added prefix for lamdaemon
This commit is contained in:
parent
624c94bff0
commit
b91b28d013
|
@ -1,4 +1,5 @@
|
||||||
December 2019 7.0
|
December 2019 7.0
|
||||||
|
- Lamdaemon can be configured with directory prefix for homedirs
|
||||||
- Fixed bugs:
|
- Fixed bugs:
|
||||||
-> Missing CSS for Duo
|
-> Missing CSS for Duo
|
||||||
|
|
||||||
|
|
|
@ -489,6 +489,30 @@
|
||||||
is located. The default rights for new home directories can be set,
|
is located. The default rights for new home directories can be set,
|
||||||
too.</para>
|
too.</para>
|
||||||
|
|
||||||
|
<para><emphasis role="bold">Note:</emphasis> This requires lamdaemon
|
||||||
|
to be installed on the remote server. This comes as separate package
|
||||||
|
for DEB/RPM. See <link linkend="a_lamdaemon">here</link>.</para>
|
||||||
|
|
||||||
|
<para>Script server format:</para>
|
||||||
|
|
||||||
|
<itemizedlist>
|
||||||
|
<listitem>
|
||||||
|
<para>"server": "server" is the DNS name of your script
|
||||||
|
server</para>
|
||||||
|
</listitem>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>"server:NAME": NAME is the display name of this
|
||||||
|
server</para>
|
||||||
|
</listitem>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>"server:NAME:/prefix": /prefix is the directory prefix for
|
||||||
|
all operations. E.g. creating a home directory "/home/user" would
|
||||||
|
create "/prefix/home/user" then.</para>
|
||||||
|
</listitem>
|
||||||
|
</itemizedlist>
|
||||||
|
|
||||||
<para>You can provide a fixed user name. If you leave the field empty
|
<para>You can provide a fixed user name. If you leave the field empty
|
||||||
then LAM will use your current account (the account you used to login
|
then LAM will use your current account (the account you used to login
|
||||||
to LAM).</para>
|
to LAM).</para>
|
||||||
|
|
|
@ -610,7 +610,7 @@
|
||||||
intermediate release.</para>
|
intermediate release.</para>
|
||||||
|
|
||||||
<section>
|
<section>
|
||||||
<title>6.7 -> 6.9</title>
|
<title>6.7 -> 7.0</title>
|
||||||
|
|
||||||
<para>No actions required.</para>
|
<para>No actions required.</para>
|
||||||
</section>
|
</section>
|
||||||
|
|
|
@ -120,7 +120,7 @@ $helpArray = array (
|
||||||
"218" => array ("Headline" => _("Script servers"),
|
"218" => array ("Headline" => _("Script servers"),
|
||||||
"Text" => _("This is a list of the servers where the lamdaemon scripts are stored. LDAP Account Manager will make a SSH connection to the servers with the user name and password provided at login. Multiple servers are separated by semicolons. You can append a descriptive name after a colon.") . "<br>"
|
"Text" => _("This is a list of the servers where the lamdaemon scripts are stored. LDAP Account Manager will make a SSH connection to the servers with the user name and password provided at login. Multiple servers are separated by semicolons. You can append a descriptive name after a colon.") . "<br>"
|
||||||
. _("If your server runs on another port then add a comma and the port number after the server.") . "<br><br>"
|
. _("If your server runs on another port then add a comma and the port number after the server.") . "<br><br>"
|
||||||
. _("Example") . ": <b>127.0.0.1:LOCAL;192.168.0.2,12345:Servername;192.168.0.5</b>"),
|
. _("Examples") . ": <br><b>my.server.name<br>127.0.0.1:LOCAL;192.168.0.2,12345:Servername<br>my.server.name:SERVER:/prefix</b>"),
|
||||||
"219" => array ("Headline" => _("Rights for the home directory"),
|
"219" => array ("Headline" => _("Rights for the home directory"),
|
||||||
"Text" => _("This defines the rights for the home directories which are created by lamdaemon.")),
|
"Text" => _("This defines the rights for the home directories which are created by lamdaemon.")),
|
||||||
"220" => array ("Headline" => _("Login method"),
|
"220" => array ("Headline" => _("Login method"),
|
||||||
|
|
|
@ -722,7 +722,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$this->attributes['uid'][0],
|
$this->attributes['uid'][0],
|
||||||
"home",
|
"home",
|
||||||
"add",
|
"add",
|
||||||
$this->attributes[$homeDirAttr][0],
|
$lamdaemonServer->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0],
|
||||||
"0".$_SESSION['config']->get_scriptRights(),
|
"0".$_SESSION['config']->get_scriptRights(),
|
||||||
$this->attributes['uidNumber'][0],
|
$this->attributes['uidNumber'][0],
|
||||||
$this->attributes['gidNumber'][0])
|
$this->attributes['gidNumber'][0])
|
||||||
|
@ -753,9 +753,9 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$this->attributes['uid'][0],
|
$this->attributes['uid'][0],
|
||||||
"home",
|
"home",
|
||||||
"move",
|
"move",
|
||||||
$this->orig[$homeDirAttr][0],
|
$lamdaemonServer->getHomeDirPrefix() . $this->orig[$homeDirAttr][0],
|
||||||
$this->attributes['uidNumber'][0],
|
$this->attributes['uidNumber'][0],
|
||||||
$this->attributes[$homeDirAttr][0])
|
$lamdaemonServer->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0])
|
||||||
));
|
));
|
||||||
$remote->disconnect();
|
$remote->disconnect();
|
||||||
// lamdaemon results
|
// lamdaemon results
|
||||||
|
@ -780,7 +780,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$this->attributes['uid'][0],
|
$this->attributes['uid'][0],
|
||||||
"home",
|
"home",
|
||||||
"chgrp",
|
"chgrp",
|
||||||
$this->attributes[$homeDirAttr][0],
|
$lamdaemonServer->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0],
|
||||||
$this->attributes['uidNumber'][0],
|
$this->attributes['uidNumber'][0],
|
||||||
$this->attributes['gidNumber'][0])
|
$this->attributes['gidNumber'][0])
|
||||||
));
|
));
|
||||||
|
@ -939,7 +939,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$this->attributes['uid'][0],
|
$this->attributes['uid'][0],
|
||||||
"home",
|
"home",
|
||||||
"rem",
|
"rem",
|
||||||
$this->attributes[$homeDirAttr][0],
|
$lamdaemonServer->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0],
|
||||||
$this->attributes['uidNumber'][0]
|
$this->attributes['uidNumber'][0]
|
||||||
)
|
)
|
||||||
));
|
));
|
||||||
|
@ -1475,7 +1475,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$this->attributes['uid'][0],
|
$this->attributes['uid'][0],
|
||||||
"home",
|
"home",
|
||||||
"add",
|
"add",
|
||||||
$this->attributes[$homeDirAttr][0],
|
$lamdaemonServers[$i]->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0],
|
||||||
"0".$_SESSION['config']->get_scriptRights(),
|
"0".$_SESSION['config']->get_scriptRights(),
|
||||||
$this->attributes['uidNumber'][0],
|
$this->attributes['uidNumber'][0],
|
||||||
$this->attributes['gidNumber'][0])
|
$this->attributes['gidNumber'][0])
|
||||||
|
@ -1501,7 +1501,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$this->attributes['uid'][0],
|
$this->attributes['uid'][0],
|
||||||
"home",
|
"home",
|
||||||
"rem",
|
"rem",
|
||||||
$this->attributes[$homeDirAttr][0],
|
$lamdaemonServers[$i]->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0],
|
||||||
$this->attributes['uidNumber'][0]
|
$this->attributes['uidNumber'][0]
|
||||||
)
|
)
|
||||||
));
|
));
|
||||||
|
@ -1657,7 +1657,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$return->addLabel($homeDirLabel);
|
$return->addLabel($homeDirLabel);
|
||||||
$homeServerContainer = new htmlTable();
|
$homeServerContainer = new htmlTable();
|
||||||
for ($h = 0; $h < sizeof($lamdaemonServers); $h++) {
|
for ($h = 0; $h < sizeof($lamdaemonServers); $h++) {
|
||||||
$homeServerContainer->addElement(new htmlTableExtendedInputCheckbox('createhomedir_' . $h, in_array($lamdaemonServers[$h], $this->lamdaemonServers), $lamdaemonServers[$h]->getLabel(), null, false));
|
$homeServerContainer->addElement(new htmlTableExtendedInputCheckbox('createhomedir_' . $h, in_array($lamdaemonServers[$h]->getServer(), $this->lamdaemonServers), $lamdaemonServers[$h]->getLabel(), null, false));
|
||||||
if ($h === 0) {
|
if ($h === 0) {
|
||||||
$homeDirHelp = new htmlHelpLink('createhomedir');
|
$homeDirHelp = new htmlHelpLink('createhomedir');
|
||||||
$homeServerContainer->addElement($homeDirHelp);
|
$homeServerContainer->addElement($homeDirHelp);
|
||||||
|
@ -1915,7 +1915,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$this->attributes['uid'][0],
|
$this->attributes['uid'][0],
|
||||||
"home",
|
"home",
|
||||||
"check",
|
"check",
|
||||||
$this->attributes[$homeDirAttr][0])
|
$lamdaemonServers[$i]->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0])
|
||||||
));
|
));
|
||||||
$remote->disconnect();
|
$remote->disconnect();
|
||||||
// lamdaemon results
|
// lamdaemon results
|
||||||
|
@ -2890,7 +2890,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$data[$pos][$ids['posixAccount_userName']],
|
$data[$pos][$ids['posixAccount_userName']],
|
||||||
"home",
|
"home",
|
||||||
"add",
|
"add",
|
||||||
$accounts[$pos][$homeDirAttr],
|
$remoteServer->getHomeDirPrefix() . $accounts[$pos][$homeDirAttr],
|
||||||
"0".$_SESSION['config']->get_scriptRights(),
|
"0".$_SESSION['config']->get_scriptRights(),
|
||||||
$accounts[$pos]['uidNumber'],
|
$accounts[$pos]['uidNumber'],
|
||||||
$accounts[$pos]['gidNumber'],
|
$accounts[$pos]['gidNumber'],
|
||||||
|
|
|
@ -1555,7 +1555,7 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
$this->attributes['uid'][0],
|
$this->attributes['uid'][0],
|
||||||
"home",
|
"home",
|
||||||
"check",
|
"check",
|
||||||
$this->attributes['sambaProfilePath'][0])
|
$remoteServer->getHomeDirPrefix() . $this->attributes['sambaProfilePath'][0])
|
||||||
));
|
));
|
||||||
$remote->disconnect();
|
$remote->disconnect();
|
||||||
// remote command results
|
// remote command results
|
||||||
|
@ -1626,7 +1626,7 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
$this->attributes['uid'][0],
|
$this->attributes['uid'][0],
|
||||||
"directory",
|
"directory",
|
||||||
"add",
|
"add",
|
||||||
$this->attributes['sambaProfilePath'][0],
|
$remoteServer->getHomeDirPrefix() . $this->attributes['sambaProfilePath'][0],
|
||||||
"0".$_SESSION['config']->get_scriptRights(),
|
"0".$_SESSION['config']->get_scriptRights(),
|
||||||
$uidNumber,
|
$uidNumber,
|
||||||
$gidNumber)
|
$gidNumber)
|
||||||
|
@ -1651,7 +1651,7 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
$this->attributes['uid'][0],
|
$this->attributes['uid'][0],
|
||||||
"home",
|
"home",
|
||||||
"rem",
|
"rem",
|
||||||
$this->attributes['sambaProfilePath'][0],
|
$remoteServer->getHomeDirPrefix() . $this->attributes['sambaProfilePath'][0],
|
||||||
$uidNumber
|
$uidNumber
|
||||||
)
|
)
|
||||||
));
|
));
|
||||||
|
|
|
@ -70,7 +70,9 @@ lam_start_session();
|
||||||
setlanguage();
|
setlanguage();
|
||||||
|
|
||||||
// get password
|
// get password
|
||||||
if (isset($_POST['passwd'])) $passwd = $_POST['passwd'];
|
if (isset($_POST['passwd'])) {
|
||||||
|
$passwd = $_POST['passwd'];
|
||||||
|
}
|
||||||
|
|
||||||
// check if password was entered
|
// check if password was entered
|
||||||
// if not: load login page
|
// if not: load login page
|
||||||
|
@ -91,7 +93,9 @@ $conf = &$_SESSION['conf_config'];
|
||||||
if ((!isset($_SESSION['conf_isAuthenticated']) || !($_SESSION['conf_isAuthenticated'] === $conf->getName())) && !$conf->check_Passwd($passwd)) {
|
if ((!isset($_SESSION['conf_isAuthenticated']) || !($_SESSION['conf_isAuthenticated'] === $conf->getName())) && !$conf->check_Passwd($passwd)) {
|
||||||
$sessionKeys = array_keys($_SESSION);
|
$sessionKeys = array_keys($_SESSION);
|
||||||
for ($i = 0; $i < sizeof($sessionKeys); $i++) {
|
for ($i = 0; $i < sizeof($sessionKeys); $i++) {
|
||||||
if (substr($sessionKeys[$i], 0, 5) == "conf_") unset($_SESSION[$sessionKeys[$i]]);
|
if (substr($sessionKeys[$i], 0, 5) == "conf_") {
|
||||||
|
unset($_SESSION[$sessionKeys[$i]]);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
$_SESSION['conf_message'] = new htmlStatusMessage('ERROR', _("The password is invalid! Please try again."));
|
$_SESSION['conf_message'] = new htmlStatusMessage('ERROR', _("The password is invalid! Please try again."));
|
||||||
/** go back to login if password is invalid */
|
/** go back to login if password is invalid */
|
||||||
|
|
Loading…
Reference in New Issue