checked useredit.php, groupedit.php and delete.php

Now I only need to check mass*.php
2003-10-21 15:36:12 +00:00 · 2003-10-21 15:36:12 +00:00 · d8aeeb9886
parent 3f1a646797
commit d8aeeb9886
4 changed files with 260 additions and 236 deletions
--- a/lam/lib/account.inc
+++ b/lam/lib/account.inc
@ -210,7 +210,7 @@ function getquotas($type,$user='+') {
 	/* scriptServer is the IP to remote-host to which lam should connect via ssh
 	* scriptPath is Path to lamdaemon.pl on remote system
 	*/
-	exec(("perl ".$_SESSION['lampath']."lib/lamdaemon.pl ".$_SESSION['config']->scriptServer ." ".$_SESSION['config']->scriptPath." ".$towrite), $vals, $status);
+	exec("perl ".$_SESSION['lampath']."lib/lamdaemon.pl ".$_SESSION['config']->scriptServer ." ".$_SESSION['config']->scriptPath." ".$towrite, $vals, $status);
 	/* $vals is a string which contains a two dimensional array.
 	* We have to recreate it with explode
 	*
@ -702,6 +702,8 @@ function loaduser($dn) {
 	$return->general_dn = ldap_get_dn($_SESSION['ldap']->server(), $entry);
 	$attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
 	// Set user samba flag
 	$account_new->smb_flagsW = 0;
 	/* Write attributes into $return.
 	* Some values don't have to be set. These are only loaded if they are set
 	*/
@ -1668,8 +1670,9 @@ function createhost($values) {
 	if ($_SESSION['config']->is_samba3()) {
 		// Add all attributes as samba3 objectclass
 		$attr['objectClass'][3] = 'sambaSamAccount';
-		$attr['sambaNTPassword'] = 'NO PASSWORD*****';
+		// "Standard" password for new hosts
-		$attr['sambaLMPassword'] = 'NO PASSWORD*****';
+		$attr['sambaNTPassword'] = '0CB6948805F797BF2A82807973B89537';
 		$attr['sambaLMPassword'] = '01FC5A6BE7BC6929AAD3B435B51404EE';
 		$attr['sambaPwdLastSet'] = time(); // sambaAccount_may
 		$attr['sambaSID'] = $values->smb_domain->SID . "-" . (2 * $values->general_uidNumber + $values->smb_domain->RIDbase); // sambaAccount_may
 		$attr['sambaPrimaryGroupSID'] = $values->smb_domain->SID . "-" . (2 * getgid($values->general_group) + $values->smb_domain->RIDbase +1); // sambaAccount_req
@ -1682,8 +1685,9 @@ function createhost($values) {
 	else {
 		// Add all attributes as samba2.2 objectclass
 		$attr['objectClass'][3] = 'sambaAccount';
-		$attr['ntPassword'] = 'NO PASSWORD*****';
+		// "Standard" password for new hosts
-		$attr['lmPassword'] = 'NO PASSWORD*****';
+		$attr['ntPassword'] = '0CB6948805F797BF2A82807973B89537';
 		$attr['lmPassword'] = '01FC5A6BE7BC6929AAD3B435B51404EE';
 		$attr['pwdLastSet'] = time(); // sambaAccount_may
 		$attr['rid'] = (2 * $values->general_uidNumber + 1000); // sambaAccount_may
 		$attr['primaryGroupID'] = (2 * getgid($values->general_group) + 1001); // sambaAccount_req
@ -1823,8 +1827,9 @@ function modifyhost($values,$values_old) {
 			}
 		// Reset password
 		if ($values->smb_password_no) {
-			$attr['sambaNTPassword'] = 'NO PASSWORD*****';
+			// "Standard" password for new hosts
-			$attr['sambaLMPassword'] = 'NO PASSWORD*****';
+			$attr['sambaNTPassword'] = '0CB6948805F797BF2A82807973B89537';
 			$attr['sambaLMPassword'] = '01FC5A6BE7BC6929AAD3B435B51404EE';
 			$attr['sambaPwdLastSet'] = time(); // sambaAccount_may
 			$attr['userPassword'] = '';
 			$attr['shadowLastChange'] = getdays();
@ -1886,8 +1891,9 @@ function modifyhost($values,$values_old) {
 			if (isset($attr_old['sambaSID'][0])) $attr_rem['sambaSID'] = $attr_old['sambaSID'][0];
 			}
 		if ($values->smb_password_no) {
-			$attr['ntPassword'] = 'NO PASSWORD*****';
+			// "Standard" password for new hosts
-			$attr['lmPassword'] = 'NO PASSWORD*****';
+			$attr['ntPassword'] = '0CB6948805F797BF2A82807973B89537';
 			$attr['lmPassword'] = '01FC5A6BE7BC6929AAD3B435B51404EE';
 			$attr['pwdLastSet'] = time(); // sambaAccount_may
 			$attr['userPassword'] = '';
 			$attr['shadowLastChange'] = getdays();
--- a/lam/templates/account/groupedit.php
+++ b/lam/templates/account/groupedit.php
@ -37,8 +37,8 @@ session_save_path('../../sess');
 // Set correct language, codepages, ....
 setlanguage();
-/* hostaccount.php is using dynamic session varialenames so
+/* groupedit.php is using dynamic session varialenames so
-* we can run several copies of hostaccount.php at the same
+* we can run several copies of groupedit.php at the same
 * time
 * $varkey is the dynamic part of the variable name
 */
@ -56,7 +56,6 @@ $ldap_intern =& $_SESSION['ldap'];
 $config_intern =& $_SESSION['config'];
 $header_intern =& $_SESSION['header'];
 $userDN_intern =& $_SESSION['userDN'];
 // Register Post-Variables as reference
 // $_GET is only valid if groupedit.php was called from grouplist.php
 if (isset($_GET['DN']) && $_GET['DN']!='') {
@ -129,7 +128,6 @@ switch ($_POST['select']) {
 	* general = startpage, general account paramters
 	* samba = page with all samba-related parameters e.g. smbpassword
 	* quota = page with all quota-related parameters e.g. hard file quota
 	* personal = page with all personal-related parametergs, e.g. phone number
 	* final = last page shown before account is created/modified
 	* finish = page shown after account has been created/modified
 	*/
@ -142,11 +140,11 @@ switch ($_POST['select']) {
 				$account_new->unix_memberUid = array_flip($account_new->unix_memberUid);
 				array_unique($account_new->unix_memberUid);
 				$account_new->unix_memberUid = array_flip($account_new->unix_memberUid);
-				// sort user
+				// sort users
 				sort($account_new->unix_memberUid);
 				break;
 				}
-			if (isset($_POST['members']) && isset($_POST['remove'])) { // remove users fromlist
+			if (isset($_POST['members']) && isset($_POST['remove'])) { // remove users from list
 				$account_new->unix_memberUid = array_delete($_POST['members'], $account_new->unix_memberUid);
 				break;
 				}
@ -155,15 +153,14 @@ switch ($_POST['select']) {
 		$select_local = 'groupmembers';
 		break;
 	case 'general':
 		// Write all general attributes into $account_new if no profile should be loaded
 		if (!$_POST['load']) {
 			// Write all general attributes into $account_new if no profile should be loaded
 			$account_new->general_dn = $_POST['f_general_suffix'];
 			$account_new->general_username = $_POST['f_general_username'];
 			$account_new->general_uidNumber = $_POST['f_general_uidNumber'];
 			$account_new->general_gecos = $_POST['f_general_gecos'];
 			// Check if values are OK and set automatic values.  if not error-variable will be set
 			// Check if Groupname contains only valid characters
 			if ( !ereg('^([a-z]|[0-9]|[.]|[-]|[_])*$', $account_new->general_username))
 				$errors[] = array('ERROR', _('Groupname'), _('Groupname contains invalid characters. Valid characters are: a-z, 0-9 and .-_ !'));
@ -369,10 +366,10 @@ do { // X-Or, only one if() can be true
 		}
 	// Go back to listgroups.php
 	if ($_POST['backmain']) {
 		metaRefresh("../lists/listgroups.php");
 		if (isset($_SESSION['account_'.$varkey.'_account_new'])) unset($_SESSION['account_'.$varkey.'_account_new']);
 		if (isset($_SESSION['account_'.$varkey.'_account_old'])) unset($_SESSION['account_'.$varkey.'_account_old']);
 		if (isset($_SESSION['account_'.$varkey.'_final_changegids'])) unset($_SESSION['account_'.$varkey.'_final_changegids']);
 		metaRefresh("../lists/listgroups.php");
 		die;
 		break;
 		}
--- a/lam/templates/account/hostedit.php
+++ b/lam/templates/account/hostedit.php
@ -90,8 +90,8 @@ switch ($_POST['select']) {
 	* final = page which will be displayed if changes were made
 	*/
 	case 'general':
 		// Write all general values into $account_new if no profile should be loaded
 		if (!$_POST['load']) {
 			// Write all general values into $account_new if no profile should be loaded
 			$account_new->general_dn = $_POST['f_general_suffix'];
 			$account_new->general_username = $_POST['f_general_username'];
 			$account_new->general_uidNumber = $_POST['f_general_uidNumber'];
@ -272,9 +272,9 @@ do { // X-Or, only one if() can be true
 		}
 	// Go back to listhosts.php
 	if ($_POST['backmain']) {
 		metaRefresh("../lists/listhosts.php");
 		if (isset($_SESSION['account_'.$varkey.'_account_new'])) unset($_SESSION['account_'.$varkey.'_account_new']);
 		if (isset($_SESSION['account_'.$varkey.'_account_old'])) unset($_SESSION['account_'.$varkey.'_account_old']);
 		metaRefresh("../lists/listhosts.php");
 		die;
 		break;
 		}
--- a/lam/templates/account/useredit.php
+++ b/lam/templates/account/useredit.php
@ -23,6 +23,7 @@ $Id$
  LDAP Account Manager displays table for creating or modifying accounts in LDAP
 */
 // include all needed files
 include_once('../../lib/account.inc'); // File with all account-funtions
 include_once('../../lib/config.inc'); // File with configure-functions
 include_once('../../lib/profiles.inc'); // functions to load and save profiles
@ -30,10 +31,17 @@ include_once('../../lib/status.inc'); // Return error-message
 include_once('../../lib/pdf.inc'); // Return a pdf-file
 include_once('../../lib/ldap.inc'); // LDAP-functions
 // Start session
 session_save_path('../../sess');
@session_start();
 // Set correct language, codepages, ....
 setlanguage();
 /* groupedit.php is using dynamic session varialenames so
 * we can run several copies of groupedit.php at the same
 * time
 * $varkey is the dynamic part of the variable name
 */
 if (!isset($_POST['varkey'])) $varkey = session_id().time();
 	else $varkey = $_POST['varkey'];
@ -45,51 +53,56 @@ if (!isset($_SESSION['account_'.$varkey.'_shelllist'])) $_SESSION['account_'.$va
 // Register Session-Variables with references so we don't net to change to complete code if names changes
 $account_new =& $_SESSION['account_'.$varkey.'_account_new'];
 $shelllist =& $_SESSION['account_'.$varkey.'_shelllist'];
 $final_changegids =& $_SESSION['account_'.$varkey.'_final_changegids'];
 if (is_object($_SESSION['account_'.$varkey.'_account_old'])) $account_old =& $_SESSION['account_'.$varkey.'_account_old'];
 $ldap_intern =& $_SESSION['ldap'];
 $config_intern =& $_SESSION['config'];
 $header_intern =& $_SESSION['header'];
 $hostDN_intern =& $_SESSION['hostDN'];
 $groupDN_intern =& $_SESSION['groupDN'];
-
+// $_GET is only valid if useredit.php was called from userlist.php
 if (isset($_GET['DN']) && $_GET['DN']!='') {
 	// useredit.php should edit an existing account
 	// reset variables
 	if (isset($_SESSION['account_'.$varkey.'_account_old'])) {
 		unset($account_old);
 		unset($_SESSION['account_'.$varkey.'_account_old']);
 		}
 	$_SESSION['account_'.$varkey.'_account_old'] = new account();
 	$account_old =& $_SESSION['account_'.$varkey.'_account_old'];
 	// get "real" DN from variable
 	$DN = str_replace("\'", '',$_GET['DN']);
 	// Load existing group
 	$account_new = loaduser($DN);
 	$account_new ->type = 'user';
 	$account_old = $account_new;
 	$account_new->unix_password='';
 	$account_new->smb_password='';
 	$account_new->smb_flagsW = 0;
 	$account_new->general_dn = substr($account_new->general_dn, strpos($account_new->general_dn, ',')+1);
-	$final_changegids = '';
+	// Display general-page
 	$select_local = 'general';
 	}
-
+// Startcondition. useredit.php was called from outside to create a new group
- else if (count($_POST)==0) { // Startcondition. useredit.php was called from outside
+ else if (count($_POST)==0) {
 	// Create new account object with settings from default profile
 	$account_new = loadUserProfile('default');
 	$account_new ->type = 'user';
 	$account_new->smb_flagsW = 0;
 	// load quotas from profile and check if they are valid
 	if ($config_intern->scriptServer) {
 		// load quotas and check if quotas from profile are valid
 		$values = getquotas('user');
-		if (isset($account_new->quota[0])) { // check quotas from profile
+		if (isset($account_new->quota[0])) {
 			 // check quotas from profile
 			$i=0;
-			// check quota settings
+			// check quota settings, loop for every partition with quotas
 			while (isset($account_new->quota[$i])) {
 				// search if quotas from profile fit to a real quota
 				$found = (-1);
 				for ($j=0; $j<count($values->quota); $j++)
 					if ($values->quota[$j][0]==$account_new->quota[$i][0]) $found = $j;
 				// unset quota from profile if quotas (mointpoint) doesn't exists anymore
 				if ($found==-1) unset($account_new->quota[$i]);
 				else {
 					// Set missing part in quota-array
 					$account_new->quota[$i][1] = $values->quota[$found][1];
 					$account_new->quota[$i][5] = $values->quota[$found][5];
 					$account_new->quota[$i][4] = $values->quota[$found][4];
@ -97,83 +110,87 @@ if (isset($_GET['DN']) && $_GET['DN']!='') {
 					$i++;
 					}
 				}
 			// Beautify array, repair index
 			$account_new->quota = array_values($account_new->quota);
 			}
 		else { // No quotas saved in profile
 			// Display quotas for new users (Quota set to 0)
 			if (is_object($values)) {
 				while (list($key, $val) = each($values)) // Set only defined values
 				if (isset($val)) $account_new->$key = $val;
 				}
 			}
 		}
-	if (isset($_SESSION['account_'.$varkey.'_account_old'])) {
+	// Display general-page
-		unset($account_old);
+	$select_local = 'general';
 		unset($_SESSION['account_'.$varkey.'_account_old']);
 		}
 	}
-switch ($_POST['select']) { // Select which part of page should be loaded and check values
+switch ($_POST['select']) {
-	// general = startpage, general account paramters
+	/* Select which part of page should be loaded and check values
-	// unix = page with all shadow-options and password
+	* groups = page with all groups to which user is additional member
-	// samba = page with all samba-related parameters e.g. smbpassword
+	* workstations = page with all workstations the user is allowed to login
-	// quota = page with all quota-related parameters e.g. hard file quota
+	* general = startpage, general account paramters
-	// personal = page with all personal-related parametergs, e.g. phone number
+	* samba = page with all samba-related parameters e.g. smbpassword
-	// final = last page shown before account is created/modified
+	* quota = page with all quota-related parameters e.g. hard file quota
-	//		if account is modified commands might be ran are shown
+	* personal = page with all personal-related parametergs, e.g. phone number
-	// finish = page shown after account has been created/modified
+	* final = last page shown before account is created/modified
-
+	* finish = page shown after account has been created/modified
 	*/
 	case 'groups':
 		do { // X-Or, only one if() can be true
-			if (isset($_POST['allgroups']) && isset($_POST['add'])) { // Add users to list
+			if (isset($_POST['allgroups']) && isset($_POST['add'])) { // Add groups to list
-				// Add new user
+				// Add new group
 				$account_new->general_groupadd = @array_merge($account_new->general_groupadd, $_POST['allgroups']);
 				// remove doubles
 				$account_new->general_groupadd = @array_flip($account_new->general_groupadd);
 				array_unique($account_new->general_groupadd);
 				$account_new->general_groupadd = @array_flip($account_new->general_groupadd);
-				// sort user
+				// sort groups
 				sort($account_new->general_groupadd);
 				break;
 				}
-			if (isset($_POST['selectedgroups']) && isset($_POST['remove'])) { // remove users fromlist
+			if (isset($_POST['selectedgroups']) && isset($_POST['remove'])) { // remove groups from list
 				$account_new->general_groupadd = array_delete($_POST['selectedgroups'], $account_new->general_groupadd);
 				break;
 				}
 			} while(0);
 		// display group page
 		$select_local = 'groups';
 		break;
 	case 'workstations':
 		do { // X-Or, only one if() can be true
-			if (isset($_POST['hosts']) && isset($_POST['add'])) { // Add users to list
+			if (isset($_POST['hosts']) && isset($_POST['add'])) { // Add workstations to list
 				$temp = str_replace(' ', '', $account_new->smb_smbuserworkstations);
 				$workstations = explode (',', $temp);
 				for ($i=0; $i<count($workstations); $i++)
 					if ($workstations[$i]=='') unset($workstations[$i]);
 				$workstations = array_values($workstations);
-				// Add new hosts
+				// Add new // Add workstations
 				$workstations = array_merge($workstations, $_POST['hosts']);
 				// remove doubles
 				$workstations = array_flip($workstations);
 				array_unique($workstations);
 				$workstations = array_flip($workstations);
-				// sort user
+				// sort workstations
 				sort($workstations);
 				// Recreate workstation string
 				$account_new->smb_smbuserworkstations = $workstations[0];
 				for ($i=1; $i<count($workstations); $i++) {
 					$account_new->smb_smbuserworkstations = $account_new->smb_smbuserworkstations . ", " . $workstations[$i];
 					}
 				// display groupmembers page
 				break;
 				}
-			if (isset($_POST['members']) && isset($_POST['remove'])) { // remove users fromlist
+			if (isset($_POST['members']) && isset($_POST['remove'])) { // remove // Add workstations from list
 				// Put all workstations in array
 				$temp = str_replace(' ', '', $account_new->smb_smbuserworkstations);
 				$workstations = explode (',', $temp);
 				for ($i=0; $i<count($workstations); $i++)
 					if ($workstations[$i]=='') unset($workstations[$i]);
 				$workstations = array_values($workstations);
 				// Remove unwanted workstations from array
 				$workstations = array_delete($_POST['members'], $workstations);
 				// Recreate workstation string
 				$account_new->smb_smbuserworkstations = $workstations[0];
 				for ($i=1; $i<count($workstations); $i++) {
 					$account_new->smb_smbuserworkstations = $account_new->smb_smbuserworkstations . ", " . $workstations[$i];
@ -181,13 +198,12 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
 				break;
 				}
 			} while(0);
 		// display workstations page
 		$select_local = 'workstations';
 		break;
 	case 'general':
 		// Write all general values into $account_new if no profile should be loaded
 		if (!$_POST['load']) {
 			// Write all general values into $account_new if no profile should be loaded
 			$account_new->general_dn = $_POST['f_general_suffix'];
 			$account_new->general_username = $_POST['f_general_username'];
 			$account_new->general_surname = $_POST['f_general_surname'];
@ -197,14 +213,6 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
 			$account_new->general_homedir = $_POST['f_general_homedir'];
 			$account_new->general_shell = $_POST['f_general_shell'];
 			$account_new->general_gecos = $_POST['f_general_gecos'];
 			// Check if Homedir is valid
 			$account_new->general_homedir = str_replace('$group', $account_new->general_group, $account_new->general_homedir);
 			if ($account_new->general_username != '')
 				$account_new->general_homedir = str_replace('$user', $account_new->general_username, $account_new->general_homedir);
 			if ($account_new->general_homedir != $_POST['f_general_homedir']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
 			if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $account_new->general_homedir ))
 				$errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.'));
 			// Check if givenname is valid
 			if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $account_new->general_givenname)) $errors[] = array('ERROR', _('Given name'), _('Given name contains invalid characters'));
 			// Check if surname is valid
@ -234,10 +242,20 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
 				$lastchar = substr($account_new->general_username, strlen($account_new->general_username)-1, 1);
 				// Last character is no number
 				if ( !ereg('^([0-9])+$', $lastchar))
 					/* Last character is no number. Therefore we only have to
 					* add "2" to it.
 					*/
 					$account_new->general_username = $account_new->general_username . '2';
 				 else {
 					/* Last character is a number -> we have to increase the number until we've
 					* found a groupname with trailing number which is not in use.
 					*
 					* $i will show us were we have to split groupname so we get a part
 					* with the groupname and a part with the trailing number
 					*/
 				 	$i=strlen($account_new->general_username)-1;
 					$mark = false;
 					// Set $i to the last character which is a number in $account_new->general_username
 				 	while (!$mark) {
 						if (ereg('^([0-9])+$',substr($account_new->general_username, $i, strlen($account_new->general_username)-$i))) $i--;
 							else $mark=true;
@ -245,23 +263,29 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
 					// increase last number with one
 					$firstchars = substr($account_new->general_username, 0, $i+1);
 					$lastchars = substr($account_new->general_username, $i+1, strlen($account_new->general_username)-$i);
 					// Put username together
 					$account_new->general_username = $firstchars . (intval($lastchars)+1);
 				 	}
 				}
 			// Show warning if lam has changed username
 			if ($account_new->general_username != $_POST['f_general_username']) $errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.'));
-
+			// Check if Homedir is valid
 			$account_new->general_homedir = str_replace('$group', $account_new->general_group, $account_new->general_homedir);
 			if ($account_new->general_username != '')
 				$account_new->general_homedir = str_replace('$user', $account_new->general_username, $account_new->general_homedir);
 			if ($account_new->general_homedir != $_POST['f_general_homedir']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
 			if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $account_new->general_homedir ))
 				$errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.'));
 			// Check if UID is valid. If none value was entered, the next useable value will be inserted
 			$temp = explode(':', checkid($account_new, $account_old));
 			$account_new->general_uidNumber = $temp[0];
 			// true if checkid has returned an error
 			if ($temp[1]!='') $errors[] = explode(';',$temp[1]);
 			// Check if Name-length is OK. minLength=3, maxLength=20
 			if ( !ereg('.{3,20}', $account_new->general_username)) $errors[] = array('ERROR', _('Name'), _('Name must contain between 3 and 20 characters.'));
 			// Check if Name starts with letter
 			if ( !ereg('^([a-z]|[A-Z]).*$', $account_new->general_username))
 				$errors[] = array('ERROR', _('Name'), _('Name contains invalid characters. First character must be a letter'));
 			}
 		break;
 	case 'unix':
@ -311,7 +335,6 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
 			if ((!$account_new->unix_host=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-])+(([,])+([ ])*([a-z]|[A-Z]|[0-9]|[.]|[-])+)*$', $account_new->unix_host))
 				$errors[] = array('ERROR', _('Unix workstations'), _('Unix workstations is invalid.'));
 			}
 		break;
 	case 'samba':
 		// Write all general values into $account_new
@ -328,26 +351,19 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
 		$account_new->smb_smbhome = stripslashes($_POST['f_smb_smbhome']);
 		$account_new->smb_profilePath = stripslashes($_POST['f_smb_profilePath']);
 		$account_new->smb_displayName = $_POST['f_smb_displayName'];
 		if ($_POST['f_smb_flagsW']) $account_new->smb_flagsW = true;
 			else $account_new->smb_flagsW = false;
 		if ($_POST['f_smb_flagsD']) $account_new->smb_flagsD = true;
 			else $account_new->smb_flagsD = false;
 		if ($_POST['f_smb_flagsX']) $account_new->smb_flagsX = true;
 			else $account_new->smb_flagsX = false;
 		if ($config_intern->is_samba3()) {
 			// samba 3 uses object with SID and domainname
 			$samba3domains = $ldap_intern->search_domains($config_intern->get_domainSuffix());
 			for ($i=0; $i<sizeof($samba3domains); $i++)
 				if ($_POST['f_smb_domain'] == $samba3domains[$i]->name) {
 					$account_new->smb_domain = $samba3domains[$i];
 					}
-			}
+			// Check if user is member of a well known windows group
 		else {
 			if (isset($_POST['f_smb_domain'])) $account_new->smb_domain = $_POST['f_smb_domain'];
 				else $account_new->smb_domain = '';
 			}
 		if ($config_intern->is_samba3())
 			switch ($_POST['f_smb_mapgroup']) {
 				case '*'._('Domain Guests'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '514'; break;
 				case '*'._('Domain Users'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '513'; break;
@ -357,7 +373,12 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
 							(2 * getgid($account_new->general_group) + $account_new->smb_domain->RIDbase +1);
 					break;
 				}
-		else
+			}
 		else {
 			// samba 2.2 only uses a string as domainname
 			if (isset($_POST['f_smb_domain'])) $account_new->smb_domain = $_POST['f_smb_domain'];
 				else $account_new->smb_domain = '';
 			// Check if user is member of a well known windows group
 			switch ($_POST['f_smb_mapgroup']) {
 				case '*'._('Domain Guests'): $account_new->smb_mapgroup = '514'; break;
 				case '*'._('Domain Users'): $account_new->smb_mapgroup = '513'; break;
@ -366,30 +387,27 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
 					$account_new->smb_mapgroup = (2 * getgid($account_new->general_group) + 1001);
 					break;
 				}
-
+			}
-
+		// Set samba password
 		$smb_password = $_POST['f_smb_password'];
 		// Decrypt unix-password if needed password
 		$iv = base64_decode($_COOKIE["IV"]);
 		$key = base64_decode($_COOKIE["Key"]);
 		if ( ($account_new->smb_useunixpwd && !$account_old) || ($account_new->smb_useunixpwd && $account_new->unix_password!='') ) {
-			$smb_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($account_new->unix_password), MCRYPT_MODE_ECB, $iv);
+			// Set Samba-Password to unix-password if option is set
-			$smb_password = str_replace(chr(00), '', $smb_password);
+			$unix_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($account_new->unix_password), MCRYPT_MODE_ECB, $iv);
 			$smb_password = str_replace(chr(00), '', $unix_password);
 			}
 		// Check values
 		$account_new->smb_scriptPath = str_replace('$user', $account_new->general_username, $account_new->smb_scriptPath);
 		$account_new->smb_scriptPath = str_replace('$group', $account_new->general_group, $account_new->smb_scriptPath);
 		if ($account_new->smb_scriptPath != $_POST['f_smb_scriptpath']) $errors[] = array('INFO', _('Script path'), _('Inserted user- or groupname in scriptpath.'));
 		$account_new->smb_profilePath = str_replace('$user', $account_new->general_username, $account_new->smb_profilePath);
 		$account_new->smb_profilePath = str_replace('$group', $account_new->general_group, $account_new->smb_profilePath);
 		if ($account_new->smb_profilePath != stripslashes($_POST['f_smb_profilePath'])) $errors[] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.'));
 		$account_new->smb_smbhome = str_replace('$user', $account_new->general_username, $account_new->smb_smbhome);
 		$account_new->smb_smbhome = str_replace('$group', $account_new->general_group, $account_new->smb_smbhome);
 		if ($account_new->smb_smbhome != stripslashes($_POST['f_smb_smbhome'])) $errors[] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.'));
 		if ( (!$account_new->smb_smbhome=='') && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+)+$', $account_new->smb_smbhome)))
 				$errors[] = array('ERROR', _('Home path'), _('Home path is invalid.'));
 		if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$',
@ -403,12 +421,10 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
 		if ((!$account_new->smb_domain=='') && (!is_object($account_new->smb_domain)) && !ereg('^([a-z]|[A-Z]|[0-9]|[-])+$', $account_new->smb_domain))
 			$errors[] = array('ERROR', _('Domain name'), _('Domain name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.'));
 		if ($account_new->smb_useunixpwd) $account_new->smb_useunixpwd = 1; else $account_new->smb_useunixpwd = 0;
 		if (($account_new->smb_displayName=='') && isset($account_new->general_gecos)) {
 			$account_new->smb_displayName = $account_new->general_gecos;
 			$errors[] = array('INFO', _('Display name'), _('Inserted gecos-field as display name.'));
 			}
 		if ($smb_password!='') {
 			// Encrypt password
 			$account_new->smb_password = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $smb_password,
@ -419,6 +435,7 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
 	case 'quota':
 		// Write all general values into $account_new
 		$i=0;
 		// loop for every mointpoint with quotas
 		while ($account_new->quota[$i][0]) {
 			$account_new->quota[$i][2] = $_POST['f_quota_'.$i.'_2'];
 			$account_new->quota[$i][3] = $_POST['f_quota_'.$i.'_3'];
@ -436,7 +453,6 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
 			$i++;
 			}
 		break;
 	case 'personal':
 		// Write all general values into $account_new
 		$account_new->personal_title = $_POST['f_personal_title'];
@ -459,16 +475,13 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
 		if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $account_new->personal_employeeType))  $errors[] = array('ERROR', _('Employee type'), _('Please enter a valid employee type!'));
 		if ( !ereg('^([0-9]|[A-Z]|[a-z])*$', $account_new->personal_postalCode))  $errors[] = array('ERROR', _('Postal code'), _('Please enter a valid postal code!'));
 		break;
 	case 'final':
 		// Write all general values into $account_new
 		if ($_POST['f_final_changegids']) $final_changegids = $_POST['f_final_changegids'] ;
 		// Check which part Site should be displayed next
 		break;
 	case 'finish':
 		// Check if pdf-file should be created
 		if ($_POST['outputpdf']) {
-			// Quota Settings
+			// Load quotas if not yet done because they are needed for the pdf-file
 			if ($config_intern->scriptServer && !isset($account_new->quota[0])) { // load quotas
 				$values = getquotas('user', $account_old->general_username);
 				if (is_object($values)) {
@ -480,7 +493,9 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
 						if (isset($val)) $account_old->$key = $val;
 					}
 				}
-			createUserPDF(array($account_new));
+			// Create / display PDf-file
 			createUSerPDF(array($account_new));
 			// Stop script
 			die;
 			}
 		break;
@ -490,50 +505,96 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
 do { // X-Or, only one if() can be true
 	if ($_POST['next_general']) {
 		// Go from general to next page if no error did ocour
 		if (!is_array($errors)) $select_local='general';
 			else $select_local=$_POST['select'];
 		break;
 		}
 	if ($_POST['next_unix']) {
 		// Go from unix to next page if no error did ocour
 		if (!is_array($errors)) $select_local='unix';
 			else $select_local=$_POST['select'];
 		break;
 		}
 	if ($_POST['next_samba']) {
 		// Go from samba to next page if no error did ocour
 		if (!is_array($errors)) $select_local='samba';
 			else $select_local=$_POST['select'];
 		break;
 		}
 	if ($_POST['next_quota']) {
 		// Go from quota to next page if no error did ocour
 		if (!is_array($errors)) $select_local='quota';
 			else $select_local=$_POST['select'];
 		break;
 		}
 	if ($_POST['next_personal']) {
 		// Go from personal to next page if no error did ocour
 		if (!is_array($errors)) $select_local='personal';
 			else $select_local=$_POST['select'];
 		break;
 		}
 	if ($_POST['next_final']) {
 		// Go from final to next page if no error did ocour
 		if (($account_old) && ($account_new->general_uidNumber != $account_old->general_uidNumber))
 			$errors[] = array('INFO', _('UID-number has changed. You have to run the following command as root in order to change existing file-permissions:'),
 				'find / -gid ' . $account_old->general_uidNumber . ' -exec chown ' . $account_new->general_uidNumber . ' {} \;');
 		if (($account_old) && ($account_new->general_group != $account_old->general_group))
 			$errors[] = array('INFO', _('Primary group has changed. You have to run the following command as root in order to change existing file-permissions:'),
 				'find / -uid ' . $account_new->general_uidNumber . ' -gid ' . getgid($account_old->general_group) .' -exec chown ' . $account_new->general_uidNumber . ':'.getgid($account_new->general_group). ' {} \;');
 		if (($account_old) && ($account_new->general_homedir != $account_old->general_homedir))
 			$errors[] = array('INFO', _('Home Directory has changed. You have to run the following command as root in order to change the existing homedirectory:'),
 				'mv ' . $account_old->general_homedir . ' ' . $account_new->general_homedir);
 		if ($config_intern->is_samba3() && !isset($account_new->smb_domain))
 			// Samba page not viewed; can not create user because if missing options
 			$errors[] = array("ERROR", _("Samba Options not set!"), _("Please check settings on samba page."));
 		else {
 			$found = false;
 			if (strstr($account_new->smb_scriptPath, '$group')) $found = true;
 			if (strstr($account_new->smb_scriptPath, '$user')) $found = true;
 			if (strstr($account_new->smb_profilePath, '$group')) $found = true;
 			if (strstr($account_new->smb_profilePath, '$user')) $found = true;
 			if (strstr($account_new->smb_smbhome, '$group')) $found = true;
 			if (strstr($account_new->smb_smbhome, '$user')) $found = true;
 			if ($found)
 				// Samba page not viewed; can not create group because if missing options
 				$errors[] = array("ERROR", _("Samba Options not set!"), _("Please check settings on samba page."));
 			}
 		if (isset($account_old->general_objectClass)) {
 			if (!in_array('posixAccount', $account_old->general_objectClass))
 				$errors[] = array('WARN', _('ObjectClass posixAccount not found.'), _('Have to add objectClass posixAccount.'));
 			if (!in_array('shadowAccount', $account_old->general_objectClass))
 				$errors[] = array('WARN', _('ObjectClass shadowAccount.'), _('Have to add objectClass shadowAccount.'));
 			if ($config_intern->is_samba3()) {
 				if (!in_array('sambaSamAccount', $account_old->general_objectClass))
 					$errors[] = array('WARN', _('ObjectClass sambaSamAccount not found.'), _('Have to add objectClass sambaSamAccount. USer with sambaAccount will be updated.'));
 				}
 			else {
 				if (!in_array('sambaAccount', $account_old->general_objectClass))
 					$errors[] = array('WARN', _('ObjectClass sambaAccount not found.'), _('Have to add objectClass sambaAccount. User with sambaSamAccount will be set back to sambaAccount.'));
 				}
 			}
 		if (!is_array($errors)) $select_local='final';
 			else $select_local=$_POST['select'];
 		break;
 		}
 	if ($_POST['next_workstations']) {
 		// Go from workstations to next page if no error did ocour
 		if (!is_array($errors)) $select_local='workstations';
 			else $select_local=$_POST['select'];
 		break;
 		}
 	if ($_POST['next_groups']) {
 		// Go from groups to next page if no error did ocour
 		if (!is_array($errors)) $select_local='groups';
 			else $select_local=$_POST['select'];
 		break;
 		}
 	// Reset account to original settings if undo-button was pressed
 	if ($_POST['next_reset']) {
 		$account_new = $account_old;
 		$account_new->unix_password='';
 		$account_new->smb_password='';
 		$account_new->smb_flagsW = 0;
 		$account_new->general_dn = substr($account_new->general_dn, strpos($account_new->general_dn, ',')+1);
 		$select_local = $_POST['select'];
 		break;
@ -542,19 +603,22 @@ do { // X-Or, only one if() can be true
 		// Create or modify an account
 		if ($account_old) $result = modifyuser($account_new,$account_old);
 			 else $result = createuser($account_new); // account.inc
-		if ( $result==1 || $result==3 ) $select_local = 'finish';
+		if ( $result==4 || $result==5 ) $select_local = 'final';
-			else $select_local = 'final';
+			else $select_local = 'finish';
 		break;
 		}
 	// Load Profile and reset all attributes to settings in profile
 	if ($_POST['createagain']) {
 		$select_local='general';
 		unset ($_SESSION['account_'.$varkey.'_account_new']);
 		unset($account_new);
-		$account_new = loadUserProfile('default');
+		$_SESSION['account_'.$varkey.'_account_new'] = loadUserProfile('default');
 		$account_new =& $_SESSION['account_'.$varkey.'_account_new'];
 		$account_new ->type = 'user';
 		break;
 		}
 	// Load Profile and reset all attributes to settings in profile
 	if ($_POST['load']) {
 		// load profile
 		$account_new->general_dn = $_POST['f_general_suffix'];
 		$account_new->general_username = $_POST['f_general_username'];
 		$account_new->general_surname = $_POST['f_general_surname'];
@ -578,27 +642,28 @@ do { // X-Or, only one if() can be true
 		$account_new->smb_scriptPath = str_replace('$group', $account_new->general_group, $account_new->smb_scriptPath);
 		if ($account_new->general_username != '')
 			$account_new->smb_scriptPath = str_replace('$user', $account_new->general_username, $account_new->smb_scriptPath);
 		$account_new->smb_profilePath = str_replace('$group', $account_new->general_group, $account_new->smb_profilePath);
 		if ($account_new->general_username != '')
 			$account_new->smb_profilePath = str_replace('$user', $account_new->general_username, $account_new->smb_profilePath);
 		$account_new->smb_smbhome = str_replace('$group', $account_new->general_group, $account_new->smb_smbhome);
 		if ($account_new->general_username != '')
 			$account_new->smb_smbhome = str_replace('$user', $account_new->general_username, $account_new->smb_smbhome);
 		if ($config_intern->scriptServer) {
-			// load quotas from profile and check if they are valid
+			// load quotas and check if quotas from profile are valid
-			$values = getquotas('user', $account_old->general_username);
+			$values = getquotas('user');
-			if (isset($account_new->quota[0])) { // check quotas from profile
+			if (isset($account_new->quota[0])) {
 				 // check quotas from profile
 				$i=0;
-				// check quota settings
+				// check quota settings, loop for every partition with quotas
 				while (isset($account_new->quota[$i])) {
 					// search if quotas from profile fit to a real quota
 					$found = (-1);
 					for ($j=0; $j<count($values->quota); $j++)
 						if ($values->quota[$j][0]==$account_new->quota[$i][0]) $found = $j;
 					// unset quota from profile if quotas (mointpoint) doesn't exists anymore
 					if ($found==-1) unset($account_new->quota[$i]);
 					else {
 						// Set missing part in quota-array
 						$account_new->quota[$i][1] = $values->quota[$found][1];
 						$account_new->quota[$i][5] = $values->quota[$found][5];
 						$account_new->quota[$i][4] = $values->quota[$found][4];
@ -606,27 +671,35 @@ do { // X-Or, only one if() can be true
 						$i++;
 						}
 					}
 				// Beautify array, repair index
 				$account_new->quota = array_values($account_new->quota);
 				}
 			else { // No quotas saved in profile
 				// Display quotas for new users (Quota set to 0)
 				if (is_object($values)) {
 					while (list($key, $val) = each($values)) // Set only defined values
 					if (isset($val)) $account_new->$key = $val;
 					}
 				}
 			$account_old->quota = $values->quota;
 			}
 		// select general page after group has been loaded
 		$select_local='general';
 		break;
 		}
 	// Save Profile
 	if ($_POST['save']) {
 		// save profile
-		saveUserProfile($account_new, $_POST['f_finish_safeProfile']);
+		if ($_POST['f_finish_safeProfile']=='')
 			$errors[] = array('ERROR', _('Save profile'), _('No profilename given.'));
 		else {
 			saveUSerProfile($account_new, $_POST['f_finish_safeProfile']);
 			$errors[] = array('INFO', _('Save profile'), _('New profile created.'));
 			}
 		// select last page displayed before user is created
 		$select_local='final';
 		break;
 		}
 	// Go back to listgroups.php
 	if ($_POST['backmain']) {
 		if (isset($_SESSION['account_'.$varkey.'_account_new'])) unset($_SESSION['account_'.$varkey.'_account_new']);
 		if (isset($_SESSION['account_'.$varkey.'_account_old'])) unset($_SESSION['account_'.$varkey.'_account_old']);
@ -636,7 +709,6 @@ do { // X-Or, only one if() can be true
 		die;
 		break;
 		}
 	if (!$select_local) $select_local='general';
 	} while(0);
@ -652,31 +724,38 @@ echo "</title>\n".
 	"<form action=\"useredit.php\" method=\"post\">\n".
 	"<input name=\"varkey\" type=\"hidden\" value=\"".$varkey."\">\n";
 // Display errir-messages
 if (is_array($errors))
 	for ($i=0; $i<sizeof($errors); $i++) StatusMessage($errors[$i][0], $errors[$i][1], $errors[$i][2]);
 // print_r($account_new);
 // print_r($_POST);
 switch ($select_local) { // Select which part of page will be loaded
 	// general = startpage, general account paramters
 	// unix = page with all shadow-options and password
 	// samba = page with all samba-related parameters e.g. smbpassword
 	// quota = page with all quota-related parameters e.g. hard file quota
 	// personal = page with all personal-related parametergs, e.g. phone number
 	// final = last page shown before account is created/modified
 	//		if account is modified commands might be ran are shown
 	// finish = page shown after account has been created/modified
 switch ($select_local) {
 	/* Select which part of page should be loaded and check values
 	* groups = page with all groups to which user is additional member
 	* workstations = page with all workstations the user is allowed to login
 	* general = startpage, general account paramters
 	* samba = page with all samba-related parameters e.g. smbpassword
 	* quota = page with all quota-related parameters e.g. hard file quota
 	* personal = page with all personal-related parametergs, e.g. phone number
 	* final = last page shown before account is created/modified
 	* finish = page shown after account has been created/modified
 	*/
 	case 'workstations':
 		// Validate cache-array
 		ldapreload('host');
 		// Get copy of cache-array
 		$temp2 = $hostDN_intern;
 		// unset timestamp stored in $temp2[0]
 		unset($temp2[0]);
 		// Remove $ from workstations
 		foreach ($temp2 as $temp) $hosts[] = str_replace("$", '',$temp['cn']);
 		// sort workstations
 		sort($hosts, SORT_STRING);
 		// get workstation array
 		$temp = str_replace(' ', '', $account_new->smb_smbuserworkstations);
 		$workstations = explode (',', $temp);
 		// Remove workstations to which the user is allowed to login from array
 		$hosts = array_delete($workstations, $hosts);
 		echo '<input name="select" type="hidden" value="workstations">';
 		echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
@ -706,6 +785,7 @@ switch ($select_local) { // Select which part of page will be loaded
 		echo "<fieldset class=\"useredit-bright\"><legend class=\"useredit-bright\">";
 		echo _("Allowed workstations");
 		echo "</legend>\n";
 		// display all workstations the user is allowed to login
 		if (count($workstations)!=0) {
 			echo "<select name=\"members[]\" class=\"useredit-bright\" size=15 multiple>\n";
 			for ($i=0; $i<count($workstations); $i++)
@ -720,6 +800,7 @@ switch ($select_local) { // Select which part of page will be loaded
 		echo "<td valign=\"top\"><fieldset class=\"useredit-bright\"><legend class=\"useredit-bright\">";
 		echo _('Available workstations');
 		echo "</legend>\n";
 		// Display all workstations without these the user is allowed to login
 		if (count($hosts)!=0) {
 			echo "<select name=\"hosts[]\" size=15 multiple class=\"useredit-bright\">\n";
 			foreach ($hosts as $temp) echo "		<option>$temp</option>\n";
@ -729,18 +810,23 @@ switch ($select_local) { // Select which part of page will be loaded
 		echo "<input name=\"next_samba\" type=\"submit\" value=\""; echo _('Back'); echo "\">\n";
 		echo "</fieldset></td></tr></table>\n</td></tr>\n</table>\n";
 		break;
 	case 'groups':
 		// Validate cache-array
 		ldapreload('group');
 		// Get copy of cache-array
 		$temp2 = $groupDN_intern;
 		// unset timestamp stored in $temp2[0]
 		unset($temp2[0]);
 		// load list with all groups
 		foreach ($temp2 as $temp) $groups[] = $temp['cn'];
 		// sort groups
 		sort($groups, SORT_STRING);
 		// remove groups the user is member of from grouplist
 		$groups = array_delete($account_new->general_groupadd, $groups);
 		// Remove primary group from grouplist
 		$groups = array_flip($groups);
-		unset ($groups[$account_new->general_group]);
+		if (isset($groups[$account_new->general_group])) unset ($groups[$account_new->general_group]);
 		$groups = array_flip($groups);
 		echo '<input name="select" type="hidden" value="groups">';
 		echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
 		echo "<table><tr><td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>";
@ -769,6 +855,7 @@ switch ($select_local) { // Select which part of page will be loaded
 		echo "<fieldset class=\"useredit-bright\"><legend class=\"useredit-bright\">";
 		echo _("Selected groups");
 		echo "</legend>\n";
 		// Show all groups the user is additional member of
 		if (count($account_new->general_groupadd)!=0) {
 			echo "<select name=\"selectedgroups[]\" class=\"useredit-bright\" size=15 multiple>\n";
 			for ($i=0; $i<count($account_new->general_groupadd); $i++)
@ -783,6 +870,7 @@ switch ($select_local) { // Select which part of page will be loaded
 		echo "<td valign=\"top\"><fieldset class=\"useredit-bright\"><legend class=\"useredit-bright\">";
 		echo _('Available groups');
 		echo "</legend>\n";
 		// show all groups expect these the user is member of
 		if (count($groups)!=0) {
 			echo "<select name=\"allgroups[]\" size=15 multiple class=\"useredit-bright\">\n";
 			foreach ($groups as $temp) {
@ -795,15 +883,12 @@ switch ($select_local) { // Select which part of page will be loaded
 		echo "<input name=\"next_general\" type=\"submit\" value=\""; echo _('Back'); echo "\">\n";
 		echo "</fieldset></td></tr></table>\n</td></tr>\n</table>\n";
 		break;
 	case 'general':
 		// General Account Settings
 		// load list of all groups
 		$groups = findgroups();
 		// load list of profiles
 		$profilelist = getUserProfiles();
 		// Show page info
 		// Show page info
 		echo '<input name="select" type="hidden" value="general">';
 		echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
 		echo "<table><tr><td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>";
@ -889,6 +974,7 @@ switch ($select_local) { // Select which part of page will be loaded
 			'<a href="../help.php?HelpNumber=405" target="lamhelp">'._('Help').'</a>'.
 			'</td></tr>'."\n".'<tr><td>';
 		echo _('Suffix'); echo '</td><td><select name="f_general_suffix">';
 		// loop through all user suffixes
 		foreach ($ldap_intern->search_units($config_intern->get_UserSuffix()) as $suffix) {
 			if ($account_new->general_dn) {
 				if ($account_new->general_dn == $suffix)
@ -901,6 +987,7 @@ switch ($select_local) { // Select which part of page will be loaded
 			"</a></td>\n</tr>\n</table>";
 		echo _('Values with * are required');
 		echo "</fieldset>\n</td></tr><tr><td>";
 		// Show fieldset with list of all user profiles
 		if (count($profilelist)!=0) {
 			echo "<fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>";
 			echo _("Load profile");
@ -913,7 +1000,6 @@ switch ($select_local) { // Select which part of page will be loaded
 			echo _('Help')."</a></td>\n</tr>\n</table>\n</fieldset>\n";
 			}
 		echo "</td></tr>\n</table>\n</td></tr></table>\n";
 		break;
 	case 'unix':
 		// Unix Password Settings
@ -925,6 +1011,7 @@ switch ($select_local) { // Select which part of page will be loaded
 			$password = str_replace(chr(00), '', $password);
 			}
 		 else $password='';
 		// Use dd-mm-yyyy format of date because it's easier to read for humans
 		$date = getdate ($account_new->unix_pwdexpire);
 		echo "<input name=\"select\" type=\"hidden\" value=\"unix\">\n";
 		echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
@ -1005,16 +1092,19 @@ switch ($select_local) { // Select which part of page will be loaded
 		if ($account_new->unix_deactivated) echo ' checked ';
 		echo '></td>'."\n".'<td>'.
 		'<a href="../help.php?HelpNumber=427" target="lamhelp">'._('Help').'</a>'.
-		'</td></tr>'."\n".'<tr><td>';
+		'</td></tr>'."\n";
 		// show only hosts if schema does allow hosts
 		if ($_SESSION['ldap']->support_unix_hosts) {
 			echo '<tr><td>';
 			echo _('Unix workstations');
 			echo '</td>'."\n".'<td><input name="f_unix_host" type="text" size="20" maxlength="80" value="' . $account_new->unix_host . '">'.
 				'</td>'."\n".'<td>'.
 				'<a href="../help.php?HelpNumber=466" target="lamhelp">'._('Help').
-			"</a></td>\n</tr>\n</table>";
+				"</a></td>\n</tr>\n";
 			}
 		echo "</table>\n";
 		echo _('Values with * are required');
 		echo "</fieldset>\n</td></tr></table></td></tr>\n</table>\n";
 		break;
 	case 'samba':
 		// Samba Settings
@ -1027,10 +1117,11 @@ switch ($select_local) { // Select which part of page will be loaded
 			}
 		else $password = "";
 		if ($config_intern->is_samba3()) $samba3domains = $ldap_intern->search_domains($config_intern->get_domainSuffix());
 		// Use dd-mm-yyyy format of date because it's easier to read for humans
 		$canchangedate = getdate($account_new->smb_pwdcanchange);
 		$mustchangedate = getdate($account_new->smb_pwdmustchange);
 		echo '<input name="select" type="hidden" value="samba">';
 		// Save all values smaller than "day" so we don't loose them
 		echo	'<input name="f_smb_pwdcanchange_h" type="hidden" value="'.$canchangedate['hours'].'">'.
 			'<input name="f_smb_pwdcanchange_m" type="hidden" value="'.$canchangedate['minutes'].'">'.
 			'<input name="f_smb_pwdcanchange_s" type="hidden" value="'.$canchangedate['seconds'].'">'.
@ -1132,7 +1223,7 @@ switch ($select_local) { // Select which part of page will be loaded
 			'</td></tr>'."\n".'<tr><td>';
 		echo _('Home drive');
 		echo '</td>'."\n".'<td><select name="f_smb_homedrive" >';
-			for ($i=68; $i<91; $i++)
+			for ($i=90; $i>67; $i--)
 				if ($account_new->smb_homedrive== chr($i).':') echo '<option selected> '.chr($i).':</option>'; else echo '<option> '.chr($i).':</option>';
 		echo	'</select></td>'."\n".'<td>'.
 			'<a href="../help.php?HelpNumber=433" target="lamhelp">'._('Help').'</a>'.
@ -1159,6 +1250,7 @@ switch ($select_local) { // Select which part of page will be loaded
 			'</td></tr>'."\n".'<tr><td>';
 		echo _('Windows groupname');
 		echo '</td>'."\n".'<td><select name="f_smb_mapgroup" >';
 		// Display if group SID should be mapped to a well kown SID
 		if ($config_intern->samba3=='yes') {
 			if ( $account_new->smb_mapgroup == $account_new->smb_domain->SID . "-".
 			(2 * getgid($account_new->general_group) + $values->smb_domain->RIDbase+1)) {
@ -1240,7 +1332,9 @@ switch ($select_local) { // Select which part of page will be loaded
 			'<a href="../help.php?HelpNumber=464" target="lamhelp">'._('Help').'</a>'.
 			'</td></tr>'."\n".'<tr><td>';
 		echo _('Domain');
 		// select which domain name should be displayed
 		if ($config_intern->is_samba3()) {
 			// samba 3 uses object to store SID and name of domain
 			echo '</td><td><select name="f_smb_domain">';
 			for ($i=0; $i<sizeof($samba3domains); $i++) {
 				if ($account_new->smb_domain->name) {
@ -1253,6 +1347,7 @@ switch ($select_local) { // Select which part of page will be loaded
 			echo '</select>';
 			}
 		else {
 			// Samba 2.2 just uses a string as domain name
 			echo '</td>'."\n".'<td><input name="f_smb_domain" type="text" size="20" maxlength="80" value="' . $account_new->smb_domain . '">';
 			}
 		echo	'</td>'."\n".'<td><a href="../help.php?HelpNumber=438" target="lamhelp">'._('Help').'</a></td></tr>'."\n";
@ -1260,6 +1355,7 @@ switch ($select_local) { // Select which part of page will be loaded
 		break;
 	case 'quota':
 		// Quota Settings
 		// Load quotas if not yet done
 		if ($config_intern->scriptServer && !isset($account_new->quota[0])) { // load quotas
 			$values = getquotas('user', $account_old->general_username);
 			if (is_object($values)) {
@ -1303,6 +1399,7 @@ switch ($select_local) { // Select which part of page will be loaded
 			'<a href="../help.php?HelpNumber=445" target="lamhelp">'._('Help').'</a></td>'."\n".'<td><a href="../help.php?HelpNumber=446" target="lamhelp">'._('Help').'</a></td>'."\n".'<td>'.
 			'<a href="../help.php?HelpNumber=447" target="lamhelp">'._('Help').'</a></td></tr>'."\n";
 		$i=0;
 		// loop for every mointpoint with enabled quotas
 		while ($account_new->quota[$i][0]) {
 			echo '<tr><td>'.$account_new->quota[$i][0].'</td><td>'.$account_new->quota[$i][1].'</td>'; // used blocks
 			echo '<td><input name="f_quota_'.$i.'_2" type="text" size="12" maxlength="20" value="'.$account_new->quota[$i][2].'"></td>'; // blocks soft limit
@ -1316,7 +1413,6 @@ switch ($select_local) { // Select which part of page will be loaded
 			}
 		echo "</table>\n</fieldset>\n</td></tr></table></td></tr>\n</table>\n";
 		break;
 	case 'personal':
 		// Personal Settings
 		echo "<input name=\"select\" type=\"hidden\" value=\"personal\">\n";
@ -1399,12 +1495,6 @@ switch ($select_local) { // Select which part of page will be loaded
 		break;
 	case 'final':
 		// Final Settings
 		$disabled = "";
 		if ($config_intern->is_samba3()) {
 			if (!isset($account_new->smb_domain)) { // Samba page nit viewd; can not create group because if missing options
 				$disabled = "disabled";
 				}
 			}
 		echo '<input name="select" type="hidden" value="final">';
 		echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
 		echo "<table><tr><td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>";
@ -1440,76 +1530,7 @@ switch ($select_local) { // Select which part of page will be loaded
 		 else echo _('Create');
 		echo "</b></legend>\n";
 		echo "<table border=0 width=\"100%\">";
-		if (($account_old) && ($account_new->general_uidNumber != $account_old->general_uidNumber)) {
+		echo "<tr><td><input name=\"create\" type=\"submit\" value=\"";
 			echo '<tr>';
 			StatusMessage ('INFO', _('UID-number has changed. You have to run the following command as root in order to change existing file-permissions:'),
 			'find / -gid ' . $account_old->general_uidNumber . ' -exec chown ' . $account_new->general_uidNumber . ' {} \;');
 			echo '</tr>'."\n";
 			}
 		if (($account_old) && ($account_new->general_group != $account_old->general_group)) {
 			echo '<tr>';
 			StatusMessage ('INFO', _('Primary group has changed. You have to run the following command as root in order to change existing file-permissions:'),
 			'find / -uid ' . $account_new->general_uidNumber . ' -gid ' . getgid($account_old->general_group) .' -exec chown ' . $account_new->general_uidNumber . ':'.getgid($account_new->general_group). ' {} \;');
 			echo '</tr>'."\n";
 			}
 		if (($account_old) && ($account_new->general_homedir != $account_old->general_homedir)) {
 			echo '<tr>';
 			StatusMessage ('INFO', _('Home Directory has changed. You have to run the following command as root in order to change the existing homedirectory:'),
 			'mv ' . $account_old->general_homedir . ' ' . $account_new->general_homedir);
 			echo '</tr>'."\n";
 			}
 		if ($disabled=='disabled') { // Samba page nit viewd; can not create group because if missing options
 			echo "<tr>";
 			StatusMessage("ERROR", _("Samba Options not set!"), _("Please check settings on samba page."));
 			echo "</tr>";
 			}
 		else {
 			$found = false;
 			if (strstr($account_new->smb_scriptPath, '$group')) $found = true;
 			if (strstr($account_new->smb_scriptPath, '$user')) $found = true;
 			if (strstr($account_new->smb_profilePath, '$group')) $found = true;
 			if (strstr($account_new->smb_profilePath, '$user')) $found = true;
 			if (strstr($account_new->smb_smbhome, '$group')) $found = true;
 			if (strstr($account_new->smb_smbhome, '$user')) $found = true;
 			if ($found) { // Samba page nit viewd; can not create group because if missing options
 				$disabled = "disabled";
 				echo "<tr>";
 				StatusMessage("ERROR", _("Samba Options not set!"), _("Please check settings on samba page."));
 				echo "</tr>";
 				}
 			}
 		if (isset($account_old->general_objectClass)) {
 			if (!in_array('posixAccount', $account_old->general_objectClass)) {
 				echo '<tr>';
 				StatusMessage('WARN', _('ObjectClass posixAccount not found.'), _('Have to add objectClass posixAccount.'));
 				echo "</tr>\n";
 				}
 			if (!in_array('shadowAccount', $account_old->general_objectClass)) {
 				echo '<tr>';
 				StatusMessage('WARN', _('ObjectClass shadowAccount.'), _('Have to add objectClass shadowAccount.'));
 				echo "</tr>\n";
 				}
 			if ($config_intern->is_samba3()) {
 				if (!in_array('sambaSamAccount', $account_old->general_objectClass)) {
 					echo '<tr>';
 					StatusMessage('WARN', _('ObjectClass sambaSamAccount not found.'), _('Have to add objectClass sambaSamAccount. USer with sambaAccount will be updated.'));
 					echo "</tr>\n";
 					}}
 				else
 				if (!in_array('sambaAccount', $account_old->general_objectClass)) {
 					echo '<tr>';
 					StatusMessage('WARN', _('ObjectClass sambaAccount not found.'), _('Have to add objectClass sambaAccount. User with sambaSamAccount will be set back to sambaAccount.'));
 					echo "</tr>\n";
 					}
 			}
 		echo "<tr><td><input name=\"create\" $disabled type=\"submit\" value=\"";
 		if ($account_old) echo _('Modify Account');
 		 else echo _('Create Account');
 		echo '">'."\n";