diff --git a/lam/HISTORY b/lam/HISTORY index 4824d0bc..bf8b0bdc 100644 --- a/lam/HISTORY +++ b/lam/HISTORY @@ -1,4 +1,6 @@ September 2018 6.5 + - LAM Pro: + -> Auto deletion of entries with dynamic directory services support (requires PHP 7.2). - Fixed bugs: -> Issue during uppercase login modification (#197) diff --git a/lam/docs/manual-sources/appendix-schema.xml b/lam/docs/manual-sources/appendix-schema.xml index 62124840..e1a8669a 100644 --- a/lam/docs/manual-sources/appendix-schema.xml +++ b/lam/docs/manual-sources/appendix-schema.xml @@ -14,7 +14,7 @@ - + Account type @@ -32,7 +32,7 @@ - + @@ -53,7 +53,7 @@ - + @@ -65,13 +65,13 @@ Part of OpenLDAP installation - + - + @@ -83,13 +83,13 @@ Part of Samba tarball (examples/LDAP/samba.schema) - + - + @@ -97,17 +97,17 @@ user, group, computer - + Samba 4 built-in - + - + @@ -119,13 +119,13 @@ Part of Kolab 2/3 installation - + - + @@ -137,13 +137,13 @@ Part of Asterisk installation - + - + @@ -156,13 +156,13 @@ Part of PyKota installation - + - + @@ -174,13 +174,13 @@ Part of OpenLDAP installation - + - + @@ -198,7 +198,7 @@ - + @@ -210,13 +210,13 @@ Part of libpam-ldap installation - + - + @@ -228,13 +228,13 @@ Part of OpenLDAP installation - + - + @@ -253,7 +253,7 @@ - + @@ -265,13 +265,13 @@ Part of OpenLDAP installation - + - + @@ -289,7 +289,7 @@ - + @@ -303,13 +303,13 @@ url="https://github.com/puppetlabs/puppet/blob/master/ext/ldap/puppet.schema">Puppet on GitHub - + - + @@ -322,13 +322,13 @@ http://middleware.internet2.edu - + - + @@ -340,13 +340,13 @@ Part of OpenLDAP installation - + - + @@ -359,13 +359,13 @@ Included in patch from http://code.google.com/p/openssh-lpk/ - + - + @@ -379,13 +379,13 @@ url="http://sourceforge.net/projects/linuxquota/">Linux DiskQuota - + - + @@ -403,7 +403,7 @@ - + @@ -421,7 +421,7 @@ - + @@ -440,7 +440,7 @@ - + @@ -460,7 +460,7 @@ - + @@ -478,7 +478,7 @@ - + @@ -490,13 +490,13 @@ Part of OpenLDAP installation - + - + @@ -514,7 +514,7 @@ - + @@ -532,7 +532,7 @@ - + @@ -553,7 +553,7 @@ - + @@ -571,7 +571,7 @@ - + @@ -583,13 +583,13 @@ Part of FreeRadius installation - + - + @@ -607,7 +607,7 @@ - + @@ -625,7 +625,7 @@ - + @@ -643,7 +643,7 @@ - + @@ -662,7 +662,7 @@ - + @@ -680,7 +680,7 @@ - + @@ -698,7 +698,7 @@ - + @@ -712,6 +712,25 @@ LAM Pro only + + + + + + + + + All + + dynamicObject + + built-in with DDS module + + Part of LDAP server installation + + LAM Pro only, requires DDS extension on LDAP server + side + diff --git a/lam/docs/manual-sources/chapter-modules.xml b/lam/docs/manual-sources/chapter-modules.xml index eee95be9..b748edd6 100644 --- a/lam/docs/manual-sources/chapter-modules.xml +++ b/lam/docs/manual-sources/chapter-modules.xml @@ -5792,6 +5792,76 @@ OK (10 msec) +
+ Auto delete (LAM Pro) + + This module allows to mark any new entry to be marked for auto + deletion. The cleanup is done by the LDAP server itself. Please note that + this will not delete any relations etc. in other entries (e.g. group + memberships). + + Requirements + + + + PHP 7.2 or later: the module will not be shown if you use an + older PHP version since the required LDAP commands are not + supported. + + + + LDAP server with DDS (Dynamic Directory Services) support: your + LDAP server needs to be configured to allow auto deletion of entries. + See e.g. OpenLDAP + configuration. + + + + Your user has the right to set a deletion date. This is + configured on your LDAP server via ACLs. E.g. OpenLDAP requires manage + rights to attribute "entryTtl". + + + + Restrictions + + The maximum time for auto deletion is one year and six days. This is + a restriction by the DDS standard itself. The deletion date can be + extended for existing accounts but always by a maximum of one year and six + days. + + You should configure the maximum TTL value on your LDAP server as + default is often much less than a year. + + A deletion date on an existing entry cannot be removed but only be + extended. + + Configuration + + You can add the auto delete module to any account type. + + + + Usage + + You can set a deletion time for any new account. Please note the + restrictions above. If you get an error about invalid TTL then you might + have exceeded the maximum TTL. + + Existing accounts cannot be marked for deletion. But you may update + the deletion date on existing accounts that are already marked for + deletion. + + Profile editor can be used to setup a default deletion time. + + + + + + +
+
General information diff --git a/lam/docs/manual-sources/images/mod_autoDelete1.png b/lam/docs/manual-sources/images/mod_autoDelete1.png new file mode 100644 index 00000000..9dbaf87f Binary files /dev/null and b/lam/docs/manual-sources/images/mod_autoDelete1.png differ diff --git a/lam/docs/manual-sources/images/mod_autoDelete2.png b/lam/docs/manual-sources/images/mod_autoDelete2.png new file mode 100644 index 00000000..19de72ab Binary files /dev/null and b/lam/docs/manual-sources/images/mod_autoDelete2.png differ diff --git a/lam/docs/manual-sources/images/schema_autoDelete.png b/lam/docs/manual-sources/images/schema_autoDelete.png new file mode 100644 index 00000000..4ad6a580 Binary files /dev/null and b/lam/docs/manual-sources/images/schema_autoDelete.png differ