check for existing entried with same uid or cn didn only

work if the other uids (cns) were in same OU. Fixed.
Homedirs weren't deleted. Fixed.
Display some info to change gid of files if primary group has
changed.
Display undo only if editing entries
Fixed "Reset Password" Button 4 hosts. Don't jump to general page anymore.
This commit is contained in:
katagia 2003-09-24 20:58:34 +00:00
parent acae184c92
commit b300372178
5 changed files with 103 additions and 36 deletions

View File

@ -1,4 +1,5 @@
general_homedir: /home/$user general_group: admin
general_homedir: /home/$group/$user
general_shell: /bin/bash general_shell: /bin/bash
unix_password_no: 0 unix_password_no: 0
unix_pwdwarn: 10 unix_pwdwarn: 10
@ -11,3 +12,5 @@ smb_password_no: 0
smb_useunixpwd: 1 smb_useunixpwd: 1
smb_flagsD: 1 smb_flagsD: 1
smb_homedrive: U: smb_homedrive: U:
smb_domain: sambaDomainName=test,dc=my-domain,dc=com
quota: /home,10000,10000,500,500;/,20000,20000,1000,1000

View File

@ -220,6 +220,7 @@ function remquotas($user, $type) { // Whis function will remove the quotas from
$towrite = $ldap_q[0].' '.$ldap_q[1].' '.$user.' quota set '; $towrite = $ldap_q[0].' '.$ldap_q[1].' '.$user.' quota set ';
if ($type=='user') $towrite = $towrite.'u '; if ($type=='user') $towrite = $towrite.'u ';
else $towrite = $towrite.'g '; else $towrite = $towrite.'g ';
exec("perl ../../lib/lamdaemon.pl ".$_SESSION['config']->scriptServer ." ".$_SESSION['config']->scriptPath." ".$towrite, $vals); exec("perl ../../lib/lamdaemon.pl ".$_SESSION['config']->scriptServer ." ".$_SESSION['config']->scriptPath." ".$towrite, $vals);
} }
@ -237,7 +238,7 @@ function remhomedir($user) { // Remove Homedirectory
// all other needed vars are taken from remotesystem getusrnam // all other needed vars are taken from remotesystem getusrnam
$ldap_q = $_SESSION['ldap']->decrypt(); $ldap_q = $_SESSION['ldap']->decrypt();
$towrite = $ldap_q[0].' '.$ldap_q[1].' '.$user.' home rem'; $towrite = $ldap_q[0].' '.$ldap_q[1].' '.$user.' home rem';
exec("perl ../../lib/lamdaemon.pl ".$_SESSION['config']->scriptServer ." ".$_SESSION['config']->scriptPath." ".$towrite, $vals); exec("perl ../lib/lamdaemon.pl ".$_SESSION['config']->scriptServer ." ".$_SESSION['config']->scriptPath." ".$towrite, $vals);
} }
function ldapreload($type) { // This function will load an array th cache ldap-requests function ldapreload($type) { // This function will load an array th cache ldap-requests
@ -307,42 +308,48 @@ function ldapexists($values, $type, $values_old=false) { // This function will s
switch ($type) { switch ($type) {
case 'user': case 'user':
ldapreload('user'); ldapreload('user');
$search = 'uid='.$values->general_username.','.$values->general_dn; $search = 'uid='.$values->general_username;
$keys = array_keys($_SESSION['userDN']); $keys = array_keys($_SESSION['userDN']);
unset ($keys[0]); unset ($keys[0]);
$keys = array_values($keys); $keys = array_values($keys);
if ( ($values_old->general_username != $values->general_username) && if ( ($values_old->general_username != $values->general_username) &&
($_SESSION['userDN'][0] != $values->general_username) && ($_SESSION['userDN'][0] != $values->general_username)) {
(in_array($search , $keys)) ) return sprintf (_('%s already exists!'), $type); foreach ($keys as $key)
if ((!$values_old) && if (strstr($key, $search)) return sprintf (_('%s already exists!'), $type);
($_SESSION['userDN'][0] != $values->general_username) && }
(in_array($search , $keys)) ) return sprintf (_('%s already exists!'), $type); if ((!$values_old) && ($_SESSION['userDN'][0] != $values->general_username))
foreach ($keys as $key)
if (strstr($key, $search)) return sprintf (_('%s already exists!'), $type);
break; break;
case 'group': case 'group':
ldapreload('group'); ldapreload('group');
$search = 'cn='.$values->general_username.','.$values->general_dn; $search = 'cn='.$values->general_username;
$keys = array_keys($_SESSION['groupDN']); $keys = array_keys($_SESSION['groupDN']);
unset ($keys[0]); unset ($keys[0]);
$keys = array_values($keys); $keys = array_values($keys);
if ( ($values_old->general_username != $values->general_username) && if ( ($values_old->general_username != $values->general_username) &&
($_SESSION['groupDN'][0] != $values->general_username) && ($_SESSION['groupDN'][0] != $values->general_username)) {
(in_array($search , $keys)) ) return sprintf (_('%s already exists!'), $type); foreach ($keys as $key)
if ((!$values_old) && if (strstr($key, $search)) return sprintf (_('%s already exists!'), $type);
($_SESSION['groupDN'][0] != $values->general_username) && }
(in_array($search , $keys)) ) return sprintf (_('%s already exists!'), $type); if ((!$values_old) && ($_SESSION['groupDN'][0] != $values->general_username))
foreach ($keys as $key)
if (strstr($key, $search)) return sprintf (_('%s already exists!'), $type);
break; break;
case 'host': case 'host':
ldapreload('host'); ldapreload('host');
$search = 'uid='.$values->general_username.','.$values->general_dn; $search = 'uid='.$values->general_username;
$keys = array_keys($_SESSION['hostDN']); $keys = array_keys($_SESSION['hostDN']);
unset ($keys[0]); unset ($keys[0]);
$keys = array_values($keys); $keys = array_values($keys);
if ( ($values_old->general_username != $values->general_username) && if ( ($values_old->general_username != $values->general_username) &&
($_SESSION['hostDN'][0] != $values->general_username) && ($_SESSION['hostDN'][0] != $values->general_username)) {
(in_array($search , $keys)) ) return sprintf (_('%s already exists!'), $type); foreach ($keys as $key)
if ((!$values_old) && if (strstr($key, $search)) return sprintf (_('%s already exists!'), $type);
($_SESSION['hostDN'][0] != $values->general_username) && }
(in_array($search , $keys))) return sprintf (_('%s already exists!'), $type); if ((!$values_old) && ($_SESSION['hostDN'][0] != $values->general_username))
foreach ($keys as $key)
if (strstr($key, $search)) return sprintf (_('%s already exists!'), $type);
break; break;
} }
return 0; return 0;
@ -527,7 +534,11 @@ function loaduser($dn) { // Will load all needed values from an existing account
if (isset($attr['postalCode'][0])) $return->personal_postalCode = utf8_decode($attr['postalCode'][0]); if (isset($attr['postalCode'][0])) $return->personal_postalCode = utf8_decode($attr['postalCode'][0]);
if (isset($attr['postalAddress'][0])) $return->personal_postalAddress = utf8_decode($attr['postalAddress'][0]); if (isset($attr['postalAddress'][0])) $return->personal_postalAddress = utf8_decode($attr['postalAddress'][0]);
if (isset($attr['employeeType'][0])) $return->personal_employeeType = utf8_decode($attr['employeeType'][0]); if (isset($attr['employeeType'][0])) $return->personal_employeeType = utf8_decode($attr['employeeType'][0]);
if (substr(str_replace('{CRYPT}', '',$attr['userPassword'][0]),0,1) == '!' ) $return->unix_deactivated=true; // New password code. should work with every kind of encryption ({CRYPT}, {SHA}
if ( ereg('^[{]([A-Z]|[a-z]|[0-9])+([}!])+', $attr['userPassword'][0])) $return->unix_deactivated=true;
// next line is old code
//if (substr(str_replace('{CRYPT}', '',$attr['userPassword'][0]),0,1) == '!' ) $return->unix_deactivated=true;
if (isset($attr['userPassword'][0])) $return->unix_password = $attr['userPassword'][0]; if (isset($attr['userPassword'][0])) $return->unix_password = $attr['userPassword'][0];
@ -821,12 +832,10 @@ function createuser($values) { // Will create the LDAP-Account
if ($values->personal_employeeType!='') $attr['employeeType'] = utf8_encode($values->personal_employeeType); if ($values->personal_employeeType!='') $attr['employeeType'] = utf8_encode($values->personal_employeeType);
// posixAccount_may shadowAccount_may // posixAccount_may shadowAccount_may
if ($values->unix_password_no) $values->unix_password = ''; if ($values->unix_password_no) $values->unix_password = '';
if ($values->unix_deactivated) $attr['userPassword'] = '{CRYPT}!' . crypt($values->unix_password); if ($values->unix_deactivated) $attr['userPassword'] = '!' . crypt($values->unix_password);
else $attr['userPassword'] = '{CRYPT}' . crypt($values->unix_password);
$attr['shadowLastChange'] = getdays(); // shadowAccount_may $attr['shadowLastChange'] = getdays(); // shadowAccount_may
$attr['loginShell'] = $values->general_shell; // posixAccount_may $attr['loginShell'] = $values->general_shell; // posixAccount_may
$attr['gecos'] = utf8_encode($values->general_gecos); // posixAccount_may $attr['gecos'] = utf8_encode($values->general_gecos); // posixAccount_may
print $attr['gecos'];
$attr['description'] = utf8_encode($values->general_gecos); // posixAccount_may sambaAccount_may $attr['description'] = utf8_encode($values->general_gecos); // posixAccount_may sambaAccount_may
$attr['displayName'] = utf8_encode($values->smb_displayName); // sambaAccount_may $attr['displayName'] = utf8_encode($values->smb_displayName); // sambaAccount_may
@ -932,6 +941,35 @@ function modifyuser($values,$values_old) { // Will modify the LDAP-Account
if ($values->general_homedir != $values_old->general_homedir) if ($values->general_homedir != $values_old->general_homedir)
$attr['homeDirectory'] = $values->general_homedir; // posixAccount_req $attr['homeDirectory'] = $values->general_homedir; // posixAccount_req
// posixAccount_may shadowAccount_may // posixAccount_may shadowAccount_may
// new password code
// Why doesn't ldap encrypt the password if now {???} is given?
// change password if new password is used or account es (un)locked
/*
if ($values->unix_password=='') {
// check if account has been (un)locked
if ($values->unix_deactivated && !$values_old->unix_deactivated) {
// Put ! between {??} andPassword Hash
for ($i=0; $i<strlen($values_old->unix_password); $i++)
if ($values_old->unix_password{$i} == '}') $char = $i;
//$attr['userPassword'] = substr($values_old->unix_password,0,$char). "!". substr($values_old->unix_password,$char+1,-1);
echo $values_old->unix_password."---";
echo substr($values_old->unix_password,0,$char). "!". substr($values_old->unix_password,$char+1,-1);
}
if (!$values->unix_deactivated && $values_old->unix_deactivated) {
// Remov ! between {??} andPassword Hash
for ($i=0; $i<strlen($values_old->unix_password); $i++)
if ($values_old->unix_password{$i} == '}') $char = $i;
$attr['userPassword'] = substr($values_old->unix_password,0,$char). substr($values_old->unix_password,$char+2,-1);
}
}
else {
// Create new password
$attr['shadowLastChange'] = getdays(); // shadowAccount_may
if ($values->unix_deactivated) $attr['userPassword'] = '!'. $values->unix_password;
else $attr['userPassword'] = $values->unix_password;
} */
// old password code
$password_old = str_replace('{CRYPT}', '',$values_old->unix_password); $password_old = str_replace('{CRYPT}', '',$values_old->unix_password);
if (substr($password_old,0,1) == '!' ) $password_old = substr($password_old,1,strlen($password_old)); if (substr($password_old,0,1) == '!' ) $password_old = substr($password_old,1,strlen($password_old));
if ($values->unix_password=='') { if ($values->unix_password=='') {

View File

@ -46,14 +46,12 @@ if (isset($_GET['DN'])) {
$_SESSION['account'] = loadGroupProfile('default'); $_SESSION['account'] = loadGroupProfile('default');
$_SESSION['account'] ->type = 'group'; $_SESSION['account'] ->type = 'group';
if (isset($_SESSION['account_old'])) unset($_SESSION['account_old']); if (isset($_SESSION['account_old'])) unset($_SESSION['account_old']);
$_SESSION['account_old'] = false;
} }
} }
else if (count($_POST)==0) { // Startcondition. groupedit.php was called from outside else if (count($_POST)==0) { // Startcondition. groupedit.php was called from outside
$_SESSION['account'] = loadGroupProfile('default'); $_SESSION['account'] = loadGroupProfile('default');
$_SESSION['account'] ->type = 'group'; $_SESSION['account'] ->type = 'group';
if (isset($_SESSION['account_old'])) unset($_SESSION['account_old']); if (isset($_SESSION['account_old'])) unset($_SESSION['account_old']);
$_SESSION['account_old'] = false;
} }
switch ($_POST['select']) { // Select which part of page should be loaded and check values switch ($_POST['select']) { // Select which part of page should be loaded and check values
@ -572,8 +570,7 @@ switch ($select_local) { // Select which part of page will be loaded
case 'quota': case 'quota':
// Quota Settings // Quota Settings
if (!isset($_SESSION['account']->quota[0]) || (!isset($_SESSION['account']->quota[0][1])) && isset($_SESSION['account_old']) ) { // load quotas
if (!isset($_SESSION['account']->quota)) { // load quotas
$values = getquotas('group', $_SESSION['account']->general_username); $values = getquotas('group', $_SESSION['account']->general_username);
if (is_object($values)) { if (is_object($values)) {
while (list($key, $val) = each($values)) // Set only defined values while (list($key, $val) = each($values)) // Set only defined values
@ -641,6 +638,20 @@ switch ($select_local) { // Select which part of page will be loaded
$disabled = "disabled"; $disabled = "disabled";
} }
} }
if (!isset($_SESSION['account']->quota[0]) || (!isset($_SESSION['account']->quota[0][1])) && isset($_SESSION['account_old']) ) { // load quotas
$values = getquotas('group', $_SESSION['account']->general_username);
if (is_object($values)) {
while (list($key, $val) = each($values)) // Set only defined values
if (isset($val)) $_SESSION['account']->$key = $val;
}
if (is_object($values) && isset($_SESSION['account_old'])) {
while (list($key, $val) = each($values)) // Set only defined values
if (isset($val)) $_SESSION['account_old']->$key = $val;
}
}
echo '<input name="select" type="hidden" value="final">'; echo '<input name="select" type="hidden" value="final">';
echo "<input name=\"select\" type=\"hidden\" value=\"final\">\n"; echo "<input name=\"select\" type=\"hidden\" value=\"final\">\n";
echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >"; echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";

View File

@ -53,7 +53,6 @@ if (isset($_GET['DN'])) {
$_SESSION['account']->general_homedir = '/dev/null'; $_SESSION['account']->general_homedir = '/dev/null';
$_SESSION['account']->general_shell = '/bin/false'; $_SESSION['account']->general_shell = '/bin/false';
if (isset($_SESSION['account_old'])) unset($_SESSION['account_old']); if (isset($_SESSION['account_old'])) unset($_SESSION['account_old']);
$_SESSION['account_old'] = false;
} }
} }
else if (count($_POST)==0) { // Startcondition. hostedit.php was called from outside else if (count($_POST)==0) { // Startcondition. hostedit.php was called from outside
@ -64,7 +63,6 @@ else if (count($_POST)==0) { // Startcondition. hostedit.php was called from out
$_SESSION['account']->general_homedir = '/dev/null'; $_SESSION['account']->general_homedir = '/dev/null';
$_SESSION['account']->general_shell = '/bin/false'; $_SESSION['account']->general_shell = '/bin/false';
if (isset($_SESSION['account_old'])) unset($_SESSION['account_old']); if (isset($_SESSION['account_old'])) unset($_SESSION['account_old']);
$_SESSION['account_old'] = false;
} }
switch ($_POST['select']) { // Select which part of page should be loaded and check values switch ($_POST['select']) { // Select which part of page should be loaded and check values
@ -171,6 +169,7 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
if ($_POST['respass']) { if ($_POST['respass']) {
$_SESSION['account']->unix_password_no=true; $_SESSION['account']->unix_password_no=true;
$_SESSION['account']->smb_password_no=true; $_SESSION['account']->smb_password_no=true;
$select_local = 'samba';
} }
break; break;
case 'final': case 'final':

View File

@ -52,7 +52,6 @@ if (isset($_GET['DN'])) {
$_SESSION['account'] ->type = 'user'; $_SESSION['account'] ->type = 'user';
$_SESSION['account']->smb_flagsW = 0; $_SESSION['account']->smb_flagsW = 0;
if (isset($_SESSION['account_old'])) unset($_SESSION['account_old']); if (isset($_SESSION['account_old'])) unset($_SESSION['account_old']);
$_SESSION['account_old'] = false;
} }
} }
else if (count($_POST)==0) { // Startcondition. useredit.php was called from outside else if (count($_POST)==0) { // Startcondition. useredit.php was called from outside
@ -60,7 +59,6 @@ else if (count($_POST)==0) { // Startcondition. useredit.php was called from out
$_SESSION['account'] ->type = 'user'; $_SESSION['account'] ->type = 'user';
$_SESSION['account']->smb_flagsW = 0; $_SESSION['account']->smb_flagsW = 0;
if (isset($_SESSION['account_old'])) unset($_SESSION['account_old']); if (isset($_SESSION['account_old'])) unset($_SESSION['account_old']);
$_SESSION['account_old'] = false;
} }
@ -1088,7 +1086,7 @@ switch ($select_local) { // Select which part of page will be loaded
break; break;
case 'quota': case 'quota':
// Quota Settings // Quota Settings
if (!isset($_SESSION['account']->quota)) { // load quotas if (!isset($_SESSION['account']->quota[0]) || (!isset($_SESSION['account']->quota[0][1])) && isset($_SESSION['account_old']) ) { // load quotas
$values = getquotas('user', $_SESSION['account']->general_username); $values = getquotas('user', $_SESSION['account']->general_username);
if (is_object($values)) { if (is_object($values)) {
while (list($key, $val) = each($values)) // Set only defined values while (list($key, $val) = each($values)) // Set only defined values
@ -1099,7 +1097,6 @@ switch ($select_local) { // Select which part of page will be loaded
if (isset($val)) $_SESSION['account_old']->$key = $val; if (isset($val)) $_SESSION['account_old']->$key = $val;
} }
} }
echo "<input name=\"select\" type=\"hidden\" value=\"quota\">\n"; echo "<input name=\"select\" type=\"hidden\" value=\"quota\">\n";
echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >"; echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
echo "<table border=0><tr><td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>"; echo "<table border=0><tr><td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>";
@ -1234,6 +1231,19 @@ switch ($select_local) { // Select which part of page will be loaded
$disabled = "disabled"; $disabled = "disabled";
} }
} }
if (!isset($_SESSION['account']->quota[0]) || (!isset($_SESSION['account']->quota[0][1])) && isset($_SESSION['account_old']) ) { // load quotas
$values = getquotas('user', $_SESSION['account']->general_username);
if (is_object($values)) {
while (list($key, $val) = each($values)) // Set only defined values
if (isset($val)) $_SESSION['account']->$key = $val;
}
if (is_object($values) && isset($_SESSION['account_old'])) {
while (list($key, $val) = each($values)) // Set only defined values
if (isset($val)) $_SESSION['account_old']->$key = $val;
}
}
echo '<input name="select" type="hidden" value="final">'; echo '<input name="select" type="hidden" value="final">';
echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >"; echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
echo "<table><tr><td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>"; echo "<table><tr><td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>";
@ -1275,6 +1285,12 @@ switch ($select_local) { // Select which part of page will be loaded
'find / -gid ' . $_SESSION['account_old' ]->general_uidNumber . ' -exec chown ' . $_SESSION['account']->general_uidNumber . ' {} \;'); 'find / -gid ' . $_SESSION['account_old' ]->general_uidNumber . ' -exec chown ' . $_SESSION['account']->general_uidNumber . ' {} \;');
echo '</tr>'."\n"; echo '</tr>'."\n";
} }
if (($_SESSION['account_old']) && ($_SESSION['account']->general_group != $_SESSION['account_old']->general_group)) {
echo '<tr>';
StatusMessage ('INFO', _('Primary group has changed. You have to run the following command as root in order to change existing file-permissions:'),
'find / -uid ' . $_SESSION['account']->general_uidNumber . ' -gid ' . getgid($_SESSION['account_old']->general_group) .' -exec chown ' . $_SESSION['account']->general_uidNumber . ':'.getgid($_SESSION['account' ]->general_group). ' {} \;');
echo '</tr>'."\n";
}
if (($_SESSION['account_old']) && ($_SESSION['account']->general_homedir != $_SESSION['account_old']->general_homedir)) { if (($_SESSION['account_old']) && ($_SESSION['account']->general_homedir != $_SESSION['account_old']->general_homedir)) {
echo '<tr>'; echo '<tr>';
StatusMessage ('INFO', _('Home Directory has changed. You have to run the following command as root in order to change the existing homedirectory:'), StatusMessage ('INFO', _('Home Directory has changed. You have to run the following command as root in order to change the existing homedirectory:'),