allow to disable Unix group membership management
This commit is contained in:
Roland Gruber
parent
d6b54ec38b
commit
85f21de260
|
|
@ -1,3 +1,7 @@
|
|||
June 2014 4.6
|
||||
- Unix groups: allow to disable membership management
|
||||
|
||||
|
||||
18.03.2014 4.5
|
||||
- IMAP: allow dynamic admin user names by replacing wildcards with LDAP attributes
|
||||
- Personal: allow to set fields read-only
|
||||
|
|
|
|||
|
|
@ -3229,10 +3229,23 @@ Have fun!
|
|||
|
||||
<para>This module is used to manage Unix group entries. This is the
|
||||
default module to manage Unix groups and uses the nis.schema. Suse
|
||||
users who use the rfc2307bis.schema need to use LAM Pro.</para>
|
||||
users who use the <link
|
||||
linkend="rfc2307bisPosixGroup">rfc2307bis.schema</link> need to use
|
||||
LAM Pro.</para>
|
||||
|
||||
<para><emphasis role="bold">Configuration</emphasis></para>
|
||||
|
||||
<para>Please add the account type "Groups" and then select account
|
||||
module "Unix (posixGroup)".</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/mod_unixGroupConfig1.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para>GID generator: LAM will suggest GID numbers for your accounts.
|
||||
Please note that it may happen that there are duplicate IDs assigned
|
||||
if users create groups at the same time. Use an <ulink
|
||||
|
|
@ -3255,6 +3268,12 @@ Have fun!
|
|||
note that this requires that you install the Samba schema and
|
||||
create an LDAP entry of object class "sambaUnixIdPool".</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Disable membership management: Disables group membership
|
||||
management. This is useful if memberships are e.g. managed via
|
||||
group of names.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<screenshot>
|
||||
|
|
@ -3286,7 +3305,7 @@ Have fun!
|
|||
</screenshot>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<section id="rfc2307bisPosixGroup">
|
||||
<title>Unix groups with rfc2307bis schema (LAM Pro)</title>
|
||||
|
||||
<para>Some applications (e.g. Suse Linux) use the rfc2307bis schema
|
||||
|
|
|
|||
Binary file not shown.
|
Before Width: | Height: | Size: 15 KiB After Width: | Height: | Size: 18 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 18 KiB |
|
|
@ -102,7 +102,7 @@ class posixGroup extends baseModule implements passwordService {
|
|||
}
|
||||
}
|
||||
// group members
|
||||
if ($rawAccounts[$i][$ids['posixGroup_members']] != "") {
|
||||
if (!$this->isBooleanConfigOptionSet('posixGroup_hidememberUid') && ($rawAccounts[$i][$ids['posixGroup_members']] != "")) {
|
||||
if (get_preg($rawAccounts[$i][$ids['posixGroup_members']], 'usernameList')) {
|
||||
$partialAccounts[$i]['memberUid'] = explode(",", $rawAccounts[$i][$ids['posixGroup_members']]);
|
||||
}
|
||||
|
|
@ -218,6 +218,7 @@ class posixGroup extends baseModule implements passwordService {
|
|||
$return->addElement(new htmlTableExtendedInputCheckbox('changegids', $this->changegids, _('Change GID number of users and hosts'), 'changegids'), true);
|
||||
}
|
||||
// group members
|
||||
if (!$this->isBooleanConfigOptionSet('posixGroup_hidememberUid')) {
|
||||
$return->addElement(new htmlOutputText(_("Group members")));
|
||||
$return->addElement(new htmlAccountPageButton(get_class($this), 'user', 'open', _('Edit members')));
|
||||
$return->addElement(new htmlHelpLink('members'), true);
|
||||
|
|
@ -238,6 +239,7 @@ class posixGroup extends baseModule implements passwordService {
|
|||
natcasesort($members);
|
||||
$members = array_map('htmlspecialchars', $members);
|
||||
$return->addElement(new htmlOutputText(implode('<br>', $members), false), true);
|
||||
}
|
||||
// remove button
|
||||
if (!$this->autoAddObjectClasses) {
|
||||
$return->addElement(new htmlSpacer(null, '20px'), true);
|
||||
|
|
@ -371,7 +373,10 @@ class posixGroup extends baseModule implements passwordService {
|
|||
// LDAP aliases
|
||||
$return['LDAPaliases'] = array('commonName' => 'cn');
|
||||
// managed attributes
|
||||
$return['attributes'] = array('gidNumber', $this->passwordAttrName, 'memberUid');
|
||||
$return['attributes'] = array('gidNumber', $this->passwordAttrName);
|
||||
if (!$this->isBooleanConfigOptionSet('posixGroup_hidememberUid')) {
|
||||
$return['attributes'][] = 'memberUid';
|
||||
}
|
||||
if ($this->manageCnAttribute) {
|
||||
$return['attributes'][] = 'cn';
|
||||
}
|
||||
|
|
@ -402,12 +407,15 @@ class posixGroup extends baseModule implements passwordService {
|
|||
$gidGeneratorDN->setRequired(true);
|
||||
$configContainer->addElement($gidGeneratorDN, true);
|
||||
$configContainer->addElement(new htmlTableExtendedInputField(_('Suffix for GID/group name check'), 'posixGroup_gidCheckSuffix', '', 'gidCheckSuffix'), true);
|
||||
$configContainer->addElement(new htmlTableExtendedInputCheckbox('posixGroup_hidememberUid', false, _('Disable membership management'), 'hidememberUid'), true);
|
||||
$return['config_options']['group'] = $configContainer;
|
||||
// available PDF fields
|
||||
$return['PDF_fields'] = array(
|
||||
'gidNumber' => _('GID number'),
|
||||
'memberUid' => _('Group members')
|
||||
);
|
||||
if (!$this->isBooleanConfigOptionSet('posixGroup_hidememberUid')) {
|
||||
$return['PDF_fields']['memberUid'] = _('Group members');
|
||||
}
|
||||
if ($this->manageCnAttribute) {
|
||||
$return['PDF_fields']['cn'] = _('Group name');
|
||||
}
|
||||
|
|
@ -422,12 +430,6 @@ class posixGroup extends baseModule implements passwordService {
|
|||
'help' => 'gidNumber',
|
||||
'example' => '2034'
|
||||
),
|
||||
array(
|
||||
'name' => 'posixGroup_members',
|
||||
'description' => _('Group members'),
|
||||
'help' => 'upload_members',
|
||||
'example' => _('user01,user02,user03')
|
||||
),
|
||||
array(
|
||||
'name' => 'posixGroup_password',
|
||||
'description' => _('Group password'),
|
||||
|
|
@ -435,6 +437,14 @@ class posixGroup extends baseModule implements passwordService {
|
|||
'example' => _('secret')
|
||||
)
|
||||
);
|
||||
if (!$this->isBooleanConfigOptionSet('posixGroup_hidememberUid')) {
|
||||
$return['upload_columns'][] = array(
|
||||
'name' => 'posixGroup_members',
|
||||
'description' => _('Group members'),
|
||||
'help' => 'upload_members',
|
||||
'example' => _('user01,user02,user03')
|
||||
);
|
||||
}
|
||||
if ($this->manageCnAttribute) {
|
||||
array_unshift($return['upload_columns'],
|
||||
array(
|
||||
|
|
@ -512,6 +522,10 @@ class posixGroup extends baseModule implements passwordService {
|
|||
"Text" => _("Here you can enter a filter value. Only entries which contain the filter text will be shown.")
|
||||
. ' ' . _('Possible wildcards are: "*" = any character, "^" = line start, "$" = line end')
|
||||
),
|
||||
'hidememberUid' => array(
|
||||
"Headline" => _('Disable membership management'), 'attr' => 'memberUid',
|
||||
"Text" => _('Disables the group membership management.')
|
||||
),
|
||||
'autoAdd' => array(
|
||||
"Headline" => _("Automatically add this extension"),
|
||||
"Text" => _("This will enable the extension automatically if this profile is loaded.")
|
||||
|
|
|
|||
Loading…
Reference in New Issue