support posixAccount/posixGroup on Samba 4
This commit is contained in:
parent
24646635f9
commit
c2bf387275
|
@ -1,5 +1,6 @@
|
||||||
September 2013 4.3
|
September 2013 4.3
|
||||||
- Custom SSL CA certificates can be setup in LAM main configuration
|
- Custom SSL CA certificates can be setup in LAM main configuration
|
||||||
|
- Unix user and group support for Samba 4
|
||||||
- LAM Pro:
|
- LAM Pro:
|
||||||
-> PPolicy: check password history for password reuse
|
-> PPolicy: check password history for password reuse
|
||||||
-> Custom fields: read-only fields for admin interface and file upload for binary data
|
-> Custom fields: read-only fields for admin interface and file upload for binary data
|
||||||
|
|
|
@ -166,8 +166,8 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
// LDAP aliases
|
// LDAP aliases
|
||||||
$return['LDAPaliases'] = array('commonName' => 'cn', 'userid' => 'uid');
|
$return['LDAPaliases'] = array('commonName' => 'cn', 'userid' => 'uid');
|
||||||
// managed attributes
|
// managed attributes
|
||||||
$return['attributes'] = array('uid', 'uidNumber', 'gidNumber', 'homeDirectory',
|
$return['attributes'] = array('uid', 'uidNumber', 'gidNumber', $this->getHomedirAttrName(),
|
||||||
'userPassword', 'loginShell', 'gecos', 'INFO.userPasswordClearText');
|
$this->getPasswordAttrName(), 'loginShell', 'gecos', 'INFO.userPasswordClearText');
|
||||||
if ($this->manageCn()) {
|
if ($this->manageCn()) {
|
||||||
$return['attributes'][] = 'cn';
|
$return['attributes'][] = 'cn';
|
||||||
}
|
}
|
||||||
|
@ -194,7 +194,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
'error_message' => $this->messages['homeDirectory'][0]);
|
'error_message' => $this->messages['homeDirectory'][0]);
|
||||||
// profile mappings
|
// profile mappings
|
||||||
$return['profile_mappings'] = array(
|
$return['profile_mappings'] = array(
|
||||||
'posixAccount_homeDirectory' => 'homeDirectory',
|
'posixAccount_homeDirectory' => $this->getHomedirAttrName(),
|
||||||
'posixAccount_loginShell' => 'loginShell'
|
'posixAccount_loginShell' => 'loginShell'
|
||||||
);
|
);
|
||||||
// configuration options
|
// configuration options
|
||||||
|
@ -587,7 +587,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
if (!isset($this->attributes['uid'][0]) || ($this->attributes['uid'][0] == '')) return false;
|
if (!isset($this->attributes['uid'][0]) || ($this->attributes['uid'][0] == '')) return false;
|
||||||
if (!isset($this->attributes['uidNumber'][0]) || ($this->attributes['uidNumber'][0] == '')) return false;
|
if (!isset($this->attributes['uidNumber'][0]) || ($this->attributes['uidNumber'][0] == '')) return false;
|
||||||
if (!isset($this->attributes['gidNumber'][0]) || ($this->attributes['gidNumber'][0] == '')) return false;
|
if (!isset($this->attributes['gidNumber'][0]) || ($this->attributes['gidNumber'][0] == '')) return false;
|
||||||
if (!isset($this->attributes['homeDirectory'][0]) || ($this->attributes['homeDirectory'][0] == '')) return false;
|
if (!isset($this->attributes[$this->getHomedirAttrName()][0]) || ($this->attributes[$this->getHomedirAttrName()][0] == '')) return false;
|
||||||
if (!isset($this->attributes['loginShell'][0]) || ($this->attributes['loginShell'][0] == '')) return false;
|
if (!isset($this->attributes['loginShell'][0]) || ($this->attributes['loginShell'][0] == '')) return false;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
@ -640,12 +640,13 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
}
|
}
|
||||||
// add information about clear text password and password status change
|
// add information about clear text password and password status change
|
||||||
$return[$this->getAccountContainer()->dn_orig]['info']['userPasswordClearText'][0] = $this->clearTextPassword;
|
$return[$this->getAccountContainer()->dn_orig]['info']['userPasswordClearText'][0] = $this->clearTextPassword;
|
||||||
if (isset($this->orig['userPassword'][0]) && isset($this->attributes['userPassword'][0])) {
|
$pwdAttrName = $this->getPasswordAttrName();
|
||||||
if ((pwd_is_enabled($this->orig['userPassword'][0]) && pwd_is_enabled($this->attributes['userPassword'][0]))
|
if (isset($this->orig[$pwdAttrName][0]) && isset($this->attributes[$pwdAttrName][0])) {
|
||||||
|| (!pwd_is_enabled($this->orig['userPassword'][0]) && !pwd_is_enabled($this->attributes['userPassword'][0]))) {
|
if ((pwd_is_enabled($this->orig[$pwdAttrName][0]) && pwd_is_enabled($this->attributes[$pwdAttrName][0]))
|
||||||
|
|| (!pwd_is_enabled($this->orig[$pwdAttrName][0]) && !pwd_is_enabled($this->attributes[$pwdAttrName][0]))) {
|
||||||
$return[$this->getAccountContainer()->dn_orig]['info']['userPasswordStatusChange'][0] = 'unchanged';
|
$return[$this->getAccountContainer()->dn_orig]['info']['userPasswordStatusChange'][0] = 'unchanged';
|
||||||
}
|
}
|
||||||
elseif (pwd_is_enabled($this->orig['userPassword'][0])) {
|
elseif (pwd_is_enabled($this->orig[$pwdAttrName][0])) {
|
||||||
$return[$this->getAccountContainer()->dn_orig]['info']['userPasswordStatusChange'][0] = 'locked';
|
$return[$this->getAccountContainer()->dn_orig]['info']['userPasswordStatusChange'][0] = 'locked';
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
@ -744,7 +745,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$this->attributes['uid'][0],
|
$this->attributes['uid'][0],
|
||||||
"home",
|
"home",
|
||||||
"add",
|
"add",
|
||||||
$this->attributes['homeDirectory'][0],
|
$this->attributes[$this->getHomedirAttrName()][0],
|
||||||
"0".$_SESSION['config']->get_scriptRights(),
|
"0".$_SESSION['config']->get_scriptRights(),
|
||||||
$this->attributes['uidNumber'][0],
|
$this->attributes['uidNumber'][0],
|
||||||
$this->attributes['gidNumber'][0])
|
$this->attributes['gidNumber'][0])
|
||||||
|
@ -917,7 +918,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$this->attributes['uid'][0],
|
$this->attributes['uid'][0],
|
||||||
"home",
|
"home",
|
||||||
"rem",
|
"rem",
|
||||||
$this->attributes['homeDirectory'][0],
|
$this->attributes[$this->getHomedirAttrName()][0],
|
||||||
$this->attributes['uidNumber'][0]
|
$this->attributes['uidNumber'][0]
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
|
@ -993,9 +994,10 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$errorMessage[] = array($this->orig['uidNumber'][0], $_POST['uidNumber']);
|
$errorMessage[] = array($this->orig['uidNumber'][0], $_POST['uidNumber']);
|
||||||
$errors[] = $errorMessage;
|
$errors[] = $errorMessage;
|
||||||
}
|
}
|
||||||
if (isset($_POST['homeDirectory']) && isset($this->orig['homeDirectory'][0]) && ($this->orig['homeDirectory'][0] != '') && ($_POST['homeDirectory'] != $this->attributes['homeDirectory'][0])) {
|
$homedirAttrName = $this->getHomedirAttrName();
|
||||||
|
if (isset($_POST['homeDirectory']) && isset($this->orig[$homedirAttrName][0]) && ($this->orig[$homedirAttrName][0] != '') && ($_POST['homeDirectory'] != $this->attributes[$homedirAttrName][0])) {
|
||||||
$errorMessage = $this->messages['homeDirectory'][3];
|
$errorMessage = $this->messages['homeDirectory'][3];
|
||||||
$errorMessage[] = array($this->orig['homeDirectory'][0], $_POST['homeDirectory']);
|
$errorMessage[] = array($this->orig[$homedirAttrName][0], $_POST['homeDirectory']);
|
||||||
$errors[] = $errorMessage;
|
$errors[] = $errorMessage;
|
||||||
}
|
}
|
||||||
// get list of DNS names or IPs
|
// get list of DNS names or IPs
|
||||||
|
@ -1012,7 +1014,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (isset($_POST['homeDirectory'])) {
|
if (isset($_POST['homeDirectory'])) {
|
||||||
$this->attributes['homeDirectory'][0] = $_POST['homeDirectory'];
|
$this->attributes[$homedirAttrName][0] = $_POST['homeDirectory'];
|
||||||
}
|
}
|
||||||
// Load attributes
|
// Load attributes
|
||||||
if (isset($_POST['lockPassword'])) {
|
if (isset($_POST['lockPassword'])) {
|
||||||
|
@ -1022,7 +1024,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$this->unlock();
|
$this->unlock();
|
||||||
}
|
}
|
||||||
if (isset($_POST['removePassword'])) {
|
if (isset($_POST['removePassword'])) {
|
||||||
unset($this->attributes['userPassword']);
|
unset($this->attributes[$this->getPasswordAttrName()]);
|
||||||
}
|
}
|
||||||
if ($this->manageCn()) {
|
if ($this->manageCn()) {
|
||||||
$this->attributes['cn'][0] = $_POST['cn'];
|
$this->attributes['cn'][0] = $_POST['cn'];
|
||||||
|
@ -1036,7 +1038,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
if (($this->attributes['uid'][0] != $_POST['uid']) && !get_preg($_POST['uid'], '!upper')) {
|
if (($this->attributes['uid'][0] != $_POST['uid']) && !get_preg($_POST['uid'], '!upper')) {
|
||||||
$errors[] = $this->messages['uid'][1];
|
$errors[] = $this->messages['uid'][1];
|
||||||
}
|
}
|
||||||
if ( !get_preg($this->attributes['homeDirectory'][0], 'homeDirectory' )) {
|
if ( !get_preg($this->attributes[$homedirAttrName][0], 'homeDirectory' )) {
|
||||||
$errors[] = $this->messages['homeDirectory'][0];
|
$errors[] = $this->messages['homeDirectory'][0];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1108,11 +1110,11 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
if ($this->get_scope()=='host') $errors[] = $this->messages['uid'][6];
|
if ($this->get_scope()=='host') $errors[] = $this->messages['uid'][6];
|
||||||
}
|
}
|
||||||
if ($this->get_scope()=='user') {
|
if ($this->get_scope()=='user') {
|
||||||
$this->attributes['homeDirectory'][0] = str_replace('$group', $this->getGroupName($this->attributes['gidNumber'][0]), $this->attributes['homeDirectory'][0]);
|
$this->attributes[$homedirAttrName][0] = str_replace('$group', $this->getGroupName($this->attributes['gidNumber'][0]), $this->attributes[$homedirAttrName][0]);
|
||||||
if ($this->attributes['uid'][0] != '') {
|
if ($this->attributes['uid'][0] != '') {
|
||||||
$this->attributes['homeDirectory'][0] = str_replace('$user', $this->attributes['uid'][0], $this->attributes['homeDirectory'][0]);
|
$this->attributes[$homedirAttrName][0] = str_replace('$user', $this->attributes['uid'][0], $this->attributes[$homedirAttrName][0]);
|
||||||
}
|
}
|
||||||
if ($this->attributes['homeDirectory'][0] != $_POST['homeDirectory']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
|
if ($this->attributes[$homedirAttrName][0] != $_POST['homeDirectory']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
|
||||||
// Check if Username contains only valid characters
|
// Check if Username contains only valid characters
|
||||||
if (!get_preg($this->attributes['uid'][0], 'username'))
|
if (!get_preg($this->attributes['uid'][0], 'username'))
|
||||||
$errors[] = $this->messages['uid'][2];
|
$errors[] = $this->messages['uid'][2];
|
||||||
|
@ -1121,14 +1123,14 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
// Check if Hostname contains only valid characters
|
// Check if Hostname contains only valid characters
|
||||||
if (!get_preg($this->attributes['uid'][0], 'hostname'))
|
if (!get_preg($this->attributes['uid'][0], 'hostname'))
|
||||||
$errors[] = $this->messages['uid'][4];
|
$errors[] = $this->messages['uid'][4];
|
||||||
if (!isset($this->attributes['homeDirectory'][0])) {
|
if (!isset($this->attributes[$homedirAttrName][0])) {
|
||||||
$this->attributes['homeDirectory'][0] = '/dev/null';
|
$this->attributes[$homedirAttrName][0] = '/dev/null';
|
||||||
}
|
}
|
||||||
if (!isset($this->attributes['loginShell'][0])) {
|
if (!isset($this->attributes['loginShell'][0])) {
|
||||||
$this->attributes['loginShell'][0] = '/bin/false';
|
$this->attributes['loginShell'][0] = '/bin/false';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$attributeList = array('homeDirectory');
|
$attributeList = array($homedirAttrName);
|
||||||
if (!$this->isBooleanConfigOptionSet('posixAccount_hidegecos')) {
|
if (!$this->isBooleanConfigOptionSet('posixAccount_hidegecos')) {
|
||||||
$attributeList[] = 'gecos';
|
$attributeList[] = 'gecos';
|
||||||
}
|
}
|
||||||
|
@ -1219,7 +1221,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$this->attributes['uid'][0],
|
$this->attributes['uid'][0],
|
||||||
"home",
|
"home",
|
||||||
"add",
|
"add",
|
||||||
$this->attributes['homeDirectory'][0],
|
$this->attributes[$this->getHomedirAttrName()][0],
|
||||||
"0".$_SESSION['config']->get_scriptRights(),
|
"0".$_SESSION['config']->get_scriptRights(),
|
||||||
$this->attributes['uidNumber'][0],
|
$this->attributes['uidNumber'][0],
|
||||||
$this->attributes['gidNumber'][0])
|
$this->attributes['gidNumber'][0])
|
||||||
|
@ -1245,7 +1247,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$this->attributes['uid'][0],
|
$this->attributes['uid'][0],
|
||||||
"home",
|
"home",
|
||||||
"rem",
|
"rem",
|
||||||
$this->attributes['homeDirectory'][0],
|
$this->attributes[$this->getHomedirAttrName()][0],
|
||||||
$this->attributes['uidNumber'][0]
|
$this->attributes['uidNumber'][0]
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
|
@ -1355,7 +1357,8 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$return->addElement(new htmlHelpLink('addgroup'), true);
|
$return->addElement(new htmlHelpLink('addgroup'), true);
|
||||||
}
|
}
|
||||||
// home directory
|
// home directory
|
||||||
$homedirInput = new htmlTableExtendedInputField(_('Home directory'), 'homeDirectory', $this->attributes['homeDirectory'][0], 'homeDirectory');
|
$homeDir = isset($this->attributes[$this->getHomedirAttrName()][0]) ? $this->attributes[$this->getHomedirAttrName()][0] : '';
|
||||||
|
$homedirInput = new htmlTableExtendedInputField(_('Home directory'), 'homeDirectory', $homeDir, 'homeDirectory');
|
||||||
$homedirInput->setRequired(true);
|
$homedirInput->setRequired(true);
|
||||||
$return->addElement($homedirInput, true);
|
$return->addElement($homedirInput, true);
|
||||||
if (($_SESSION['config']->get_scriptPath() != null) && ($_SESSION['config']->get_scriptPath() != '')) {
|
if (($_SESSION['config']->get_scriptPath() != null) && ($_SESSION['config']->get_scriptPath() != '')) {
|
||||||
|
@ -1391,10 +1394,10 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$return->addElement(new htmlTableExtendedSelect('loginShell', $shelllist, $selectedShell, _('Login shell'), 'loginShell'), true);
|
$return->addElement(new htmlTableExtendedSelect('loginShell', $shelllist, $selectedShell, _('Login shell'), 'loginShell'), true);
|
||||||
}
|
}
|
||||||
// password buttons
|
// password buttons
|
||||||
if (checkIfWriteAccessIsAllowed() && isset($this->attributes['userPassword'][0])) {
|
if (checkIfWriteAccessIsAllowed() && isset($this->attributes[$this->getPasswordAttrName()][0])) {
|
||||||
$return->addElement(new htmlOutputText(_('Password')));
|
$return->addElement(new htmlOutputText(_('Password')));
|
||||||
$pwdContainer = new htmlTable();
|
$pwdContainer = new htmlTable();
|
||||||
if (pwd_is_enabled($this->attributes['userPassword'][0])) {
|
if (pwd_is_enabled($this->attributes[$this->getPasswordAttrName()][0])) {
|
||||||
$pwdContainer->addElement(new htmlButton('lockPassword', _('Lock password')));
|
$pwdContainer->addElement(new htmlButton('lockPassword', _('Lock password')));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
@ -1402,14 +1405,14 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
}
|
}
|
||||||
$pwdContainer->addElement(new htmlButton('removePassword', _('Remove password')));
|
$pwdContainer->addElement(new htmlButton('removePassword', _('Remove password')));
|
||||||
$pwdContainer->colspan = 2;
|
$pwdContainer->colspan = 2;
|
||||||
$return->addElement($pwdContainer);
|
$return->addElement($pwdContainer, true);
|
||||||
}
|
}
|
||||||
// remove button
|
// remove button
|
||||||
if ($this->isOptional()) {
|
if ($this->isOptional()) {
|
||||||
$return->addElement(new htmlSpacer(null, '20px'), true);
|
$return->addElement(new htmlSpacer(null, '20px'), true);
|
||||||
$remButton = new htmlButton('remObjectClass', _('Remove Unix extension'));
|
$remButton = new htmlButton('remObjectClass', _('Remove Unix extension'));
|
||||||
$remButton->colspan = 5;
|
$remButton->colspan = 5;
|
||||||
$return->addElement($remButton);
|
$return->addElement($remButton, true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
@ -1547,7 +1550,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$return = new htmlTable();
|
$return = new htmlTable();
|
||||||
$return->addElement(new htmlOutputText(_('Home directory')));
|
$return->addElement(new htmlOutputText(_('Home directory')));
|
||||||
$return->addElement(new htmlSpacer('5px', null));
|
$return->addElement(new htmlSpacer('5px', null));
|
||||||
$return->addElement(new htmlOutputText($this->attributes['homeDirectory'][0]), true);
|
$return->addElement(new htmlOutputText($this->attributes[$this->getHomedirAttrName()][0]), true);
|
||||||
$return->addElement(new htmlSpacer(null, '10px'), true);
|
$return->addElement(new htmlSpacer(null, '10px'), true);
|
||||||
$homeServerContainer = new htmlTable();
|
$homeServerContainer = new htmlTable();
|
||||||
$homeServerContainer->colspan = 5;
|
$homeServerContainer->colspan = 5;
|
||||||
|
@ -1567,7 +1570,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$this->attributes['uid'][0],
|
$this->attributes['uid'][0],
|
||||||
"home",
|
"home",
|
||||||
"check",
|
"check",
|
||||||
$this->attributes['homeDirectory'][0])
|
$this->attributes[$this->getHomedirAttrName()][0])
|
||||||
),
|
),
|
||||||
$server);
|
$server);
|
||||||
// lamdaemon results
|
// lamdaemon results
|
||||||
|
@ -1744,7 +1747,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$this->addSimplePDFField($return, 'cn', _('Common name'));
|
$this->addSimplePDFField($return, 'cn', _('Common name'));
|
||||||
$this->addSimplePDFField($return, 'uidNumber', _('UID number'));
|
$this->addSimplePDFField($return, 'uidNumber', _('UID number'));
|
||||||
$this->addSimplePDFField($return, 'gidNumber', _('GID number'));
|
$this->addSimplePDFField($return, 'gidNumber', _('GID number'));
|
||||||
$this->addSimplePDFField($return, 'homeDirectory', _('Home directory'));
|
$this->addSimplePDFField($return, 'homeDirectory', _('Home directory'), $this->getHomedirAttrName());
|
||||||
$this->addSimplePDFField($return, 'loginShell', _('Login shell'));
|
$this->addSimplePDFField($return, 'loginShell', _('Login shell'));
|
||||||
$this->addSimplePDFField($return, 'gecos', _('Gecos'));
|
$this->addSimplePDFField($return, 'gecos', _('Gecos'));
|
||||||
if (self::areGroupOfNamesActive()) {
|
if (self::areGroupOfNamesActive()) {
|
||||||
|
@ -1850,6 +1853,8 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
*/
|
*/
|
||||||
function build_uploadAccounts($rawAccounts, $ids, &$partialAccounts, $selectedModules) {
|
function build_uploadAccounts($rawAccounts, $ids, &$partialAccounts, $selectedModules) {
|
||||||
$errors = array();
|
$errors = array();
|
||||||
|
$pwdAttrName = $this->getPasswordAttrName();
|
||||||
|
$homedirAttrName = $this->getHomedirAttrName();
|
||||||
$needAutoUID = array();
|
$needAutoUID = array();
|
||||||
// get list of existing users
|
// get list of existing users
|
||||||
$existingUsers = $this->getUserNames();
|
$existingUsers = $this->getUserNames();
|
||||||
|
@ -1993,10 +1998,10 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
}
|
}
|
||||||
// home directory
|
// home directory
|
||||||
if ($rawAccounts[$i][$ids['posixAccount_homedir']] == "") {
|
if ($rawAccounts[$i][$ids['posixAccount_homedir']] == "") {
|
||||||
$partialAccounts[$i]['homeDirectory'] = '/home/' . $partialAccounts[$i]['uid'];
|
$partialAccounts[$i][$homedirAttrName] = '/home/' . $partialAccounts[$i]['uid'];
|
||||||
}
|
}
|
||||||
elseif (get_preg($rawAccounts[$i][$ids['posixAccount_homedir']], 'homeDirectory')) {
|
elseif (get_preg($rawAccounts[$i][$ids['posixAccount_homedir']], 'homeDirectory')) {
|
||||||
$partialAccounts[$i]['homeDirectory'] = $rawAccounts[$i][$ids['posixAccount_homedir']];
|
$partialAccounts[$i][$homedirAttrName] = $rawAccounts[$i][$ids['posixAccount_homedir']];
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$errMsg = $this->messages['homeDirectory'][2];
|
$errMsg = $this->messages['homeDirectory'][2];
|
||||||
|
@ -2031,7 +2036,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
}
|
}
|
||||||
// password
|
// password
|
||||||
if (($rawAccounts[$i][$ids['posixAccount_password']] != "") && (get_preg($rawAccounts[$i][$ids['posixAccount_password']], 'password'))) {
|
if (($rawAccounts[$i][$ids['posixAccount_password']] != "") && (get_preg($rawAccounts[$i][$ids['posixAccount_password']], 'password'))) {
|
||||||
$partialAccounts[$i]['userPassword'] = pwd_hash($rawAccounts[$i][$ids['posixAccount_password']], $pwd_enabled, $this->moduleSettings['posixAccount_pwdHash'][0]);
|
$partialAccounts[$i][$pwdAttrName] = pwd_hash($rawAccounts[$i][$ids['posixAccount_password']], $pwd_enabled, $this->moduleSettings['posixAccount_pwdHash'][0]);
|
||||||
$partialAccounts[$i]['INFO.userPasswordClearText'] = $rawAccounts[$i][$ids['posixAccount_password']]; // for custom scripts etc.
|
$partialAccounts[$i]['INFO.userPasswordClearText'] = $rawAccounts[$i][$ids['posixAccount_password']]; // for custom scripts etc.
|
||||||
}
|
}
|
||||||
elseif ($rawAccounts[$i][$ids['posixAccount_password']] != "") {
|
elseif ($rawAccounts[$i][$ids['posixAccount_password']] != "") {
|
||||||
|
@ -2093,7 +2098,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
else {
|
else {
|
||||||
$partialAccounts[$i]['description'] = $rawAccounts[$i][$ids['posixAccount_hostName']];
|
$partialAccounts[$i]['description'] = $rawAccounts[$i][$ids['posixAccount_hostName']];
|
||||||
}
|
}
|
||||||
$partialAccounts[$i]['homeDirectory'] = '/dev/null';
|
$partialAccounts[$i][$homedirAttrName] = '/dev/null';
|
||||||
$partialAccounts[$i]['loginShell'] = '/bin/false';
|
$partialAccounts[$i]['loginShell'] = '/bin/false';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -2249,7 +2254,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$data[$pos][$ids['posixAccount_userName']],
|
$data[$pos][$ids['posixAccount_userName']],
|
||||||
"home",
|
"home",
|
||||||
"add",
|
"add",
|
||||||
$accounts[$pos]['homeDirectory'],
|
$accounts[$pos][$this->getHomedirAttrName()],
|
||||||
"0".$_SESSION['config']->get_scriptRights(),
|
"0".$_SESSION['config']->get_scriptRights(),
|
||||||
$accounts[$pos]['uidNumber'],
|
$accounts[$pos]['uidNumber'],
|
||||||
$accounts[$pos]['gidNumber'],
|
$accounts[$pos]['gidNumber'],
|
||||||
|
@ -2488,7 +2493,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
else {
|
else {
|
||||||
$pwdPolicyResult = checkPasswordStrength($_POST['posixAccount_password']);
|
$pwdPolicyResult = checkPasswordStrength($_POST['posixAccount_password']);
|
||||||
if ($pwdPolicyResult === true) {
|
if ($pwdPolicyResult === true) {
|
||||||
$return['mod']['userPassword'][0] = pwd_hash($_POST['posixAccount_password'], true, $this->selfServiceSettings->moduleSettings['posixAccount_pwdHash'][0]);
|
$return['mod'][$this->getPasswordAttrName()][0] = pwd_hash($_POST['posixAccount_password'], true, $this->selfServiceSettings->moduleSettings['posixAccount_pwdHash'][0]);
|
||||||
$return['info']['userPasswordClearText'][0] = $_POST['posixAccount_password'];
|
$return['info']['userPasswordClearText'][0] = $_POST['posixAccount_password'];
|
||||||
if (isset($attributes['shadowLastChange'][0])) {
|
if (isset($attributes['shadowLastChange'][0])) {
|
||||||
$return['mod']['shadowLastChange'][0] = intval(time()/3600/24);
|
$return['mod']['shadowLastChange'][0] = intval(time()/3600/24);
|
||||||
|
@ -2563,7 +2568,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
return array();
|
return array();
|
||||||
}
|
}
|
||||||
$this->clearTextPassword = $password;
|
$this->clearTextPassword = $password;
|
||||||
$this->attributes['userPassword'][0] = pwd_hash($password, true, $this->moduleSettings['posixAccount_pwdHash'][0]);
|
$this->attributes[$this->getPasswordAttrName()][0] = pwd_hash($password, true, $this->moduleSettings['posixAccount_pwdHash'][0]);
|
||||||
return array();
|
return array();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2820,7 +2825,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
* This is the case if a hashed password is set ("{" at the beginning).
|
* This is the case if a hashed password is set ("{" at the beginning).
|
||||||
*/
|
*/
|
||||||
public function isLockable() {
|
public function isLockable() {
|
||||||
if (isset($this->attributes['userPassword'][0]) && pwd_is_lockable($this->attributes['userPassword'][0])) {
|
if (isset($this->attributes[$this->getPasswordAttrName()][0]) && pwd_is_lockable($this->attributes[$this->getPasswordAttrName()][0])) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
|
@ -2832,15 +2837,16 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
* @return boolean password is locked
|
* @return boolean password is locked
|
||||||
*/
|
*/
|
||||||
public function isLocked() {
|
public function isLocked() {
|
||||||
return isset($this->attributes['userPassword'][0]) && !pwd_is_enabled($this->attributes['userPassword'][0]);
|
return isset($this->attributes[$this->getPasswordAttrName()][0]) && !pwd_is_enabled($this->attributes[$this->getPasswordAttrName()][0]);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Locks the user password of this account.
|
* Locks the user password of this account.
|
||||||
*/
|
*/
|
||||||
public function lock() {
|
public function lock() {
|
||||||
if (isset($this->attributes['userPassword'][0])) {
|
$pwdAttrName = $this->getPasswordAttrName();
|
||||||
$this->attributes['userPassword'][0] = pwd_disable($this->attributes['userPassword'][0]);
|
if (isset($this->attributes[$pwdAttrName][0])) {
|
||||||
|
$this->attributes[$pwdAttrName][0] = pwd_disable($this->attributes[$pwdAttrName][0]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2848,8 +2854,9 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
* Unlocks the user password of this account.
|
* Unlocks the user password of this account.
|
||||||
*/
|
*/
|
||||||
public function unlock() {
|
public function unlock() {
|
||||||
if (isset($this->attributes['userPassword'][0])) {
|
$pwdAttrName = $this->getPasswordAttrName();
|
||||||
$this->attributes['userPassword'][0] = pwd_enable($this->attributes['userPassword'][0]);
|
if (isset($this->attributes[$pwdAttrName][0])) {
|
||||||
|
$this->attributes[$pwdAttrName][0] = pwd_enable($this->attributes[$pwdAttrName][0]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2980,6 +2987,40 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
return !$this->manageCn();
|
return !$this->manageCn();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the password attribute.
|
||||||
|
* Usually, this is userPassword. If Windows modules are active this is unixUserPassword.
|
||||||
|
*
|
||||||
|
* @return boolean attribute name
|
||||||
|
*/
|
||||||
|
private function getPasswordAttrName() {
|
||||||
|
$name = 'userPassword';
|
||||||
|
if (isset($_SESSION['config'])) {
|
||||||
|
$conf = $_SESSION['config'];
|
||||||
|
if (in_array('windowsUser', $conf->get_AccountModules($this->get_scope()))) {
|
||||||
|
return 'unixUserPassword';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $name;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the home directory attribute.
|
||||||
|
* Usually, this is homeDirectory. If Windows modules are active this is unixHomeDirectory.
|
||||||
|
*
|
||||||
|
* @return boolean attribute name
|
||||||
|
*/
|
||||||
|
private function getHomedirAttrName() {
|
||||||
|
$name = 'homeDirectory';
|
||||||
|
if (isset($_SESSION['config'])) {
|
||||||
|
$conf = $_SESSION['config'];
|
||||||
|
if (in_array('windowsUser', $conf->get_AccountModules($this->get_scope()))) {
|
||||||
|
return 'unixHomeDirectory';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $name;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
Loading…
Reference in New Issue