ($attr) {
$success = ldap_mod_replace($_SESSION['ldap']->server(),$values->general_dn, $attr); $success = ldap_mod_replace($_SESSION['ldap']->server(),$values->general_dn, $attr);
if (!$success) return 5; if (!$success) return 5;

60
lam/templates/account.php
View File

@ -72,7 +72,8 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
if ($_POST['next'] && ($errors=='')) if ($_POST['next'] && ($errors==''))
switch ($_SESSION['type2']) { switch ($_SESSION['type2']) {
case 'user': $select_local = 'unix'; break; case 'user': $select_local = 'unix'; break;
case 'group': $select_local = 'quota'; break; case 'group': if ($_SESSION['config']->samba3=='yes') $select_local = 'samba';
else $select_local = 'quota'; break;
case 'host': $select_local = 'unix'; break; case 'host': $select_local = 'unix'; break;
} }
} }
@ -157,6 +158,11 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
else $_SESSION['account']->smb_flagsD = false; else $_SESSION['account']->smb_flagsD = false;
if ($_POST['f_smb_flagsX']) $_SESSION['account']->smb_flagsX = $_POST['f_smb_flagsX']; if ($_POST['f_smb_flagsX']) $_SESSION['account']->smb_flagsX = $_POST['f_smb_flagsX'];
else $_SESSION['account']->smb_flagsX = false; else $_SESSION['account']->smb_flagsX = false;
if ($_POST['f_smb_mapgroup'] == _('Domain Guests')) $_SESSION['account']->smb_mapgroup = $_SESSION[config]->get_domainSID() . "-" . '514';
if ($_POST['f_smb_mapgroup'] == _('Domain Users')) $_SESSION['account']->smb_mapgroup = $_SESSION[config]->get_domainSID() . "-" . '513';
if ($_POST['f_smb_mapgroup'] == _('Domain Admins')) $_SESSION['account']->smb_mapgroup = $_SESSION[config]->get_domainSID() . "-" . '512';
if ($_POST['f_smb_domain']) $_SESSION['account']->smb_displayName = $_POST['f_smb_domain'];
else $_SESSION['account']->smb_displayName = '';
// Check if values are OK and set automatic values. if not error-variable will be set // Check if values are OK and set automatic values. if not error-variable will be set
list($values, $errors) = checksamba($_SESSION['account'], $_SESSION['type2']); // account.inc list($values, $errors) = checksamba($_SESSION['account'], $_SESSION['type2']); // account.inc
if (is_object($values)) { if (is_object($values)) {
@ -164,11 +170,16 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
if ($val) $_SESSION['account']->$key = $val; if ($val) $_SESSION['account']->$key = $val;
} }
// Check which part Site should be displayed next // Check which part Site should be displayed next
if ($_POST['back']) $select_local = 'unix'; if ($_POST['back'])
switch ($_SESSION['type2']) {
case 'user': $select_local = 'unix'; break;
case 'group': $select_local = 'general'; break;
}
else if ($_POST['next']) else if ($_POST['next'])
if($errors=='') if($errors=='')
switch ($_SESSION['type2']) { switch ($_SESSION['type2']) {
case 'user': $select_local = 'quota'; break; case 'user': $select_local = 'quota'; break;
case 'group': $select_local = 'quota'; break;
case 'host': $select_local = 'final'; break; case 'host': $select_local = 'final'; break;
} }
else $select_local = 'samba'; else $select_local = 'samba';
@ -193,7 +204,8 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
if ($_POST['back']) if ($_POST['back'])
switch ($_SESSION['type2']) { switch ($_SESSION['type2']) {
case 'user': $select_local = 'samba'; break; case 'user': $select_local = 'samba'; break;
case 'group': $select_local = 'general'; break; case 'group': if ($_SESSION['config']->samba3=='yes') $select_local = 'samba';
else $select_local = 'general'; break;
} }
else if ($_POST['next']) else if ($_POST['next'])
if ($errors=='') if ($errors=='')
@ -377,7 +389,6 @@ if ($select_local != 'pdf') {
for ($i=0; $i<sizeof($errors); $i++) StatusMessage($errors[$i][0], $errors[$i][1], $errors[$i][2]); for ($i=0; $i<sizeof($errors); $i++) StatusMessage($errors[$i][0], $errors[$i][1], $errors[$i][2]);
} }
switch ($select_local) { // Select which part of page will be loaded switch ($select_local) { // Select which part of page will be loaded
// general = startpage, general account paramters // general = startpage, general account paramters
// unix = page with all shadow-options and password // unix = page with all shadow-options and password
@ -795,6 +806,47 @@ switch ($select_local) { // Select which part of page will be loaded
<a href="help.php?HelpNumber=438" target="lamhelp">'._('Help').'</a> <a href="help.php?HelpNumber=438" target="lamhelp">'._('Help').'</a>
</td></tr>'."\n"; </td></tr>'."\n";
break; break;
case 'group':
echo '<tr><td>';
echo _('Windows well known group');
echo '</td>'."\n".'<td><select name="f_smb_mapgroup" >';
if ( $_SESSION['account']->smb_mapgroup == $_SESSION[config]->get_domainSID() . "-" . '514' ) {
echo '<option selected> ';
echo _('Domain Guests');
echo "</option>\n"; }
else {
echo '<option> ';
echo _('Domain Guests');
echo "</option>\n";
}
if ( $_SESSION['account']->smb_mapgroup == $_SESSION[config]->get_domainSID() . "-" . '513' ) {
echo '<option selected> ';
echo _('Domain Users');
echo "</option>\n"; }
else {
echo '<option> ';
echo _('Domain Users');
echo "</option>\n";
}
if ( $_SESSION['account']->smb_mapgroup == $_SESSION[config]->get_domainSID() . "-" . '512' ) {
echo '<option selected> ';
echo _('Domain Admins');
echo "</option>\n"; }
else {
echo '<option> ';
echo _('Domain Admins');
echo "</option>\n";
}
echo '</select></td>'."\n".'<td>
<a href="help.php?HelpNumber=464" target="lamhelp">'._('Help').'</a>
</td></tr>'."\n".'<tr><td>';
echo _('Windows Groupname');
echo '</td><td>
<input name="f_smb_domain" type="text" size="30" maxlength="30" value="' . $_SESSION['account']->smb_displayName . '">
</td><td>
<a href="help.php?HelpNumber=465" target="lamhelp">'._('Help').'</a>
</td></tr>'."\n";
break;
case 'host': case 'host':
// set smb_flgasW true because account is host // set smb_flgasW true because account is host
$_SESSION['account']->smb_flagsW = 1; $_SESSION['account']->smb_flagsW = 1;