WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

added prefix for lamdaemon

This commit is contained in:
Roland Gruber 2019-10-26 17:28:24 +02:00
parent 624c94bff0
commit b91b28d013
7 changed files with 46 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lam/HISTORY
View File

@ -1,4 +1,5 @@
December 2019 7.0 December 2019 7.0
- Lamdaemon can be configured with directory prefix for homedirs
- Fixed bugs: - Fixed bugs:
-> Missing CSS for Duo -> Missing CSS for Duo

24
lam/docs/manual-sources/chapter-configuration.xml
View File

@ -489,6 +489,30 @@
is located. The default rights for new home directories can be set, is located. The default rights for new home directories can be set,
too.</para> too.</para>
<para><emphasis role="bold">Note:</emphasis> This requires lamdaemon
to be installed on the remote server. This comes as separate package
for DEB/RPM. See <link linkend="a_lamdaemon">here</link>.</para>
<para>Script server format:</para>
<itemizedlist>
<listitem>
<para>"server": "server" is the DNS name of your script
server</para>
</listitem>
<listitem>
<para>"server:NAME": NAME is the display name of this
server</para>
</listitem>
<listitem>
<para>"server:NAME:/prefix": /prefix is the directory prefix for
all operations. E.g. creating a home directory "/home/user" would
create "/prefix/home/user" then.</para>
</listitem>
</itemizedlist>
<para>You can provide a fixed user name. If you leave the field empty <para>You can provide a fixed user name. If you leave the field empty
then LAM will use your current account (the account you used to login then LAM will use your current account (the account you used to login
to LAM).</para> to LAM).</para>

2
lam/docs/manual-sources/chapter-installation.xml
View File

@ -610,7 +610,7 @@
intermediate release.</para> intermediate release.</para>
<section> <section>
<title>6.7 -&gt; 6.9</title> <title>6.7 -&gt; 7.0</title>
<para>No actions required.</para> <para>No actions required.</para>
</section> </section>

2
lam/help/help.inc
View File

@ -120,7 +120,7 @@ $helpArray = array (
"218" => array ("Headline" => _("Script servers"), "218" => array ("Headline" => _("Script servers"),
"Text" => _("This is a list of the servers where the lamdaemon scripts are stored. LDAP Account Manager will make a SSH connection to the servers with the user name and password provided at login. Multiple servers are separated by semicolons. You can append a descriptive name after a colon.") . "<br>" "Text" => _("This is a list of the servers where the lamdaemon scripts are stored. LDAP Account Manager will make a SSH connection to the servers with the user name and password provided at login. Multiple servers are separated by semicolons. You can append a descriptive name after a colon.") . "<br>"
. _("If your server runs on another port then add a comma and the port number after the server.") . "<br><br>" . _("If your server runs on another port then add a comma and the port number after the server.") . "<br><br>"
. _("Example") . ": <b>127.0.0.1:LOCAL;192.168.0.2,12345:Servername;192.168.0.5</b>"), . _("Examples") . ": <br><b>my.server.name<br>127.0.0.1:LOCAL;192.168.0.2,12345:Servername<br>my.server.name:SERVER:/prefix</b>"),
"219" => array ("Headline" => _("Rights for the home directory"), "219" => array ("Headline" => _("Rights for the home directory"),
"Text" => _("This defines the rights for the home directories which are created by lamdaemon.")), "Text" => _("This defines the rights for the home directories which are created by lamdaemon.")),
"220" => array ("Headline" => _("Login method"), "220" => array ("Headline" => _("Login method"),

20
lam/lib/modules/posixAccount.inc
View File

@ -722,7 +722,7 @@ class posixAccount extends baseModule implements passwordService {
$this->attributes['uid'][0], $this->attributes['uid'][0],
"home", "home",
"add", "add",
$this->attributes[$homeDirAttr][0], $lamdaemonServer->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0],
"0".$_SESSION['config']->get_scriptRights(), "0".$_SESSION['config']->get_scriptRights(),
$this->attributes['uidNumber'][0], $this->attributes['uidNumber'][0],
$this->attributes['gidNumber'][0]) $this->attributes['gidNumber'][0])
@ -753,9 +753,9 @@ class posixAccount extends baseModule implements passwordService {
$this->attributes['uid'][0], $this->attributes['uid'][0],
"home", "home",
"move", "move",
$this->orig[$homeDirAttr][0], $lamdaemonServer->getHomeDirPrefix() . $this->orig[$homeDirAttr][0],
$this->attributes['uidNumber'][0], $this->attributes['uidNumber'][0],
$this->attributes[$homeDirAttr][0]) $lamdaemonServer->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0])
)); ));
$remote->disconnect(); $remote->disconnect();
// lamdaemon results // lamdaemon results
@ -780,7 +780,7 @@ class posixAccount extends baseModule implements passwordService {
$this->attributes['uid'][0], $this->attributes['uid'][0],
"home", "home",
"chgrp", "chgrp",
$this->attributes[$homeDirAttr][0], $lamdaemonServer->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0],
$this->attributes['uidNumber'][0], $this->attributes['uidNumber'][0],
$this->attributes['gidNumber'][0]) $this->attributes['gidNumber'][0])
)); ));
@ -939,7 +939,7 @@ class posixAccount extends baseModule implements passwordService {
$this->attributes['uid'][0], $this->attributes['uid'][0],
"home", "home",
"rem", "rem",
$this->attributes[$homeDirAttr][0], $lamdaemonServer->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0],
$this->attributes['uidNumber'][0] $this->attributes['uidNumber'][0]
) )
)); ));
@ -1475,7 +1475,7 @@ class posixAccount extends baseModule implements passwordService {
$this->attributes['uid'][0], $this->attributes['uid'][0],
"home", "home",
"add", "add",
$this->attributes[$homeDirAttr][0], $lamdaemonServers[$i]->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0],
"0".$_SESSION['config']->get_scriptRights(), "0".$_SESSION['config']->get_scriptRights(),
$this->attributes['uidNumber'][0], $this->attributes['uidNumber'][0],
$this->attributes['gidNumber'][0]) $this->attributes['gidNumber'][0])
@ -1501,7 +1501,7 @@ class posixAccount extends baseModule implements passwordService {
$this->attributes['uid'][0], $this->attributes['uid'][0],
"home", "home",
"rem", "rem",
$this->attributes[$homeDirAttr][0], $lamdaemonServers[$i]->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0],
$this->attributes['uidNumber'][0] $this->attributes['uidNumber'][0]
) )
)); ));
@ -1657,7 +1657,7 @@ class posixAccount extends baseModule implements passwordService {
$return->addLabel($homeDirLabel); $return->addLabel($homeDirLabel);
$homeServerContainer = new htmlTable(); $homeServerContainer = new htmlTable();
for ($h = 0; $h < sizeof($lamdaemonServers); $h++) { for ($h = 0; $h < sizeof($lamdaemonServers); $h++) {
$homeServerContainer->addElement(new htmlTableExtendedInputCheckbox('createhomedir_' . $h, in_array($lamdaemonServers[$h], $this->lamdaemonServers), $lamdaemonServers[$h]->getLabel(), null, false)); $homeServerContainer->addElement(new htmlTableExtendedInputCheckbox('createhomedir_' . $h, in_array($lamdaemonServers[$h]->getServer(), $this->lamdaemonServers), $lamdaemonServers[$h]->getLabel(), null, false));
if ($h === 0) { if ($h === 0) {
$homeDirHelp = new htmlHelpLink('createhomedir'); $homeDirHelp = new htmlHelpLink('createhomedir');
$homeServerContainer->addElement($homeDirHelp); $homeServerContainer->addElement($homeDirHelp);
@ -1915,7 +1915,7 @@ class posixAccount extends baseModule implements passwordService {
$this->attributes['uid'][0], $this->attributes['uid'][0],
"home", "home",
"check", "check",
$this->attributes[$homeDirAttr][0]) $lamdaemonServers[$i]->getHomeDirPrefix() . $this->attributes[$homeDirAttr][0])
)); ));
$remote->disconnect(); $remote->disconnect();
// lamdaemon results // lamdaemon results
@ -2890,7 +2890,7 @@ class posixAccount extends baseModule implements passwordService {
$data[$pos][$ids['posixAccount_userName']], $data[$pos][$ids['posixAccount_userName']],
"home", "home",
"add", "add",
$accounts[$pos][$homeDirAttr], $remoteServer->getHomeDirPrefix() . $accounts[$pos][$homeDirAttr],
"0".$_SESSION['config']->get_scriptRights(), "0".$_SESSION['config']->get_scriptRights(),
$accounts[$pos]['uidNumber'], $accounts[$pos]['uidNumber'],
$accounts[$pos]['gidNumber'], $accounts[$pos]['gidNumber'],

6
lam/lib/modules/sambaSamAccount.inc
View File

@ -1555,7 +1555,7 @@ class sambaSamAccount extends baseModule implements passwordService {
$this->attributes['uid'][0], $this->attributes['uid'][0],
"home", "home",
"check", "check",
$this->attributes['sambaProfilePath'][0]) $remoteServer->getHomeDirPrefix() . $this->attributes['sambaProfilePath'][0])
)); ));
$remote->disconnect(); $remote->disconnect();
// remote command results // remote command results
@ -1626,7 +1626,7 @@ class sambaSamAccount extends baseModule implements passwordService {
$this->attributes['uid'][0], $this->attributes['uid'][0],
"directory", "directory",
"add", "add",
$this->attributes['sambaProfilePath'][0], $remoteServer->getHomeDirPrefix() . $this->attributes['sambaProfilePath'][0],
"0".$_SESSION['config']->get_scriptRights(), "0".$_SESSION['config']->get_scriptRights(),
$uidNumber, $uidNumber,
$gidNumber) $gidNumber)
@ -1651,7 +1651,7 @@ class sambaSamAccount extends baseModule implements passwordService {
$this->attributes['uid'][0], $this->attributes['uid'][0],
"home", "home",
"rem", "rem",
$this->attributes['sambaProfilePath'][0], $remoteServer->getHomeDirPrefix() . $this->attributes['sambaProfilePath'][0],
$uidNumber $uidNumber
) )
)); ));

8
lam/templates/config/confmain.php
View File

@ -70,7 +70,9 @@ lam_start_session();
setlanguage(); setlanguage();
// get password // get password
if (isset($_POST['passwd'])) $passwd = $_POST['passwd']; if (isset($_POST['passwd'])) {
$passwd = $_POST['passwd'];
}
// check if password was entered // check if password was entered
// if not: load login page // if not: load login page
@ -91,7 +93,9 @@ $conf = &$_SESSION['conf_config'];
if ((!isset($_SESSION['conf_isAuthenticated']) || !($_SESSION['conf_isAuthenticated'] === $conf->getName())) && !$conf->check_Passwd($passwd)) { if ((!isset($_SESSION['conf_isAuthenticated']) || !($_SESSION['conf_isAuthenticated'] === $conf->getName())) && !$conf->check_Passwd($passwd)) {
$sessionKeys = array_keys($_SESSION); $sessionKeys = array_keys($_SESSION);
for ($i = 0; $i < sizeof($sessionKeys); $i++) { for ($i = 0; $i < sizeof($sessionKeys); $i++) {
if (substr($sessionKeys[$i], 0, 5) == "conf_") unset($_SESSION[$sessionKeys[$i]]); if (substr($sessionKeys[$i], 0, 5) == "conf_") {
unset($_SESSION[$sessionKeys[$i]]);
}
} }
$_SESSION['conf_message'] = new htmlStatusMessage('ERROR', _("The password is invalid! Please try again.")); $_SESSION['conf_message'] = new htmlStatusMessage('ERROR', _("The password is invalid! Please try again."));
/** go back to login if password is invalid */ /** go back to login if password is invalid */