Compare commits
877 Commits
lam_6_3_RC
...
develop
Author | SHA1 | Date |
---|---|---|
Roland Gruber | 72ef7f1ac5 | |
Roland Gruber | 4f8b1e81ea | |
Roland Gruber | c5b6c8132c | |
Roland Gruber | 6c306bcb9e | |
Roland Gruber | 3c7fdca8eb | |
Roland Gruber | d0b18ad8b5 | |
Roland Gruber | 4455a5a15d | |
Roland Gruber | 598fa546a9 | |
Roland Gruber | df0e02da9f | |
Roland Gruber | 2ee58dd737 | |
Roland Gruber | 8375f9e0d0 | |
Roland Gruber | ad23fd0fc2 | |
Roland Gruber | 5972e94fdb | |
gruberroland | 9a9bb3dce7 | |
Roland Gruber | bfa22c6aa3 | |
Roland Gruber | 09989ee804 | |
Roland Gruber | 08a65e2608 | |
gruberroland | 3368b4ab10 | |
Roland Gruber | b3905d73ca | |
Roland Gruber | e5344b0568 | |
Roland Gruber | b00fd8d83e | |
Roland Gruber | 018513ac95 | |
Roland Gruber | 75120fc25d | |
Roland Gruber | 3ad5dcf65a | |
Roland Gruber | 6768c7e7ef | |
Roland Gruber | 1dd0f64f5b | |
Roland Gruber | cb58a27972 | |
Roland Gruber | 9394eeeabd | |
Roland Gruber | ffb3ed9357 | |
Roland Gruber | 4158ebb91d | |
Roland Gruber | 2698995cc2 | |
Roland Gruber | 840289e360 | |
Roland Gruber | 60109eb47c | |
Roland Gruber | e070accf18 | |
Roland Gruber | 21e7e4a95d | |
Roland Gruber | 5e770d8920 | |
Roland Gruber | e03cd1f57c | |
Roland Gruber | d32d8d3a0d | |
Roland Gruber | 1523f0ee8f | |
Roland Gruber | bc277e4c0a | |
Roland Gruber | f75f813a9a | |
Roland Gruber | 87986e93cc | |
Roland Gruber | 780daded11 | |
Roland Gruber | 38cbfb9dab | |
Roland Gruber | 60199a41b5 | |
Roland Gruber | aed8ce867c | |
Roland Gruber | 30909b385a | |
gruberroland | 55ccddbf1e | |
Roland Gruber | ee75385e7d | |
gruberroland | 9ec8d2ce57 | |
Roland Gruber | 605713a181 | |
Roland Gruber | fd8e7c1de3 | |
Roland Gruber | bdd3dd39b9 | |
Roland Gruber | 4d0a6d92e7 | |
Roland Gruber | e58459d351 | |
Roland Gruber | 316c979ef2 | |
Roland Gruber | 3bd507a47d | |
Roland Gruber | 01844a0d05 | |
Roland Gruber | 57dcbd880d | |
Roland Gruber | 12581a5dc0 | |
Roland Gruber | 2fcabf0c07 | |
Roland Gruber | db523af70f | |
Roland Gruber | 69796a98f3 | |
gruberroland | 82905cb4e5 | |
Steffen Moser | 6f88ec8d9d | |
Roland Gruber | 75fd361116 | |
Roland Gruber | f36446fe43 | |
gruberroland | 1196c56287 | |
gruberroland | 48ace3c3f9 | |
Roland Gruber | 5a09f8159f | |
Roland Gruber | 6ade23ce65 | |
Roland Gruber | 03f6fd858b | |
Roland Gruber | f23d2a4455 | |
Roland Gruber | f091b653b8 | |
Roland Gruber | aa43b4721b | |
Roland Gruber | 7bd799bee3 | |
gruberroland | 3ba7fa18bd | |
Roland Gruber | 2e61e2dca9 | |
Roland Gruber | 71af42442b | |
Roland Gruber | 3018a887c0 | |
Roland Gruber | aaddb6eead | |
Roland Gruber | 95bdb04949 | |
Roland Gruber | 93a7ffdd65 | |
Roland Gruber | ed28d3b8e7 | |
gruberroland | 3c305f26fa | |
Patrick Baumgartner | ecdd23e843 | |
Patrick Baumgartner | 1081b51fe9 | |
Patrick Baumgartner | b91333ff12 | |
Roland Gruber | 2e5419b3ac | |
Roland Gruber | 9198187a26 | |
Roland Gruber | 32b5a14226 | |
Roland Gruber | 5151d96592 | |
Roland Gruber | 0a72bc9635 | |
Roland Gruber | 6fc259d718 | |
Roland Gruber | 40fd19e3bf | |
Roland Gruber | 9b4261ca36 | |
Roland Gruber | 2db6bf23eb | |
Roland Gruber | ffd74d88e4 | |
Roland Gruber | a246fde0e2 | |
Roland Gruber | 665ca9daad | |
Roland Gruber | 81587a9b00 | |
Roland Gruber | 9c6e30a03b | |
Roland Gruber | c9d32bf2de | |
Roland Gruber | a6b39d522f | |
Roland Gruber | 8e9700d230 | |
Roland Gruber | e44f3d3243 | |
Roland Gruber | 8743285719 | |
Roland Gruber | 7fcc2cf38d | |
Roland Gruber | 1d107c4a24 | |
Roland Gruber | ec2a017fc7 | |
Roland Gruber | a724638886 | |
Roland Gruber | acbdec11dd | |
Roland Gruber | 8d50dd59b0 | |
Roland Gruber | ea72ab63a9 | |
Roland Gruber | d0e88cf80b | |
Roland Gruber | 2331e42e34 | |
Roland Gruber | df189f69e7 | |
Roland Gruber | 5b17baa628 | |
Roland Gruber | 5a40e6fed1 | |
Roland Gruber | d980ffc1a5 | |
Roland Gruber | 56d51c8e8c | |
Roland Gruber | a52393dc79 | |
Roland Gruber | 58882affa7 | |
Roland Gruber | 8b38839dae | |
Roland Gruber | 24a6e14251 | |
Roland Gruber | 9936c834db | |
Roland Gruber | e8d421ae04 | |
Roland Gruber | 00c5a014b4 | |
Roland Gruber | 38293656b6 | |
Roland Gruber | 9ed53f51de | |
Roland Gruber | f0f81c085b | |
Roland Gruber | 8af2132926 | |
Roland Gruber | 541684d49f | |
Roland Gruber | 07f5ae2d7a | |
Roland Gruber | b65125beaf | |
Roland Gruber | c9990fa189 | |
gruberroland | 18e1e5e3c1 | |
Roland Gruber | 6f5a8cb0cd | |
gruberroland | 9cf564e500 | |
Roland Gruber | e9eca9ab74 | |
Roland Gruber | ffb8fca488 | |
Roland Gruber | 365389cd0b | |
Roland Gruber | 0609c748ea | |
Roland Gruber | 394cbedb2a | |
Roland Gruber | 028f8adcfd | |
Roland Gruber | 56eb28c2ba | |
Roland Gruber | 468a95e434 | |
Roland Gruber | b12ba2369e | |
Roland Gruber | 726f1e13b4 | |
gruberroland | 802b16797a | |
Roland Gruber | a07c0013ae | |
Roland Gruber | bd7d32d2d0 | |
gruberroland | 824ec1917a | |
Roland Gruber | c192886117 | |
Roland Gruber | bf52e55f5f | |
Roland Gruber | 4a5ef05f38 | |
Roland Gruber | 54f6c82cee | |
Roland Gruber | b6425b9abd | |
Roland Gruber | 96c4b49f06 | |
Roland Gruber | 04065ccf58 | |
Roland Gruber | 0647faf744 | |
Roland Gruber | 012e2b450f | |
Roland Gruber | 2904f178a0 | |
Roland Gruber | 6d5971d716 | |
Roland Gruber | 50596a358e | |
Roland Gruber | 0f40ba18c0 | |
Roland Gruber | 44dff694c4 | |
Roland Gruber | e386b9dad4 | |
Roland Gruber | b4007b5d8e | |
Roland Gruber | 0230241b15 | |
Roland Gruber | 51ed41f4fa | |
Roland Gruber | 8894146c06 | |
Roland Gruber | 2495dae78a | |
Roland Gruber | ad2bce6a6a | |
Roland Gruber | 5b14134108 | |
Roland Gruber | 45b4bdb7d5 | |
Roland Gruber | b7ab251f6c | |
Roland Gruber | 041a8eb833 | |
Roland Gruber | eae8f36dab | |
Roland Gruber | 799d9b24fc | |
Roland Gruber | f3747d176e | |
Roland Gruber | cb5291cb1a | |
Roland Gruber | 5f09fe6ebe | |
Roland Gruber | 110d693aaf | |
Roland Gruber | 8eb07c27f4 | |
Roland Gruber | 4090fff0f3 | |
Roland Gruber | 0610004c7d | |
Roland Gruber | cc5fab6e5a | |
Roland Gruber | aec46823ba | |
Roland Gruber | 74d8210b01 | |
Roland Gruber | 5153f6ea17 | |
Roland Gruber | 098c28339a | |
Roland Gruber | 45cbadd56c | |
Roland Gruber | a98fe5786a | |
Roland Gruber | afdfa543d6 | |
gruberroland | e923a03979 | |
Roland Gruber | 0f8fb1e146 | |
Roland Gruber | 59e9635e90 | |
Roland Gruber | c0e1e026d8 | |
Roland Gruber | bd3777f764 | |
Roland Gruber | 362014ddf6 | |
Roland Gruber | aa0228c34c | |
Roland Gruber | 3f06070b89 | |
Roland Gruber | 3d409d6e48 | |
Roland Gruber | fdb6aaa809 | |
Roland Gruber | 7981f59b0e | |
Roland Gruber | 2fbac1d9f0 | |
Roland Gruber | 29f41b8774 | |
gruberroland | 64b41eb8e1 | |
Roland Gruber | 2b83758564 | |
Roland Gruber | b15b94cb29 | |
lasat | 4d3af3daaa | |
Roland Gruber | c468ba6479 | |
Roland Gruber | daa2fec5c7 | |
Roland Gruber | e28efcfd21 | |
Roland Gruber | 3dc40d1f99 | |
Roland Gruber | c8d1e5ab82 | |
Roland Gruber | 981b0320f9 | |
Roland Gruber | 1e4ff3ce11 | |
Roland Gruber | 9316803fc6 | |
Roland Gruber | 7aa038a710 | |
Roland Gruber | c1d09bba09 | |
Roland Gruber | 4131d5fe6c | |
Roland Gruber | 60b3ffb9ca | |
Roland Gruber | 02770b7759 | |
Roland Gruber | 9a855266ab | |
Roland Gruber | 1440bf22d6 | |
Roland Gruber | 7d1c2afd21 | |
Roland Gruber | d9fd4b36e2 | |
gruberroland | 7b222d9edb | |
Roland Gruber | 0c65e5bedb | |
Roland Gruber | 8ee96c56d2 | |
Roland Gruber | c1e6b61ecd | |
Roland Gruber | f1db477fda | |
Roland Gruber | 691055b83e | |
Roland Gruber | 286e447553 | |
Roland Gruber | 4e329f1f55 | |
Roland Gruber | 3ac7ae668b | |
Roland Gruber | c29be12a9e | |
Roland Gruber | 0990d61507 | |
Roland Gruber | 8a014f3a8a | |
Roland Gruber | 9e1e0634e6 | |
Roland Gruber | 03ced7c697 | |
Roland Gruber | 3299d48e95 | |
Roland Gruber | 7df361d6d0 | |
Roland Gruber | 38addc429c | |
Roland Gruber | ef9b3dd64e | |
Roland Gruber | f97359f466 | |
Roland Gruber | 9d9c37a44a | |
Roland Gruber | 91e98b6926 | |
Roland Gruber | 7514ec6b84 | |
Roland Gruber | 68f6f3eafe | |
Roland Gruber | 7a096cfc94 | |
Roland Gruber | 06d19858e3 | |
Roland Gruber | 6f28f17e41 | |
Roland Gruber | 3e20940d34 | |
Roland Gruber | 3ffefbd821 | |
Roland Gruber | 4e892e2171 | |
Roland Gruber | eae502c629 | |
Roland Gruber | de19770211 | |
Roland Gruber | 27a4234634 | |
Roland Gruber | 0e835e3003 | |
Roland Gruber | 0ed0d17676 | |
Roland Gruber | 934f3be4a1 | |
Roland Gruber | 1851f02832 | |
Roland Gruber | 9136d79751 | |
Roland Gruber | 10f6897e7e | |
Roland Gruber | 54d4bd40c9 | |
Roland Gruber | 65a10ef62c | |
Roland Gruber | 8abd515ac6 | |
Roland Gruber | 1d4bdd7156 | |
Roland Gruber | c6bb9d5b22 | |
Roland Gruber | 023d5c833c | |
Roland Gruber | c2a8501cac | |
Roland Gruber | dbc096f7af | |
Roland Gruber | 9208cb2349 | |
Roland Gruber | 9086f5847e | |
Roland Gruber | 6469d8fb4c | |
Roland Gruber | b985110def | |
Roland Gruber | 80c97d49c6 | |
Roland Gruber | 7e3635a3c2 | |
Roland Gruber | e20689dfe6 | |
Roland Gruber | 49c088915f | |
gruberroland | 1bc26a314e | |
Roland Gruber | 7734b33e26 | |
Roland Gruber | 3054f38d7c | |
Roland Gruber | 3d7e2e9c47 | |
gruberroland | c170a0954c | |
Roland Gruber | 22d15581a9 | |
Roland Gruber | 8e9641fad3 | |
Roland Gruber | 596b5bb1f8 | |
Roland Gruber | 0723b5f6bb | |
Roland Gruber | a8738a5e53 | |
Roland Gruber | 2aabad9a3d | |
Roland Gruber | 0f13e3c8ba | |
Roland Gruber | 0a30964011 | |
Roland Gruber | 18eb9ed216 | |
Roland Gruber | 84d20e204a | |
Roland Gruber | c71b01a73e | |
Roland Gruber | 41b4869052 | |
Roland Gruber | e4363b83c4 | |
Roland Gruber | 2d90e73b2f | |
Roland Gruber | 4d5d93c62b | |
Roland Gruber | 58e15da1a8 | |
Roland Gruber | 1535bf4da6 | |
Roland Gruber | 9637c2dff6 | |
Roland Gruber | e329c28c3e | |
Roland Gruber | db48e32dc6 | |
Roland Gruber | 38045cbac1 | |
Roland Gruber | deca797a80 | |
Roland Gruber | 4cb095f0f7 | |
Roland Gruber | a5036782bd | |
Roland Gruber | ffd47f8ca5 | |
Roland Gruber | 62dcd743fb | |
Roland Gruber | e471b5586d | |
Roland Gruber | df09375be3 | |
gruberroland | 1dac968a02 | |
Roland Gruber | 3719e55105 | |
Roland Gruber | 61025edd68 | |
Roland Gruber | 128dc774fb | |
Roland Gruber | b65623742d | |
Roland Gruber | 6395756ceb | |
Felix Bartels | 75cfafebc9 | |
Roland Gruber | 65412574a0 | |
gruberroland | 690ba0407d | |
Roland Gruber | 42fb854601 | |
Roland Gruber | b0d786c86e | |
Roland Gruber | d991ec578c | |
Roland Gruber | 83a0ff71c9 | |
Roland Gruber | 714dbaa0fd | |
Roland Gruber | a3f0c07096 | |
Roland Gruber | 5a12fc7a2e | |
Roland Gruber | e3b0d10bf8 | |
Roland Gruber | eddbc27d3d | |
Roland Gruber | c05d07d8f5 | |
Roland Gruber | 50102f2c3f | |
Roland Gruber | 00a299e80f | |
Roland Gruber | dbb2e8aa37 | |
Roland Gruber | 3169c85802 | |
Roland Gruber | 75ce322789 | |
Roland Gruber | cbff63567c | |
Roland Gruber | 622a72ef18 | |
Roland Gruber | 22b4da76e9 | |
Roland Gruber | 6039d77a7d | |
Roland Gruber | 58828c9836 | |
Roland Gruber | 3c5ef4eb30 | |
gruberroland | 51e9c29973 | |
Roland Gruber | b91b28d013 | |
Roland Gruber | 1c5c760f6e | |
Roland Gruber | 20c1ea8991 | |
gruberroland | f21f8ee423 | |
Roland Gruber | 624c94bff0 | |
Roland Gruber | eef69a7a35 | |
Roland Gruber | 04c00f0850 | |
Roland Gruber | 7334947d54 | |
gruberroland | 21e50208ed | |
Roland Gruber | d074e2377d | |
Roland Gruber | 162ed79946 | |
Roland Gruber | d2a07f697c | |
Roland Gruber | 4128f703aa | |
Roland Gruber | de988316a5 | |
Roland Gruber | cc3e8057d8 | |
Roland Gruber | dc94c51cda | |
Roland Gruber | 8426cc6ccd | |
Roland Gruber | b5e163cfc3 | |
Roland Gruber | ff8fd47bed | |
Roland Gruber | 0240dec74e | |
Roland Gruber | d5b779c5e1 | |
Roland Gruber | 6052047b52 | |
Roland Gruber | ac56e61a0f | |
Roland Gruber | 9530f704e2 | |
Roland Gruber | 461a9819c7 | |
Roland Gruber | 5a2fa00b37 | |
Roland Gruber | e2b92878fa | |
Roland Gruber | b327e72a46 | |
Roland Gruber | af9f714ffb | |
Roland Gruber | 426e1cf80f | |
Roland Gruber | 969d681104 | |
Roland Gruber | 0eff6e7065 | |
Roland Gruber | 807925d9a7 | |
Roland Gruber | 302acfa2d9 | |
Roland Gruber | 3ad1b5c20a | |
Roland Gruber | 728e3cacc3 | |
Roland Gruber | a1da6a897d | |
Roland Gruber | cb699635c5 | |
Roland Gruber | a9c0833250 | |
Roland Gruber | 7add41b48e | |
Roland Gruber | 2bc62a34cf | |
Roland Gruber | 6298546620 | |
Roland Gruber | fa3baf8f86 | |
Roland Gruber | 45e0968059 | |
Roland Gruber | fa6a40a7a0 | |
Roland Gruber | f646e1e8ff | |
Roland Gruber | a8eb89aaf2 | |
Roland Gruber | 533ea1645f | |
Roland Gruber | 482226a955 | |
Roland Gruber | 51eaeed060 | |
Roland Gruber | 44fc341de9 | |
Roland Gruber | caf809c87e | |
Roland Gruber | 967ff33b34 | |
Roland Gruber | 065232505e | |
Roland Gruber | b21b3657fb | |
Roland Gruber | 9db074c1e7 | |
Roland Gruber | cfcb1efd8f | |
Roland Gruber | 60c3053901 | |
Roland Gruber | ab3d13cf28 | |
Roland Gruber | d73ffee957 | |
Roland Gruber | c7c1d030e3 | |
Roland Gruber | 156252ef7f | |
Roland Gruber | 3c4e558e6c | |
Roland Gruber | 1b31c893fd | |
Roland Gruber | 4c05994a6f | |
Roland Gruber | 92110ed8da | |
Roland Gruber | 5668f5f634 | |
Roland Gruber | 99c4130435 | |
Roland Gruber | 8c7d06e4ae | |
Roland Gruber | 493150ab6f | |
Roland Gruber | 9fa374e2b4 | |
Roland Gruber | e63900b566 | |
Roland Gruber | 47c55d76c5 | |
Roland Gruber | fa259a2168 | |
Roland Gruber | 6815777b8c | |
Roland Gruber | 4084972bd2 | |
Roland Gruber | 46cfdb821c | |
Roland Gruber | 368a3988dc | |
Roland Gruber | 1acf7c95e4 | |
Roland Gruber | 17ac43d503 | |
Roland Gruber | 39f363ba83 | |
Roland Gruber | 49ae8b49b6 | |
Roland Gruber | 43326b515f | |
Roland Gruber | 1783f6f9b6 | |
Roland Gruber | 1d994cc5b8 | |
Roland Gruber | 8df75742d2 | |
Roland Gruber | edf2f61df4 | |
Roland Gruber | f88b5ee74f | |
Roland Gruber | febba5803a | |
Roland Gruber | bb32bb6424 | |
Roland Gruber | 4a373743af | |
Roland Gruber | f77adfe858 | |
Roland Gruber | 71283f3b53 | |
Roland Gruber | 9cae521150 | |
gruberroland | a7f2f753c5 | |
Roland Gruber | 095e728104 | |
Roland Gruber | bf777b2e99 | |
Roland Gruber | edb50f4d4b | |
Roland Gruber | 5f15b2fae2 | |
Roland Gruber | 9781e951a6 | |
gruberroland | 02d100b5f0 | |
Roland Gruber | 5d87fd7037 | |
Roland Gruber | e0a82bc70d | |
Roland Gruber | 6d392e51ee | |
Roland Gruber | 34431b286d | |
Roland Gruber | fa7c9699db | |
Roland Gruber | 778fde3357 | |
Roland Gruber | 29a7b0c3e0 | |
Roland Gruber | f8cfcf9f34 | |
Roland Gruber | 2bb7470fa2 | |
Roland Gruber | 3cabf78630 | |
Roland Gruber | 877d35362b | |
Roland Gruber | 2ade724c40 | |
Roland Gruber | b831414ca4 | |
Roland Gruber | 03caa12d31 | |
Roland Gruber | f6d80e3abd | |
Roland Gruber | 85ebe6ff04 | |
Roland Gruber | 14f6ecd91b | |
Roland Gruber | 259fff76af | |
gruberroland | 7ebfa14029 | |
Roland Gruber | f3516ba92d | |
Roland Gruber | 6086765d16 | |
Roland Gruber | 8fa29aa1d0 | |
Roland Gruber | 1e54f0fb08 | |
Roland Gruber | ddb8402b0a | |
Roland Gruber | 105cbd7403 | |
Roland Gruber | 0faebfe928 | |
Roland Gruber | b25ad345d7 | |
Roland Gruber | 3ba7a75d0c | |
Roland Gruber | f285f83c3e | |
Roland Gruber | ef0673decd | |
Roland Gruber | 929b37ce40 | |
Roland Gruber | 94ee2317a6 | |
Roland Gruber | 51e0c41fae | |
gruberroland | 2993588a2a | |
Roland Gruber | 86e37191fa | |
Roland Gruber | 49423d778c | |
Roland Gruber | 213807efc6 | |
Roland Gruber | d0dadf2949 | |
Roland Gruber | 5a9c4660e1 | |
Roland Gruber | 5989df4a43 | |
Roland Gruber | 6c47d1528a | |
Roland Gruber | e5484ee833 | |
Roland Gruber | 8186aed796 | |
Roland Gruber | 89aa75c61a | |
Roland Gruber | a20cc2652a | |
Roland Gruber | c79170a34f | |
Roland Gruber | ae511610ec | |
Roland Gruber | b1f85eb050 | |
Roland Gruber | 1f20b1d48e | |
Roland Gruber | bd28b7160f | |
Roland Gruber | 0879961b61 | |
Roland Gruber | c3a7fac3f3 | |
Roland Gruber | a69ab717bd | |
Roland Gruber | 2938be9308 | |
Roland Gruber | 3b35aa29da | |
Roland Gruber | 54b68e7765 | |
Roland Gruber | 99da1f05e6 | |
Roland Gruber | 2924e3e652 | |
Roland Gruber | de2ff0afa2 | |
Roland Gruber | f8a91f3f4f | |
Roland Gruber | 9bac92a4a5 | |
Roland Gruber | 415d3c11b8 | |
Roland Gruber | 04bd9acc37 | |
Roland Gruber | 3d0a53cb07 | |
Roland Gruber | c253c67af5 | |
Roland Gruber | 25539ee021 | |
Roland Gruber | 9c4d068592 | |
Roland Gruber | 63e3adf89f | |
Roland Gruber | 03108cc055 | |
Roland Gruber | 050519215f | |
Roland Gruber | 788a10d293 | |
Roland Gruber | f85d64aaa4 | |
Roland Gruber | 9ba767eb30 | |
Roland Gruber | e38c184cd7 | |
Roland Gruber | b4ddddee58 | |
Roland Gruber | 01f037c5fc | |
Roland Gruber | a15a3ea233 | |
Roland Gruber | 534afc281b | |
Roland Gruber | f91d29bb58 | |
Roland Gruber | 0ff0131dc8 | |
Roland Gruber | a5a7a66e2a | |
Roland Gruber | 68e3b3f076 | |
Roland Gruber | 4f04dcb48e | |
Roland Gruber | 19ea7dd3dd | |
Roland Gruber | 2ac5b95e63 | |
Roland Gruber | 7564ba33f4 | |
Roland Gruber | e10416f588 | |
Roland Gruber | 87921f07c7 | |
Roland Gruber | a93bcf830f | |
gruberroland | b2d1f5de58 | |
Daniel Hoffend | 8da632d4a0 | |
Roland Gruber | cc90b307b0 | |
Roland Gruber | 39f0730434 | |
Roland Gruber | 82201ec448 | |
Roland Gruber | 12d5ac115a | |
Roland Gruber | dd2fb80375 | |
Roland Gruber | 8af9661254 | |
Roland Gruber | 5a6506cf6d | |
Roland Gruber | da4788b3cc | |
Roland Gruber | ad41a10036 | |
Roland Gruber | ab12d24703 | |
Roland Gruber | 1eac04648a | |
Roland Gruber | 3d1ce91759 | |
gruberroland | 3587661a9d | |
Roland Gruber | 7c87eb0324 | |
Roland Gruber | dfc8e5e5d3 | |
Roland Gruber | fb78790a39 | |
Roland Gruber | 575b700604 | |
Roland Gruber | ffe2316003 | |
Roland Gruber | 4949b1b70a | |
Roland Gruber | 34ffbb4f36 | |
Roland Gruber | 5f32b829b6 | |
Roland Gruber | 8ac696ed22 | |
Roland Gruber | 1c708bb816 | |
Roland Gruber | 716d119d34 | |
Roland Gruber | 1bd598b0c3 | |
Roland Gruber | 77e7c77e20 | |
Roland Gruber | ec19de29c0 | |
gruberroland | b00282afb0 | |
Christian M | f0e69fa6a3 | |
Roland Gruber | d15cde2507 | |
Roland Gruber | b3d5b641f6 | |
Roland Gruber | db0150b0f6 | |
Roland Gruber | 992814d1c6 | |
Roland Gruber | 3b6dd49278 | |
Roland Gruber | 189cabf5f4 | |
Roland Gruber | ac936dd34a | |
Roland Gruber | 7403a95104 | |
Roland Gruber | 8f14cab65e | |
Roland Gruber | 104bfb0682 | |
Roland Gruber | 20f617ebdf | |
Roland Gruber | 18547baad2 | |
gruberroland | 5682245739 | |
Roland Gruber | e43d520e52 | |
Roland Gruber | 8c4612c2ff | |
Roland Gruber | d0a97c47a9 | |
Roland Gruber | 89ab8d0f1f | |
Roland Gruber | 4fea8155c8 | |
Roland Gruber | 098618704a | |
Roland Gruber | fc24f4a2aa | |
Roland Gruber | a55c337efd | |
Roland Gruber | a206e9fefe | |
Roland Gruber | f0086e725b | |
Roland Gruber | cf25c31a37 | |
Roland Gruber | 87e47ae9b1 | |
Roland Gruber | aa8fdf5369 | |
Roland Gruber | 6af8cf3dc3 | |
Roland Gruber | bc3152c03a | |
Roland Gruber | 5e4c692f6f | |
Roland Gruber | 57d5e1ce3f | |
Roland Gruber | 2ce96573c0 | |
Roland Gruber | 727390064f | |
Roland Gruber | e8c0fb9371 | |
Roland Gruber | fbb7749425 | |
Roland Gruber | ffcf1c82df | |
Roland Gruber | 36782d1a1a | |
Roland Gruber | d35aa31a8f | |
Roland Gruber | e14b199feb | |
Roland Gruber | cbb94aecc4 | |
Roland Gruber | 53d1d1d865 | |
Roland Gruber | 5b4c9b8c38 | |
Roland Gruber | efdaa29136 | |
Roland Gruber | 4e7c972187 | |
Roland Gruber | 19858a03f5 | |
Roland Gruber | 615e0f4947 | |
Roland Gruber | 36b91b2785 | |
Roland Gruber | e43b106c95 | |
Roland Gruber | 77282fed29 | |
Roland Gruber | de2b6e1631 | |
Roland Gruber | 077556a6a9 | |
Roland Gruber | 2a10013f36 | |
Roland Gruber | e289cabe3f | |
Roland Gruber | 5a6ee994cb | |
Roland Gruber | 4636b63e7b | |
Roland Gruber | 6b24c8f7f0 | |
Roland Gruber | 5eb0bcbc39 | |
Roland Gruber | cbad61519e | |
Roland Gruber | d3608c7bd0 | |
Roland Gruber | 680b99aba3 | |
Roland Gruber | 2e0637cf7b | |
Roland Gruber | d3ce330b62 | |
Roland Gruber | e64abbaf46 | |
Roland Gruber | bb061d128f | |
Roland Gruber | 2f453aa5db | |
Roland Gruber | b988411011 | |
Roland Gruber | 5517a48e56 | |
Roland Gruber | 0c52c929c5 | |
Roland Gruber | 57b2add165 | |
Roland Gruber | 74deb30986 | |
Roland Gruber | d9e2393f89 | |
Roland Gruber | a90d377faa | |
Roland Gruber | 4a94a19535 | |
Roland Gruber | f257cdede4 | |
Roland Gruber | ce4486a1e4 | |
Roland Gruber | 44e8fc232d | |
Roland Gruber | d07d20f546 | |
Roland Gruber | bb9a1b1719 | |
Roland Gruber | 2d3f584bb4 | |
Roland Gruber | 8852dd170d | |
Roland Gruber | bf34dd43bc | |
Roland Gruber | 691ccbc477 | |
Roland Gruber | fe913bd5bf | |
Roland Gruber | 42bca3db59 | |
Roland Gruber | 92115264fb | |
Roland Gruber | bb9f1f0eff | |
Roland Gruber | 4ced8c519f | |
Roland Gruber | 01fa846f86 | |
Roland Gruber | 085be08eea | |
Roland Gruber | 74e8fb830d | |
Roland Gruber | b7396de612 | |
Roland Gruber | 29c3f6582c | |
Roland Gruber | 89b46e63fc | |
Roland Gruber | d983e86605 | |
Roland Gruber | 4b4b982ad9 | |
Roland Gruber | 22bc951171 | |
gruberroland | b42c694a8a | |
Roland Gruber | 94c122e44f | |
Roland Gruber | 898afd25e2 | |
Roland Gruber | 10fef6d1d2 | |
Roland Gruber | 55cdd56465 | |
Roland Gruber | 14edd44652 | |
Roland Gruber | 6f3bbf11a4 | |
Roland Gruber | 54f93d1424 | |
Roland Gruber | baeaa0f98b | |
Roland Gruber | b197b6297b | |
Roland Gruber | 510d69e28b | |
gruberroland | a97e489ba7 | |
Roland Gruber | 1935d3def8 | |
Roland Gruber | 985828da3a | |
Roland Gruber | dec9585733 | |
Roland Gruber | fe5260b5e6 | |
Roland Gruber | 62ae3267d2 | |
Roland Gruber | aa921cadf8 | |
Roland Gruber | ec5fcebd7f | |
Roland Gruber | a6f11073ca | |
Roland Gruber | b0edc4c6f9 | |
Roland Gruber | 1b198403d7 | |
Roland Gruber | a804f94d6f | |
Roland Gruber | ea40d3b796 | |
Roland Gruber | fc71a984bf | |
Roland Gruber | 5ac81d90eb | |
Roland Gruber | dc5f2f5bbf | |
Roland Gruber | 9dffa0ed12 | |
gruberroland | 65de9a2d18 | |
Roland Gruber | b324cca20c | |
Roland Gruber | 5f62f9aed3 | |
Roland Gruber | f0cbe217eb | |
Roland Gruber | d0388973e5 | |
Roland Gruber | 89df814e77 | |
Roland Gruber | a202ed8824 | |
Roland Gruber | 1247e1f22b | |
Roland Gruber | ef41215d22 | |
Roland Gruber | 1d7db3794b | |
Roland Gruber | 378ab6cf93 | |
Roland Gruber | cfce928df4 | |
Roland Gruber | 0b66a600a2 | |
Roland Gruber | a811c8ee7f | |
Roland Gruber | f2d77dc851 | |
Roland Gruber | 9e5c2f0fd8 | |
Roland Gruber | 23e58208cf | |
Roland Gruber | 98f6c2bf84 | |
Roland Gruber | 4afd3d940e | |
Roland Gruber | 0bd7fcacf0 | |
Roland Gruber | 0cc31a4391 | |
Roland Gruber | cd749730a4 | |
Roland Gruber | 2b9d775347 | |
Roland Gruber | 5b81c8e03c | |
Roland Gruber | 28118bdaef | |
Roland Gruber | 08f8007f3e | |
Roland Gruber | 11258d7f1f | |
Roland Gruber | fe3c054825 | |
Roland Gruber | 1cbe9d546f | |
Roland Gruber | 109e7d679c | |
Roland Gruber | 08c0f40282 | |
Roland Gruber | 6031795a6d | |
Roland Gruber | fc98320c71 | |
Roland Gruber | 613b47e738 | |
Roland Gruber | 822b23c83a | |
Roland Gruber | a44350407e | |
Roland Gruber | 33b35fa23b | |
Roland Gruber | c9cff54937 | |
Roland Gruber | a4c867d6b3 | |
Roland Gruber | 32d18361e9 | |
Roland Gruber | abceebdc4b | |
Roland Gruber | 18a22ef1c4 | |
Roland Gruber | 7222f10fe6 | |
Roland Gruber | f0b3b548de | |
gruberroland | 5a15f29418 | |
Roland Gruber | 1fa90317e8 | |
Roland Gruber | 4b0411d448 | |
Roland Gruber | 2c158e6844 | |
Roland Gruber | 6f8a9549f2 | |
Roland Gruber | caa96faa5c | |
Roland Gruber | 0b7315a351 | |
Roland Gruber | 458b3c454f | |
Roland Gruber | 316ed2d0a8 | |
Roland Gruber | 828fdc08c5 | |
Roland Gruber | 2848bc9586 | |
Roland Gruber | ebe2c6390a | |
Roland Gruber | a35c4bc06d | |
Roland Gruber | cb24a02efd | |
gruberroland | 2acd157626 | |
Roland Gruber | 7da2586583 | |
Roland Gruber | 0d70919200 | |
Roland Gruber | 96b29d8919 | |
Roland Gruber | c2cae621e7 | |
Roland Gruber | d37bd1db71 | |
Roland Gruber | c1918cdb4f | |
Roland Gruber | 76330c4d92 | |
Roland Gruber | 90bb19a142 | |
Roland Gruber | b06266c1e6 | |
Roland Gruber | b58fb827fd | |
Roland Gruber | 86b10eda6a | |
Roland Gruber | c4e8811056 | |
Roland Gruber | 6962420169 | |
Roland Gruber | 805f04f508 | |
Roland Gruber | 5c796f84ec | |
Roland Gruber | 31862c5bc5 | |
Roland Gruber | 36c731e092 | |
Roland Gruber | 1f23b0314b | |
Roland Gruber | 237ba66711 | |
Roland Gruber | fdca95bd3b | |
Roland Gruber | d29ec9220d | |
Roland Gruber | 48ff1e39f4 | |
Roland Gruber | 7b689e44a7 | |
Roland Gruber | 87b72f6995 | |
Roland Gruber | 206eda9100 | |
Roland Gruber | 4316805413 | |
Roland Gruber | 558a8f774f | |
Roland Gruber | 516a6b7654 | |
Roland Gruber | 9422d9d678 | |
Roland Gruber | 0445919f26 | |
Roland Gruber | 41e495a29c | |
gruberroland | 17dc6dc694 | |
Roland Gruber | 380a26ab50 | |
Roland Gruber | c73b4392b0 | |
Roland Gruber | a975c80404 | |
Roland Gruber | e51ee9c826 | |
Roland Gruber | d707c525a4 | |
Roland Gruber | 4df34f631c | |
Roland Gruber | 7a0ec1cafb | |
Roland Gruber | 717f2fda41 | |
Roland Gruber | 89a8c41f78 | |
Roland Gruber | c83842ef40 | |
Roland Gruber | 1b4e899755 | |
Roland Gruber | 6221b3650f | |
gruberroland | 869858fd2c | |
Louperivois | 3aeea4f444 | |
Roland Gruber | 29b51a287a | |
Roland Gruber | 4940ba069f | |
Roland Gruber | e2e75ece20 | |
Roland Gruber | dfc3dcb4c6 | |
Roland Gruber | 97cb8bcce9 | |
Roland Gruber | fc0c396f64 | |
Roland Gruber | 8e144b1e30 | |
Roland Gruber | 38bfa53285 | |
Roland Gruber | 133d554916 | |
Roland Gruber | 6dfc06931a | |
Roland Gruber | a73b8777f2 | |
Roland Gruber | daefa6cdb8 | |
Roland Gruber | 179f08ddb2 | |
Roland Gruber | dd2308f780 | |
Roland Gruber | 8e083898e2 | |
Roland Gruber | 88a2bb9479 | |
Roland Gruber | d5c1e06bac | |
Roland Gruber | cd8dab077e | |
Roland Gruber | 2dab545449 | |
Roland Gruber | c5f045ced8 | |
Roland Gruber | 8ec7c2136f | |
Roland Gruber | a0c8f5b1e7 | |
Louperivois | cda5da41ea | |
Roland Gruber | ac70ea60e3 | |
Roland Gruber | 137ef0721f | |
Roland Gruber | 5ec89293b2 | |
Roland Gruber | ffaa7d5bac | |
Louperivois | 5d9f12bfd9 | |
Roland Gruber | 35d580f217 | |
Roland Gruber | c30045b3ad | |
Roland Gruber | 26356262aa | |
Roland Gruber | 38164082ce | |
Roland Gruber | 06612960c9 | |
Roland Gruber | 26c3dcdc8e | |
gruberroland | 20bee9f684 | |
Roland Gruber | bb38fe42a7 | |
Roland Gruber | f9198ce9e1 | |
Roland Gruber | 7959b1dc5d | |
Roland Gruber | 7b9726a2d3 | |
Roland Gruber | 774334aa88 | |
Roland Gruber | 735a7d3554 | |
Roland Gruber | 632d3a26bd | |
Roland Gruber | a9ac81352e | |
Roland Gruber | ecb9cb2dfe | |
Roland Gruber | ae296aa3b9 | |
Roland Gruber | 2a02a26c16 | |
Roland Gruber | e171042b9f | |
Roland Gruber | bca8100d0a | |
Roland Gruber | c0df2e6a27 | |
Roland Gruber | 9e71a67953 | |
Roland Gruber | fad14da5f7 | |
Roland Gruber | d328f19f0a | |
Roland Gruber | e3793cd78f | |
Roland Gruber | be4292bbbb | |
Roland Gruber | 7128404409 | |
Roland Gruber | a1fa476517 | |
Roland Gruber | 08d87af41a | |
Roland Gruber | 743c7b9559 | |
Roland Gruber | 5d9beec96d | |
Roland Gruber | 5b578cee53 | |
Roland Gruber | ff4a77a738 | |
Roland Gruber | 7541a15193 | |
Roland Gruber | 7d35991bb4 | |
Roland Gruber | 10f881c323 | |
Roland Gruber | 38d12b349d | |
Roland Gruber | fa67431df3 | |
Roland Gruber | 78bfff3bb8 | |
Roland Gruber | b5a37edc98 | |
Roland Gruber | 5f01264521 | |
Roland Gruber | 7de8db855c | |
Roland Gruber | 73c799f90a | |
Roland Gruber | fe1547e145 | |
Roland Gruber | 5a13e3898c | |
Roland Gruber | 32759c45cb | |
Roland Gruber | 79acfbf185 | |
Roland Gruber | 993751c7ff | |
Roland Gruber | ca358b3975 | |
Roland Gruber | d4f0d6db96 | |
Roland Gruber | 16fc7f7e86 | |
Roland Gruber | 0f09b6c6d9 | |
Roland Gruber | f1d7aec5fc |
|
@ -0,0 +1,3 @@
|
|||
|
||||
github: [LDAPAccountManager]
|
||||
|
|
@ -0,0 +1,11 @@
|
|||
name: "LAM CodeQL config"
|
||||
|
||||
queries:
|
||||
- uses: security-and-quality
|
||||
|
||||
paths-ignore:
|
||||
- '**/3rdParty/**/*.*'
|
||||
- '**/lib/extra/**/*.*'
|
||||
- '**/lib/*jquery*.js'
|
||||
paths:
|
||||
- lam
|
|
@ -0,0 +1,56 @@
|
|||
name: "CodeQL"
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [develop]
|
||||
pull_request:
|
||||
# The branches below must be a subset of the branches above
|
||||
branches: [develop]
|
||||
schedule:
|
||||
- cron: '0 10 * * 0'
|
||||
|
||||
jobs:
|
||||
analyse:
|
||||
name: Analyse
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
# We must fetch at least the immediate parents so that if this is
|
||||
# a pull request then we can checkout the head.
|
||||
fetch-depth: 2
|
||||
|
||||
# If this run was triggered by a pull request event, then checkout
|
||||
# the head of the pull request instead of the merge commit.
|
||||
- run: git checkout HEAD^2
|
||||
if: ${{ github.event_name == 'pull_request' }}
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v1
|
||||
# Override language selection by uncommenting this and choosing your languages
|
||||
# with:
|
||||
# languages: go, javascript, csharp, python, cpp, java
|
||||
with:
|
||||
config-file: ./.github/codeql/codeql-config.yml
|
||||
|
||||
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
|
||||
# If this step fails, then you should remove it and run the build manually (see below)
|
||||
- name: Autobuild
|
||||
uses: github/codeql-action/autobuild@v1
|
||||
|
||||
# ℹ️ Command-line programs to run using the OS shell.
|
||||
# 📚 https://git.io/JvXDl
|
||||
|
||||
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
|
||||
# and modify them (or add more) to build your code if your project
|
||||
# uses a compiled language
|
||||
|
||||
#- run: |
|
||||
# make bootstrap
|
||||
# make release
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v1
|
|
@ -2,3 +2,8 @@
|
|||
/.buildpath
|
||||
/.project
|
||||
/.Readme.md.html
|
||||
/vendor/
|
||||
/composer.lock
|
||||
/code-coverage/
|
||||
/.phpunit.result.cache
|
||||
/lam/lib/3rdParty/composer/bin/
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
language: php
|
||||
addons:
|
||||
sonarcloud:
|
||||
organization: "ldap-account-manager"
|
||||
php:
|
||||
- '7.3'
|
||||
|
||||
cache:
|
||||
directories:
|
||||
- '$HOME/.sonar/cache'
|
||||
|
||||
script:
|
||||
- phpunit
|
||||
- ls -l code-coverage/*
|
||||
- sonar-scanner
|
||||
- pip install --user codespell
|
||||
- cd lam
|
||||
- ./codespell.sh
|
|
@ -25,4 +25,4 @@ There are two modules. Usually, you only need the files inside "lam".
|
|||
LAM is published under the GNU General Public License.
|
||||
The complete list of licenses can be found in the copyright file.
|
||||
|
||||
Copyright (C) 2003 - 2018 Roland Gruber <post@rolandgruber.de>
|
||||
Copyright (C) 2003 - 2020 Roland Gruber <post@rolandgruber.de>
|
|
@ -0,0 +1,9 @@
|
|||
# Security Policy
|
||||
|
||||
## Supported Versions
|
||||
|
||||
Security updates are always created based on the latest release.
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
Please report all security issues to post@rolandgruber.de. Reports will be answered within 48h.
|
|
@ -1,6 +1,10 @@
|
|||
{
|
||||
"require-dev" : {
|
||||
"phpunit/phpunit" : "4.5.0",
|
||||
"squizlabs/php_codesniffer" : "2.7.1"
|
||||
"phpunit/phpunit" : "8.5.2",
|
||||
"squizlabs/php_codesniffer" : "3.4.0"
|
||||
},
|
||||
"require": {
|
||||
"ext-ldap": "*",
|
||||
"ext-json": "*"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -4,13 +4,7 @@ Alias /lam /usr/share/ldap-account-manager
|
|||
<Directory /usr/share/ldap-account-manager>
|
||||
Options +FollowSymLinks
|
||||
AllowOverride All
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
</IfModule>
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all granted
|
||||
</IfModule>
|
||||
Require all granted
|
||||
DirectoryIndex index.html
|
||||
</Directory>
|
||||
|
||||
|
@ -20,67 +14,31 @@ Alias /lam /usr/share/ldap-account-manager
|
|||
|
||||
<Directory /var/lib/ldap-account-manager/tmp/internal>
|
||||
Options -Indexes
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</IfModule>
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all denied
|
||||
</IfModule>
|
||||
Require all denied
|
||||
</Directory>
|
||||
|
||||
<Directory /var/lib/ldap-account-manager/sess>
|
||||
Options -Indexes
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</IfModule>
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all denied
|
||||
</IfModule>
|
||||
Require all denied
|
||||
</Directory>
|
||||
|
||||
<Directory /var/lib/ldap-account-manager/config>
|
||||
Options -Indexes
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</IfModule>
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all denied
|
||||
</IfModule>
|
||||
Require all denied
|
||||
</Directory>
|
||||
|
||||
<Directory /usr/share/ldap-account-manager/lib>
|
||||
Options -Indexes
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</IfModule>
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all denied
|
||||
</IfModule>
|
||||
Require all denied
|
||||
</Directory>
|
||||
|
||||
<Directory /usr/share/ldap-account-manager/help>
|
||||
Options -Indexes
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</IfModule>
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all denied
|
||||
</IfModule>
|
||||
Require all denied
|
||||
</Directory>
|
||||
|
||||
<Directory /usr/share/ldap-account-manager/locale>
|
||||
Options -Indexes
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</IfModule>
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all denied
|
||||
</IfModule>
|
||||
Require all denied
|
||||
</Directory>
|
||||
|
||||
|
|
|
@ -22,17 +22,6 @@ Vendor: Roland Gruber
|
|||
Packager: Roland Gruber <post@rolandgruber.de>
|
||||
BuildArch: noarch
|
||||
AutoReqProv: no
|
||||
%if %is_suse
|
||||
Requires: php5
|
||||
Requires: php5-ldap
|
||||
Requires: php5-hash
|
||||
Requires: php5-gd
|
||||
Requires: php5-gettext
|
||||
Requires: perl
|
||||
%endif
|
||||
%if %is_fedora
|
||||
Requires: perl
|
||||
%endif
|
||||
|
||||
Source1: lam.nginx.conf
|
||||
Source2: lam.apache.conf
|
||||
|
|
|
@ -39,7 +39,7 @@ DOCS = COPYING HISTORY README copyright docs/schema/dhcp.schema
|
|||
|
||||
HTML_DOCS = devel manual
|
||||
|
||||
LIST1 = graphics help index.html lib locale style templates VERSION
|
||||
LIST1 = graphics help index.html lib locale style templates VERSION pwa_worker.js
|
||||
LIST2 = sess tmp tmp/internal
|
||||
LIST3 = config
|
||||
|
||||
|
@ -72,7 +72,7 @@ install-lam:
|
|||
LIST4="`(cd $(srcdir)/$(LIST3) ; ls -d *)`" ; \
|
||||
(cd $(srcdir)/$(LIST3) ; $(TAR) cf - .) | \
|
||||
(cd $(DESTDIR)$(sysconfdir) ; $(TAR) xf -) ; \
|
||||
$(LN_S) $(sysconfdir) ${LIST3} ; \
|
||||
[ -e ${LIST3} ] || $(LN_S) $(sysconfdir) ${LIST3} ; \
|
||||
(cd $(srcdir) ; $(TAR) cf - $(LIST1)) | $(TAR) xf - ; \
|
||||
[ -d $(DESTDIR)$(prefix)/docs ] || \
|
||||
$(MKDIR) -p $(DESTDIR)$(prefix)/docs || exit 1 ; \
|
||||
|
|
|
@ -19,7 +19,7 @@ elif [ "$1" = "-b" ]
|
|||
then
|
||||
export REPO_BRANCH="$2"
|
||||
else
|
||||
export REPO_BRANCH="tags/$1"
|
||||
export REPO_BRANCH="$1"
|
||||
fi
|
||||
|
||||
# minifies the JavaScript files
|
||||
|
@ -30,9 +30,9 @@ function minify {
|
|||
local files=`ls $dir/*.js`
|
||||
local jsFiles=""
|
||||
for file in $files; do
|
||||
jsFiles="$jsFiles --js $file"
|
||||
jsFiles="$jsFiles $file"
|
||||
done
|
||||
closure-compiler --charset UTF-8 $jsFiles --js_output_file $outFile
|
||||
uglifyjs -o $outFile $jsFiles
|
||||
rm $files
|
||||
# add final new line to supress Debian warnings
|
||||
echo "" >> $outFile
|
||||
|
@ -44,25 +44,24 @@ function minifyCSS {
|
|||
echo "Minify CSS files in $dir"
|
||||
local outFile=$dir/100_lam.${VERSION}.min.css
|
||||
local files=`ls $dir/*.css`
|
||||
cat $files | cleancss -o $outFile
|
||||
cat $files | cleancss --skip-rebase -o $outFile
|
||||
rm $files
|
||||
# add final new line to supress Debian warnings
|
||||
echo "" >> $outFile
|
||||
}
|
||||
|
||||
echo "Getting files..."
|
||||
git clone git@github.com:LDAPAccountManager/lam.git github
|
||||
git clone --depth 1 -b $REPO_BRANCH --single-branch git@github.com:LDAPAccountManager/lam.git github
|
||||
cd github
|
||||
git checkout $REPO_BRANCH
|
||||
mv lam ../
|
||||
mv lam-packaging ../
|
||||
cd ..
|
||||
rm -rf github
|
||||
|
||||
git clone git@gitlab.com:LDAPAccountManager/lamPro.git lamPro
|
||||
git clone --depth 1 -b $REPO_BRANCH --single-branch git@gitlab.com:LDAPAccountManager/lamPro.git lamPro
|
||||
cd lamPro
|
||||
git checkout $REPO_BRANCH
|
||||
rm -rf .git
|
||||
rm -rf docker
|
||||
cd ..
|
||||
|
||||
cp lam-packaging/getVersion ./
|
||||
|
@ -71,7 +70,8 @@ export VERSION=`./getVersion`
|
|||
# remove files which are not in the final release
|
||||
rm -r lam/po
|
||||
rm -r lam/tests
|
||||
rm lam/lib/3rdParty/tcpdf/fonts/*.ttf
|
||||
rm -f lam/lib/3rdParty/tcpdf/fonts/*.ttf
|
||||
rm -r lam/templates/lib/extra/ckeditor/plugins/*/dev
|
||||
find . -name .svnignore -exec rm {} \;
|
||||
find . -name .gitignore -exec rm {} \;
|
||||
mv lam ldap-account-manager-$VERSION
|
||||
|
@ -137,8 +137,14 @@ cd ..
|
|||
|
||||
# Debian
|
||||
cp -r lam-packaging/debian Debian/ldap-account-manager-$VERSION/
|
||||
cp -ar Debian Debian-Upload
|
||||
cd Debian/ldap-account-manager-$VERSION
|
||||
debuild
|
||||
debuild -k478730308FBD512ADF09D38E7F3D136B2BCD7990
|
||||
cd ..
|
||||
rm -r ldap-account-manager-$VERSION
|
||||
cd ..
|
||||
cd Debian-Upload/ldap-account-manager-$VERSION
|
||||
debuild -S -k478730308FBD512ADF09D38E7F3D136B2BCD7990
|
||||
cd ..
|
||||
rm -r ldap-account-manager-$VERSION
|
||||
cd ..
|
||||
|
@ -147,7 +153,7 @@ cd ..
|
|||
cd LAMPro
|
||||
cp -r ../lam-packaging/debian Debian/ldap-account-manager-$VERSION/
|
||||
cd Debian/ldap-account-manager-$VERSION
|
||||
debuild
|
||||
debuild -k478730308FBD512ADF09D38E7F3D136B2BCD7990
|
||||
cd ..
|
||||
rm -r ldap-account-manager-$VERSION
|
||||
cd ..
|
||||
|
|
|
@ -1,8 +1,73 @@
|
|||
ldap-account-manager (6.3.RC1-1) unstable; urgency=medium
|
||||
ldap-account-manager (7.3.RC1-1) unstable; urgency=medium
|
||||
|
||||
* new upstream release
|
||||
|
||||
-- Roland Gruber <post@rolandgruber.de> Sun, 11 Mar 2017 10:43:26 +0200
|
||||
-- Roland Gruber <post@rolandgruber.de> Mon, 10 Aug 2020 19:25:33 +0200
|
||||
|
||||
ldap-account-manager (7.2-1) unstable; urgency=medium
|
||||
|
||||
* new upstream release
|
||||
|
||||
-- Roland Gruber <post@rolandgruber.de> Fri, 01 May 2020 08:04:56 +0200
|
||||
|
||||
ldap-account-manager (7.1-1) unstable; urgency=medium
|
||||
|
||||
* new upstream release
|
||||
|
||||
-- Roland Gruber <post@rolandgruber.de> Mon, 16 Mar 2020 21:24:23 +0100
|
||||
|
||||
ldap-account-manager (7.0-1) unstable; urgency=medium
|
||||
|
||||
* new upstream release
|
||||
|
||||
-- Roland Gruber <post@rolandgruber.de> Sat, 21 Dec 2019 19:53:45 +0100
|
||||
|
||||
ldap-account-manager (6.9-1) unstable; urgency=medium
|
||||
|
||||
* new upstream release
|
||||
|
||||
-- Roland Gruber <post@rolandgruber.de> Sun, 29 Sep 2019 09:12:37 +0200
|
||||
|
||||
ldap-account-manager (6.8-1) unstable; urgency=medium
|
||||
|
||||
* new upstream release
|
||||
|
||||
-- Roland Gruber <post@rolandgruber.de> Tue, 02 Jul 2019 12:26:45 +0200
|
||||
|
||||
ldap-account-manager (6.7-1) unstable; urgency=medium
|
||||
|
||||
* new upstream release
|
||||
* Fix "Depends on tcpdf which is considered unfit for buster" removed
|
||||
dependency and embedded required parts (Closes: #923736)
|
||||
|
||||
-- Roland Gruber <post@rolandgruber.de> Mon, 25 Mar 2019 17:21:36 +0100
|
||||
|
||||
ldap-account-manager (6.6-1) unstable; urgency=medium
|
||||
|
||||
* new upstream release
|
||||
|
||||
-- Roland Gruber <post@rolandgruber.de> Fri, 28 Dec 2018 11:08:14 +0100
|
||||
|
||||
ldap-account-manager (6.5-1) unstable; urgency=medium
|
||||
|
||||
* new upstream release
|
||||
* Fix "Embedded code copies" by adding dependency to phpseclib
|
||||
(phpLDAPadmin code is customized and cannot be reused)
|
||||
(Closes: #781419)
|
||||
|
||||
-- Roland Gruber <post@rolandgruber.de> Tue, 25 Sep 2018 17:37:41 +0200
|
||||
|
||||
ldap-account-manager (6.4-1) unstable; urgency=medium
|
||||
|
||||
* new upstream release
|
||||
|
||||
-- Roland Gruber <post@rolandgruber.de> Wed, 20 Jun 2018 09:21:48 +0200
|
||||
|
||||
ldap-account-manager (6.3-1) unstable; urgency=medium
|
||||
|
||||
* new upstream release
|
||||
|
||||
-- Roland Gruber <post@rolandgruber.de> Mon, 19 Mar 2018 16:25:31 +0200
|
||||
|
||||
ldap-account-manager (6.2.1-1) unstable; urgency=medium
|
||||
|
||||
|
|
|
@ -2,23 +2,26 @@ Source: ldap-account-manager
|
|||
Maintainer: Roland Gruber <post@rolandgruber.de>
|
||||
Section: web
|
||||
Priority: optional
|
||||
Standards-Version: 4.1.2
|
||||
Build-Depends: debhelper (>= 9), po-debconf, cleancss, closure-compiler
|
||||
Standards-Version: 4.5.0
|
||||
Build-Depends: debhelper (>= 9), po-debconf, cleancss, node-uglify
|
||||
Homepage: https://www.ldap-account-manager.org/
|
||||
|
||||
Package: ldap-account-manager
|
||||
Architecture: all
|
||||
Depends: php5 (>= 5.4.26) | php (>= 7), php5-ldap | php-ldap, php5-gd | php-gd,
|
||||
php5-json | php-json, php5-imagick | php-imagick, php5-curl | php-curl,
|
||||
php5 | php-zip, php5 | php-xml,
|
||||
libapache2-mod-php5 | libapache2-mod-php | php5-fpm | php-fpm,
|
||||
apache2 | httpd, fonts-dejavu, debconf (>= 0.2.26) | debconf-2.0, ${misc:Depends}
|
||||
Recommends: php-apc | php-opcache
|
||||
Suggests: ldap-server, php5-mcrypt | php-mcrypt, ldap-account-manager-lamdaemon, perl
|
||||
Depends: php (>= 7), php-ldap,
|
||||
php-gd | php-imagick,
|
||||
php-json, php-curl,
|
||||
php-zip, php-xml, php-gmp,
|
||||
libapache2-mod-php | libapache2-mod-fcgid | php-fpm,
|
||||
php-phpseclib (>= 2.0), php-monolog,
|
||||
apache2 (>= 2.4.0) | httpd, fonts-dejavu, debconf (>= 0.2.26) | debconf-2.0, ${misc:Depends}
|
||||
Recommends: php-opcache
|
||||
Suggests: ldap-server, php-mcrypt, ldap-account-manager-lamdaemon, perl
|
||||
Conflicts: libapache2-mod-php5, php5, php5-fpm
|
||||
Description: webfrontend for managing accounts in an LDAP directory
|
||||
LDAP Account Manager (LAM) runs on an existing webserver.
|
||||
It manages user, group and host accounts. Currently LAM
|
||||
supports these account types: Samba 3/4, Unix, Kolab 2/3,
|
||||
supports these account types: Samba 3/4, Unix, Kolab,
|
||||
address book entries, NIS mail aliases and MAC addresses.
|
||||
There is an integrated LDAP browser to allow access to the
|
||||
raw LDAP attributes. You can use templates
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
This software is copyright (c) 2003 - 2018 by Roland Gruber
|
||||
This software is copyright (c) 2003 - 2020 by Roland Gruber
|
||||
|
||||
If you purchased a copy of LDAP Account Manager Pro then the following
|
||||
files are licensed under the conditions which you accepted at purchase
|
||||
|
@ -15,9 +15,12 @@ time.
|
|||
* lib/modules/aliasEntry.inc
|
||||
* lib/modules/automount.inc
|
||||
* lib/modules/bindDLZ.inc
|
||||
* lib/modules/customBaseType.inc
|
||||
* lib/modules/customFields.inc
|
||||
* lib/modules/customScripts.inc
|
||||
* lib/modules/device.inc
|
||||
* lib/modules/autoDelete.inc
|
||||
* lib/modules/dynamicList.inc
|
||||
* lib/modules/groupOfNames.inc
|
||||
* lib/modules/groupOfNamesUser.inc
|
||||
* lib/modules/groupOfUniqueNames.inc
|
||||
|
@ -48,8 +51,9 @@ time.
|
|||
* lib/modules/zarafaServer.inc
|
||||
* lib/modules/zarafaUser.inc
|
||||
* lib/types/alias.inc
|
||||
* lib/types/bind.inc
|
||||
* lib/types/automountType.inc
|
||||
* lib/types/bind.inc
|
||||
* lib/types/customType.inc
|
||||
* lib/types/gon.inc
|
||||
* lib/types/nisObjectType.inc
|
||||
* lib/types/nsview.inc
|
||||
|
@ -83,7 +87,6 @@ The complete license can be found in the file COPYING or in
|
|||
Some parts of this package have other, compatible licences. These are:
|
||||
|
||||
A:
|
||||
|
||||
DejaVu Fonts — License
|
||||
|
||||
Fonts are © Bitstream (see below). DejaVu changes are in public domain. Explanation
|
||||
|
@ -174,7 +177,9 @@ A:
|
|||
Software without prior written authorization from Tavmjong Bah. For further
|
||||
information, contact: tavmjong @ free . fr.
|
||||
|
||||
|
||||
B:
|
||||
MIT License
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining
|
||||
a copy of this software and associated documentation files (the
|
||||
|
@ -196,15 +201,792 @@ B:
|
|||
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
|
||||
|
||||
C:
|
||||
New BSD License
|
||||
|
||||
Redistribution and use in source and binary forms, with or without modification,
|
||||
are permitted provided that the following conditions are met:
|
||||
|
||||
1. Redistributions of source code must retain the above copyright notice, this list
|
||||
of conditions and the following disclaimer.
|
||||
|
||||
2. Redistributions in binary form must reproduce the above copyright notice, this
|
||||
list of conditions and the following disclaimer in the documentation and/or other
|
||||
materials provided with the distribution.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
||||
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
||||
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
||||
IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
|
||||
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
||||
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
||||
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
||||
OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
|
||||
D:
|
||||
GNU LESSER GENERAL PUBLIC LICENSE
|
||||
Version 3, 29 June 2007
|
||||
|
||||
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
|
||||
Everyone is permitted to copy and distribute verbatim copies
|
||||
of this license document, but changing it is not allowed.
|
||||
|
||||
|
||||
This version of the GNU Lesser General Public License incorporates
|
||||
the terms and conditions of version 3 of the GNU General Public
|
||||
License, supplemented by the additional permissions listed below.
|
||||
|
||||
0. Additional Definitions.
|
||||
|
||||
As used herein, "this License" refers to version 3 of the GNU Lesser
|
||||
General Public License, and the "GNU GPL" refers to version 3 of the GNU
|
||||
General Public License.
|
||||
|
||||
"The Library" refers to a covered work governed by this License,
|
||||
other than an Application or a Combined Work as defined below.
|
||||
|
||||
An "Application" is any work that makes use of an interface provided
|
||||
by the Library, but which is not otherwise based on the Library.
|
||||
Defining a subclass of a class defined by the Library is deemed a mode
|
||||
of using an interface provided by the Library.
|
||||
|
||||
A "Combined Work" is a work produced by combining or linking an
|
||||
Application with the Library. The particular version of the Library
|
||||
with which the Combined Work was made is also called the "Linked
|
||||
Version".
|
||||
|
||||
The "Minimal Corresponding Source" for a Combined Work means the
|
||||
Corresponding Source for the Combined Work, excluding any source code
|
||||
for portions of the Combined Work that, considered in isolation, are
|
||||
based on the Application, and not on the Linked Version.
|
||||
|
||||
The "Corresponding Application Code" for a Combined Work means the
|
||||
object code and/or source code for the Application, including any data
|
||||
and utility programs needed for reproducing the Combined Work from the
|
||||
Application, but excluding the System Libraries of the Combined Work.
|
||||
|
||||
1. Exception to Section 3 of the GNU GPL.
|
||||
|
||||
You may convey a covered work under sections 3 and 4 of this License
|
||||
without being bound by section 3 of the GNU GPL.
|
||||
|
||||
2. Conveying Modified Versions.
|
||||
|
||||
If you modify a copy of the Library, and, in your modifications, a
|
||||
facility refers to a function or data to be supplied by an Application
|
||||
that uses the facility (other than as an argument passed when the
|
||||
facility is invoked), then you may convey a copy of the modified
|
||||
version:
|
||||
|
||||
a) under this License, provided that you make a good faith effort to
|
||||
ensure that, in the event an Application does not supply the
|
||||
function or data, the facility still operates, and performs
|
||||
whatever part of its purpose remains meaningful, or
|
||||
|
||||
b) under the GNU GPL, with none of the additional permissions of
|
||||
this License applicable to that copy.
|
||||
|
||||
3. Object Code Incorporating Material from Library Header Files.
|
||||
|
||||
The object code form of an Application may incorporate material from
|
||||
a header file that is part of the Library. You may convey such object
|
||||
code under terms of your choice, provided that, if the incorporated
|
||||
material is not limited to numerical parameters, data structure
|
||||
layouts and accessors, or small macros, inline functions and templates
|
||||
(ten or fewer lines in length), you do both of the following:
|
||||
|
||||
a) Give prominent notice with each copy of the object code that the
|
||||
Library is used in it and that the Library and its use are
|
||||
covered by this License.
|
||||
|
||||
b) Accompany the object code with a copy of the GNU GPL and this license
|
||||
document.
|
||||
|
||||
4. Combined Works.
|
||||
|
||||
You may convey a Combined Work under terms of your choice that,
|
||||
taken together, effectively do not restrict modification of the
|
||||
portions of the Library contained in the Combined Work and reverse
|
||||
engineering for debugging such modifications, if you also do each of
|
||||
the following:
|
||||
|
||||
a) Give prominent notice with each copy of the Combined Work that
|
||||
the Library is used in it and that the Library and its use are
|
||||
covered by this License.
|
||||
|
||||
b) Accompany the Combined Work with a copy of the GNU GPL and this license
|
||||
document.
|
||||
|
||||
c) For a Combined Work that displays copyright notices during
|
||||
execution, include the copyright notice for the Library among
|
||||
these notices, as well as a reference directing the user to the
|
||||
copies of the GNU GPL and this license document.
|
||||
|
||||
d) Do one of the following:
|
||||
|
||||
0) Convey the Minimal Corresponding Source under the terms of this
|
||||
License, and the Corresponding Application Code in a form
|
||||
suitable for, and under terms that permit, the user to
|
||||
recombine or relink the Application with a modified version of
|
||||
the Linked Version to produce a modified Combined Work, in the
|
||||
manner specified by section 6 of the GNU GPL for conveying
|
||||
Corresponding Source.
|
||||
|
||||
1) Use a suitable shared library mechanism for linking with the
|
||||
Library. A suitable mechanism is one that (a) uses at run time
|
||||
a copy of the Library already present on the user's computer
|
||||
system, and (b) will operate properly with a modified version
|
||||
of the Library that is interface-compatible with the Linked
|
||||
Version.
|
||||
|
||||
e) Provide Installation Information, but only if you would otherwise
|
||||
be required to provide such information under section 6 of the
|
||||
GNU GPL, and only to the extent that such information is
|
||||
necessary to install and execute a modified version of the
|
||||
Combined Work produced by recombining or relinking the
|
||||
Application with a modified version of the Linked Version. (If
|
||||
you use option 4d0, the Installation Information must accompany
|
||||
the Minimal Corresponding Source and Corresponding Application
|
||||
Code. If you use option 4d1, you must provide the Installation
|
||||
Information in the manner specified by section 6 of the GNU GPL
|
||||
for conveying Corresponding Source.)
|
||||
|
||||
5. Combined Libraries.
|
||||
|
||||
You may place library facilities that are a work based on the
|
||||
Library side by side in a single library together with other library
|
||||
facilities that are not Applications and are not covered by this
|
||||
License, and convey such a combined library under terms of your
|
||||
choice, if you do both of the following:
|
||||
|
||||
a) Accompany the combined library with a copy of the same work based
|
||||
on the Library, uncombined with any other library facilities,
|
||||
conveyed under the terms of this License.
|
||||
|
||||
b) Give prominent notice with the combined library that part of it
|
||||
is a work based on the Library, and explaining where to find the
|
||||
accompanying uncombined form of the same work.
|
||||
|
||||
6. Revised Versions of the GNU Lesser General Public License.
|
||||
|
||||
The Free Software Foundation may publish revised and/or new versions
|
||||
of the GNU Lesser General Public License from time to time. Such new
|
||||
versions will be similar in spirit to the present version, but may
|
||||
differ in detail to address new problems or concerns.
|
||||
|
||||
Each version is given a distinguishing version number. If the
|
||||
Library as you received it specifies that a certain numbered version
|
||||
of the GNU Lesser General Public License "or any later version"
|
||||
applies to it, you have the option of following the terms and
|
||||
conditions either of that published version or of any later version
|
||||
published by the Free Software Foundation. If the Library as you
|
||||
received it does not specify a version number of the GNU Lesser
|
||||
General Public License, you may choose any version of the GNU Lesser
|
||||
General Public License ever published by the Free Software Foundation.
|
||||
|
||||
If the Library as you received it specifies that a proxy can decide
|
||||
whether future versions of the GNU Lesser General Public License shall
|
||||
apply, that proxy's public statement of acceptance of any version is
|
||||
permanent authorization for you to choose that version for the
|
||||
Library.
|
||||
|
||||
|
||||
E:
|
||||
Duo
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions
|
||||
are met:
|
||||
|
||||
1. Redistributions of source code must retain the above copyright
|
||||
notice, this list of conditions and the following disclaimer.
|
||||
2. Redistributions in binary form must reproduce the above copyright
|
||||
notice, this list of conditions and the following disclaimer in the
|
||||
documentation and/or other materials provided with the distribution.
|
||||
3. The name of the author may not be used to endorse or promote products
|
||||
derived from this software without specific prior written permission.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
||||
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
||||
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
||||
IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
||||
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
|
||||
F:
|
||||
3-Clause BSD License
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions
|
||||
are met:
|
||||
|
||||
1. Redistributions of source code must retain the above copyright
|
||||
notice, this list of conditions and the following disclaimer.
|
||||
2. Redistributions in binary form must reproduce the above copyright
|
||||
notice, this list of conditions and the following disclaimer in the
|
||||
documentation and/or other materials provided with the distribution.
|
||||
3. Neither the name of the copyright holder nor the names of its
|
||||
contributors may be used to endorse or promote products derived from
|
||||
this software without specific prior written permission.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
|
||||
IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
|
||||
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
|
||||
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
|
||||
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
||||
PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
|
||||
PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
||||
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
||||
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||||
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
|
||||
G:
|
||||
2-Clause BSD License
|
||||
|
||||
Redistribution and use in source and binary forms, with or without modification,
|
||||
are permitted provided that the following conditions are met:
|
||||
|
||||
1. Redistributions of source code must retain the above copyright notice,
|
||||
this list of conditions and the following disclaimer.
|
||||
|
||||
2. Redistributions in binary form must reproduce the above copyright notice,
|
||||
this list of conditions and the following disclaimer in the documentation and/or
|
||||
other materials provided with the distribution.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
||||
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
||||
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
||||
IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
|
||||
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
||||
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
||||
OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
||||
WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
|
||||
H:
|
||||
GNU LESSER GENERAL PUBLIC LICENSE
|
||||
Version 2.1, February 1999
|
||||
|
||||
Copyright (C) 1991, 1999 Free Software Foundation, Inc.
|
||||
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
Everyone is permitted to copy and distribute verbatim copies
|
||||
of this license document, but changing it is not allowed.
|
||||
|
||||
[This is the first released version of the Lesser GPL. It also counts
|
||||
as the successor of the GNU Library Public License, version 2, hence
|
||||
the version number 2.1.]
|
||||
|
||||
Preamble
|
||||
|
||||
The licenses for most software are designed to take away your
|
||||
freedom to share and change it. By contrast, the GNU General Public
|
||||
Licenses are intended to guarantee your freedom to share and change
|
||||
free software--to make sure the software is free for all its users.
|
||||
|
||||
This license, the Lesser General Public License, applies to some
|
||||
specially designated software packages--typically libraries--of the
|
||||
Free Software Foundation and other authors who decide to use it. You
|
||||
can use it too, but we suggest you first think carefully about whether
|
||||
this license or the ordinary General Public License is the better
|
||||
strategy to use in any particular case, based on the explanations below.
|
||||
|
||||
When we speak of free software, we are referring to freedom of use,
|
||||
not price. Our General Public Licenses are designed to make sure that
|
||||
you have the freedom to distribute copies of free software (and charge
|
||||
for this service if you wish); that you receive source code or can get
|
||||
it if you want it; that you can change the software and use pieces of
|
||||
it in new free programs; and that you are informed that you can do
|
||||
these things.
|
||||
|
||||
To protect your rights, we need to make restrictions that forbid
|
||||
distributors to deny you these rights or to ask you to surrender these
|
||||
rights. These restrictions translate to certain responsibilities for
|
||||
you if you distribute copies of the library or if you modify it.
|
||||
|
||||
For example, if you distribute copies of the library, whether gratis
|
||||
or for a fee, you must give the recipients all the rights that we gave
|
||||
you. You must make sure that they, too, receive or can get the source
|
||||
code. If you link other code with the library, you must provide
|
||||
complete object files to the recipients, so that they can relink them
|
||||
with the library after making changes to the library and recompiling
|
||||
it. And you must show them these terms so they know their rights.
|
||||
|
||||
We protect your rights with a two-step method: (1) we copyright the
|
||||
library, and (2) we offer you this license, which gives you legal
|
||||
permission to copy, distribute and/or modify the library.
|
||||
|
||||
To protect each distributor, we want to make it very clear that
|
||||
there is no warranty for the free library. Also, if the library is
|
||||
modified by someone else and passed on, the recipients should know
|
||||
that what they have is not the original version, so that the original
|
||||
author's reputation will not be affected by problems that might be
|
||||
introduced by others.
|
||||
|
||||
Finally, software patents pose a constant threat to the existence of
|
||||
any free program. We wish to make sure that a company cannot
|
||||
effectively restrict the users of a free program by obtaining a
|
||||
restrictive license from a patent holder. Therefore, we insist that
|
||||
any patent license obtained for a version of the library must be
|
||||
consistent with the full freedom of use specified in this license.
|
||||
|
||||
Most GNU software, including some libraries, is covered by the
|
||||
ordinary GNU General Public License. This license, the GNU Lesser
|
||||
General Public License, applies to certain designated libraries, and
|
||||
is quite different from the ordinary General Public License. We use
|
||||
this license for certain libraries in order to permit linking those
|
||||
libraries into non-free programs.
|
||||
|
||||
When a program is linked with a library, whether statically or using
|
||||
a shared library, the combination of the two is legally speaking a
|
||||
combined work, a derivative of the original library. The ordinary
|
||||
General Public License therefore permits such linking only if the
|
||||
entire combination fits its criteria of freedom. The Lesser General
|
||||
Public License permits more lax criteria for linking other code with
|
||||
the library.
|
||||
|
||||
We call this license the "Lesser" General Public License because it
|
||||
does Less to protect the user's freedom than the ordinary General
|
||||
Public License. It also provides other free software developers Less
|
||||
of an advantage over competing non-free programs. These disadvantages
|
||||
are the reason we use the ordinary General Public License for many
|
||||
libraries. However, the Lesser license provides advantages in certain
|
||||
special circumstances.
|
||||
|
||||
For example, on rare occasions, there may be a special need to
|
||||
encourage the widest possible use of a certain library, so that it becomes
|
||||
a de-facto standard. To achieve this, non-free programs must be
|
||||
allowed to use the library. A more frequent case is that a free
|
||||
library does the same job as widely used non-free libraries. In this
|
||||
case, there is little to gain by limiting the free library to free
|
||||
software only, so we use the Lesser General Public License.
|
||||
|
||||
In other cases, permission to use a particular library in non-free
|
||||
programs enables a greater number of people to use a large body of
|
||||
free software. For example, permission to use the GNU C Library in
|
||||
non-free programs enables many more people to use the whole GNU
|
||||
operating system, as well as its variant, the GNU/Linux operating
|
||||
system.
|
||||
|
||||
Although the Lesser General Public License is Less protective of the
|
||||
users' freedom, it does ensure that the user of a program that is
|
||||
linked with the Library has the freedom and the wherewithal to run
|
||||
that program using a modified version of the Library.
|
||||
|
||||
The precise terms and conditions for copying, distribution and
|
||||
modification follow. Pay close attention to the difference between a
|
||||
"work based on the library" and a "work that uses the library". The
|
||||
former contains code derived from the library, whereas the latter must
|
||||
be combined with the library in order to run.
|
||||
|
||||
GNU LESSER GENERAL PUBLIC LICENSE
|
||||
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
|
||||
|
||||
0. This License Agreement applies to any software library or other
|
||||
program which contains a notice placed by the copyright holder or
|
||||
other authorized party saying it may be distributed under the terms of
|
||||
this Lesser General Public License (also called "this License").
|
||||
Each licensee is addressed as "you".
|
||||
|
||||
A "library" means a collection of software functions and/or data
|
||||
prepared so as to be conveniently linked with application programs
|
||||
(which use some of those functions and data) to form executables.
|
||||
|
||||
The "Library", below, refers to any such software library or work
|
||||
which has been distributed under these terms. A "work based on the
|
||||
Library" means either the Library or any derivative work under
|
||||
copyright law: that is to say, a work containing the Library or a
|
||||
portion of it, either verbatim or with modifications and/or translated
|
||||
straightforwardly into another language. (Hereinafter, translation is
|
||||
included without limitation in the term "modification".)
|
||||
|
||||
"Source code" for a work means the preferred form of the work for
|
||||
making modifications to it. For a library, complete source code means
|
||||
all the source code for all modules it contains, plus any associated
|
||||
interface definition files, plus the scripts used to control compilation
|
||||
and installation of the library.
|
||||
|
||||
Activities other than copying, distribution and modification are not
|
||||
covered by this License; they are outside its scope. The act of
|
||||
running a program using the Library is not restricted, and output from
|
||||
such a program is covered only if its contents constitute a work based
|
||||
on the Library (independent of the use of the Library in a tool for
|
||||
writing it). Whether that is true depends on what the Library does
|
||||
and what the program that uses the Library does.
|
||||
|
||||
1. You may copy and distribute verbatim copies of the Library's
|
||||
complete source code as you receive it, in any medium, provided that
|
||||
you conspicuously and appropriately publish on each copy an
|
||||
appropriate copyright notice and disclaimer of warranty; keep intact
|
||||
all the notices that refer to this License and to the absence of any
|
||||
warranty; and distribute a copy of this License along with the
|
||||
Library.
|
||||
|
||||
You may charge a fee for the physical act of transferring a copy,
|
||||
and you may at your option offer warranty protection in exchange for a
|
||||
fee.
|
||||
|
||||
2. You may modify your copy or copies of the Library or any portion
|
||||
of it, thus forming a work based on the Library, and copy and
|
||||
distribute such modifications or work under the terms of Section 1
|
||||
above, provided that you also meet all of these conditions:
|
||||
|
||||
a) The modified work must itself be a software library.
|
||||
|
||||
b) You must cause the files modified to carry prominent notices
|
||||
stating that you changed the files and the date of any change.
|
||||
|
||||
c) You must cause the whole of the work to be licensed at no
|
||||
charge to all third parties under the terms of this License.
|
||||
|
||||
d) If a facility in the modified Library refers to a function or a
|
||||
table of data to be supplied by an application program that uses
|
||||
the facility, other than as an argument passed when the facility
|
||||
is invoked, then you must make a good faith effort to ensure that,
|
||||
in the event an application does not supply such function or
|
||||
table, the facility still operates, and performs whatever part of
|
||||
its purpose remains meaningful.
|
||||
|
||||
(For example, a function in a library to compute square roots has
|
||||
a purpose that is entirely well-defined independent of the
|
||||
application. Therefore, Subsection 2d requires that any
|
||||
application-supplied function or table used by this function must
|
||||
be optional: if the application does not supply it, the square
|
||||
root function must still compute square roots.)
|
||||
|
||||
These requirements apply to the modified work as a whole. If
|
||||
identifiable sections of that work are not derived from the Library,
|
||||
and can be reasonably considered independent and separate works in
|
||||
themselves, then this License, and its terms, do not apply to those
|
||||
sections when you distribute them as separate works. But when you
|
||||
distribute the same sections as part of a whole which is a work based
|
||||
on the Library, the distribution of the whole must be on the terms of
|
||||
this License, whose permissions for other licensees extend to the
|
||||
entire whole, and thus to each and every part regardless of who wrote
|
||||
it.
|
||||
|
||||
Thus, it is not the intent of this section to claim rights or contest
|
||||
your rights to work written entirely by you; rather, the intent is to
|
||||
exercise the right to control the distribution of derivative or
|
||||
collective works based on the Library.
|
||||
|
||||
In addition, mere aggregation of another work not based on the Library
|
||||
with the Library (or with a work based on the Library) on a volume of
|
||||
a storage or distribution medium does not bring the other work under
|
||||
the scope of this License.
|
||||
|
||||
3. You may opt to apply the terms of the ordinary GNU General Public
|
||||
License instead of this License to a given copy of the Library. To do
|
||||
this, you must alter all the notices that refer to this License, so
|
||||
that they refer to the ordinary GNU General Public License, version 2,
|
||||
instead of to this License. (If a newer version than version 2 of the
|
||||
ordinary GNU General Public License has appeared, then you can specify
|
||||
that version instead if you wish.) Do not make any other change in
|
||||
these notices.
|
||||
|
||||
Once this change is made in a given copy, it is irreversible for
|
||||
that copy, so the ordinary GNU General Public License applies to all
|
||||
subsequent copies and derivative works made from that copy.
|
||||
|
||||
This option is useful when you wish to copy part of the code of
|
||||
the Library into a program that is not a library.
|
||||
|
||||
4. You may copy and distribute the Library (or a portion or
|
||||
derivative of it, under Section 2) in object code or executable form
|
||||
under the terms of Sections 1 and 2 above provided that you accompany
|
||||
it with the complete corresponding machine-readable source code, which
|
||||
must be distributed under the terms of Sections 1 and 2 above on a
|
||||
medium customarily used for software interchange.
|
||||
|
||||
If distribution of object code is made by offering access to copy
|
||||
from a designated place, then offering equivalent access to copy the
|
||||
source code from the same place satisfies the requirement to
|
||||
distribute the source code, even though third parties are not
|
||||
compelled to copy the source along with the object code.
|
||||
|
||||
5. A program that contains no derivative of any portion of the
|
||||
Library, but is designed to work with the Library by being compiled or
|
||||
linked with it, is called a "work that uses the Library". Such a
|
||||
work, in isolation, is not a derivative work of the Library, and
|
||||
therefore falls outside the scope of this License.
|
||||
|
||||
However, linking a "work that uses the Library" with the Library
|
||||
creates an executable that is a derivative of the Library (because it
|
||||
contains portions of the Library), rather than a "work that uses the
|
||||
library". The executable is therefore covered by this License.
|
||||
Section 6 states terms for distribution of such executables.
|
||||
|
||||
When a "work that uses the Library" uses material from a header file
|
||||
that is part of the Library, the object code for the work may be a
|
||||
derivative work of the Library even though the source code is not.
|
||||
Whether this is true is especially significant if the work can be
|
||||
linked without the Library, or if the work is itself a library. The
|
||||
threshold for this to be true is not precisely defined by law.
|
||||
|
||||
If such an object file uses only numerical parameters, data
|
||||
structure layouts and accessors, and small macros and small inline
|
||||
functions (ten lines or less in length), then the use of the object
|
||||
file is unrestricted, regardless of whether it is legally a derivative
|
||||
work. (Executables containing this object code plus portions of the
|
||||
Library will still fall under Section 6.)
|
||||
|
||||
Otherwise, if the work is a derivative of the Library, you may
|
||||
distribute the object code for the work under the terms of Section 6.
|
||||
Any executables containing that work also fall under Section 6,
|
||||
whether or not they are linked directly with the Library itself.
|
||||
|
||||
6. As an exception to the Sections above, you may also combine or
|
||||
link a "work that uses the Library" with the Library to produce a
|
||||
work containing portions of the Library, and distribute that work
|
||||
under terms of your choice, provided that the terms permit
|
||||
modification of the work for the customer's own use and reverse
|
||||
engineering for debugging such modifications.
|
||||
|
||||
You must give prominent notice with each copy of the work that the
|
||||
Library is used in it and that the Library and its use are covered by
|
||||
this License. You must supply a copy of this License. If the work
|
||||
during execution displays copyright notices, you must include the
|
||||
copyright notice for the Library among them, as well as a reference
|
||||
directing the user to the copy of this License. Also, you must do one
|
||||
of these things:
|
||||
|
||||
a) Accompany the work with the complete corresponding
|
||||
machine-readable source code for the Library including whatever
|
||||
changes were used in the work (which must be distributed under
|
||||
Sections 1 and 2 above); and, if the work is an executable linked
|
||||
with the Library, with the complete machine-readable "work that
|
||||
uses the Library", as object code and/or source code, so that the
|
||||
user can modify the Library and then relink to produce a modified
|
||||
executable containing the modified Library. (It is understood
|
||||
that the user who changes the contents of definitions files in the
|
||||
Library will not necessarily be able to recompile the application
|
||||
to use the modified definitions.)
|
||||
|
||||
b) Use a suitable shared library mechanism for linking with the
|
||||
Library. A suitable mechanism is one that (1) uses at run time a
|
||||
copy of the library already present on the user's computer system,
|
||||
rather than copying library functions into the executable, and (2)
|
||||
will operate properly with a modified version of the library, if
|
||||
the user installs one, as long as the modified version is
|
||||
interface-compatible with the version that the work was made with.
|
||||
|
||||
c) Accompany the work with a written offer, valid for at
|
||||
least three years, to give the same user the materials
|
||||
specified in Subsection 6a, above, for a charge no more
|
||||
than the cost of performing this distribution.
|
||||
|
||||
d) If distribution of the work is made by offering access to copy
|
||||
from a designated place, offer equivalent access to copy the above
|
||||
specified materials from the same place.
|
||||
|
||||
e) Verify that the user has already received a copy of these
|
||||
materials or that you have already sent this user a copy.
|
||||
|
||||
For an executable, the required form of the "work that uses the
|
||||
Library" must include any data and utility programs needed for
|
||||
reproducing the executable from it. However, as a special exception,
|
||||
the materials to be distributed need not include anything that is
|
||||
normally distributed (in either source or binary form) with the major
|
||||
components (compiler, kernel, and so on) of the operating system on
|
||||
which the executable runs, unless that component itself accompanies
|
||||
the executable.
|
||||
|
||||
It may happen that this requirement contradicts the license
|
||||
restrictions of other proprietary libraries that do not normally
|
||||
accompany the operating system. Such a contradiction means you cannot
|
||||
use both them and the Library together in an executable that you
|
||||
distribute.
|
||||
|
||||
7. You may place library facilities that are a work based on the
|
||||
Library side-by-side in a single library together with other library
|
||||
facilities not covered by this License, and distribute such a combined
|
||||
library, provided that the separate distribution of the work based on
|
||||
the Library and of the other library facilities is otherwise
|
||||
permitted, and provided that you do these two things:
|
||||
|
||||
a) Accompany the combined library with a copy of the same work
|
||||
based on the Library, uncombined with any other library
|
||||
facilities. This must be distributed under the terms of the
|
||||
Sections above.
|
||||
|
||||
b) Give prominent notice with the combined library of the fact
|
||||
that part of it is a work based on the Library, and explaining
|
||||
where to find the accompanying uncombined form of the same work.
|
||||
|
||||
8. You may not copy, modify, sublicense, link with, or distribute
|
||||
the Library except as expressly provided under this License. Any
|
||||
attempt otherwise to copy, modify, sublicense, link with, or
|
||||
distribute the Library is void, and will automatically terminate your
|
||||
rights under this License. However, parties who have received copies,
|
||||
or rights, from you under this License will not have their licenses
|
||||
terminated so long as such parties remain in full compliance.
|
||||
|
||||
9. You are not required to accept this License, since you have not
|
||||
signed it. However, nothing else grants you permission to modify or
|
||||
distribute the Library or its derivative works. These actions are
|
||||
prohibited by law if you do not accept this License. Therefore, by
|
||||
modifying or distributing the Library (or any work based on the
|
||||
Library), you indicate your acceptance of this License to do so, and
|
||||
all its terms and conditions for copying, distributing or modifying
|
||||
the Library or works based on it.
|
||||
|
||||
10. Each time you redistribute the Library (or any work based on the
|
||||
Library), the recipient automatically receives a license from the
|
||||
original licensor to copy, distribute, link with or modify the Library
|
||||
subject to these terms and conditions. You may not impose any further
|
||||
restrictions on the recipients' exercise of the rights granted herein.
|
||||
You are not responsible for enforcing compliance by third parties with
|
||||
this License.
|
||||
|
||||
11. If, as a consequence of a court judgment or allegation of patent
|
||||
infringement or for any other reason (not limited to patent issues),
|
||||
conditions are imposed on you (whether by court order, agreement or
|
||||
otherwise) that contradict the conditions of this License, they do not
|
||||
excuse you from the conditions of this License. If you cannot
|
||||
distribute so as to satisfy simultaneously your obligations under this
|
||||
License and any other pertinent obligations, then as a consequence you
|
||||
may not distribute the Library at all. For example, if a patent
|
||||
license would not permit royalty-free redistribution of the Library by
|
||||
all those who receive copies directly or indirectly through you, then
|
||||
the only way you could satisfy both it and this License would be to
|
||||
refrain entirely from distribution of the Library.
|
||||
|
||||
If any portion of this section is held invalid or unenforceable under any
|
||||
particular circumstance, the balance of the section is intended to apply,
|
||||
and the section as a whole is intended to apply in other circumstances.
|
||||
|
||||
It is not the purpose of this section to induce you to infringe any
|
||||
patents or other property right claims or to contest validity of any
|
||||
such claims; this section has the sole purpose of protecting the
|
||||
integrity of the free software distribution system which is
|
||||
implemented by public license practices. Many people have made
|
||||
generous contributions to the wide range of software distributed
|
||||
through that system in reliance on consistent application of that
|
||||
system; it is up to the author/donor to decide if he or she is willing
|
||||
to distribute software through any other system and a licensee cannot
|
||||
impose that choice.
|
||||
|
||||
This section is intended to make thoroughly clear what is believed to
|
||||
be a consequence of the rest of this License.
|
||||
|
||||
12. If the distribution and/or use of the Library is restricted in
|
||||
certain countries either by patents or by copyrighted interfaces, the
|
||||
original copyright holder who places the Library under this License may add
|
||||
an explicit geographical distribution limitation excluding those countries,
|
||||
so that distribution is permitted only in or among countries not thus
|
||||
excluded. In such case, this License incorporates the limitation as if
|
||||
written in the body of this License.
|
||||
|
||||
13. The Free Software Foundation may publish revised and/or new
|
||||
versions of the Lesser General Public License from time to time.
|
||||
Such new versions will be similar in spirit to the present version,
|
||||
but may differ in detail to address new problems or concerns.
|
||||
|
||||
Each version is given a distinguishing version number. If the Library
|
||||
specifies a version number of this License which applies to it and
|
||||
"any later version", you have the option of following the terms and
|
||||
conditions either of that version or of any later version published by
|
||||
the Free Software Foundation. If the Library does not specify a
|
||||
license version number, you may choose any version ever published by
|
||||
the Free Software Foundation.
|
||||
|
||||
14. If you wish to incorporate parts of the Library into other free
|
||||
programs whose distribution conditions are incompatible with these,
|
||||
write to the author to ask for permission. For software which is
|
||||
copyrighted by the Free Software Foundation, write to the Free
|
||||
Software Foundation; we sometimes make exceptions for this. Our
|
||||
decision will be guided by the two goals of preserving the free status
|
||||
of all derivatives of our free software and of promoting the sharing
|
||||
and reuse of software generally.
|
||||
|
||||
NO WARRANTY
|
||||
|
||||
15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
|
||||
WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
|
||||
EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
|
||||
OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
|
||||
KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
|
||||
LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
|
||||
THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
|
||||
|
||||
16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
|
||||
WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
|
||||
AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
|
||||
FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
|
||||
CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
|
||||
LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
|
||||
RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
|
||||
FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
|
||||
SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
|
||||
DAMAGES.
|
||||
|
||||
|
||||
|
||||
Programs and licenses with other licenses and/or authors than the
|
||||
main license and authors:
|
||||
|
||||
lib/3rdParty/tcpdf/fonts/DejaVu*.ttf A Public Domain, Bitstream, Inc., Tavmjong Bah
|
||||
lib/3rdParty/tcpdf/fonts/DejaVu*.z A Public Domain, Bitstream, Inc., Tavmjong Bah
|
||||
lib/3rdParty/phpseclib B Jim Wigginton
|
||||
templates/lib/*jquery*.js B 2010 John Resig, Paul Bakaus, Fred Heusschen
|
||||
templates/lib/*jquery-dropmenu-*.js B 2010 Fred Heusschen
|
||||
templates/lib/*jquery-validationEngine-*.js B 2010 Cedric Dugas and Olivier Refalo
|
||||
templates/lib/*jquery-fineuploader-*.js B 2010 Andrew Valums
|
||||
|
||||
lib/3rdParty/composer/beberlei G 2013 Benjamin Eberlei
|
||||
lib/3rdParty/composer/composer B Nils Adermann, Jordi Boggiano
|
||||
lib/3rdParty/composer/fgrosse B 2015 Friedrich Große
|
||||
lib/3rdParty/composer/nyholm B 2016 Tobias Nyholm
|
||||
lib/3rdParty/composer/paragonie B 2015 Paragon Initiative Enterprises
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Crypt_Blowfish H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Exception H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Idna G
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Imap_Client H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_ListHeaders H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Mail G
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Mime H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Secret H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Socket_Client H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Stream H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Stream_Filter H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Stream_Wrapper G
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Support G
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Text_Flowed H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Translation H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Util H
|
||||
lib/3rdParty/composer/php-http B 2015 PHP HTTP Team
|
||||
lib/3rdParty/composer/phpmailer H
|
||||
lib/3rdParty/composer/psr B 2018 PHP Framework Interoperability Group
|
||||
lib/3rdParty/composer/ramsey B 2018 Ben Ramsey
|
||||
lib/3rdParty/composer/spomky-labs B 2018 Spomky-Labs
|
||||
lib/3rdParty/composer/symfony B 2019 Fabien Potencier
|
||||
lib/3rdParty/composer/web-auth B 2018 Spomky-Labs
|
||||
lib/3rdParty/tcpdf D 2020 Nicola Asuni - Tecnick.com LTD
|
||||
lib/3rdParty/tcpdf/fonts/dejavu*.z A Public Domain, Bitstream, Inc., Tavmjong Bah
|
||||
lib/3rdParty/phpseclib B 2019 TerraFrost and other contributors
|
||||
lib/3rdParty/Monolog B 2011 Jordi Boggiano
|
||||
lib/3rdParty/Psr B 2012 PHP Framework Interoperability Group
|
||||
lib/3rdParty/yubico/Yubico.php C 2015 Yubico AB
|
||||
templates/lib/*jquery*.js B 2018 jQuery Foundation and other contributors
|
||||
style/120_jquery-ui*.css B 2016 jQuery Foundation and other contributors
|
||||
templates/lib/*jquery-dropmenu-*.js B 2010 Fred Heusschen
|
||||
style/150_jquery-dropmenu*.css B 2010 Fred Heusschen
|
||||
templates/lib/*jquery-fineuploader-*.js B 2010 Andrew Valums
|
||||
style/150_jquery-fineuploader*.css B 2010 Andrew Valums
|
||||
templates/lib/*jquery-validationEngine-*.js B 2010 Cedric Dugas and Olivier Refalo
|
||||
style/150_jquery-validationEngine*.css B 2010 Cedric Dugas and Olivier Refalo
|
||||
templates/lib/extra/cropperjs B 2018 Chen Fengyuan
|
||||
style/600_cropper*.css B 2018 Chen Fengyuan
|
||||
templates/lib/extra/duo/*.js E 2019 Duo Security
|
||||
lib/3rdParty/duo/*.php E 2019 Duo Security
|
||||
graphics/webauthn.svg F 2017 Duo Security, Inc.
|
||||
templates/lib/600_jquery.magnific-popup.js B 2016 Dmitry Semenov
|
||||
style/610_magnific-popup.css B 2016 Dmitry Semenov
|
||||
style/responsive/105_normalize.css B Nicolas Gallagher and Jonathan Neal
|
||||
style/responsive/110_grid.css B
|
||||
|
||||
|
|
|
@ -4,13 +4,7 @@ Alias /lam /usr/share/ldap-account-manager
|
|||
<Directory /usr/share/ldap-account-manager>
|
||||
Options +FollowSymLinks
|
||||
AllowOverride All
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
</IfModule>
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all granted
|
||||
</IfModule>
|
||||
Require all granted
|
||||
DirectoryIndex index.html
|
||||
</Directory>
|
||||
|
||||
|
@ -20,67 +14,31 @@ Alias /lam /usr/share/ldap-account-manager
|
|||
|
||||
<Directory /var/lib/ldap-account-manager/tmp/internal>
|
||||
Options -Indexes
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</IfModule>
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all denied
|
||||
</IfModule>
|
||||
Require all denied
|
||||
</Directory>
|
||||
|
||||
<Directory /var/lib/ldap-account-manager/sess>
|
||||
Options -Indexes
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</IfModule>
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all denied
|
||||
</IfModule>
|
||||
Require all denied
|
||||
</Directory>
|
||||
|
||||
<Directory /var/lib/ldap-account-manager/config>
|
||||
Options -Indexes
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</IfModule>
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all denied
|
||||
</IfModule>
|
||||
Require all denied
|
||||
</Directory>
|
||||
|
||||
<Directory /usr/share/ldap-account-manager/lib>
|
||||
Options -Indexes
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</IfModule>
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all denied
|
||||
</IfModule>
|
||||
Require all denied
|
||||
</Directory>
|
||||
|
||||
<Directory /usr/share/ldap-account-manager/help>
|
||||
Options -Indexes
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</IfModule>
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all denied
|
||||
</IfModule>
|
||||
Require all denied
|
||||
</Directory>
|
||||
|
||||
<Directory /usr/share/ldap-account-manager/locale>
|
||||
Options -Indexes
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</IfModule>
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all denied
|
||||
</IfModule>
|
||||
Require all denied
|
||||
</Directory>
|
||||
|
||||
|
|
|
@ -6,9 +6,9 @@ if [ ! -e $outFile ]; then
|
|||
files=`ls templates/lib/*.js`
|
||||
jsFiles=""
|
||||
for file in $files; do
|
||||
jsFiles="$jsFiles --js $file"
|
||||
jsFiles="$jsFiles $file"
|
||||
done
|
||||
closure-compiler --charset UTF-8 $jsFiles --js_output_file $outFile
|
||||
uglifyjs -o $outFile $jsFiles
|
||||
rm $files
|
||||
# add final new line to supress Debian warnings
|
||||
echo "" >> $outFile
|
||||
|
@ -17,7 +17,7 @@ fi
|
|||
files=`ls style/*.css`
|
||||
outFile=style/100_lam.${SOURCE_DATE_EPOCH}.min.css
|
||||
if [ ! -e $outFile ]; then
|
||||
cat $files | cleancss -o ${outFile}
|
||||
cat $files | cleancss --skip-rebase -o ${outFile}
|
||||
rm $files
|
||||
# add final new line to supress Debian warnings
|
||||
echo "" >> $outFile
|
||||
|
|
|
@ -9,6 +9,14 @@ fi
|
|||
. /usr/share/debconf/confmodule
|
||||
db_version 2.0 || [ $? -lt 30 ]
|
||||
|
||||
# 3rd party libs
|
||||
phpThirdPartyLibs='phpseclib Monolog Psr'
|
||||
for phpThirdPartyLib in $phpThirdPartyLibs; do
|
||||
if [ ! -L /usr/share/ldap-account-manager/lib/3rdParty/${phpThirdPartyLib} ] ; then
|
||||
ln -s /usr/share/php/${phpThirdPartyLib} /usr/share/ldap-account-manager/lib/3rdParty/${phpThirdPartyLib}
|
||||
fi
|
||||
done
|
||||
|
||||
cd /usr/share/ldap-account-manager/config-samples/profiles
|
||||
files=`ls -a default.*`
|
||||
for file in $files; do
|
||||
|
@ -28,12 +36,15 @@ files=`ls -a *.jpg`
|
|||
for file in $files; do
|
||||
cp $file /var/lib/ldap-account-manager/config/templates/pdf/logos/$file
|
||||
done
|
||||
if [ ! -h /usr/share/ldap-account-manager/config ]; then\
|
||||
ln -s /var/lib/ldap-account-manager/config /usr/share/ldap-account-manager/config; fi
|
||||
if [ ! -h /usr/share/ldap-account-manager/sess ]; then\
|
||||
ln -s /var/lib/ldap-account-manager/sess /usr/share/ldap-account-manager/sess; fi
|
||||
if [ ! -h /usr/share/ldap-account-manager/tmp ]; then\
|
||||
ln -s /var/lib/ldap-account-manager/tmp /usr/share/ldap-account-manager/tmp; fi
|
||||
if [ ! -h /usr/share/ldap-account-manager/config ]; then
|
||||
ln -s /var/lib/ldap-account-manager/config /usr/share/ldap-account-manager/config
|
||||
fi
|
||||
if [ ! -h /usr/share/ldap-account-manager/sess ]; then
|
||||
ln -s /var/lib/ldap-account-manager/sess /usr/share/ldap-account-manager/sess
|
||||
fi
|
||||
if [ ! -h /usr/share/ldap-account-manager/tmp ]; then
|
||||
ln -s /var/lib/ldap-account-manager/tmp /usr/share/ldap-account-manager/tmp
|
||||
fi
|
||||
chown www-data /etc/ldap-account-manager/config.cfg
|
||||
chmod 600 /etc/ldap-account-manager/config.cfg
|
||||
chown www-data /var/lib/ldap-account-manager/sess
|
||||
|
@ -43,9 +54,14 @@ chown www-data /var/lib/ldap-account-manager/tmp/internal
|
|||
chmod 700 /var/lib/ldap-account-manager/tmp
|
||||
chown -R www-data /var/lib/ldap-account-manager/config
|
||||
chmod 700 /var/lib/ldap-account-manager/config
|
||||
if [ ! -f /var/lib/ldap-account-manager/config/lam.conf ]; \
|
||||
then cp /var/lib/ldap-account-manager/config/unix.conf.sample /var/lib/ldap-account-manager/config/lam.conf; \
|
||||
chown www-data /var/lib/ldap-account-manager/config/lam.conf; fi
|
||||
set +e
|
||||
ls -l /var/lib/ldap-account-manager/config/*.conf &> /dev/null
|
||||
cfgFilesExist=$?
|
||||
set -e
|
||||
if [ $cfgFilesExist -ne 0 ]; then
|
||||
cp /var/lib/ldap-account-manager/config/unix.conf.sample /var/lib/ldap-account-manager/config/lam.conf
|
||||
chown www-data /var/lib/ldap-account-manager/config/lam.conf
|
||||
fi
|
||||
chmod 600 /var/lib/ldap-account-manager/config/*.conf
|
||||
if [ "$1" = "configure" ]; then
|
||||
db_get "ldap-account-manager/alias"
|
||||
|
|
|
@ -49,6 +49,15 @@ if [ -f /usr/share/debconf/confmodule ]; then
|
|||
done
|
||||
fi
|
||||
|
||||
# 3rd party libs
|
||||
phpThirdPartyLibs='phpseclib tcpdf Monolog Psr'
|
||||
for phpThirdPartyLib in $phpThirdPartyLibs; do
|
||||
if [ -L /usr/share/ldap-account-manager/lib/3rdParty/${phpThirdPartyLib} ] ; then
|
||||
rm /usr/share/ldap-account-manager/lib/3rdParty/${phpThirdPartyLib}
|
||||
fi
|
||||
done
|
||||
|
||||
|
||||
set -e
|
||||
if [ "$1" = "purge" ]; then
|
||||
rm -r -f /usr/share/ldap-account-manager
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
if [ "$1" != "upgrade" ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# 3rd party libs
|
||||
phpThirdPartyLibs='phpseclib tcpdf Monolog Psr'
|
||||
for phpThirdPartyLib in $phpThirdPartyLibs; do
|
||||
if [ -L /usr/share/ldap-account-manager/lib/3rdParty/${phpThirdPartyLib} ] ; then
|
||||
rm /usr/share/ldap-account-manager/lib/3rdParty/${phpThirdPartyLib}
|
||||
fi
|
||||
done
|
||||
|
||||
#DEBHELPER#
|
|
@ -23,6 +23,7 @@ install:
|
|||
|
||||
install -D --mode=644 index.html debian/ldap-account-manager/usr/share/ldap-account-manager/index.html
|
||||
install -D --mode=644 VERSION debian/ldap-account-manager/usr/share/ldap-account-manager/VERSION
|
||||
install -D --mode=644 pwa_worker.js debian/ldap-account-manager/usr/share/ldap-account-manager/pwa_worker.js
|
||||
install -D --mode=644 tmp/.htaccess debian/ldap-account-manager/var/lib/ldap-account-manager/tmp/.htaccess
|
||||
install -D --mode=644 tmp/internal/.htaccess debian/ldap-account-manager/var/lib/ldap-account-manager/tmp/internal/.htaccess
|
||||
install -D --mode=644 config/.htaccess debian/ldap-account-manager/var/lib/ldap-account-manager/config/.htaccess
|
||||
|
@ -43,7 +44,14 @@ install:
|
|||
cp -r lib/modules debian/ldap-account-manager/usr/share/ldap-account-manager/lib/
|
||||
cp -r lib/types debian/ldap-account-manager/usr/share/ldap-account-manager/lib/
|
||||
cp -r lib/tools debian/ldap-account-manager/usr/share/ldap-account-manager/lib/
|
||||
cp -r lib/3rdParty debian/ldap-account-manager/usr/share/ldap-account-manager/lib/
|
||||
|
||||
# 3rd party libs are linked
|
||||
install -d --mode=755 debian/ldap-account-manager/usr/share/ldap-account-manager/lib/3rdParty
|
||||
cp -r lib/3rdParty/composer debian/ldap-account-manager/usr/share/ldap-account-manager/lib/3rdParty/
|
||||
cp -r lib/3rdParty/yubico debian/ldap-account-manager/usr/share/ldap-account-manager/lib/3rdParty/
|
||||
cp -r lib/3rdParty/tcpdf debian/ldap-account-manager/usr/share/ldap-account-manager/lib/3rdParty/
|
||||
cp -r lib/3rdParty/duo debian/ldap-account-manager/usr/share/ldap-account-manager/lib/3rdParty/
|
||||
|
||||
cp -r locale debian/ldap-account-manager/usr/share/ldap-account-manager/
|
||||
install -D --mode=644 sess/.htaccess debian/ldap-account-manager/var/lib/ldap-account-manager/sess/.htaccess
|
||||
cp -r style debian/ldap-account-manager/usr/share/ldap-account-manager/
|
||||
|
@ -64,8 +72,6 @@ binary-indep: build install
|
|||
dh_install
|
||||
dh_compress
|
||||
dh_fixperms
|
||||
dh_link /usr/share/fonts/truetype/dejavu/DejaVuSerif.ttf /usr/share/ldap-account-manager/lib/3rdParty/tcpdf/fonts/DejaVuSerif.ttf
|
||||
dh_link /usr/share/fonts/truetype/dejavu/DejaVuSerif-Bold.ttf /usr/share/ldap-account-manager/lib/3rdParty/tcpdf/fonts/DejaVuSerif-Bold.ttf
|
||||
dh_link /usr/share/doc/ldap-account-manager/docs /usr/share/ldap-account-manager/docs
|
||||
install -D --mode=644 debian/lam.apache.conf debian/ldap-account-manager/etc/ldap-account-manager/apache.conf
|
||||
install -D --mode=644 debian/lam.nginx.conf debian/ldap-account-manager/etc/ldap-account-manager/nginx.conf
|
||||
|
|
|
@ -0,0 +1,36 @@
|
|||
#
|
||||
# LAM setup
|
||||
#
|
||||
# skip LAM preconfiguration (lam.conf + config.cfg), values: (true/false)
|
||||
# If set to false the other variables below have no effect.
|
||||
LAM_SKIP_PRECONFIGURE=false
|
||||
# domain of LDAP database root entry, will be converted to dc=...,dc=...
|
||||
LDAP_DOMAIN=my-domain.com
|
||||
# LDAP base DN to overwrite value generated by LDAP_DOMAIN
|
||||
LDAP_BASE_DN=dc=my-domain,dc=com
|
||||
# LDAP users DN to overwrite value provided by LDAP_BASE_DN
|
||||
LDAP_USERS_DN=ou=people,dc=my-domain,dc=com
|
||||
# LDAP groups DN to overwrite value provided by LDAP_BASE_DN
|
||||
LDAP_GROUPS_DN=ou=groups,dc=my-domain,dc=com
|
||||
|
||||
# LDAP server URL
|
||||
LDAP_SERVER=ldap://ldap:389
|
||||
# LDAP admin user (set as login user for LAM)
|
||||
LDAP_USER=cn=admin,dc=my-domain,dc=com
|
||||
# default language, e.g. en_US, de_DE, fr_FR, ...
|
||||
LAM_LANG=en_US
|
||||
# LAM configuration master password and password for server profile "lam"
|
||||
LAM_PASSWORD=lam
|
||||
|
||||
# deactivate TLS certificate checks, activate for development only
|
||||
LAM_DISABLE_TLS_CHECK=false
|
||||
|
||||
#
|
||||
# docker-compose only, LDAP server setup
|
||||
#
|
||||
# LDAP organisation name for OpenLDAP
|
||||
LDAP_ORGANISATION="LDAP Account Manager Demo"
|
||||
# LDAP admin password
|
||||
LDAP_ADMIN_PASSWORD=adminpw
|
||||
# password for LDAP read-only user
|
||||
LDAP_READONLY_USER_PASSWORD=readonlypw
|
|
@ -0,0 +1,112 @@
|
|||
#
|
||||
# Docker image for LDAP Account Manager
|
||||
|
||||
# This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
||||
# Copyright (C) 2019 - 2020 Roland Gruber
|
||||
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
|
||||
#
|
||||
# Usage: run this command: docker run -p 8080:80 -it -d ldapaccountmanager/lam:stable
|
||||
#
|
||||
# Then access LAM at http://localhost:8080/
|
||||
# You can change the port 8080 if needed.
|
||||
# See possible environment variables here: https://github.com/LDAPAccountManager/lam/blob/develop/lam-packaging/docker/.env
|
||||
#
|
||||
|
||||
FROM debian:buster-slim
|
||||
LABEL maintainer="Roland Gruber <post@rolandgruber.de>"
|
||||
|
||||
ARG LAM_RELEASE=7.3.RC1
|
||||
EXPOSE 80
|
||||
|
||||
ENV \
|
||||
DEBIAN_FRONTEND=noninteractive \
|
||||
DEBUG=''
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get upgrade -y
|
||||
|
||||
# install locales
|
||||
RUN apt-get install -y locales
|
||||
RUN sed -i 's/^# *\(ca_ES.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(cz_CZ.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(de_DE.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(en_GB.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(en_US.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(es_ES.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(fr_FR.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(it_IT.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(hu_HU.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(nl_NL.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(pl_PL.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(pt_BR.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(ru_RU.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(sk_SK.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(tr_TR.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(uk_UA.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(ja_JP.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(zh_TW.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
sed -i 's/^# *\(zh_CN.UTF-8\)/\1/' /etc/locale.gen && \
|
||||
locale-gen
|
||||
|
||||
RUN apt-get install --no-install-recommends -y \
|
||||
apache2 \
|
||||
ca-certificates \
|
||||
dumb-init \
|
||||
fonts-dejavu \
|
||||
libapache2-mod-php \
|
||||
php \
|
||||
php-curl \
|
||||
php-gd \
|
||||
php-imagick \
|
||||
php-ldap \
|
||||
php-monolog \
|
||||
php-phpseclib \
|
||||
php-xml \
|
||||
php-zip \
|
||||
php-imap \
|
||||
php-gmp \
|
||||
wget \
|
||||
&& \
|
||||
rm /etc/apache2/sites-enabled/*default* && \
|
||||
rm -rf /var/cache/apt /var/lib/apt/lists/*
|
||||
|
||||
# install LAM
|
||||
RUN wget http://prdownloads.sourceforge.net/lam/ldap-account-manager_${LAM_RELEASE}-1_all.deb?download \
|
||||
-O /tmp/ldap-account-manager_${LAM_RELEASE}-1_all.deb && \
|
||||
dpkg -i /tmp/ldap-account-manager_${LAM_RELEASE}-1_all.deb && \
|
||||
rm -f /tmp/ldap-account-manager_${LAM_RELEASE}-1_all.deb
|
||||
|
||||
# redirect Apache logging
|
||||
RUN sed -e 's,^ErrorLog.*,ErrorLog "|/bin/cat",' -i /etc/apache2/apache2.conf
|
||||
# because there is no logging set in the lam vhost logging goes to other_vhost_access.log
|
||||
RUN ln -sf /dev/stdout /var/log/apache2/other_vhosts_access.log
|
||||
|
||||
# add redirect for /
|
||||
RUN a2enmod rewrite
|
||||
RUN echo "RewriteEngine on" >> /etc/apache2/conf-enabled/laminit.conf \
|
||||
&& echo "RewriteRule ^/$ /lam/ [R,L]" >> /etc/apache2/conf-enabled/laminit.conf
|
||||
|
||||
COPY start.sh /usr/local/bin/start.sh
|
||||
|
||||
WORKDIR /var/lib/ldap-account-manager/config
|
||||
|
||||
# start Apache when container starts
|
||||
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
||||
CMD [ "/usr/local/bin/start.sh" ]
|
||||
|
||||
HEALTHCHECK --interval=1m --timeout=10s \
|
||||
CMD wget -qO- http://localhost/lam/ | grep -q '<title>LDAP Account Manager</title>'
|
|
@ -0,0 +1,42 @@
|
|||
version: '3.5'
|
||||
services:
|
||||
ldap-account-manager:
|
||||
build:
|
||||
context: .
|
||||
image: ldapaccountmanager/lam:7.3.RC1
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "8080:80"
|
||||
volumes:
|
||||
- lametc/:/etc/ldap-account-manager
|
||||
- lamconfig/:/var/lib/ldap-account-manager/config
|
||||
- lamsession/:/var/lib/ldap-account-manager/sess
|
||||
environment:
|
||||
- LAM_PASSWORD=${LAM_PASSWORD}
|
||||
- LAM_LANG=en_US
|
||||
- LDAP_SERVER=${LDAP_SERVER}
|
||||
- LDAP_DOMAIN=${LDAP_DOMAIN}
|
||||
- LDAP_BASE_DN=${LDAP_BASE_DN}
|
||||
- ADMIN_USER=cn=admin,${LDAP_BASE_DN}
|
||||
- DEBUG=true
|
||||
ldap:
|
||||
image: osixia/openldap:latest
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- LDAP_ORGANISATION=${LDAP_ORGANISATION}
|
||||
- LDAP_DOMAIN=${LDAP_DOMAIN}
|
||||
- LDAP_BASE_DN=${LDAP_BASE_DN}
|
||||
- LDAP_ADMIN_PASSWORD=${LDAP_ADMIN_PASSWORD}
|
||||
- LDAP_READONLY_USER=true
|
||||
- LDAP_READONLY_USER_PASSWORD=${LDAP_READONLY_USER_PASSWORD}
|
||||
command: "--loglevel info --copy-service"
|
||||
volumes:
|
||||
- ldap:/var/lib/ldap
|
||||
- slapd:/etc/ldap/slapd.d
|
||||
|
||||
volumes:
|
||||
lametc:
|
||||
lamconfig:
|
||||
lamsession:
|
||||
ldap:
|
||||
slapd:
|
|
@ -0,0 +1,66 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# Docker start script for LDAP Account Manager
|
||||
|
||||
# This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
||||
# Copyright (C) 2019 Felix Bartels
|
||||
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
|
||||
|
||||
set -eu # unset variables are errors & non-zero return values exit the whole script
|
||||
[ "$DEBUG" ] && set -x
|
||||
|
||||
if [ "${LAM_DISABLE_TLS_CHECK:-}" == "true" ]; then
|
||||
ln -s /etc/ldap/ldap.conf /etc/ldap.conf
|
||||
echo "TLS_REQCERT never" >> /etc/ldap/ldap.conf
|
||||
fi
|
||||
|
||||
LAM_SKIP_PRECONFIGURE="${LAM_SKIP_PRECONFIGURE:-false}"
|
||||
if [ "$LAM_SKIP_PRECONFIGURE" != "true" ]; then
|
||||
|
||||
LAM_LANG="${LAM_LANG:-en_US}"
|
||||
export LAM_PASSWORD="${LAM_PASSWORD:-lam}"
|
||||
LAM_PASSWORD_SSHA=$(php -r '$password = getenv("LAM_PASSWORD"); mt_srand((microtime() * 1000000)); $rand = abs(hexdec(bin2hex(openssl_random_pseudo_bytes(5)))); $salt0 = substr(pack("h*", md5($rand)), 0, 8); $salt = substr(pack("H*", sha1($salt0 . $password)), 0, 4); print "{SSHA}" . base64_encode(pack("H*", sha1($password . $salt))) . " " . base64_encode($salt) . "\n";')
|
||||
LDAP_SERVER="${LDAP_SERVER:-ldap://ldap:389}"
|
||||
LDAP_DOMAIN="${LDAP_DOMAIN:-my-domain.com}"
|
||||
LDAP_BASE_DN="${LDAP_BASE_DN:-dc=${LDAP_DOMAIN//\./,dc=}}"
|
||||
LDAP_USERS_DN="${LDAP_USERS_DN:-${LDAP_BASE_DN}}"
|
||||
LDAP_GROUPS_DN="${LDAP_GROUPS_DN:-${LDAP_BASE_DN}}"
|
||||
LDAP_ADMIN_USER="${LDAP_USER:-cn=admin,${LDAP_BASE_DN}}"
|
||||
|
||||
sed -i -f- /etc/ldap-account-manager/config.cfg <<- EOF
|
||||
s|^password:.*|password: ${LAM_PASSWORD_SSHA}|;
|
||||
EOF
|
||||
unset LAM_PASSWORD
|
||||
|
||||
sed -i -f- /var/lib/ldap-account-manager/config/lam.conf <<- EOF
|
||||
s|^ServerURL:.*|ServerURL: ${LDAP_SERVER}|;
|
||||
s|^Admins:.*|Admins: ${LDAP_ADMIN_USER}|;
|
||||
s|^Passwd:.*|Passwd: ${LAM_PASSWORD_SSHA}|;
|
||||
s|^treesuffix:.*|treesuffix: ${LDAP_BASE_DN}|;
|
||||
s|^defaultLanguage:.*|defaultLanguage: ${LAM_LANG}.utf8|;
|
||||
s|^.*suffix_user:.*|types: suffix_user: ${LDAP_USERS_DN}|;
|
||||
s|^.*suffix_group:.*|types: suffix_group: ${LDAP_GROUPS_DN}|;
|
||||
EOF
|
||||
|
||||
fi
|
||||
|
||||
echo "Starting Apache"
|
||||
rm -f /run/apache2/apache2.pid
|
||||
set +u
|
||||
# shellcheck disable=SC1091
|
||||
source /etc/apache2/envvars
|
||||
exec /usr/sbin/apache2 -DFOREGROUND
|
|
@ -1,11 +1,5 @@
|
|||
<Files *>
|
||||
Options +FollowSymLinks
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
</IfModule>
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all granted
|
||||
</IfModule>
|
||||
Require all granted
|
||||
DirectoryIndex index.html
|
||||
</Files>
|
||||
|
|
152
lam/HISTORY
|
@ -1,6 +1,142 @@
|
|||
March 2018 6.3
|
||||
September 2020
|
||||
- PHP 7.4 compatibility
|
||||
- Configuration export and import
|
||||
- Server profiles support to specify a part of the DN to hide
|
||||
- Show password prompt when a user with expired password logs into LAM admin interface (requires PHP 7.2)
|
||||
- Better error messages on login when account is expired/deactivated/...
|
||||
- Personal/Windows: photo can be uploaded via webcam
|
||||
- Windows users: group display format can be configured (cn/dn)
|
||||
- LAM Pro:
|
||||
-> Windows: new cron job to send users a summary of their managed groups
|
||||
- Fixed bugs:
|
||||
-> Unix groups: memberUid was not deleted correctly when forced sync with group of names is active
|
||||
|
||||
01.05.2020 7.2
|
||||
- Unix: allow to create group with same name during user creation
|
||||
- LAM Pro:
|
||||
-> EMail sending can be done via SMTP without local mail server
|
||||
-> License expiration warning can be sent via email or disabled
|
||||
- Fixed bugs:
|
||||
-> Captcha don't show anymore in Self Service login page (213)
|
||||
-> Unix memberships cannot be changed. This issue can also affect other membership relations.
|
||||
-> Missing locales on Docker image
|
||||
|
||||
|
||||
17.03.2020 7.1
|
||||
- PHP 7 required
|
||||
- WebAuthn/FIDO2 support for 2-factor-authentication (requires PHP 7.2)
|
||||
- IMAP: changed library to support latest TLS versions
|
||||
- Personal: support display name (hidden by default in server profile)
|
||||
- Windows users: support allowed workstations, more profile options
|
||||
- Reactivated Polish translation
|
||||
- LAM Pro:
|
||||
-> PPolicy: support for password check module
|
||||
-> Windows AD LDS support (users and groups)
|
||||
-> User self registration: support Active Directory/Samba4
|
||||
|
||||
|
||||
21.12.2019 7.0
|
||||
- Lamdaemon can be configured with directory prefix for homedirs
|
||||
- Account list filters match on substrings instead of whole value
|
||||
- YubiKey: support to configure multiple verification servers
|
||||
- Windows hosts: added last password change and last login
|
||||
- Deactivated non-maintained translations: Catalan, Czech, Hungarian, Polish and Turkish
|
||||
Contact us if you would like to take over. Translators get LAM Pro for free (commercial use included).
|
||||
- Docker updates
|
||||
- Fixed bugs:
|
||||
-> Missing CSS for Duo
|
||||
-> Editing of DNs with comma on Windows (210)
|
||||
|
||||
|
||||
29.09.2019 6.9
|
||||
- Group account types can show member+owner count in list view
|
||||
- 2-factor authentication:
|
||||
-> Duo support
|
||||
-> user name attribute for privacyIDEA can be specified
|
||||
- LAM Pro:
|
||||
-> New self service settings for login and main page footer
|
||||
-> Custom fields: custom labels for LDAP search select list
|
||||
- Fixed bugs:
|
||||
-> Configuration issue with Unix user/host module (206)
|
||||
|
||||
|
||||
02.07.2019 6.8
|
||||
- Parallel editing of multiple entries in different browser tabs supported
|
||||
- LAM supports the progressive web app standard which allows to install LAM as an icon on home screen
|
||||
- Windows: added home drive and force password change to profile editor
|
||||
- Unix: password management can be disabled in module settings
|
||||
- LAM Pro:
|
||||
-> Bind DLZ: entry table can show record data (use special attribute "#records" in server profile)
|
||||
-> Self service: support legacy attribute "email" for password self reset and user self registration
|
||||
- Fixed bugs:
|
||||
-> Users: No drop-down filter box for account status (200)
|
||||
-> Custom fields: Account type "Groups" not saving/deleting fields (66)
|
||||
|
||||
|
||||
25.03.2019 6.7
|
||||
- Added YubiKey as 2-factor authentication provider
|
||||
- Support logging to remote syslog server
|
||||
- PHP 7.3 support
|
||||
- LAM Pro:
|
||||
-> Allow to mark text and text area fields as required
|
||||
-> New self service fields:
|
||||
-> Mail routing
|
||||
-> Windows proxy addresses + mail alias
|
||||
-> Shadow account expiration date
|
||||
-> Unix and group of names memberships
|
||||
-> Base URL for emails in self service can be configured in self service profile
|
||||
-> Bind DLZ: support DNAME+XFR records and descriptions in records (requires latest LDAP schema)
|
||||
-> Cron jobs: added Shadow account expiration notification job
|
||||
- Fixed bugs:
|
||||
-> Allow tree-only configurations without any other tab
|
||||
|
||||
|
||||
28.12.2018 6.6
|
||||
- New import/export in tools menu
|
||||
- YubiKey support
|
||||
- Windows users:
|
||||
-> Manage "departmentNumber" (needs to be activated via LAM server profile)
|
||||
-> Sync group memberships from Unix and group of names
|
||||
- LAM Pro:
|
||||
-> Easy setting of background color in self service profile
|
||||
-> Cron jobs: added Windows/Qmail/FreeRadius account expiration notification jobs
|
||||
-> Bind DLZ: usability improvements and small fixes
|
||||
|
||||
|
||||
25.09.2018 6.5
|
||||
- Password change possible via LDAP EXOP operation (set LDAP_EXOP as password hash, requires PHP 7.2)
|
||||
- Support Imagick and GD
|
||||
- Dropped support for Apache 2.2
|
||||
- Upload: allow to overwrite existing accounts
|
||||
- Personal: photos can be printed in PDF export
|
||||
- Kolab updates
|
||||
- LAM Pro:
|
||||
-> Auto deletion of entries with dynamic directory services support (requires PHP 7.2)
|
||||
- Fixed bugs:
|
||||
-> Issue when changing key case of uid (#197)
|
||||
|
||||
|
||||
20.06.2018 6.4
|
||||
- Imagick PHP extension required
|
||||
- Passwords can be checked against external service (e.g. https://api.pwnedpasswords.com/range)
|
||||
- Personal/Windows: image cropping support
|
||||
- Better filtering of account lists
|
||||
- Unix: Unix, Windows and group of names memberships can be synced in group selection
|
||||
- IMAP: create mailbox via file upload
|
||||
- PHP 7.2 support
|
||||
- Support for "," in DN
|
||||
- LAM Pro:
|
||||
-> Better support for 389ds password expiration
|
||||
- Fixed bugs:
|
||||
-> Error on password reset page when custom fields is used (194)
|
||||
|
||||
|
||||
19.03.2018 6.3
|
||||
- Server profile: added option if referential integrity overlay is active to skip cleanup actions
|
||||
- Unix: several options are now specific to subaccount types (reconfiguration required!)
|
||||
- Fixed bugs:
|
||||
-> Security fixes (XSS vulnerabilities CVE-2018-8763 and CSRF token in URL CVE-2018-8764)
|
||||
-> Quota for Windows groups did not work
|
||||
- LAM Pro:
|
||||
-> Support custom structural object classes with new custom type
|
||||
-> Support dynamic lists
|
||||
|
@ -202,7 +338,7 @@ March 2018 6.3
|
|||
- LAM Pro:
|
||||
-> Password self reset and user self registration support to set a header text
|
||||
-> Sudo roles: support latest schema
|
||||
-> Bind DLZ: automatic PTR management (disabled by default) and better formating of e.g. TTL values
|
||||
-> Bind DLZ: automatic PTR management (disabled by default) and better formatting of e.g. TTL values
|
||||
|
||||
|
||||
18.03.2014 4.5
|
||||
|
@ -394,7 +530,7 @@ March 2018 6.3
|
|||
-> support to read user name from uid attribute
|
||||
-> added quota management
|
||||
- Personal: added additional options for account profiles
|
||||
- Mail aliases: sort receipients (RFE 3170336)
|
||||
- Mail aliases: sort recipients (RFE 3170336)
|
||||
- Asterisk: support all attributes (can be disabled in configuration)
|
||||
- Samba 3/Shadow: allow to sync expiration date (RFE 3147751)
|
||||
- LAM Pro:
|
||||
|
@ -521,7 +657,7 @@ March 2018 6.3
|
|||
21.01.2009 2.5.0
|
||||
- LAM Pro:
|
||||
-> supports rfc2307bis schema for Unix groups (RFE 2111694)
|
||||
-> added alias manangement (object classes alias + uidObject) (RFE 1912779)
|
||||
-> added alias management (object classes alias + uidObject) (RFE 1912779)
|
||||
- Shadow: module is now optional when creating new accounts
|
||||
- Kolab:
|
||||
-> account extension is now optional
|
||||
|
@ -710,7 +846,7 @@ March 2018 6.3
|
|||
- security: LAM checks the session id and client IP
|
||||
- fixed bugs:
|
||||
-> Samba 3: hash values were wrong in some rare cases (1440021)
|
||||
-> Samba 3: readded time zone selection for logon hours (1407761)
|
||||
-> Samba 3: re-added time zone selection for logon hours (1407761)
|
||||
-> Unix: call of unknown function (1450464)
|
||||
|
||||
|
||||
|
@ -847,7 +983,7 @@ March 2018 6.3
|
|||
-> dynamic configuration options (based on modules)
|
||||
- all pages in UTF-8
|
||||
- added developer documentation
|
||||
- PHPDoc formated comments
|
||||
- PHPDoc formatted comments
|
||||
- new plugin for managing MAC addresses (RFE 926017)
|
||||
- new plugin for managing NIS mail aliases (RFE 1050036)
|
||||
- new plugin for managing mail routing with inetLocalMailRecipient (RFE 1092137)
|
||||
|
@ -909,7 +1045,7 @@ March 2018 6.3
|
|||
if magic_quotes_gpc in php.ini is was set to "Off", several pages did not work
|
||||
some smaller bugs in mass upload
|
||||
Samba hash values for hosts were not correct
|
||||
Unix passwords could be disabled but not reenabled
|
||||
Unix passwords could be disabled but not re-enabled
|
||||
fixed problem with eval() in status.inc (894433)
|
||||
|
||||
|
||||
|
@ -932,7 +1068,7 @@ March 2018 6.3
|
|||
- better error handling at login
|
||||
- support spaces in DNs
|
||||
- PDF text for users
|
||||
- create missing OUs recursivly
|
||||
- create missing OUs recursively
|
||||
- fixed bugs:
|
||||
SMD5 passwords were wrong
|
||||
primaryGroupSID wrong if SID has no relation to Algorithmic RID Base
|
||||
|
|
|
@ -3,19 +3,16 @@ LAM - Readme
|
|||
============
|
||||
|
||||
LDAP Account Manager (LAM) manages user, group and host accounts in an LDAP
|
||||
directory. LAM runs on any webserver with PHP5 support and connects to your
|
||||
directory. LAM runs on any webserver with PHP7 support and connects to your
|
||||
LDAP server unencrypted or via SSL/TLS.
|
||||
Currently LAM supports these account types: Samba 3/4, Unix, Kolab 2,
|
||||
Currently LAM supports these account types: Samba 3/4, Unix, Kolab,
|
||||
address book entries, NIS mail aliases and MAC addresses. There is a tree
|
||||
viewer included to allow access to the raw LDAP attributes. You can use
|
||||
templates for account creation and use multiple configuration profiles.
|
||||
LAM is translated to Catalan, Chinese (Traditional + Simplified), Czech,
|
||||
Dutch, English, French, German, Hungarian, Italian, Japanese, Polish,
|
||||
Portuguese, Russian, Slovak, Spanish, Turkish and Ukrainian.
|
||||
|
||||
https://www.ldap-account-manager.org/
|
||||
|
||||
Copyright (C) 2003 - 2018 Roland Gruber <post@rolandgruber.de>
|
||||
Copyright (C) 2003 - 2020 Roland Gruber <post@rolandgruber.de>
|
||||
|
||||
Installation and documentation:
|
||||
Please see the LAM manual in docs/manual/index.html.
|
||||
|
|
|
@ -1 +1 @@
|
|||
6.3.RC1
|
||||
7.3.RC1
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
#!/bin/bash
|
||||
|
||||
~/.local/bin/codespell --skip '*3rdParty*,*/ckeditor/*,*/po/*,*/locale/*,tmp,sess,config,graphics,*/style/images/*,*/style/*.gif,*/style/*.png,*/docs/manual-onePage/*,*/docs/manual-sources/images/*,*/templates/lib/*jquery*,*~,*/docs/phpdoc/*,*/docs/manual/*,*/docs/devel/images/*,*/docs/manual-pdf/*,*.sh,*/cropper.js,*/lib/extra/duo/*' --ignore-words-list "tim,te,pres,files'"
|
|
@ -0,0 +1,18 @@
|
|||
{
|
||||
"config": {
|
||||
"vendor-dir": "lib/3rdParty/composer"
|
||||
},
|
||||
"repositories": [
|
||||
{
|
||||
"type": "pear",
|
||||
"url": "https://pear.horde.org"
|
||||
}
|
||||
],
|
||||
"require" : {
|
||||
"web-auth/webauthn-lib" : "2.1.7",
|
||||
"symfony/http-foundation" : "5.0.7",
|
||||
"symfony/psr-http-message-bridge" : "1.3.0",
|
||||
"pear-pear.horde.org/Horde_Imap_Client" : "2.30.1",
|
||||
"phpmailer/phpmailer": "~6.1"
|
||||
}
|
||||
}
|
|
@ -3,3 +3,4 @@ config.cfg
|
|||
/serverCerts.pem
|
||||
/pdf/
|
||||
/profiles/
|
||||
*.sqlite
|
|
@ -1,9 +1,3 @@
|
|||
<Files *>
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</IfModule>
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all denied
|
||||
</IfModule>
|
||||
Require all denied
|
||||
</Files>
|
||||
|
|
|
@ -6,10 +6,10 @@
|
|||
# the second is the character encoding and the third the language name.
|
||||
|
||||
# Catalan
|
||||
ca_ES.utf8:UTF-8:Català (Catalunya)
|
||||
# ca_ES.utf8:UTF-8:Català (Catalunya)
|
||||
|
||||
# Czech
|
||||
cs_CZ.utf8:UTF-8:Čeština (Česko)
|
||||
# cs_CZ.utf8:UTF-8:Čeština (Česko)
|
||||
|
||||
# German
|
||||
de_DE.utf8:UTF-8:Deutsch (Deutschland)
|
||||
|
@ -30,7 +30,7 @@ fr_FR.utf8:UTF-8:Français (France)
|
|||
it_IT.utf8:UTF-8:Italiano (Italia)
|
||||
|
||||
# Hungarian
|
||||
hu_HU.utf8:UTF-8:Magyar (Magyarország)
|
||||
# hu_HU.utf8:UTF-8:Magyar (Magyarország)
|
||||
|
||||
# Dutch
|
||||
nl_NL.utf8:UTF-8:Nederlands (Nederland)
|
||||
|
@ -48,7 +48,7 @@ ru_RU.utf8:UTF-8:Русский (Россия)
|
|||
sk_SK.utf8:UTF-8:Slovenčina (Slovensko)
|
||||
|
||||
# Turkish
|
||||
tr_TR.utf8:UTF-8:Türkçe (Türkiye)
|
||||
# tr_TR.utf8:UTF-8:Türkçe (Türkiye)
|
||||
|
||||
# Ukrainian
|
||||
uk_UA.utf8:UTF-8:Українська (Україна)
|
||||
|
|
799
lam/copyright
|
@ -1,4 +1,4 @@
|
|||
This software is copyright (c) 2003 - 2018 by Roland Gruber
|
||||
This software is copyright (c) 2003 - 2020 by Roland Gruber
|
||||
|
||||
If you purchased a copy of LDAP Account Manager Pro then the following
|
||||
files are licensed under the conditions which you accepted at purchase
|
||||
|
@ -19,6 +19,7 @@ time.
|
|||
* lib/modules/customFields.inc
|
||||
* lib/modules/customScripts.inc
|
||||
* lib/modules/device.inc
|
||||
* lib/modules/autoDelete.inc
|
||||
* lib/modules/dynamicList.inc
|
||||
* lib/modules/groupOfNames.inc
|
||||
* lib/modules/groupOfNamesUser.inc
|
||||
|
@ -85,7 +86,6 @@ The complete license can be found in the file COPYING.
|
|||
Some parts of this package have other, compatible licences. These are:
|
||||
|
||||
A:
|
||||
|
||||
DejaVu Fonts — License
|
||||
|
||||
Fonts are © Bitstream (see below). DejaVu changes are in public domain. Explanation
|
||||
|
@ -176,7 +176,9 @@ A:
|
|||
Software without prior written authorization from Tavmjong Bah. For further
|
||||
information, contact: tavmjong @ free . fr.
|
||||
|
||||
|
||||
B:
|
||||
MIT License
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining
|
||||
a copy of this software and associated documentation files (the
|
||||
|
@ -198,15 +200,792 @@ B:
|
|||
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
|
||||
|
||||
C:
|
||||
New BSD License
|
||||
|
||||
Redistribution and use in source and binary forms, with or without modification,
|
||||
are permitted provided that the following conditions are met:
|
||||
|
||||
1. Redistributions of source code must retain the above copyright notice, this list
|
||||
of conditions and the following disclaimer.
|
||||
|
||||
2. Redistributions in binary form must reproduce the above copyright notice, this
|
||||
list of conditions and the following disclaimer in the documentation and/or other
|
||||
materials provided with the distribution.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
||||
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
||||
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
||||
IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
|
||||
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
||||
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
||||
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
||||
OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
|
||||
D:
|
||||
GNU LESSER GENERAL PUBLIC LICENSE
|
||||
Version 3, 29 June 2007
|
||||
|
||||
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
|
||||
Everyone is permitted to copy and distribute verbatim copies
|
||||
of this license document, but changing it is not allowed.
|
||||
|
||||
|
||||
This version of the GNU Lesser General Public License incorporates
|
||||
the terms and conditions of version 3 of the GNU General Public
|
||||
License, supplemented by the additional permissions listed below.
|
||||
|
||||
0. Additional Definitions.
|
||||
|
||||
As used herein, "this License" refers to version 3 of the GNU Lesser
|
||||
General Public License, and the "GNU GPL" refers to version 3 of the GNU
|
||||
General Public License.
|
||||
|
||||
"The Library" refers to a covered work governed by this License,
|
||||
other than an Application or a Combined Work as defined below.
|
||||
|
||||
An "Application" is any work that makes use of an interface provided
|
||||
by the Library, but which is not otherwise based on the Library.
|
||||
Defining a subclass of a class defined by the Library is deemed a mode
|
||||
of using an interface provided by the Library.
|
||||
|
||||
A "Combined Work" is a work produced by combining or linking an
|
||||
Application with the Library. The particular version of the Library
|
||||
with which the Combined Work was made is also called the "Linked
|
||||
Version".
|
||||
|
||||
The "Minimal Corresponding Source" for a Combined Work means the
|
||||
Corresponding Source for the Combined Work, excluding any source code
|
||||
for portions of the Combined Work that, considered in isolation, are
|
||||
based on the Application, and not on the Linked Version.
|
||||
|
||||
The "Corresponding Application Code" for a Combined Work means the
|
||||
object code and/or source code for the Application, including any data
|
||||
and utility programs needed for reproducing the Combined Work from the
|
||||
Application, but excluding the System Libraries of the Combined Work.
|
||||
|
||||
1. Exception to Section 3 of the GNU GPL.
|
||||
|
||||
You may convey a covered work under sections 3 and 4 of this License
|
||||
without being bound by section 3 of the GNU GPL.
|
||||
|
||||
2. Conveying Modified Versions.
|
||||
|
||||
If you modify a copy of the Library, and, in your modifications, a
|
||||
facility refers to a function or data to be supplied by an Application
|
||||
that uses the facility (other than as an argument passed when the
|
||||
facility is invoked), then you may convey a copy of the modified
|
||||
version:
|
||||
|
||||
a) under this License, provided that you make a good faith effort to
|
||||
ensure that, in the event an Application does not supply the
|
||||
function or data, the facility still operates, and performs
|
||||
whatever part of its purpose remains meaningful, or
|
||||
|
||||
b) under the GNU GPL, with none of the additional permissions of
|
||||
this License applicable to that copy.
|
||||
|
||||
3. Object Code Incorporating Material from Library Header Files.
|
||||
|
||||
The object code form of an Application may incorporate material from
|
||||
a header file that is part of the Library. You may convey such object
|
||||
code under terms of your choice, provided that, if the incorporated
|
||||
material is not limited to numerical parameters, data structure
|
||||
layouts and accessors, or small macros, inline functions and templates
|
||||
(ten or fewer lines in length), you do both of the following:
|
||||
|
||||
a) Give prominent notice with each copy of the object code that the
|
||||
Library is used in it and that the Library and its use are
|
||||
covered by this License.
|
||||
|
||||
b) Accompany the object code with a copy of the GNU GPL and this license
|
||||
document.
|
||||
|
||||
4. Combined Works.
|
||||
|
||||
You may convey a Combined Work under terms of your choice that,
|
||||
taken together, effectively do not restrict modification of the
|
||||
portions of the Library contained in the Combined Work and reverse
|
||||
engineering for debugging such modifications, if you also do each of
|
||||
the following:
|
||||
|
||||
a) Give prominent notice with each copy of the Combined Work that
|
||||
the Library is used in it and that the Library and its use are
|
||||
covered by this License.
|
||||
|
||||
b) Accompany the Combined Work with a copy of the GNU GPL and this license
|
||||
document.
|
||||
|
||||
c) For a Combined Work that displays copyright notices during
|
||||
execution, include the copyright notice for the Library among
|
||||
these notices, as well as a reference directing the user to the
|
||||
copies of the GNU GPL and this license document.
|
||||
|
||||
d) Do one of the following:
|
||||
|
||||
0) Convey the Minimal Corresponding Source under the terms of this
|
||||
License, and the Corresponding Application Code in a form
|
||||
suitable for, and under terms that permit, the user to
|
||||
recombine or relink the Application with a modified version of
|
||||
the Linked Version to produce a modified Combined Work, in the
|
||||
manner specified by section 6 of the GNU GPL for conveying
|
||||
Corresponding Source.
|
||||
|
||||
1) Use a suitable shared library mechanism for linking with the
|
||||
Library. A suitable mechanism is one that (a) uses at run time
|
||||
a copy of the Library already present on the user's computer
|
||||
system, and (b) will operate properly with a modified version
|
||||
of the Library that is interface-compatible with the Linked
|
||||
Version.
|
||||
|
||||
e) Provide Installation Information, but only if you would otherwise
|
||||
be required to provide such information under section 6 of the
|
||||
GNU GPL, and only to the extent that such information is
|
||||
necessary to install and execute a modified version of the
|
||||
Combined Work produced by recombining or relinking the
|
||||
Application with a modified version of the Linked Version. (If
|
||||
you use option 4d0, the Installation Information must accompany
|
||||
the Minimal Corresponding Source and Corresponding Application
|
||||
Code. If you use option 4d1, you must provide the Installation
|
||||
Information in the manner specified by section 6 of the GNU GPL
|
||||
for conveying Corresponding Source.)
|
||||
|
||||
5. Combined Libraries.
|
||||
|
||||
You may place library facilities that are a work based on the
|
||||
Library side by side in a single library together with other library
|
||||
facilities that are not Applications and are not covered by this
|
||||
License, and convey such a combined library under terms of your
|
||||
choice, if you do both of the following:
|
||||
|
||||
a) Accompany the combined library with a copy of the same work based
|
||||
on the Library, uncombined with any other library facilities,
|
||||
conveyed under the terms of this License.
|
||||
|
||||
b) Give prominent notice with the combined library that part of it
|
||||
is a work based on the Library, and explaining where to find the
|
||||
accompanying uncombined form of the same work.
|
||||
|
||||
6. Revised Versions of the GNU Lesser General Public License.
|
||||
|
||||
The Free Software Foundation may publish revised and/or new versions
|
||||
of the GNU Lesser General Public License from time to time. Such new
|
||||
versions will be similar in spirit to the present version, but may
|
||||
differ in detail to address new problems or concerns.
|
||||
|
||||
Each version is given a distinguishing version number. If the
|
||||
Library as you received it specifies that a certain numbered version
|
||||
of the GNU Lesser General Public License "or any later version"
|
||||
applies to it, you have the option of following the terms and
|
||||
conditions either of that published version or of any later version
|
||||
published by the Free Software Foundation. If the Library as you
|
||||
received it does not specify a version number of the GNU Lesser
|
||||
General Public License, you may choose any version of the GNU Lesser
|
||||
General Public License ever published by the Free Software Foundation.
|
||||
|
||||
If the Library as you received it specifies that a proxy can decide
|
||||
whether future versions of the GNU Lesser General Public License shall
|
||||
apply, that proxy's public statement of acceptance of any version is
|
||||
permanent authorization for you to choose that version for the
|
||||
Library.
|
||||
|
||||
|
||||
E:
|
||||
Duo
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions
|
||||
are met:
|
||||
|
||||
1. Redistributions of source code must retain the above copyright
|
||||
notice, this list of conditions and the following disclaimer.
|
||||
2. Redistributions in binary form must reproduce the above copyright
|
||||
notice, this list of conditions and the following disclaimer in the
|
||||
documentation and/or other materials provided with the distribution.
|
||||
3. The name of the author may not be used to endorse or promote products
|
||||
derived from this software without specific prior written permission.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
||||
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
||||
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
||||
IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
||||
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
|
||||
F:
|
||||
3-Clause BSD License
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions
|
||||
are met:
|
||||
|
||||
1. Redistributions of source code must retain the above copyright
|
||||
notice, this list of conditions and the following disclaimer.
|
||||
2. Redistributions in binary form must reproduce the above copyright
|
||||
notice, this list of conditions and the following disclaimer in the
|
||||
documentation and/or other materials provided with the distribution.
|
||||
3. Neither the name of the copyright holder nor the names of its
|
||||
contributors may be used to endorse or promote products derived from
|
||||
this software without specific prior written permission.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
|
||||
IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
|
||||
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
|
||||
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
|
||||
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
||||
PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
|
||||
PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
||||
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
||||
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||||
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
|
||||
G:
|
||||
2-Clause BSD License
|
||||
|
||||
Redistribution and use in source and binary forms, with or without modification,
|
||||
are permitted provided that the following conditions are met:
|
||||
|
||||
1. Redistributions of source code must retain the above copyright notice,
|
||||
this list of conditions and the following disclaimer.
|
||||
|
||||
2. Redistributions in binary form must reproduce the above copyright notice,
|
||||
this list of conditions and the following disclaimer in the documentation and/or
|
||||
other materials provided with the distribution.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
||||
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
||||
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
||||
IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
|
||||
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
||||
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
||||
OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
||||
WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
|
||||
H:
|
||||
GNU LESSER GENERAL PUBLIC LICENSE
|
||||
Version 2.1, February 1999
|
||||
|
||||
Copyright (C) 1991, 1999 Free Software Foundation, Inc.
|
||||
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
Everyone is permitted to copy and distribute verbatim copies
|
||||
of this license document, but changing it is not allowed.
|
||||
|
||||
[This is the first released version of the Lesser GPL. It also counts
|
||||
as the successor of the GNU Library Public License, version 2, hence
|
||||
the version number 2.1.]
|
||||
|
||||
Preamble
|
||||
|
||||
The licenses for most software are designed to take away your
|
||||
freedom to share and change it. By contrast, the GNU General Public
|
||||
Licenses are intended to guarantee your freedom to share and change
|
||||
free software--to make sure the software is free for all its users.
|
||||
|
||||
This license, the Lesser General Public License, applies to some
|
||||
specially designated software packages--typically libraries--of the
|
||||
Free Software Foundation and other authors who decide to use it. You
|
||||
can use it too, but we suggest you first think carefully about whether
|
||||
this license or the ordinary General Public License is the better
|
||||
strategy to use in any particular case, based on the explanations below.
|
||||
|
||||
When we speak of free software, we are referring to freedom of use,
|
||||
not price. Our General Public Licenses are designed to make sure that
|
||||
you have the freedom to distribute copies of free software (and charge
|
||||
for this service if you wish); that you receive source code or can get
|
||||
it if you want it; that you can change the software and use pieces of
|
||||
it in new free programs; and that you are informed that you can do
|
||||
these things.
|
||||
|
||||
To protect your rights, we need to make restrictions that forbid
|
||||
distributors to deny you these rights or to ask you to surrender these
|
||||
rights. These restrictions translate to certain responsibilities for
|
||||
you if you distribute copies of the library or if you modify it.
|
||||
|
||||
For example, if you distribute copies of the library, whether gratis
|
||||
or for a fee, you must give the recipients all the rights that we gave
|
||||
you. You must make sure that they, too, receive or can get the source
|
||||
code. If you link other code with the library, you must provide
|
||||
complete object files to the recipients, so that they can relink them
|
||||
with the library after making changes to the library and recompiling
|
||||
it. And you must show them these terms so they know their rights.
|
||||
|
||||
We protect your rights with a two-step method: (1) we copyright the
|
||||
library, and (2) we offer you this license, which gives you legal
|
||||
permission to copy, distribute and/or modify the library.
|
||||
|
||||
To protect each distributor, we want to make it very clear that
|
||||
there is no warranty for the free library. Also, if the library is
|
||||
modified by someone else and passed on, the recipients should know
|
||||
that what they have is not the original version, so that the original
|
||||
author's reputation will not be affected by problems that might be
|
||||
introduced by others.
|
||||
|
||||
Finally, software patents pose a constant threat to the existence of
|
||||
any free program. We wish to make sure that a company cannot
|
||||
effectively restrict the users of a free program by obtaining a
|
||||
restrictive license from a patent holder. Therefore, we insist that
|
||||
any patent license obtained for a version of the library must be
|
||||
consistent with the full freedom of use specified in this license.
|
||||
|
||||
Most GNU software, including some libraries, is covered by the
|
||||
ordinary GNU General Public License. This license, the GNU Lesser
|
||||
General Public License, applies to certain designated libraries, and
|
||||
is quite different from the ordinary General Public License. We use
|
||||
this license for certain libraries in order to permit linking those
|
||||
libraries into non-free programs.
|
||||
|
||||
When a program is linked with a library, whether statically or using
|
||||
a shared library, the combination of the two is legally speaking a
|
||||
combined work, a derivative of the original library. The ordinary
|
||||
General Public License therefore permits such linking only if the
|
||||
entire combination fits its criteria of freedom. The Lesser General
|
||||
Public License permits more lax criteria for linking other code with
|
||||
the library.
|
||||
|
||||
We call this license the "Lesser" General Public License because it
|
||||
does Less to protect the user's freedom than the ordinary General
|
||||
Public License. It also provides other free software developers Less
|
||||
of an advantage over competing non-free programs. These disadvantages
|
||||
are the reason we use the ordinary General Public License for many
|
||||
libraries. However, the Lesser license provides advantages in certain
|
||||
special circumstances.
|
||||
|
||||
For example, on rare occasions, there may be a special need to
|
||||
encourage the widest possible use of a certain library, so that it becomes
|
||||
a de-facto standard. To achieve this, non-free programs must be
|
||||
allowed to use the library. A more frequent case is that a free
|
||||
library does the same job as widely used non-free libraries. In this
|
||||
case, there is little to gain by limiting the free library to free
|
||||
software only, so we use the Lesser General Public License.
|
||||
|
||||
In other cases, permission to use a particular library in non-free
|
||||
programs enables a greater number of people to use a large body of
|
||||
free software. For example, permission to use the GNU C Library in
|
||||
non-free programs enables many more people to use the whole GNU
|
||||
operating system, as well as its variant, the GNU/Linux operating
|
||||
system.
|
||||
|
||||
Although the Lesser General Public License is Less protective of the
|
||||
users' freedom, it does ensure that the user of a program that is
|
||||
linked with the Library has the freedom and the wherewithal to run
|
||||
that program using a modified version of the Library.
|
||||
|
||||
The precise terms and conditions for copying, distribution and
|
||||
modification follow. Pay close attention to the difference between a
|
||||
"work based on the library" and a "work that uses the library". The
|
||||
former contains code derived from the library, whereas the latter must
|
||||
be combined with the library in order to run.
|
||||
|
||||
GNU LESSER GENERAL PUBLIC LICENSE
|
||||
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
|
||||
|
||||
0. This License Agreement applies to any software library or other
|
||||
program which contains a notice placed by the copyright holder or
|
||||
other authorized party saying it may be distributed under the terms of
|
||||
this Lesser General Public License (also called "this License").
|
||||
Each licensee is addressed as "you".
|
||||
|
||||
A "library" means a collection of software functions and/or data
|
||||
prepared so as to be conveniently linked with application programs
|
||||
(which use some of those functions and data) to form executables.
|
||||
|
||||
The "Library", below, refers to any such software library or work
|
||||
which has been distributed under these terms. A "work based on the
|
||||
Library" means either the Library or any derivative work under
|
||||
copyright law: that is to say, a work containing the Library or a
|
||||
portion of it, either verbatim or with modifications and/or translated
|
||||
straightforwardly into another language. (Hereinafter, translation is
|
||||
included without limitation in the term "modification".)
|
||||
|
||||
"Source code" for a work means the preferred form of the work for
|
||||
making modifications to it. For a library, complete source code means
|
||||
all the source code for all modules it contains, plus any associated
|
||||
interface definition files, plus the scripts used to control compilation
|
||||
and installation of the library.
|
||||
|
||||
Activities other than copying, distribution and modification are not
|
||||
covered by this License; they are outside its scope. The act of
|
||||
running a program using the Library is not restricted, and output from
|
||||
such a program is covered only if its contents constitute a work based
|
||||
on the Library (independent of the use of the Library in a tool for
|
||||
writing it). Whether that is true depends on what the Library does
|
||||
and what the program that uses the Library does.
|
||||
|
||||
1. You may copy and distribute verbatim copies of the Library's
|
||||
complete source code as you receive it, in any medium, provided that
|
||||
you conspicuously and appropriately publish on each copy an
|
||||
appropriate copyright notice and disclaimer of warranty; keep intact
|
||||
all the notices that refer to this License and to the absence of any
|
||||
warranty; and distribute a copy of this License along with the
|
||||
Library.
|
||||
|
||||
You may charge a fee for the physical act of transferring a copy,
|
||||
and you may at your option offer warranty protection in exchange for a
|
||||
fee.
|
||||
|
||||
2. You may modify your copy or copies of the Library or any portion
|
||||
of it, thus forming a work based on the Library, and copy and
|
||||
distribute such modifications or work under the terms of Section 1
|
||||
above, provided that you also meet all of these conditions:
|
||||
|
||||
a) The modified work must itself be a software library.
|
||||
|
||||
b) You must cause the files modified to carry prominent notices
|
||||
stating that you changed the files and the date of any change.
|
||||
|
||||
c) You must cause the whole of the work to be licensed at no
|
||||
charge to all third parties under the terms of this License.
|
||||
|
||||
d) If a facility in the modified Library refers to a function or a
|
||||
table of data to be supplied by an application program that uses
|
||||
the facility, other than as an argument passed when the facility
|
||||
is invoked, then you must make a good faith effort to ensure that,
|
||||
in the event an application does not supply such function or
|
||||
table, the facility still operates, and performs whatever part of
|
||||
its purpose remains meaningful.
|
||||
|
||||
(For example, a function in a library to compute square roots has
|
||||
a purpose that is entirely well-defined independent of the
|
||||
application. Therefore, Subsection 2d requires that any
|
||||
application-supplied function or table used by this function must
|
||||
be optional: if the application does not supply it, the square
|
||||
root function must still compute square roots.)
|
||||
|
||||
These requirements apply to the modified work as a whole. If
|
||||
identifiable sections of that work are not derived from the Library,
|
||||
and can be reasonably considered independent and separate works in
|
||||
themselves, then this License, and its terms, do not apply to those
|
||||
sections when you distribute them as separate works. But when you
|
||||
distribute the same sections as part of a whole which is a work based
|
||||
on the Library, the distribution of the whole must be on the terms of
|
||||
this License, whose permissions for other licensees extend to the
|
||||
entire whole, and thus to each and every part regardless of who wrote
|
||||
it.
|
||||
|
||||
Thus, it is not the intent of this section to claim rights or contest
|
||||
your rights to work written entirely by you; rather, the intent is to
|
||||
exercise the right to control the distribution of derivative or
|
||||
collective works based on the Library.
|
||||
|
||||
In addition, mere aggregation of another work not based on the Library
|
||||
with the Library (or with a work based on the Library) on a volume of
|
||||
a storage or distribution medium does not bring the other work under
|
||||
the scope of this License.
|
||||
|
||||
3. You may opt to apply the terms of the ordinary GNU General Public
|
||||
License instead of this License to a given copy of the Library. To do
|
||||
this, you must alter all the notices that refer to this License, so
|
||||
that they refer to the ordinary GNU General Public License, version 2,
|
||||
instead of to this License. (If a newer version than version 2 of the
|
||||
ordinary GNU General Public License has appeared, then you can specify
|
||||
that version instead if you wish.) Do not make any other change in
|
||||
these notices.
|
||||
|
||||
Once this change is made in a given copy, it is irreversible for
|
||||
that copy, so the ordinary GNU General Public License applies to all
|
||||
subsequent copies and derivative works made from that copy.
|
||||
|
||||
This option is useful when you wish to copy part of the code of
|
||||
the Library into a program that is not a library.
|
||||
|
||||
4. You may copy and distribute the Library (or a portion or
|
||||
derivative of it, under Section 2) in object code or executable form
|
||||
under the terms of Sections 1 and 2 above provided that you accompany
|
||||
it with the complete corresponding machine-readable source code, which
|
||||
must be distributed under the terms of Sections 1 and 2 above on a
|
||||
medium customarily used for software interchange.
|
||||
|
||||
If distribution of object code is made by offering access to copy
|
||||
from a designated place, then offering equivalent access to copy the
|
||||
source code from the same place satisfies the requirement to
|
||||
distribute the source code, even though third parties are not
|
||||
compelled to copy the source along with the object code.
|
||||
|
||||
5. A program that contains no derivative of any portion of the
|
||||
Library, but is designed to work with the Library by being compiled or
|
||||
linked with it, is called a "work that uses the Library". Such a
|
||||
work, in isolation, is not a derivative work of the Library, and
|
||||
therefore falls outside the scope of this License.
|
||||
|
||||
However, linking a "work that uses the Library" with the Library
|
||||
creates an executable that is a derivative of the Library (because it
|
||||
contains portions of the Library), rather than a "work that uses the
|
||||
library". The executable is therefore covered by this License.
|
||||
Section 6 states terms for distribution of such executables.
|
||||
|
||||
When a "work that uses the Library" uses material from a header file
|
||||
that is part of the Library, the object code for the work may be a
|
||||
derivative work of the Library even though the source code is not.
|
||||
Whether this is true is especially significant if the work can be
|
||||
linked without the Library, or if the work is itself a library. The
|
||||
threshold for this to be true is not precisely defined by law.
|
||||
|
||||
If such an object file uses only numerical parameters, data
|
||||
structure layouts and accessors, and small macros and small inline
|
||||
functions (ten lines or less in length), then the use of the object
|
||||
file is unrestricted, regardless of whether it is legally a derivative
|
||||
work. (Executables containing this object code plus portions of the
|
||||
Library will still fall under Section 6.)
|
||||
|
||||
Otherwise, if the work is a derivative of the Library, you may
|
||||
distribute the object code for the work under the terms of Section 6.
|
||||
Any executables containing that work also fall under Section 6,
|
||||
whether or not they are linked directly with the Library itself.
|
||||
|
||||
6. As an exception to the Sections above, you may also combine or
|
||||
link a "work that uses the Library" with the Library to produce a
|
||||
work containing portions of the Library, and distribute that work
|
||||
under terms of your choice, provided that the terms permit
|
||||
modification of the work for the customer's own use and reverse
|
||||
engineering for debugging such modifications.
|
||||
|
||||
You must give prominent notice with each copy of the work that the
|
||||
Library is used in it and that the Library and its use are covered by
|
||||
this License. You must supply a copy of this License. If the work
|
||||
during execution displays copyright notices, you must include the
|
||||
copyright notice for the Library among them, as well as a reference
|
||||
directing the user to the copy of this License. Also, you must do one
|
||||
of these things:
|
||||
|
||||
a) Accompany the work with the complete corresponding
|
||||
machine-readable source code for the Library including whatever
|
||||
changes were used in the work (which must be distributed under
|
||||
Sections 1 and 2 above); and, if the work is an executable linked
|
||||
with the Library, with the complete machine-readable "work that
|
||||
uses the Library", as object code and/or source code, so that the
|
||||
user can modify the Library and then relink to produce a modified
|
||||
executable containing the modified Library. (It is understood
|
||||
that the user who changes the contents of definitions files in the
|
||||
Library will not necessarily be able to recompile the application
|
||||
to use the modified definitions.)
|
||||
|
||||
b) Use a suitable shared library mechanism for linking with the
|
||||
Library. A suitable mechanism is one that (1) uses at run time a
|
||||
copy of the library already present on the user's computer system,
|
||||
rather than copying library functions into the executable, and (2)
|
||||
will operate properly with a modified version of the library, if
|
||||
the user installs one, as long as the modified version is
|
||||
interface-compatible with the version that the work was made with.
|
||||
|
||||
c) Accompany the work with a written offer, valid for at
|
||||
least three years, to give the same user the materials
|
||||
specified in Subsection 6a, above, for a charge no more
|
||||
than the cost of performing this distribution.
|
||||
|
||||
d) If distribution of the work is made by offering access to copy
|
||||
from a designated place, offer equivalent access to copy the above
|
||||
specified materials from the same place.
|
||||
|
||||
e) Verify that the user has already received a copy of these
|
||||
materials or that you have already sent this user a copy.
|
||||
|
||||
For an executable, the required form of the "work that uses the
|
||||
Library" must include any data and utility programs needed for
|
||||
reproducing the executable from it. However, as a special exception,
|
||||
the materials to be distributed need not include anything that is
|
||||
normally distributed (in either source or binary form) with the major
|
||||
components (compiler, kernel, and so on) of the operating system on
|
||||
which the executable runs, unless that component itself accompanies
|
||||
the executable.
|
||||
|
||||
It may happen that this requirement contradicts the license
|
||||
restrictions of other proprietary libraries that do not normally
|
||||
accompany the operating system. Such a contradiction means you cannot
|
||||
use both them and the Library together in an executable that you
|
||||
distribute.
|
||||
|
||||
7. You may place library facilities that are a work based on the
|
||||
Library side-by-side in a single library together with other library
|
||||
facilities not covered by this License, and distribute such a combined
|
||||
library, provided that the separate distribution of the work based on
|
||||
the Library and of the other library facilities is otherwise
|
||||
permitted, and provided that you do these two things:
|
||||
|
||||
a) Accompany the combined library with a copy of the same work
|
||||
based on the Library, uncombined with any other library
|
||||
facilities. This must be distributed under the terms of the
|
||||
Sections above.
|
||||
|
||||
b) Give prominent notice with the combined library of the fact
|
||||
that part of it is a work based on the Library, and explaining
|
||||
where to find the accompanying uncombined form of the same work.
|
||||
|
||||
8. You may not copy, modify, sublicense, link with, or distribute
|
||||
the Library except as expressly provided under this License. Any
|
||||
attempt otherwise to copy, modify, sublicense, link with, or
|
||||
distribute the Library is void, and will automatically terminate your
|
||||
rights under this License. However, parties who have received copies,
|
||||
or rights, from you under this License will not have their licenses
|
||||
terminated so long as such parties remain in full compliance.
|
||||
|
||||
9. You are not required to accept this License, since you have not
|
||||
signed it. However, nothing else grants you permission to modify or
|
||||
distribute the Library or its derivative works. These actions are
|
||||
prohibited by law if you do not accept this License. Therefore, by
|
||||
modifying or distributing the Library (or any work based on the
|
||||
Library), you indicate your acceptance of this License to do so, and
|
||||
all its terms and conditions for copying, distributing or modifying
|
||||
the Library or works based on it.
|
||||
|
||||
10. Each time you redistribute the Library (or any work based on the
|
||||
Library), the recipient automatically receives a license from the
|
||||
original licensor to copy, distribute, link with or modify the Library
|
||||
subject to these terms and conditions. You may not impose any further
|
||||
restrictions on the recipients' exercise of the rights granted herein.
|
||||
You are not responsible for enforcing compliance by third parties with
|
||||
this License.
|
||||
|
||||
11. If, as a consequence of a court judgment or allegation of patent
|
||||
infringement or for any other reason (not limited to patent issues),
|
||||
conditions are imposed on you (whether by court order, agreement or
|
||||
otherwise) that contradict the conditions of this License, they do not
|
||||
excuse you from the conditions of this License. If you cannot
|
||||
distribute so as to satisfy simultaneously your obligations under this
|
||||
License and any other pertinent obligations, then as a consequence you
|
||||
may not distribute the Library at all. For example, if a patent
|
||||
license would not permit royalty-free redistribution of the Library by
|
||||
all those who receive copies directly or indirectly through you, then
|
||||
the only way you could satisfy both it and this License would be to
|
||||
refrain entirely from distribution of the Library.
|
||||
|
||||
If any portion of this section is held invalid or unenforceable under any
|
||||
particular circumstance, the balance of the section is intended to apply,
|
||||
and the section as a whole is intended to apply in other circumstances.
|
||||
|
||||
It is not the purpose of this section to induce you to infringe any
|
||||
patents or other property right claims or to contest validity of any
|
||||
such claims; this section has the sole purpose of protecting the
|
||||
integrity of the free software distribution system which is
|
||||
implemented by public license practices. Many people have made
|
||||
generous contributions to the wide range of software distributed
|
||||
through that system in reliance on consistent application of that
|
||||
system; it is up to the author/donor to decide if he or she is willing
|
||||
to distribute software through any other system and a licensee cannot
|
||||
impose that choice.
|
||||
|
||||
This section is intended to make thoroughly clear what is believed to
|
||||
be a consequence of the rest of this License.
|
||||
|
||||
12. If the distribution and/or use of the Library is restricted in
|
||||
certain countries either by patents or by copyrighted interfaces, the
|
||||
original copyright holder who places the Library under this License may add
|
||||
an explicit geographical distribution limitation excluding those countries,
|
||||
so that distribution is permitted only in or among countries not thus
|
||||
excluded. In such case, this License incorporates the limitation as if
|
||||
written in the body of this License.
|
||||
|
||||
13. The Free Software Foundation may publish revised and/or new
|
||||
versions of the Lesser General Public License from time to time.
|
||||
Such new versions will be similar in spirit to the present version,
|
||||
but may differ in detail to address new problems or concerns.
|
||||
|
||||
Each version is given a distinguishing version number. If the Library
|
||||
specifies a version number of this License which applies to it and
|
||||
"any later version", you have the option of following the terms and
|
||||
conditions either of that version or of any later version published by
|
||||
the Free Software Foundation. If the Library does not specify a
|
||||
license version number, you may choose any version ever published by
|
||||
the Free Software Foundation.
|
||||
|
||||
14. If you wish to incorporate parts of the Library into other free
|
||||
programs whose distribution conditions are incompatible with these,
|
||||
write to the author to ask for permission. For software which is
|
||||
copyrighted by the Free Software Foundation, write to the Free
|
||||
Software Foundation; we sometimes make exceptions for this. Our
|
||||
decision will be guided by the two goals of preserving the free status
|
||||
of all derivatives of our free software and of promoting the sharing
|
||||
and reuse of software generally.
|
||||
|
||||
NO WARRANTY
|
||||
|
||||
15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
|
||||
WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
|
||||
EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
|
||||
OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
|
||||
KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
|
||||
LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
|
||||
THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
|
||||
|
||||
16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
|
||||
WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
|
||||
AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
|
||||
FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
|
||||
CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
|
||||
LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
|
||||
RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
|
||||
FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
|
||||
SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
|
||||
DAMAGES.
|
||||
|
||||
|
||||
|
||||
Programs and licenses with other licenses and/or authors than the
|
||||
main license and authors:
|
||||
|
||||
lib/3rdParty/tcpdf/fonts/DejaVu*.ttf A Public Domain, Bitstream, Inc., Tavmjong Bah
|
||||
lib/3rdParty/tcpdf/fonts/DejaVu*.z A Public Domain, Bitstream, Inc., Tavmjong Bah
|
||||
lib/3rdParty/phpseclib B Jim Wigginton
|
||||
templates/lib/*jquery*.js B 2010 John Resig, Paul Bakaus, Fred Heusschen
|
||||
templates/lib/*jquery-dropmenu-*.js B 2010 Fred Heusschen
|
||||
templates/lib/*jquery-validationEngine-*.js B 2010 Cedric Dugas and Olivier Refalo
|
||||
templates/lib/*jquery-fineuploader-*.js B 2010 Andrew Valums
|
||||
|
||||
lib/3rdParty/composer/beberlei G 2013 Benjamin Eberlei
|
||||
lib/3rdParty/composer/composer B Nils Adermann, Jordi Boggiano
|
||||
lib/3rdParty/composer/fgrosse B 2015 Friedrich Große
|
||||
lib/3rdParty/composer/nyholm B 2016 Tobias Nyholm
|
||||
lib/3rdParty/composer/paragonie B 2015 Paragon Initiative Enterprises
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Crypt_Blowfish H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Exception H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Idna G
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Imap_Client H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_ListHeaders H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Mail G
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Mime H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Secret H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Socket_Client H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Stream H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Stream_Filter H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Stream_Wrapper G
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Support G
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Text_Flowed H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Translation H
|
||||
lib/3rdParty/composer/pear-pear.horde.org/Horde_Util H
|
||||
lib/3rdParty/composer/php-http B 2015 PHP HTTP Team
|
||||
lib/3rdParty/composer/phpmailer H
|
||||
lib/3rdParty/composer/psr B 2018 PHP Framework Interoperability Group
|
||||
lib/3rdParty/composer/ramsey B 2018 Ben Ramsey
|
||||
lib/3rdParty/composer/spomky-labs B 2018 Spomky-Labs
|
||||
lib/3rdParty/composer/symfony B 2019 Fabien Potencier
|
||||
lib/3rdParty/composer/web-auth B 2018 Spomky-Labs
|
||||
lib/3rdParty/tcpdf D 2020 Nicola Asuni - Tecnick.com LTD
|
||||
lib/3rdParty/tcpdf/fonts/dejavu*.z A Public Domain, Bitstream, Inc., Tavmjong Bah
|
||||
lib/3rdParty/phpseclib B 2019 TerraFrost and other contributors
|
||||
lib/3rdParty/Monolog B 2011 Jordi Boggiano
|
||||
lib/3rdParty/Psr B 2012 PHP Framework Interoperability Group
|
||||
lib/3rdParty/yubico/Yubico.php C 2015 Yubico AB
|
||||
templates/lib/*jquery*.js B 2018 jQuery Foundation and other contributors
|
||||
style/120_jquery-ui*.css B 2016 jQuery Foundation and other contributors
|
||||
templates/lib/*jquery-dropmenu-*.js B 2010 Fred Heusschen
|
||||
style/150_jquery-dropmenu*.css B 2010 Fred Heusschen
|
||||
templates/lib/*jquery-fineuploader-*.js B 2010 Andrew Valums
|
||||
style/150_jquery-fineuploader*.css B 2010 Andrew Valums
|
||||
templates/lib/*jquery-validationEngine-*.js B 2010 Cedric Dugas and Olivier Refalo
|
||||
style/150_jquery-validationEngine*.css B 2010 Cedric Dugas and Olivier Refalo
|
||||
templates/lib/extra/cropperjs B 2018 Chen Fengyuan
|
||||
style/600_cropper*.css B 2018 Chen Fengyuan
|
||||
templates/lib/extra/duo/*.js E 2019 Duo Security
|
||||
lib/3rdParty/duo/*.php E 2019 Duo Security
|
||||
graphics/webauthn.svg F 2017 Duo Security, Inc.
|
||||
templates/lib/600_jquery.magnific-popup.js B 2016 Dmitry Semenov
|
||||
style/610_magnific-popup.css B 2016 Dmitry Semenov
|
||||
style/responsive/105_normalize.css B Nicolas Gallagher and Jonathan Neal
|
||||
style/responsive/110_grid.css B
|
||||
|
||||
|
|
|
@ -21,11 +21,11 @@ The main script for the account pages is located in <span
|
|||
a very simple content. If the page is loaded for the first time it
|
||||
creates a new <span style="font-weight: bold;">accountContainer</span>
|
||||
inside the session and tells it to load/create an LDAP account. Then it
|
||||
calles the <span style="font-weight: bold;">continue_main()</span>
|
||||
calls the <span style="font-weight: bold;">continue_main()</span>
|
||||
function of the <span style="font-weight: bold;">accountContainer</span>
|
||||
object which prints all HTML output.<br>
|
||||
<br>
|
||||
Managing of user input etc. is completly made by the <span
|
||||
Managing of user input etc. is completely made by the <span
|
||||
style="font-weight: bold;">accountContainer</span>.<br>
|
||||
<br>
|
||||
</body>
|
||||
|
|
|
@ -54,7 +54,7 @@ to make it easier for the user to modify the values. The dynamic
|
|||
options provided by the modules do not include a comment.<br>
|
||||
<br>
|
||||
<h2>Master configuration file</h2>
|
||||
LAM stores the default configuartion profile and a master password in <span
|
||||
LAM stores the default configuration profile and a master password in <span
|
||||
style="font-style: italic;">config/config.cfg</span>.<br>
|
||||
The master password is verified when the user wants to create/delete
|
||||
configuration profiles.<br>
|
||||
|
|
|
@ -39,7 +39,7 @@ attribute. Therefore we will save these two values.<br>
|
|||
* This function loads all needed attributes into the
|
||||
object.<br>
|
||||
*<br>
|
||||
* @param array $attr an array as it is retured from
|
||||
* @param array $attr an array as it is returned from
|
||||
ldap_get_attributes<br>
|
||||
*/<br>
|
||||
<span style="font-weight: bold;">function</span> <span style="color: rgb(255, 0, 0);">load_attributes</span>($attr) {<br>
|
||||
|
|
|
@ -58,7 +58,7 @@ class</span> <span style="color: rgb(255, 0, 0);">ieee802Device</span>
|
|||
</table>
|
||||
<br>
|
||||
<h2>4. Meta data</h2>
|
||||
The module interface inludes a lot of required and optional functions.
|
||||
The module interface includes a lot of required and optional functions.
|
||||
Many of these functions do not need to be implemented directly in the
|
||||
module, you can define <span style="font-weight: bold;">meta data</span>
|
||||
for them and the <span style="font-weight: bold;">baseModule</span>
|
||||
|
|
|
@ -137,7 +137,7 @@ the <span style="font-style: italic;">baseModule</span> will use the <span style
|
|||
check. This function already contains regular expressions for the most
|
||||
common cases.<br>
|
||||
To check if the minimum GID is smaller than the maximum GID we define a
|
||||
check for the nonexistant option "cmpGID" and define it as optional.
|
||||
check for the nonexistent option "cmpGID" and define it as optional.
|
||||
This will do the comparison check.<br>
|
||||
<br>
|
||||
<br>
|
||||
|
|
|
@ -122,7 +122,7 @@ get_metaData() {<br>
|
|||
<br>
|
||||
<br>
|
||||
<h2>4. Dependencies</h2>
|
||||
Modules can depend on eachother. This is useful if you need to access
|
||||
Modules can depend on each other. This is useful if you need to access
|
||||
attributes from other modules or the managed object classes of your
|
||||
module are not structural.<br>
|
||||
<br>
|
||||
|
@ -198,7 +198,7 @@ is set dynamically<br>
|
|||
You can tell LAM what object classes are managed by your module.<br>
|
||||
LAM will then check the spelling of the objectClass attributes and
|
||||
correct it automatically. This is useful if other applications (e.g.
|
||||
smbldap-tools) also create accounts and the spelling is differnt.<br>
|
||||
smbldap-tools) also create accounts and the spelling is different.<br>
|
||||
<br>
|
||||
<span style="font-weight: bold; text-decoration: underline;">Example:</span><br>
|
||||
<br>
|
||||
|
|
|
@ -21,7 +21,7 @@ They are configured on tab "Jobs" in LAM server profile.<br>
|
|||
<div style="text-align: left;">See ppolicyUser module for an example.<br>
|
||||
<br>
|
||||
<h2>Adding the job class</h2>
|
||||
The module defines the list of suuported jobs with function
|
||||
The module defines the list of supported jobs with function
|
||||
getSupportedJobs().<br>
|
||||
<table style="width: 100%; text-align: left;" class="mod-code" border="0" cellpadding="2" cellspacing="2">
|
||||
<tbody>
|
||||
|
@ -77,7 +77,7 @@ If your job requires any configuration options then use get/checkConfigOptions()
|
|||
<br>
|
||||
<h2>Database</h2>
|
||||
Jobs can access a database to read and store data about job runs. Use
|
||||
this e.g. if you need to save any status information accross job runs.<br>
|
||||
this e.g. if you need to save any status information across job runs.<br>
|
||||
Database access is specified with needsDatabaseAccess().<br>
|
||||
<br>
|
||||
There is a built-in database upgrade mechanism. Your job must return
|
||||
|
|
|
@ -18,7 +18,7 @@ designed to be editable by hand. They do not allow to add comments and
|
|||
have a simpler format.<br>
|
||||
<br>
|
||||
<h2>Format</h2>
|
||||
There is one option per line which is formated: <identifier>:
|
||||
There is one option per line which is formatted: <identifier>:
|
||||
<value><br>
|
||||
<br>
|
||||
Identifier is the option's name, value is the rest of the line after
|
||||
|
|
|
@ -88,10 +88,10 @@ class <span style="font-weight: bold;">toolProfileEditor</span> implements <span
|
|||
}<br>
|
||||
<br>
|
||||
/**<br>
|
||||
* Returns the prefered position of this tool on the tools page.<br>
|
||||
* Returns the preferred position of this tool on the tools page.<br>
|
||||
* The position may be between 0 and 1000. 0 is the top position.<br>
|
||||
*<br>
|
||||
* @return int prefered position<br>
|
||||
* @return int preferred position<br>
|
||||
*/<br>
|
||||
function <span style="font-weight: bold;">getPosition</span>() {<br>
|
||||
return 100;<br>
|
||||
|
|
|
@ -91,10 +91,10 @@ Example:<br>
|
|||
<pre> }</pre>
|
||||
<pre> </pre>
|
||||
<pre> /**</pre>
|
||||
<pre> * Returns the prefered position of this tool on the tools page.</pre>
|
||||
<pre> * Returns the preferred position of this tool on the tools page.</pre>
|
||||
<pre> * The position may be between 0 and 1000. 0 is the top position.</pre>
|
||||
<pre> *</pre>
|
||||
<pre> * @return int prefered position</pre>
|
||||
<pre> * @return int preferred position</pre>
|
||||
<pre> */</pre>
|
||||
<pre> function getPosition() {</pre>
|
||||
<pre> return 600;</pre>
|
||||
|
|
|
@ -115,7 +115,7 @@ If you want to change more than just the labels, take a look at <span
|
|||
style="font-weight: bold;">lib/types/user.inc</span>. When a list is
|
||||
displayed then the <span style="font-weight: bold;">showPage()</span>
|
||||
function is called. You can overwrite this function to display a
|
||||
completly new list or just one of the other functions.<br>
|
||||
completely new list or just one of the other functions.<br>
|
||||
<br>
|
||||
<table style="width: 100%; text-align: left;" class="mod-code"
|
||||
border="0" cellpadding="2" cellspacing="2">
|
||||
|
|
|
@ -60,6 +60,22 @@ This is a list of API changes for all LAM releases.
|
|||
|
||||
<br>
|
||||
|
||||
<h2>6.7 -> 6.8</h2>
|
||||
<ul>
|
||||
<li>Module API
|
||||
<ul>
|
||||
<li>display_html_attributes(): use responsive HTML elements instead of tables</li>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
<h2>6.3 -> 6.4</h2>
|
||||
<ul>
|
||||
<li>Module API
|
||||
<ul>
|
||||
<li>get_profileOptions(): should no longer return a htmlTable but a htmlResponsiveRow</li>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
<h2>6.2 -> 6.3</h2>
|
||||
<ul>
|
||||
<li>Module API
|
||||
|
|
|
@ -1,28 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
|
||||
<appendix id="mailSetup">
|
||||
<title>Setup of email (SMTP) server</title>
|
||||
|
||||
<para>LAM always uses a local SMTP email server on the machine where LAM
|
||||
is installed. Therefore, there is no need to configure any SMTP settings
|
||||
inside LAM itself.</para>
|
||||
|
||||
<para>The local email server should be configured to forward all emails to
|
||||
your company mail server (so-called smarthost). You can use any SMTP
|
||||
software that ships with a Sendmail wrapper (e.g. Exim, Postfix, QMail or
|
||||
Sendmail itself).</para>
|
||||
|
||||
<literallayout>
|
||||
|
||||
</literallayout>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/lam_mail.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
</appendix>
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
<tgroup cols="6">
|
||||
<thead>
|
||||
<row>
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
|
||||
<entry>Account type</entry>
|
||||
|
||||
|
@ -32,7 +32,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_unix.png" />
|
||||
<imagedata fileref="images/schema_unix.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -53,7 +53,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_inetOrgPerson.png" />
|
||||
<imagedata fileref="images/schema_inetOrgPerson.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -65,13 +65,13 @@
|
|||
|
||||
<entry>Part of OpenLDAP installation</entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_samba.png" />
|
||||
<imagedata fileref="images/schema_samba.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -83,13 +83,13 @@
|
|||
|
||||
<entry>Part of Samba tarball (examples/LDAP/samba.schema)</entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_samba.png" />
|
||||
<imagedata fileref="images/schema_samba.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -97,17 +97,35 @@
|
|||
|
||||
<entry>user, group, computer</entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
|
||||
<entry>Samba 4 built-in</entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_kolab.png" />
|
||||
<imagedata fileref="images/schema_samba.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
<entry>AD LDS</entry>
|
||||
|
||||
<entry>user, group</entry>
|
||||
|
||||
<entry/>
|
||||
|
||||
<entry>AD LDS built-in</entry>
|
||||
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_kolab.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -119,13 +137,13 @@
|
|||
|
||||
<entry>Part of Kolab 2/3 installation</entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_asterisk.png" />
|
||||
<imagedata fileref="images/schema_asterisk.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -137,13 +155,13 @@
|
|||
|
||||
<entry>Part of Asterisk installation</entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_pykota.png" />
|
||||
<imagedata fileref="images/schema_pykota.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -156,13 +174,13 @@
|
|||
|
||||
<entry>Part of PyKota installation</entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_mailAlias.png" />
|
||||
<imagedata fileref="images/schema_mailAlias.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -174,13 +192,13 @@
|
|||
|
||||
<entry>Part of OpenLDAP installation</entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_hostObject.png" />
|
||||
<imagedata fileref="images/schema_hostObject.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -198,7 +216,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_authorizedServices.png" />
|
||||
<imagedata fileref="images/schema_authorizedServices.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -210,13 +228,13 @@
|
|||
|
||||
<entry>Part of libpam-ldap installation</entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_mailAlias.png" />
|
||||
<imagedata fileref="images/schema_mailAlias.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -228,13 +246,13 @@
|
|||
|
||||
<entry>Part of OpenLDAP installation</entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_mailAlias.png" />
|
||||
<imagedata fileref="images/schema_mailAlias.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -253,7 +271,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_mac.png" />
|
||||
<imagedata fileref="images/schema_mac.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -265,13 +283,13 @@
|
|||
|
||||
<entry>Part of OpenLDAP installation</entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_ipHost.png" />
|
||||
<imagedata fileref="images/schema_ipHost.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -289,7 +307,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_puppet.png" />
|
||||
<imagedata fileref="images/schema_puppet.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -303,13 +321,13 @@
|
|||
url="https://github.com/puppetlabs/puppet/blob/master/ext/ldap/puppet.schema">Puppet
|
||||
on GitHub</ulink></entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_eduPerson.png" />
|
||||
<imagedata fileref="images/schema_eduPerson.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -322,13 +340,13 @@
|
|||
<entry><ulink
|
||||
url="http://middleware.internet2.edu/eduperson/">http://middleware.internet2.edu</ulink></entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_user.png" />
|
||||
<imagedata fileref="images/schema_user.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -340,13 +358,13 @@
|
|||
|
||||
<entry>Part of OpenLDAP installation</entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_ssh.png" />
|
||||
<imagedata fileref="images/schema_ssh.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -359,13 +377,13 @@
|
|||
<entry>Included in patch from <ulink
|
||||
url="http://code.google.com/p/openssh-lpk/">http://code.google.com/p/openssh-lpk/</ulink></entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_quota.png" />
|
||||
<imagedata fileref="images/schema_quota.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -379,13 +397,13 @@
|
|||
url="http://sourceforge.net/projects/linuxquota/">Linux
|
||||
DiskQuota</ulink></entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_group.png" />
|
||||
<imagedata fileref="images/schema_group.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -403,7 +421,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_group.png" />
|
||||
<imagedata fileref="images/schema_group.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -421,7 +439,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_dhcp.png" />
|
||||
<imagedata fileref="images/schema_dhcp.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -440,7 +458,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_bind.png" />
|
||||
<imagedata fileref="images/schema_bind.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -460,7 +478,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_alias.png" />
|
||||
<imagedata fileref="images/schema_alias.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -478,7 +496,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_netgroup.png" />
|
||||
<imagedata fileref="images/schema_netgroup.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -490,13 +508,13 @@
|
|||
|
||||
<entry>Part of OpenLDAP installation</entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_nisObject.png" />
|
||||
<imagedata fileref="images/schema_nisObject.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -514,7 +532,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_nisObject.png" />
|
||||
<imagedata fileref="images/schema_nisObject.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -532,7 +550,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_oracle.png" />
|
||||
<imagedata fileref="images/schema_oracle.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -553,7 +571,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_ppolicy.png" />
|
||||
<imagedata fileref="images/schema_ppolicy.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -571,7 +589,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_freeRadius.png" />
|
||||
<imagedata fileref="images/schema_freeRadius.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -583,13 +601,13 @@
|
|||
|
||||
<entry>Part of FreeRadius installation</entry>
|
||||
|
||||
<entry></entry>
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_heimdal.png" />
|
||||
<imagedata fileref="images/schema_heimdal.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -607,7 +625,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_mitKerberos.png" />
|
||||
<imagedata fileref="images/schema_mitKerberos.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -625,7 +643,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_sudo.png" />
|
||||
<imagedata fileref="images/schema_sudo.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -643,7 +661,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_kopano.png" />
|
||||
<imagedata fileref="images/schema_kopano.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -662,7 +680,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_zarafa.png" />
|
||||
<imagedata fileref="images/schema_zarafa.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -680,7 +698,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_mailAlias.png" />
|
||||
<imagedata fileref="images/schema_mailAlias.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -698,7 +716,7 @@
|
|||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_nsview.png" />
|
||||
<imagedata fileref="images/schema_nsview.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
|
@ -712,6 +730,25 @@
|
|||
|
||||
<entry>LAM Pro only</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_autoDelete.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
<entry>All</entry>
|
||||
|
||||
<entry>dynamicObject</entry>
|
||||
|
||||
<entry>built-in with DDS module</entry>
|
||||
|
||||
<entry>Part of LDAP server installation</entry>
|
||||
|
||||
<entry>LAM Pro only, requires DDS extension on LDAP server
|
||||
side</entry>
|
||||
</row>
|
||||
</tbody>
|
||||
</tgroup>
|
||||
</table>
|
||||
|
|
|
@ -34,7 +34,7 @@
|
|||
<section>
|
||||
<title>Use of SSL</title>
|
||||
|
||||
<para>The data which is transfered between you and LAM is very sensitive.
|
||||
<para>The data which is transferred between you and LAM is very sensitive.
|
||||
Please always use SSL encrypted connections between LAM and your browser
|
||||
to protect yourself against network sniffers.</para>
|
||||
</section>
|
||||
|
@ -257,7 +257,7 @@ semodule -i httpdlocal.pp</programlisting>
|
|||
|
||||
<listitem>
|
||||
<para>directory contents must be accessible by browser but directory
|
||||
itself needs not to be browseable</para>
|
||||
itself needs not to be browsable</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
|
@ -319,7 +319,7 @@ semodule -i httpdlocal.pp</programlisting>
|
|||
|
||||
<para><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/selfServiceProxy.png" />
|
||||
<imagedata fileref="images/selfServiceProxy.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject></para>
|
||||
|
||||
|
@ -333,8 +333,7 @@ semodule -i httpdlocal.pp</programlisting>
|
|||
CustomLog /var/log/apache2/lam-proxy-access.log combined
|
||||
DocumentRoot /var/www/lam-proxy
|
||||
<Proxy *>
|
||||
Order deny,allow
|
||||
Allow from all
|
||||
Require all granted
|
||||
</Proxy>
|
||||
SSLProxyEngine on
|
||||
SSLEngine on
|
||||
|
@ -446,4 +445,51 @@ semodule -i httpdlocal.pp</programlisting>
|
|||
</programlisting>
|
||||
</section>
|
||||
</section>
|
||||
|
||||
<section id="a_webauthn">
|
||||
<title>Webauthn/FIDO2</title>
|
||||
|
||||
<para>LAM allows to secure logins via <ulink
|
||||
url="https://en.wikipedia.org/wiki/WebAuthn">Webauthn/FIDO2</ulink>. This
|
||||
means your users login with their LDAP password and an additional hardware
|
||||
token (e.g. Yubico Security Key, Windows Hello and many more).</para>
|
||||
|
||||
<para>Webauthn/FIDO2 is a very strong 2-factor-authentication method as it
|
||||
also checks the website domain. This prevents attacks via web
|
||||
proxies.</para>
|
||||
|
||||
<para>To use this feature you need to activate the 2-factor authentication
|
||||
in LAM.</para>
|
||||
|
||||
<para><emphasis role="bold">LAM admin interface</emphasis></para>
|
||||
|
||||
<para>Please activate Webauthn/FIDO2 in your <link
|
||||
linkend="conf_serverprofile_2fa">LAM server profile</link>. Then users
|
||||
will be asked to authenticate via Webauthn/FIDO2 on each login.</para>
|
||||
|
||||
<para>If no device is registered for a user then LAM will ask for this
|
||||
during login. Afterwards, users can manage their devices with the <link
|
||||
linkend="tool_webauthn">Webauthn tool</link>.</para>
|
||||
|
||||
<para><emphasis role="bold">LAM Self Service</emphasis></para>
|
||||
|
||||
<para>Please activate Webauthn/FIDO2 in your <link
|
||||
linkend="selfservice_2fa">LAM self service profile</link>. Then users will
|
||||
be asked to authenticate via Webauthn/FIDO2 on each login.</para>
|
||||
|
||||
<para>If no device is registered for a user then LAM will ask for this
|
||||
during login. Afterwards, users can manage their devices with the <link
|
||||
linkend="selfservice_fields">Webauthn field</link>.</para>
|
||||
|
||||
<para><emphasis role="bold">Global device management</emphasis></para>
|
||||
|
||||
<para>This is for cases where one of your users has no more access to his
|
||||
device and cannot login anymore. In this case you can delete his device(s)
|
||||
in the <link linkend="confmain_webauthn">LAM main
|
||||
configuration</link>.</para>
|
||||
|
||||
<para>Note that devices can only be deleted. Registration of devices can
|
||||
only be done by the user during login or on the management pages listed
|
||||
above.</para>
|
||||
</section>
|
||||
</appendix>
|
||||
|
|
|
@ -1,245 +1,241 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
|
||||
<appendix id="a_passwordSelfResetSchema">
|
||||
<title>Setup password self reset schema (LAM Pro)</title>
|
||||
<appendix id="a_passwordSelfResetSchema">
|
||||
<title>Setup password self reset schema (LAM Pro)</title>
|
||||
|
||||
<section id="passwordSelfResetSchema_new">
|
||||
<title>New installation</title>
|
||||
<section id="passwordSelfResetSchema_new">
|
||||
<title>New installation</title>
|
||||
|
||||
<para>Please see <link
|
||||
linkend="passwordSelfResetSchema_update">here</link> if you want to
|
||||
upgrade an existing schema version.</para>
|
||||
<para>Please see <link
|
||||
linkend="passwordSelfResetSchema_update">here</link> if you want to
|
||||
upgrade an existing schema version.</para>
|
||||
|
||||
<para><emphasis role="bold">Schema installation</emphasis></para>
|
||||
<para><emphasis role="bold">Schema installation</emphasis></para>
|
||||
|
||||
<para>Please install the schema that comes with LAM Pro. The schema
|
||||
files are located in:</para>
|
||||
<para>Please install the schema that comes with LAM Pro. The schema files
|
||||
are located in:</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>tar.bz2: docs/schema</para>
|
||||
</listitem>
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>tar.bz2: docs/schema</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>DEB: /usr/share/doc/ldap-account-manager/docs/schema</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>DEB: /usr/share/doc/ldap-account-manager/docs/schema</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>RPM:
|
||||
/usr/share/doc/ldap-account-manager-{VERSION}/schema</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
<listitem>
|
||||
<para>RPM: /usr/share/doc/ldap-account-manager-{VERSION}/schema</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<literallayout>
|
||||
<literallayout>
|
||||
</literallayout>
|
||||
|
||||
<para><emphasis role="bold">OpenLDAP with slapd.conf
|
||||
configuration</emphasis></para>
|
||||
<para><emphasis role="bold">OpenLDAP with slapd.conf
|
||||
configuration</emphasis></para>
|
||||
|
||||
<para>For a configuration with slapd.conf-file copy
|
||||
passwordSelfReset.schema to /etc/ldap/schema/ and add this line to
|
||||
slapd.conf:</para>
|
||||
<para>For a configuration with slapd.conf-file copy
|
||||
passwordSelfReset.schema to /etc/ldap/schema/ and add this line to
|
||||
slapd.conf:</para>
|
||||
|
||||
<literallayout> include /etc/ldap/schema/passwordSelfReset.schema
|
||||
<literallayout> include /etc/ldap/schema/passwordSelfReset.schema
|
||||
|
||||
</literallayout>
|
||||
|
||||
<para><emphasis role="bold">OpenLDAP with slapd.d
|
||||
configuration</emphasis></para>
|
||||
<para><emphasis role="bold">OpenLDAP with slapd.d
|
||||
configuration</emphasis></para>
|
||||
|
||||
<para>For slapd.d configurations you need to upload the schema file
|
||||
passwordSelfReset.ldif via ldapadd command:</para>
|
||||
<para>For slapd.d configurations you need to upload the schema file
|
||||
passwordSelfReset.ldif via ldapadd command:</para>
|
||||
|
||||
<para>ldapadd -x -W -H ldap://localhost -D "cn=admin,o=test,c=de" -f
|
||||
passwordSelfReset.ldif</para>
|
||||
<para>ldapadd -x -W -H ldap://<emphasis>localhost</emphasis> -D
|
||||
"<emphasis>cn=admin,o=test,c=de</emphasis>" -f
|
||||
passwordSelfReset.ldif</para>
|
||||
|
||||
<para>Please replace "localhost" with your LDAP server and
|
||||
"cn=admin,o=test,c=de" with your LDAP admin user (usually starts with
|
||||
cn=admin or cn=manager).</para>
|
||||
<para>Please replace "<emphasis>localhost</emphasis>" with your LDAP
|
||||
server and "<emphasis>cn=admin,o=test,c=de</emphasis>" with your LDAP
|
||||
admin user (usually starts with cn=admin or cn=manager).</para>
|
||||
|
||||
<literallayout>
|
||||
<literallayout>
|
||||
</literallayout>
|
||||
|
||||
<para><emphasis role="bold">389 server</emphasis></para>
|
||||
<para><emphasis role="bold">389 server</emphasis></para>
|
||||
|
||||
<para>Please replace INSTANCE with installation ID, e.g.
|
||||
slapd-389ds.</para>
|
||||
<para>Please replace INSTANCE with installation ID, e.g.
|
||||
slapd-389ds.</para>
|
||||
|
||||
<literallayout> cp passwordSelfReset-389server.ldif /etc/dirsrv/INSTANCE/schema/70pwdreset.ldif
|
||||
<literallayout> cp passwordSelfReset-389server.ldif /etc/dirsrv/INSTANCE/schema/70pwdreset.ldif
|
||||
systemctl restart dirsrv.target
|
||||
|
||||
</literallayout>
|
||||
|
||||
<para><emphasis role="bold">Samba 4</emphasis></para>
|
||||
<para><emphasis role="bold">Samba 4</emphasis></para>
|
||||
|
||||
<para>The schema files are passwordSelfReset-Samba4-attributes.ldif and
|
||||
passwordSelfReset-Samba4-objectClass.ldif.</para>
|
||||
<para>The schema files are passwordSelfReset-Samba4-attributes.ldif and
|
||||
passwordSelfReset-Samba4-objectClass.ldif.</para>
|
||||
|
||||
<para>First, you need to edit them and replace "DOMAIN_TOP_DN" with your
|
||||
LDAP suffix (e.g. dc=samba4,dc=test).</para>
|
||||
<para>First, you need to edit them and replace "DOMAIN_TOP_DN" with your
|
||||
LDAP suffix (e.g. dc=samba4,dc=test).</para>
|
||||
|
||||
<para>Then install the attribute and afterwards the object class schema
|
||||
file:</para>
|
||||
<para>Then install the attribute and afterwards the object class schema
|
||||
file:</para>
|
||||
|
||||
<literallayout> ldbmodify -H /var/lib/samba/private/sam.ldb passwordSelfReset-Samba4-attributes.ldif --option="dsdb:schema update allowed"=true
|
||||
<literallayout> ldbmodify -H /var/lib/samba/private/sam.ldb passwordSelfReset-Samba4-attributes.ldif --option="dsdb:schema update allowed"=true
|
||||
ldbmodify -H /var/lib/samba/private/sam.ldb passwordSelfReset-Samba4-objectClass.ldif --option="dsdb:schema update allowed"=true
|
||||
|
||||
</literallayout>
|
||||
|
||||
<para><emphasis role="bold">Windows</emphasis></para>
|
||||
<para><emphasis role="bold">Windows</emphasis></para>
|
||||
|
||||
<para>The schema file is passwordSelfReset-Windows.ldif.</para>
|
||||
<para>The schema file is passwordSelfReset-Windows.ldif.</para>
|
||||
|
||||
<para>First, you need to edit it and replace "DOMAIN_TOP_DN" with your
|
||||
LDAP suffix (e.g. dc=windows,dc=test).</para>
|
||||
<para>First, you need to edit it and replace "DOMAIN_TOP_DN" with your
|
||||
LDAP suffix (e.g. dc=windows,dc=test).</para>
|
||||
|
||||
<para>Then install the schema file as administrator on a command
|
||||
line:</para>
|
||||
<para>Then install the schema file as administrator on a command
|
||||
line:</para>
|
||||
|
||||
<literallayout> ldifde -v -i -f passwordSelfReset-Windows.ldif
|
||||
<literallayout> ldifde -v -i -f passwordSelfReset-Windows.ldif
|
||||
|
||||
</literallayout>
|
||||
|
||||
<para>This allows to set a security question + answer for each
|
||||
account.</para>
|
||||
</section>
|
||||
<para>This allows to set a security question + answer for each
|
||||
account.</para>
|
||||
</section>
|
||||
|
||||
<section id="passwordSelfResetSchema_update">
|
||||
<title>Schema update</title>
|
||||
<section id="passwordSelfResetSchema_update">
|
||||
<title>Schema update</title>
|
||||
|
||||
<para>The schema files are located in:</para>
|
||||
<para>The schema files are located in:</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>tar.bz2: docs/schema/updates</para>
|
||||
</listitem>
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>tar.bz2: docs/schema/updates</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>DEB:
|
||||
/usr/share/doc/ldap-account-manager/docs/schema/updates</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>DEB:
|
||||
/usr/share/doc/ldap-account-manager/docs/schema/updates</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>RPM:
|
||||
/usr/share/doc/ldap-account-manager-{VERSION}/schema/updates</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
<listitem>
|
||||
<para>RPM:
|
||||
/usr/share/doc/ldap-account-manager-{VERSION}/schema/updates</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<literallayout>
|
||||
<literallayout>
|
||||
</literallayout>
|
||||
|
||||
<para>Schema versions:</para>
|
||||
<para>Schema versions:</para>
|
||||
|
||||
<orderedlist>
|
||||
<listitem>
|
||||
<para>Initial version (LAM Pro 3.6 - 4.4)</para>
|
||||
</listitem>
|
||||
<orderedlist>
|
||||
<listitem>
|
||||
<para>Initial version (LAM Pro 3.6 - 4.4)</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Added passwordSelfResetBackupMail (LAM Pro 4.5 - 5.5)</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>Added passwordSelfResetBackupMail (LAM Pro 4.5 - 5.5)</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Multiple security questions (LAM Pro 5.6)</para>
|
||||
</listitem>
|
||||
</orderedlist>
|
||||
<listitem>
|
||||
<para>Multiple security questions (LAM Pro 5.6)</para>
|
||||
</listitem>
|
||||
</orderedlist>
|
||||
|
||||
<literallayout>
|
||||
<literallayout>
|
||||
</literallayout>
|
||||
|
||||
<para><emphasis role="bold">OpenLDAP with slapd.conf
|
||||
configuration</emphasis></para>
|
||||
<para><emphasis role="bold">OpenLDAP with slapd.conf
|
||||
configuration</emphasis></para>
|
||||
|
||||
<para>Install the schema file like a <link
|
||||
linkend="passwordSelfResetSchema_new">new install</link> (skip
|
||||
modification of slapd.conf file).</para>
|
||||
<para>Install the schema file like a <link
|
||||
linkend="passwordSelfResetSchema_new">new install</link> (skip
|
||||
modification of slapd.conf file).</para>
|
||||
|
||||
<literallayout>
|
||||
<literallayout>
|
||||
</literallayout>
|
||||
|
||||
<para><emphasis role="bold">OpenLDAP with slapd.d
|
||||
configuration</emphasis></para>
|
||||
<para><emphasis role="bold">OpenLDAP with slapd.d
|
||||
configuration</emphasis></para>
|
||||
|
||||
<para>The upgrade requires to stop the LDAP server.</para>
|
||||
<para>The upgrade requires to stop the LDAP server.</para>
|
||||
|
||||
<para>Steps:</para>
|
||||
<para>Steps:</para>
|
||||
|
||||
<orderedlist>
|
||||
<listitem>
|
||||
<para>Stop OpenLDAP with e.g. "/etc/init.d/slapd stop"</para>
|
||||
</listitem>
|
||||
<orderedlist>
|
||||
<listitem>
|
||||
<para>Stop OpenLDAP with e.g. "/etc/init.d/slapd stop"</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Delete the old schema file. It is located in e.g.
|
||||
"/etc/ldap/slapd.d/cn=config/cn=schema" and called
|
||||
"cn={XX}passwordselfreset.ldif" (XX can be any number)</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>Delete the old schema file. It is located in e.g.
|
||||
"/etc/ldap/slapd.d/cn=config/cn=schema" and called
|
||||
"cn={XX}passwordselfreset.ldif" (XX can be any number)</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Start OpenLDAP with e.g. "/etc/init.d/slapd start"</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>Start OpenLDAP with e.g. "/etc/init.d/slapd start"</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Install the schema file like a <link
|
||||
linkend="passwordSelfResetSchema_new">new install</link></para>
|
||||
</listitem>
|
||||
</orderedlist>
|
||||
<listitem>
|
||||
<para>Install the schema file like a <link
|
||||
linkend="passwordSelfResetSchema_new">new install</link></para>
|
||||
</listitem>
|
||||
</orderedlist>
|
||||
|
||||
<literallayout>
|
||||
<literallayout>
|
||||
</literallayout>
|
||||
|
||||
<para><emphasis role="bold">Samba 4</emphasis></para>
|
||||
<para><emphasis role="bold">Samba 4</emphasis></para>
|
||||
|
||||
<para>Install the these update files by following the install
|
||||
instructions in the file. In case you you upgrade with a version
|
||||
difference of 2 or more you will need to apply all intermediate update
|
||||
scripts.</para>
|
||||
<para>Install the these update files by following the install instructions
|
||||
in the file. In case you you upgrade with a version difference of 2 or
|
||||
more you will need to apply all intermediate update scripts.</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>samba4_version_1_to_2_attributes.ldif (upgrade from version 1
|
||||
only)</para>
|
||||
</listitem>
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>samba4_version_1_to_2_attributes.ldif (upgrade from version 1
|
||||
only)</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>samba4_version_1_to_2_objectClass.ldif (upgrade from version 1
|
||||
only)</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>samba4_version_1_to_2_objectClass.ldif (upgrade from version 1
|
||||
only)</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>samba4_version_2_to_3_attributes.ldif (upgrade from version
|
||||
2)</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>samba4_version_2_to_3_attributes.ldif (upgrade from version
|
||||
2)</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>samba4_version_2_to_3_objectClass.ldif (upgrade from version
|
||||
2)</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
<listitem>
|
||||
<para>samba4_version_2_to_3_objectClass.ldif (upgrade from version
|
||||
2)</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para>Please note that attributes file needs to be installed
|
||||
first.</para>
|
||||
<para>Please note that attributes file needs to be installed first.</para>
|
||||
|
||||
<literallayout>
|
||||
<literallayout>
|
||||
</literallayout>
|
||||
|
||||
<para><emphasis role="bold">Windows</emphasis></para>
|
||||
<para><emphasis role="bold">Windows</emphasis></para>
|
||||
|
||||
<para>Install the file(s) by following the install instructions in the
|
||||
file. In case you you upgrade with a version difference of 2 or more you
|
||||
will need to apply all intermediate update scripts.</para>
|
||||
<para>Install the file(s) by following the install instructions in the
|
||||
file. In case you you upgrade with a version difference of 2 or more you
|
||||
will need to apply all intermediate update scripts.</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>windows_version_1_to_2.ldif (upgrade from version 1
|
||||
only)</para>
|
||||
</listitem>
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>windows_version_1_to_2.ldif (upgrade from version 1 only)</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>windows_version_2_to_3.ldif (upgrade from version 2)</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
</appendix>
|
||||
|
||||
<listitem>
|
||||
<para>windows_version_2_to_3.ldif (upgrade from version 2)</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
</appendix>
|
||||
|
|
|
@ -85,7 +85,7 @@
|
|||
|
||||
<para>If there are any object classes or attributes missing you will get
|
||||
a notice. See <link linkend="a_schema">LDAP schema files</link> for a
|
||||
list of used schemas. You may also want to deactive unused modules in
|
||||
list of used schemas. You may also want to deactivate unused modules in
|
||||
your LAM server profile (tab "Modules").</para>
|
||||
|
||||
<screenshot>
|
||||
|
|
|
@ -93,9 +93,7 @@
|
|||
<para>If the user account has set the mail attribute then LAM can
|
||||
send your user a mail with the new password. You can change the mail
|
||||
template to fit your needs. Please configure your LAM server profile
|
||||
to setup the sender address, subject and mail body. Please see <link
|
||||
linkend="mailEOL">email format option</link> in case of broken
|
||||
mails. See <link linkend="mailSetup">here</link> for setting up your
|
||||
to setup the sender address, subject and mail body. See <link linkend="mailSetup">here</link> for setting up your
|
||||
SMTP server.</para>
|
||||
|
||||
<para>Using this method will prevent that your support staff knows
|
||||
|
|
|
@ -292,7 +292,7 @@
|
|||
|
||||
<para><emphasis role="bold">LAM runtime environment:</emphasis></para>
|
||||
|
||||
<para>LAM runs on PHP. Therefore, it is independant of CPU architecture
|
||||
<para>LAM runs on PHP. Therefore, it is independent of CPU architecture
|
||||
and operating system (OS). You can run LAM on any OS which supports
|
||||
Apache, Nginx or other PHP compatible web servers.</para>
|
||||
|
||||
|
|
|
@ -60,6 +60,10 @@
|
|||
<para>When you entered the license key then the license details can be
|
||||
seen on LAM configuration overview page.</para>
|
||||
|
||||
<para>By default, LAM Pro will show a warning message on the login page
|
||||
3 weeks before expiration. You can disable this here and/or send out an
|
||||
email instead.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
|
@ -151,21 +155,83 @@
|
|||
|
||||
<para>You can set the minimum password length and also the complexity of
|
||||
the passwords.</para>
|
||||
|
||||
<para><emphasis role="bold">External password check</emphasis></para>
|
||||
|
||||
<para>Please note that this option is only displayed if you have
|
||||
installed the PHP Curl extension for your web server.</para>
|
||||
|
||||
<para>This will validate passwords using an external service. LAM
|
||||
supports the protocol used by <ulink
|
||||
url="https://haveibeenpwned.com/API/v2#SearchingPwnedPasswordsByRange">Have
|
||||
I been Pwned</ulink>. You can use the service directly or setup any
|
||||
custom service with the same API. If the service reports an error LAM
|
||||
will log an error message and the password will be accepted.</para>
|
||||
|
||||
<para>Example URL:
|
||||
https://api.pwnedpasswords.com/range/{SHA1PREFIX}</para>
|
||||
|
||||
<para>LAM will build a SHA1 hash of the password and send parts of it to
|
||||
the service.</para>
|
||||
|
||||
<para>The configured URL must contain the wildcard "{SHA1PREFIX}" which
|
||||
will be replaced with the 5 character hash prefix. The service must then
|
||||
return a list of text lines in the format "<hash
|
||||
suffix>:<number>".</para>
|
||||
|
||||
<para>"<hash suffix>" needs to be the suffix of a known insecure
|
||||
password. The "<number>" can be any numeric value and will be
|
||||
ignored by LAM.</para>
|
||||
|
||||
<para>Example:</para>
|
||||
|
||||
<para>Password hash: 21BD10018A45C4D1DEF81644B54AB7F969B88D65</para>
|
||||
|
||||
<para>Hash prefix sent to service: 21BD1</para>
|
||||
|
||||
<para>Returned line: 0018A45C4D1DEF81644B54AB7F969B88D65:1</para>
|
||||
|
||||
<para>This will reject the password.</para>
|
||||
</section>
|
||||
|
||||
<section id="conf_logging">
|
||||
<title>Logging</title>
|
||||
|
||||
<para>LAM can log events (e.g. user logins). You can use system logging
|
||||
(syslog for Unix, event viewer for Windows) or log to a separate file.
|
||||
Please note that LAM may log sensitive data (e.g. passwords) at log
|
||||
level "Debug". Production systems should be set to "Warning" or
|
||||
<para>LAM can log events (e.g. user logins). You can use e.g. system
|
||||
logging (syslog for Unix, event viewer for Windows) or log to a separate
|
||||
file. Please note that LAM may log sensitive data (e.g. passwords) at
|
||||
log level "Debug". Production systems should be set to "Warning" or
|
||||
"Error".</para>
|
||||
|
||||
<para>The PHP error reporting is only for developers. By default LAM
|
||||
does not show PHP notice messages in the web pages. You can select to
|
||||
use the php.ini setting here or printing all errors and notices.</para>
|
||||
|
||||
<para>Log destinations:</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>File: all messages will be written to the given file. LAM will
|
||||
create it if not yet existing.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Syslog: uses local system logging (syslog for Unix, event
|
||||
viewer for Windows)</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Remote: sends log messages to a remote server that supports
|
||||
the Unix <ulink url="https://www.rsyslog.com/">remote
|
||||
Syslogd</ulink> protocol. Please enter destination as "server:port",
|
||||
e.g. "myserver:123".</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>No logging: disabled logging</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
|
@ -175,18 +241,23 @@
|
|||
</screenshot>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Additional options</title>
|
||||
<section id="mailSetup">
|
||||
<title>Mail options (LAM Pro)</title>
|
||||
|
||||
<para id="mailEOL"><emphasis role="bold">Email format</emphasis></para>
|
||||
<para>Here you can configure the mail server settings. If you do not set
|
||||
a mail server then LAM will try to use a locally installed one (e.g.
|
||||
postfix, exim, sendmail).</para>
|
||||
|
||||
<para>Some email servers are not standards compatible. If you receive
|
||||
mails that look broken you can change the line endings for sent mails
|
||||
here. Default is to use "\r\n".</para>
|
||||
<para>SMTP setup:</para>
|
||||
|
||||
<para>At the moment, this option is only available in LAM Pro as there
|
||||
is no mail sending in the free version. See <link
|
||||
linkend="mailSetup">here</link> for setting up your SMTP server.</para>
|
||||
<para>Mail server: enter name + port separated by ":". E.g. "server:25"
|
||||
will use "server" on port 25. Please note that your mail server
|
||||
<emphasis role="bold">must</emphasis> support TLS encryption.</para>
|
||||
|
||||
<para>User name: enter the user name if your SMTP server requires
|
||||
authentication</para>
|
||||
|
||||
<para>Password: enter the password for the user above</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
|
@ -197,6 +268,33 @@
|
|||
</screenshot>
|
||||
</section>
|
||||
|
||||
<section id="confmain_webauthn">
|
||||
<title>Webauthn/FIDO2 devices</title>
|
||||
|
||||
<para>See the <link linkend="a_webauthn">Webauthn/FIDO2 appendix</link>
|
||||
for an overview about Webauthn/FIDO2 in LAM.</para>
|
||||
|
||||
<para>Here you can delete any webauthn device registrations. This
|
||||
section is only shown if at least one device is registered.</para>
|
||||
|
||||
<para>Enter a part of the user's DN in the input box and perform a
|
||||
search. LAM will show users and devices that match the search. You can
|
||||
then delete a device registration. If the user has no more registered
|
||||
devices then LAM will ask for registration on next login.</para>
|
||||
|
||||
<para>Note: You cannot add any device here. This can only be done by the
|
||||
user during login, <link linkend="tool_webauthn">webauthn tool</link> or
|
||||
self service.</para>
|
||||
|
||||
<para><screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/configGeneral8.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot></para>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Change master password</title>
|
||||
|
||||
|
@ -405,6 +503,9 @@
|
|||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para>Hide password prompt for expired password: Hides the password
|
||||
prompt when a user with expired password logs into LAM.</para>
|
||||
|
||||
<literallayout>
|
||||
</literallayout>
|
||||
|
||||
|
@ -427,6 +528,30 @@
|
|||
is located. The default rights for new home directories can be set,
|
||||
too.</para>
|
||||
|
||||
<para><emphasis role="bold">Note:</emphasis> This requires lamdaemon
|
||||
to be installed on the remote server. This comes as separate package
|
||||
for DEB/RPM. See <link linkend="a_lamdaemon">here</link>.</para>
|
||||
|
||||
<para>Script server format:</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>"server": "server" is the DNS name of your script
|
||||
server</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>"server:NAME": NAME is the display name of this
|
||||
server</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>"server:NAME:/prefix": /prefix is the directory prefix for
|
||||
all operations. E.g. creating a home directory "/home/user" would
|
||||
create "/prefix/home/user" then.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para>You can provide a fixed user name. If you leave the field empty
|
||||
then LAM will use your current account (the account you used to login
|
||||
to LAM).</para>
|
||||
|
@ -439,7 +564,9 @@
|
|||
<para>SSH key (recommended): Please generate a SSH key pair and
|
||||
provide the location to the <emphasis
|
||||
role="bold">private</emphasis> key file. If the key is protected
|
||||
by a password you can also specify it here.</para>
|
||||
by a password you can also specify it here. Please note that only
|
||||
RSA keys (with "-----BEGIN RSA PRIVATE KEY-----" at the beginning
|
||||
of the file) are supported.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
|
@ -543,7 +670,8 @@
|
|||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para><emphasis role="bold">2-factor authentication</emphasis></para>
|
||||
<para id="conf_serverprofile_2fa"><emphasis role="bold">2-factor
|
||||
authentication</emphasis></para>
|
||||
|
||||
<para>LAM supports 2-factor authentication for your users. This means
|
||||
the user will not only authenticate by user+password but also with
|
||||
|
@ -559,11 +687,139 @@
|
|||
<para><ulink
|
||||
url="https://www.privacyidea.org/">privacyIdea</ulink></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><ulink url="https://www.yubico.com/">YubiKey</ulink></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><ulink url="https://duo.com/">Duo</ulink></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><ulink
|
||||
url="https://webauthn.io/">Webauthn/FIDO2</ulink></para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para>By default LAM will enforce to use a token and reject users that
|
||||
did not setup one. You can set this check to optional. But if a user
|
||||
has setup a token then this will always be required.</para>
|
||||
<para>Configuration options:</para>
|
||||
|
||||
<para><emphasis role="bold">privacyIDEA</emphasis></para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>Base URL: please enter the URL of your privacyIDEA
|
||||
instance</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>User name attribute: please enter the LDAP attribute name
|
||||
that contains the user ID (e.g. "uid").</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Optional: By default LAM will enforce to use a token and
|
||||
reject users that did not setup one. You can set this check to
|
||||
optional. But if a user has setup a token then this will always be
|
||||
required.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Disable certificate check: This should be used on
|
||||
development instances only. It skips the certificate check when
|
||||
connecting to verification server.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para><emphasis role="bold">YubiKey</emphasis></para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>Base URLs: please enter the URL(s) of your YubiKey
|
||||
verification server(s). If you run a custom verification API such
|
||||
as yubiserver then enter its URL (e.g.
|
||||
http://www.example.com:8000/wsapi/2.0/verify). The URL needs to
|
||||
end with "/wsapi/2.0/verify". For YubiKey cloud these are
|
||||
"https://api.yubico.com/wsapi/2.0/verify",
|
||||
"https://api2.yubico.com/wsapi/2.0/verify",
|
||||
"https://api3.yubico.com/wsapi/2.0/verify",
|
||||
"https://api4.yubico.com/wsapi/2.0/verify" and
|
||||
"https://api5.yubico.com/wsapi/2.0/verify". Enter one URL per
|
||||
line.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Client id: this is only required for YubiKey cloud. You can
|
||||
register here: https://upgrade.yubico.com/getapikey/</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Secret key: this is only required for YubiKey cloud. You can
|
||||
register here: https://upgrade.yubico.com/getapikey/</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Optional: By default LAM will enforce to use a token and
|
||||
reject users that did not setup one. You can set this check to
|
||||
optional. But if a user has setup a token then this will always be
|
||||
required.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Disable certificate check: This should be used on
|
||||
development instances only. It skips the certificate check when
|
||||
connecting to verification server.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para><emphasis role="bold">Duo</emphasis></para>
|
||||
|
||||
<para>This requires to register a new "Web SDK" application in your
|
||||
Duo admin panel.</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>User name attribute: please enter the LDAP attribute name
|
||||
that contains the user ID (e.g. "uid").</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Base URL: please enter the API-URL of your Duo instance
|
||||
(e.g. api-12345.duosecurity.com).</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Client id: please enter your integration key.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Secret key: please enter your secret key.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para><emphasis role="bold">Webauthn/FIDO2</emphasis></para>
|
||||
|
||||
<para>See the <link linkend="a_webauthn">Webauthn/FIDO2
|
||||
appendix</link> for an overview about Webauthn/FIDO2 in LAM.</para>
|
||||
|
||||
<para>Users will be asked to register a device during login if no
|
||||
device is setup.</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>Domain: Please enter the WebAuthn domain. This is the public
|
||||
domain of the web server (e.g. "example.com"). Do not include
|
||||
protocol or port. Browsers will reject authentication if the
|
||||
domain does not match the web server domain.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Optional: By default LAM will enforce to use a 2FA device
|
||||
and reject users that do not setup one. You can set this check to
|
||||
optional. But if a user has setup a device then this will always
|
||||
be required.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
|
@ -842,7 +1098,77 @@ mysql> GRANT ALL PRIVILEGES ON lam_cron.* TO 'lam_cron'@'localhost';
|
|||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<section>
|
||||
<para>Available jobs:</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para><link linkend="job_ppolicy_password_expire">PPolicy: Notify
|
||||
users about password expiration</link></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><link linkend="job_389_password_expire">389ds: Notify users
|
||||
about password expiration</link></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><link linkend="job_shadow_password_expire">Shadow: Notify
|
||||
users about password expiration</link></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><link linkend="job_shadow_move_expired">Shadow: Delete or
|
||||
move expired accounts</link></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><link linkend="job_shadow_account_expiration_note">Shadow:
|
||||
Notify users about account expiration</link></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><link linkend="job_windows_password_expire">Windows: Notify
|
||||
users about password expiration</link></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><link linkend="job_windows_account_expiration_note">Windows:
|
||||
Notify users about account expiration</link></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><link linkend="job_windows_move_expired">Windows: Delete or
|
||||
move expired accounts</link></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><link linkend="job_windows_notify_groups">Windows: Notify
|
||||
users about their managed groups</link></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><link linkend="job_freeradius_move_expired">FreeRadius:
|
||||
Delete or move expired accounts</link></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><link
|
||||
linkend="job_freeradius_account_expiration_notification">FreeRadius:
|
||||
Notify users about account expiration</link></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><link linkend="job_qmail_move_expired">Qmail: Delete or move
|
||||
expired accounts</link></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><link linkend="job_qmail_account_expire_notify">Qmail:
|
||||
Notify users about account expiration</link></para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<section id="job_ppolicy_password_expire">
|
||||
<title>PPolicy: Notify users about password expiration</title>
|
||||
|
||||
<para>This will send your users an email reminder before their
|
||||
|
@ -956,7 +1282,7 @@ mysql> GRANT ALL PRIVILEGES ON lam_cron.* TO 'lam_cron'@'localhost';
|
|||
"2016-12-31".</para>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<section id="job_389_password_expire">
|
||||
<title>389ds: Notify users about password expiration</title>
|
||||
|
||||
<para>This will send your users an email reminder before their
|
||||
|
@ -1049,7 +1375,7 @@ mysql> GRANT ALL PRIVILEGES ON lam_cron.* TO 'lam_cron'@'localhost';
|
|||
"2016-12-31".</para>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<section id="job_shadow_password_expire">
|
||||
<title>Shadow: Notify users about password expiration</title>
|
||||
|
||||
<para>This will send your users an email reminder before their
|
||||
|
@ -1150,7 +1476,7 @@ mysql> GRANT ALL PRIVILEGES ON lam_cron.* TO 'lam_cron'@'localhost';
|
|||
"2016-12-31".</para>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<section id="job_shadow_move_expired">
|
||||
<title>Shadow: Delete or move expired accounts</title>
|
||||
|
||||
<para>You can automatically delete or move expired accounts. The job
|
||||
|
@ -1200,7 +1526,91 @@ mysql> GRANT ALL PRIVILEGES ON lam_cron.* TO 'lam_cron'@'localhost';
|
|||
</table>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<section id="job_shadow_account_expiration_note">
|
||||
<title>Shadow: Notify users about account expiration</title>
|
||||
|
||||
<para>This will send your users an email reminder before their whole
|
||||
account expires.</para>
|
||||
|
||||
<para>You need to activate the Shadow module for users to be able to
|
||||
add this job. The job can be added multiple times (e.g. to send a
|
||||
second warning at a later time).</para>
|
||||
|
||||
<screenshot>
|
||||
<graphic fileref="images/jobs_shadow3.png"/>
|
||||
</screenshot>
|
||||
|
||||
<para><table>
|
||||
<title>Options</title>
|
||||
|
||||
<tgroup cols="2">
|
||||
<tbody>
|
||||
<row>
|
||||
<entry><emphasis role="bold">Option</emphasis></entry>
|
||||
|
||||
<entry><emphasis
|
||||
role="bold">Description</emphasis></entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>From address</entry>
|
||||
|
||||
<entry>The email address to set as FROM.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Reply-to address</entry>
|
||||
|
||||
<entry>Optional Reply-to address for email.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>CC address</entry>
|
||||
|
||||
<entry>Optional CC mail address.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>BCC address</entry>
|
||||
|
||||
<entry>Optional BCC mail address.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Subject</entry>
|
||||
|
||||
<entry>The email subject line. Supports wildcards, see
|
||||
below.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Text</entry>
|
||||
|
||||
<entry>The email body text. Supports wildcards, see
|
||||
below.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Notification period</entry>
|
||||
|
||||
<entry>Number of days to notify before account
|
||||
expires.</entry>
|
||||
</row>
|
||||
</tbody>
|
||||
</tgroup>
|
||||
</table>Wildcards:</para>
|
||||
|
||||
<para>You can enter LDAP attributes as wildcards in the form
|
||||
@@ATTRIBUTE_NAME@@. E.g. to add the user's common name use "@@cn@@".
|
||||
For the common name it would be "@@cn@@".</para>
|
||||
|
||||
<para>There are also two special wildcards for the expiration date.
|
||||
@@EXPIRE_DATE_DDMMYYYY@@ will print the date as e.g. "31.12.2016".
|
||||
@@EXPIRE_DATE_YYYYMMDD@@ will print the date as e.g.
|
||||
"2016-12-31".</para>
|
||||
</section>
|
||||
|
||||
<section id="job_windows_password_expire">
|
||||
<title>Windows: Notify users about password expiration</title>
|
||||
|
||||
<para>This will send your users an email reminder before their
|
||||
|
@ -1292,7 +1702,91 @@ mysql> GRANT ALL PRIVILEGES ON lam_cron.* TO 'lam_cron'@'localhost';
|
|||
"2016-12-31".</para>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<section id="job_windows_account_expiration_note">
|
||||
<title>Windows: Notify users about account expiration</title>
|
||||
|
||||
<para>This will send your users an email reminder before their whole
|
||||
account expires.</para>
|
||||
|
||||
<para>You need to activate the Windows module for users to be able
|
||||
to add this job. The job can be added multiple times (e.g. to send a
|
||||
second warning at a later time).</para>
|
||||
|
||||
<screenshot>
|
||||
<graphic fileref="images/jobs_windowsAccountExpiration.png"/>
|
||||
</screenshot>
|
||||
|
||||
<para><table>
|
||||
<title>Options</title>
|
||||
|
||||
<tgroup cols="2">
|
||||
<tbody>
|
||||
<row>
|
||||
<entry><emphasis role="bold">Option</emphasis></entry>
|
||||
|
||||
<entry><emphasis
|
||||
role="bold">Description</emphasis></entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>From address</entry>
|
||||
|
||||
<entry>The email address to set as FROM.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Reply-to address</entry>
|
||||
|
||||
<entry>Optional Reply-to address for email.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>CC address</entry>
|
||||
|
||||
<entry>Optional CC mail address.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>BCC address</entry>
|
||||
|
||||
<entry>Optional BCC mail address.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Subject</entry>
|
||||
|
||||
<entry>The email subject line. Supports wildcards, see
|
||||
below.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Text</entry>
|
||||
|
||||
<entry>The email body text. Supports wildcards, see
|
||||
below.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Notification period</entry>
|
||||
|
||||
<entry>Number of days to notify before account
|
||||
expires.</entry>
|
||||
</row>
|
||||
</tbody>
|
||||
</tgroup>
|
||||
</table>Wildcards:</para>
|
||||
|
||||
<para>You can enter LDAP attributes as wildcards in the form
|
||||
@@ATTRIBUTE_NAME@@. E.g. to add the user's common name use "@@cn@@".
|
||||
For the common name it would be "@@cn@@".</para>
|
||||
|
||||
<para>There are also two special wildcards for the expiration date.
|
||||
@@EXPIRE_DATE_DDMMYYYY@@ will print the date as e.g. "31.12.2016".
|
||||
@@EXPIRE_DATE_YYYYMMDD@@ will print the date as e.g.
|
||||
"2016-12-31".</para>
|
||||
</section>
|
||||
|
||||
<section id="job_windows_move_expired">
|
||||
<title>Windows: Delete or move expired accounts</title>
|
||||
|
||||
<para>You can automatically delete or move expired accounts.</para>
|
||||
|
@ -1340,7 +1834,96 @@ mysql> GRANT ALL PRIVILEGES ON lam_cron.* TO 'lam_cron'@'localhost';
|
|||
</table>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<section id="job_windows_notify_groups">
|
||||
<title>Windows: Notify users about their managed groups</title>
|
||||
|
||||
<para>This will send your users an email with the groups they
|
||||
manage. This also includes a list of users in these groups. The
|
||||
users and groups are searched using the user+group account types
|
||||
that are specified in server profile.</para>
|
||||
|
||||
<para>You need to activate the Windows module for users to be able
|
||||
to add this job. The job can be added multiple times.</para>
|
||||
|
||||
<screenshot>
|
||||
<graphic fileref="images/jobs_windowsNotifyGroups.png"/>
|
||||
</screenshot>
|
||||
|
||||
<para><table>
|
||||
<title>Options</title>
|
||||
|
||||
<tgroup cols="2">
|
||||
<tbody>
|
||||
<row>
|
||||
<entry><emphasis role="bold">Option</emphasis></entry>
|
||||
|
||||
<entry><emphasis
|
||||
role="bold">Description</emphasis></entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>From address</entry>
|
||||
|
||||
<entry>The email address to set as FROM.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Reply-to address</entry>
|
||||
|
||||
<entry>Optional Reply-to address for email.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>CC address</entry>
|
||||
|
||||
<entry>Optional CC mail address.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>BCC address</entry>
|
||||
|
||||
<entry>Optional BCC mail address.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Subject</entry>
|
||||
|
||||
<entry>The email subject line. Supports wildcards, see
|
||||
below.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>HTML format</entry>
|
||||
|
||||
<entry>Send email as HTML instead of plain text.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Text</entry>
|
||||
|
||||
<entry>The email body text. Supports wildcards, see
|
||||
below.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Period</entry>
|
||||
|
||||
<entry>Defines how often the mail is sent (e.g.
|
||||
quarterly).</entry>
|
||||
</row>
|
||||
</tbody>
|
||||
</tgroup>
|
||||
</table>Wildcards:</para>
|
||||
|
||||
<para>You can enter LDAP attributes as wildcards in the form
|
||||
@@ATTRIBUTE_NAME@@. E.g. to add the user's common name use "@@cn@@".
|
||||
For the common name it would be "@@cn@@".</para>
|
||||
|
||||
<para>Use the wildcard "@@LAM_MANAGED_GROUPS@@" to insert the group
|
||||
listing. This wildcard is mandatory.</para>
|
||||
</section>
|
||||
|
||||
<section id="job_freeradius_move_expired">
|
||||
<title>FreeRadius: Delete or move expired accounts</title>
|
||||
|
||||
<para>You can automatically delete or move expired accounts.</para>
|
||||
|
@ -1388,7 +1971,91 @@ mysql> GRANT ALL PRIVILEGES ON lam_cron.* TO 'lam_cron'@'localhost';
|
|||
</table>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<section id="job_freeradius_account_expiration_notification">
|
||||
<title>FreeRadius: Notify users about account expiration</title>
|
||||
|
||||
<para>This will send your users an email reminder before their
|
||||
FreeRadius account expires.</para>
|
||||
|
||||
<para>You need to activate the FreeRadius module for users to be
|
||||
able to add this job. The job can be added multiple times (e.g. to
|
||||
send a second warning at a later time).</para>
|
||||
|
||||
<screenshot>
|
||||
<graphic fileref="images/jobs_freeradiusAccountExpiration.png"/>
|
||||
</screenshot>
|
||||
|
||||
<para><table>
|
||||
<title>Options</title>
|
||||
|
||||
<tgroup cols="2">
|
||||
<tbody>
|
||||
<row>
|
||||
<entry><emphasis role="bold">Option</emphasis></entry>
|
||||
|
||||
<entry><emphasis
|
||||
role="bold">Description</emphasis></entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>From address</entry>
|
||||
|
||||
<entry>The email address to set as FROM.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Reply-to address</entry>
|
||||
|
||||
<entry>Optional Reply-to address for email.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>CC address</entry>
|
||||
|
||||
<entry>Optional CC mail address.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>BCC address</entry>
|
||||
|
||||
<entry>Optional BCC mail address.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Subject</entry>
|
||||
|
||||
<entry>The email subject line. Supports wildcards, see
|
||||
below.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Text</entry>
|
||||
|
||||
<entry>The email body text. Supports wildcards, see
|
||||
below.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Notification period</entry>
|
||||
|
||||
<entry>Number of days to notify before account
|
||||
expires.</entry>
|
||||
</row>
|
||||
</tbody>
|
||||
</tgroup>
|
||||
</table>Wildcards:</para>
|
||||
|
||||
<para>You can enter LDAP attributes as wildcards in the form
|
||||
@@ATTRIBUTE_NAME@@. E.g. to add the user's common name use "@@cn@@".
|
||||
For the common name it would be "@@cn@@".</para>
|
||||
|
||||
<para>There are also two special wildcards for the expiration date.
|
||||
@@EXPIRE_DATE_DDMMYYYY@@ will print the date as e.g. "31.12.2016".
|
||||
@@EXPIRE_DATE_YYYYMMDD@@ will print the date as e.g.
|
||||
"2016-12-31".</para>
|
||||
</section>
|
||||
|
||||
<section id="job_qmail_move_expired">
|
||||
<title>Qmail: Delete or move expired accounts</title>
|
||||
|
||||
<para>You can automatically delete or move expired accounts. The job
|
||||
|
@ -1436,6 +2103,90 @@ mysql> GRANT ALL PRIVILEGES ON lam_cron.* TO 'lam_cron'@'localhost';
|
|||
</tgroup>
|
||||
</table>
|
||||
</section>
|
||||
|
||||
<section id="job_qmail_account_expire_notify">
|
||||
<title>Qmail: Notify users about account expiration</title>
|
||||
|
||||
<para>This will send your users an email reminder before their Qmail
|
||||
account expires.</para>
|
||||
|
||||
<para>You need to activate the Qmail module for users to be able to
|
||||
add this job. The job can be added multiple times (e.g. to send a
|
||||
second warning at a later time).</para>
|
||||
|
||||
<screenshot>
|
||||
<graphic fileref="images/jobs_qmailAccountExpiration.png"/>
|
||||
</screenshot>
|
||||
|
||||
<para><table>
|
||||
<title>Options</title>
|
||||
|
||||
<tgroup cols="2">
|
||||
<tbody>
|
||||
<row>
|
||||
<entry><emphasis role="bold">Option</emphasis></entry>
|
||||
|
||||
<entry><emphasis
|
||||
role="bold">Description</emphasis></entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>From address</entry>
|
||||
|
||||
<entry>The email address to set as FROM.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Reply-to address</entry>
|
||||
|
||||
<entry>Optional Reply-to address for email.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>CC address</entry>
|
||||
|
||||
<entry>Optional CC mail address.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>BCC address</entry>
|
||||
|
||||
<entry>Optional BCC mail address.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Subject</entry>
|
||||
|
||||
<entry>The email subject line. Supports wildcards, see
|
||||
below.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Text</entry>
|
||||
|
||||
<entry>The email body text. Supports wildcards, see
|
||||
below.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Notification period</entry>
|
||||
|
||||
<entry>Number of days to notify before account
|
||||
expires.</entry>
|
||||
</row>
|
||||
</tbody>
|
||||
</tgroup>
|
||||
</table>Wildcards:</para>
|
||||
|
||||
<para>You can enter LDAP attributes as wildcards in the form
|
||||
@@ATTRIBUTE_NAME@@. E.g. to add the user's common name use "@@cn@@".
|
||||
For the common name it would be "@@cn@@".</para>
|
||||
|
||||
<para>There are also two special wildcards for the expiration date.
|
||||
@@EXPIRE_DATE_DDMMYYYY@@ will print the date as e.g. "31.12.2016".
|
||||
@@EXPIRE_DATE_YYYYMMDD@@ will print the date as e.g.
|
||||
"2016-12-31".</para>
|
||||
</section>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
|
@ -1554,4 +2305,50 @@ mysql> GRANT ALL PRIVILEGES ON lam_cron.* TO 'lam_cron'@'localhost';
|
|||
</section>
|
||||
</section>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Self Service (LAM Pro)</title>
|
||||
|
||||
<para>See <link linkend="a_selfService">Self Service
|
||||
chapter</link>.</para>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Import and export configuration</title>
|
||||
|
||||
<para>Here you can export and import LAM's whole configuration. You can
|
||||
use this to backup the configuration or migrate from one server to
|
||||
another.</para>
|
||||
|
||||
<para>You will need to login with the configuration master password to use
|
||||
this feature.</para>
|
||||
|
||||
<screenshot>
|
||||
<graphic fileref="images/confImportExport1.png"/>
|
||||
</screenshot>
|
||||
|
||||
<para><emphasis role="bold">Export</emphasis></para>
|
||||
|
||||
<para>This will dump the whole configuration to one big single file. It is
|
||||
not possible to dump only parts of the configuration. During import you
|
||||
can select what exactly to import.</para>
|
||||
|
||||
<para><emphasis role="bold">Import</emphasis></para>
|
||||
|
||||
<para>Please select the import file first and submit. LAM will then
|
||||
present you possible import data. You can select what to import using the
|
||||
checkboxes.</para>
|
||||
|
||||
<para>Please note that LAM will not delete e.g. server profiles that are
|
||||
not in the import file.</para>
|
||||
|
||||
<para>Example: You have profile1+profile2 in your LAM installation and
|
||||
profile2+profile3 in your import file. When you select to import all
|
||||
server profiles then profile1 stays untouched, profile2 will be
|
||||
overwritten and profile3 will be added.</para>
|
||||
|
||||
<screenshot>
|
||||
<graphic fileref="images/confImportExport2.png"/>
|
||||
</screenshot>
|
||||
</section>
|
||||
</chapter>
|
||||
|
|
|
@ -15,7 +15,7 @@
|
|||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>Apache/Nginx webserver (SSL recommended) with PHP module (PHP
|
||||
(>= 5.6.0) with ldap, gettext, xml, openssl and optional
|
||||
(>= 7.0.0) with ldap, gettext, xml, openssl and optional
|
||||
OpenSSL)</para>
|
||||
</listitem>
|
||||
|
||||
|
@ -150,9 +150,9 @@
|
|||
role="bold">rpm -i <path to LAM
|
||||
package></emphasis></para><literallayout>
|
||||
</literallayout><para><emphasis role="bold">Note:</emphasis> The RPM packages
|
||||
for Fedora/CentOS do not contain a dependency to PHP due to
|
||||
the various package names for it. Please make sure that you
|
||||
install Apache/Nginx with PHP.</para></entry>
|
||||
do not contain a dependency to PHP due to the various package
|
||||
names for it. Please make sure that you install Apache/Nginx
|
||||
with PHP.</para></entry>
|
||||
</row>
|
||||
</tbody>
|
||||
</tgroup>
|
||||
|
@ -313,6 +313,45 @@
|
|||
</section>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Docker</title>
|
||||
|
||||
<para>You can run LAM inside Docker.</para>
|
||||
|
||||
<para>Possible environment variables are documented in the <ulink
|
||||
url="https://github.com/LDAPAccountManager/lam/blob/develop/lam-packaging/docker/.env">sample
|
||||
.env</ulink> file.</para>
|
||||
|
||||
<para>See here:</para>
|
||||
|
||||
<para><ulink
|
||||
url="https://hub.docker.com/r/ldapaccountmanager/lam">https://hub.docker.com/r/ldapaccountmanager/lam</ulink></para>
|
||||
|
||||
<para/>
|
||||
|
||||
<para>LAM Pro:</para>
|
||||
|
||||
<para>Please request access at support providing your Docker Hub user
|
||||
ID.</para>
|
||||
|
||||
<para><ulink
|
||||
url="https://hub.docker.com/r/ldapaccountmanager/lampro">https://hub.docker.com/r/ldapaccountmanager/lampro</ulink></para>
|
||||
|
||||
<para><emphasis role="bold">Configuration files</emphasis></para>
|
||||
|
||||
<para>All configuration files are stored in:</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>/etc/ldap-account-manager</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>/var/lib/ldap-account-manager</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>System configuration</title>
|
||||
|
||||
|
@ -574,6 +613,52 @@
|
|||
version. Unless explicitly noticed there is no need to install an
|
||||
intermediate release.</para>
|
||||
|
||||
<section>
|
||||
<title>7.2 -> 7.3</title>
|
||||
|
||||
<para>No actions required.</para>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>7.1 -> 7.2</title>
|
||||
|
||||
<para>LAM Pro: All emails need a specified FROM address. This affects
|
||||
password email, self registration, password self reset and cron
|
||||
emails.</para>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>6.7 -> 7.1</title>
|
||||
|
||||
<para>No actions required.</para>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>6.6 -> 6.7</title>
|
||||
|
||||
<para>Self service: please verify the self service base URL in your
|
||||
self service profiles in case you have password self reset / user self
|
||||
registration enabled.</para>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>6.5 -> 6.6</title>
|
||||
|
||||
<para>No actions required.</para>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>6.4 -> 6.5</title>
|
||||
|
||||
<para>No actions required.</para>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>6.3 -> 6.4</title>
|
||||
|
||||
<para>No actions needed.</para>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>6.2 -> 6.3</title>
|
||||
|
||||
|
|
|
@ -204,6 +204,34 @@
|
|||
url="http://httpd.apache.org/docs/2.2/howto/auth.html">link</ulink>.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Default language</entry>
|
||||
|
||||
<entry>This language is preselected on login.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Enforce language</entry>
|
||||
|
||||
<entry>Disables language selection and uses default
|
||||
language.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Time zone</entry>
|
||||
|
||||
<entry>Please provide your time zone.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Base URL</entry>
|
||||
|
||||
<entry>Please enter the base URL of your webserver (e.g.
|
||||
https://www.example.com). This is used to generate links in
|
||||
emails for password self reset and user self
|
||||
registration.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Login attribute label</entry>
|
||||
|
||||
|
@ -222,15 +250,29 @@
|
|||
<row>
|
||||
<entry>Login caption</entry>
|
||||
|
||||
<entry>This text is displayed at the login page. You can input
|
||||
HTML, too.</entry>
|
||||
<entry>This text is displayed on the login page inside the login
|
||||
mask.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Login footer</entry>
|
||||
|
||||
<entry>This text is displayed on the login page below the login
|
||||
mask.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Main page caption</entry>
|
||||
|
||||
<entry>This text is displayed at self service main page where
|
||||
your users change their data. You can input HTML, too.</entry>
|
||||
<entry>This text is displayed on the self service main page
|
||||
where your users change their data.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Main page footer</entry>
|
||||
|
||||
<entry>This text is displayed as footer on the self service main
|
||||
page where your users change their data.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
|
@ -241,6 +283,13 @@
|
|||
code is permitted.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Base color</entry>
|
||||
|
||||
<entry>Here you can change the background color for the user
|
||||
pages.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Additional CSS links</entry>
|
||||
|
||||
|
@ -255,7 +304,7 @@
|
|||
|
||||
<para/>
|
||||
|
||||
<section>
|
||||
<section id="selfservice_2fa">
|
||||
<title>2-factor authentication</title>
|
||||
|
||||
<para>LAM supports 2-factor authentication for your users. This means
|
||||
|
@ -272,11 +321,137 @@
|
|||
<para><ulink
|
||||
url="https://www.privacyidea.org/">privacyIdea</ulink></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><ulink url="https://www.yubico.com/">YubiKey</ulink></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><ulink url="https://duo.com/">Duo</ulink></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><ulink
|
||||
url="https://en.wikipedia.org/wiki/WebAuthn">Webauthn/FIDO2</ulink></para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para>By default LAM will enforce to use a token and reject users that
|
||||
did not setup one. You can set this check to optional. But if a user
|
||||
has setup a token then this will always be required.</para>
|
||||
<para><emphasis role="bold">privacyIDEA</emphasis></para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>Base URL: please enter the URL of your privacyIDEA
|
||||
instance</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>User name attribute: please enter the LDAP attribute name
|
||||
that contains the user ID (e.g. "uid")</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Optional: By default LAM will enforce to use a token and
|
||||
reject users that did not setup one. You can set this check to
|
||||
optional. But if a user has setup a token then this will always be
|
||||
required.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Disable certificate check: This should be used on
|
||||
development instances only. It skips the certificate check when
|
||||
connecting to verification server.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para><emphasis role="bold">YubiKey</emphasis></para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>Base URLs: please enter the URL(s) of your YubiKey
|
||||
verification server(s). If you run a custom verification API such
|
||||
as yubiserver then enter its URL (e.g.
|
||||
http://www.example.com:8000/wsapi/2.0/verify). The URL needs to
|
||||
end with "/wsapi/2.0/verify". For YubiKey cloud these are
|
||||
"https://api.yubico.com/wsapi/2.0/verify",
|
||||
"https://api2.yubico.com/wsapi/2.0/verify",
|
||||
"https://api3.yubico.com/wsapi/2.0/verify",
|
||||
"https://api4.yubico.com/wsapi/2.0/verify" and
|
||||
"https://api5.yubico.com/wsapi/2.0/verify". Enter one URL per
|
||||
line.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Client id: this is only required for YubiKey cloud. You can
|
||||
register here: https://upgrade.yubico.com/getapikey/</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Secret key: this is only required for YubiKey cloud. You can
|
||||
register here: https://upgrade.yubico.com/getapikey/</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Optional: By default LAM will enforce to use a token and
|
||||
reject users that did not setup one. You can set this check to
|
||||
optional. But if a user has setup a token then this will always be
|
||||
required.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Disable certificate check: This should be used on
|
||||
development instances only. It skips the certificate check when
|
||||
connecting to verification server.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para><emphasis role="bold">Duo</emphasis></para>
|
||||
|
||||
<para>This requires to register a new "Web SDK" application in your
|
||||
Duo admin panel.</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>User name attribute: please enter the LDAP attribute name
|
||||
that contains the user ID (e.g. "uid").</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Base URL: please enter the API-URL of your Duo instance
|
||||
(e.g. api-12345.duosecurity.com).</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Client id: please enter your integration key.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Secret key: please enter your secret key.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para><emphasis role="bold">Webauthn/FIDO2</emphasis></para>
|
||||
|
||||
<para>See the <link linkend="a_webauthn">Webauthn/FIDO2
|
||||
appendix</link> for an overview about Webauthn/FIDO2 in LAM.</para>
|
||||
|
||||
<para>Users will be asked to register a device during login if no
|
||||
device is setup.</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>Domain: Please enter the WebAuthn domain. This is the public
|
||||
domain of the web server (e.g. "example.com"). Do not include
|
||||
protocol or port. Browsers will reject authentication if the
|
||||
domain does not match the web server domain.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Optional: By default LAM will enforce to use a 2FA device
|
||||
and reject users that do not setup one. You can set this check to
|
||||
optional. But if a user has setup a device then this will always
|
||||
be required.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
|
@ -349,7 +524,8 @@
|
|||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para><emphasis role="bold">Possible input fields</emphasis></para>
|
||||
<para id="selfservice_fields"><emphasis role="bold">Possible input
|
||||
fields</emphasis></para>
|
||||
|
||||
<para>This is a list of input fields you may add to the self service
|
||||
page.</para>
|
||||
|
@ -370,6 +546,18 @@
|
|||
role="bold">Description</emphasis></entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_ppolicy.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject> Account locking</entry>
|
||||
|
||||
<entry>Password expiration</entry>
|
||||
|
||||
<entry>Read only value of password expiration date</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry morerows=""><inlinemediaobject>
|
||||
<imageobject>
|
||||
|
@ -383,6 +571,18 @@
|
|||
password each time the Unix password is changed.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_groupOfNames.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject>Group of names</entry>
|
||||
|
||||
<entry>Group memberships (read-only)</entry>
|
||||
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
|
@ -626,6 +826,24 @@
|
|||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry morerows="1"><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_mailAlias.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject> Mail routing</entry>
|
||||
|
||||
<entry>Local address (read-only)</entry>
|
||||
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Mail routing address (read-only)</entry>
|
||||
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry morerows="4"><inlinemediaobject>
|
||||
<imageobject>
|
||||
|
@ -669,12 +887,18 @@
|
|||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<entry morerows="1"><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_ssh.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject> Shadow</entry>
|
||||
|
||||
<entry>Account expiration date (read-only)</entry>
|
||||
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Last password change (read-only)</entry>
|
||||
|
||||
<entry>Displays the date and time of the user's last password
|
||||
|
@ -682,11 +906,11 @@
|
|||
</row>
|
||||
|
||||
<row>
|
||||
<entry morerows="8"><inlinemediaobject>
|
||||
<entry morerows="10"><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_samba.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject> Windows</entry>
|
||||
</inlinemediaobject> Windows (AD, AD LDS, Samba 4)</entry>
|
||||
|
||||
<entry>Password</entry>
|
||||
|
||||
|
@ -699,6 +923,12 @@
|
|||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Mail alias (read-only)</entry>
|
||||
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Office name</entry>
|
||||
|
||||
|
@ -717,6 +947,12 @@
|
|||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Proxy-Addresses (read-only)</entry>
|
||||
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>State</entry>
|
||||
|
||||
|
@ -742,7 +978,7 @@
|
|||
</row>
|
||||
|
||||
<row>
|
||||
<entry morerows="3"><inlinemediaobject>
|
||||
<entry morerows="4"><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_unix.png"/>
|
||||
</imageobject>
|
||||
|
@ -753,6 +989,12 @@
|
|||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Group memberships (read-only)</entry>
|
||||
|
||||
<entry/>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Login shell</entry>
|
||||
|
||||
|
@ -773,6 +1015,19 @@
|
|||
each time the Windows password is changed.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/webauthn.png"/>
|
||||
</imageobject>
|
||||
</inlinemediaobject>Webauthn</entry>
|
||||
|
||||
<entry>Webauthn devices</entry>
|
||||
|
||||
<entry>Allows the user to manage his webauthn/FIDO2 security
|
||||
keys.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry morerows="1"><inlinemediaobject>
|
||||
<imageobject>
|
||||
|
@ -898,7 +1153,7 @@
|
|||
<para>To enable this feature please activate the checkbox "Enable
|
||||
password self reset link".</para>
|
||||
|
||||
<para><emphasis role="bold">Hint:</emphasis> Plese note that LAM Pro
|
||||
<para><emphasis role="bold">Hint:</emphasis> Please note that LAM Pro
|
||||
uses security questions by default. Activate confirmation mails and then
|
||||
deactivate security questions if you want to use only email
|
||||
validation.</para>
|
||||
|
@ -911,6 +1166,35 @@
|
|||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para>Identification method, used LDAP attributes:</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>Email: mail</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Employee number: employeeNumber</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Self service login attribute: same as configured on first tab
|
||||
of self service profile</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>User name: uid</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>User name and email address: uid and mail</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>User name or email address: uid and mail</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para>You can now configure the minimum answer length for password reset
|
||||
answers. This is checked when you allow you users to specify their
|
||||
answers via the self service. Additionally, you can specify the text of
|
||||
|
@ -940,10 +1224,8 @@
|
|||
The mail can include the new password by using the special wildcard
|
||||
"@@newPassword@@". Additionally, you may want to insert other wildcards
|
||||
that are replaced by the corresponding LDAP attributes. E.g. "@@uid@@"
|
||||
will be replaced by the user name. Please see <link
|
||||
linkend="mailEOL">email format option</link> in case of broken mails.
|
||||
See <link linkend="mailSetup">here</link> for setting up your SMTP
|
||||
server.</para>
|
||||
will be replaced by the user name. See <link
|
||||
linkend="mailSetup">here</link> for setting up your SMTP server.</para>
|
||||
|
||||
<literallayout> </literallayout>
|
||||
|
||||
|
@ -1118,9 +1400,14 @@
|
|||
object class in each line. If you use LAM Pro password self reset
|
||||
feature then do not forget to add "passwordSelfReset" here.</para>
|
||||
|
||||
<para/>
|
||||
|
||||
<para><emphasis>Attributes:</emphasis> This is a list of additional
|
||||
attributes that the user can enter. Please note that user name, password
|
||||
and email address are mandatory anyway and need not be specified.</para>
|
||||
and email address (attribute "mail") are mandatory anyway and need not
|
||||
be specified. Just in case you use the legacy attribute "email" for
|
||||
account it needs to be specified (attribute "mail" will then not be
|
||||
shown).</para>
|
||||
|
||||
<para>Each line represents one LDAP attribute. The settings are
|
||||
separated by "::". The first setting specifies the field type. The
|
||||
|
@ -1222,7 +1509,9 @@
|
|||
url="http://perldoc.perl.org/perlre.html">here</ulink>. Validation is
|
||||
optional, you can leave these options blank.</para>
|
||||
|
||||
<para><emphasis role="bold">Example:</emphasis></para>
|
||||
<para><emphasis role="bold">Examples:</emphasis></para>
|
||||
|
||||
<para>Unix account:</para>
|
||||
|
||||
<para>optional::givenName::First name::/^[[:alnum:] ]+$/u::Please enter
|
||||
a valid first name.</para>
|
||||
|
@ -1237,6 +1526,20 @@
|
|||
<para>If you use the object class "inetOrgPerson" and do not provide the
|
||||
"cn" attribute then LAM will set it to the user name value.</para>
|
||||
|
||||
<literallayout>
|
||||
</literallayout>
|
||||
|
||||
<para>Active Directory/Samba4:</para>
|
||||
|
||||
<para>required::cn::Common Name::/^[[:alnum:] ]+$/u::Enter common
|
||||
name.</para>
|
||||
|
||||
<para>constant::userPrincipalName::@@uid@@@samba4.test</para>
|
||||
|
||||
<para>constant::sAMAccountName::@@uid@@</para>
|
||||
|
||||
<para>constant::userAccountControl::512</para>
|
||||
|
||||
<literallayout>
|
||||
</literallayout>
|
||||
|
||||
|
@ -1300,9 +1603,6 @@
|
|||
valid for 24 hours. When he clicks on this link then the account will be
|
||||
created in the self service user suffix. The DN will look like this:
|
||||
<emphasis>uid=<user name>,...</emphasis></para>
|
||||
|
||||
<para>Please see <link linkend="mailEOL">email format option</link> in
|
||||
case of broken mails.</para>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
|
@ -1583,6 +1883,10 @@
|
|||
<para>Attribute name: The values of this attribute will be used to build
|
||||
the selection list.</para>
|
||||
|
||||
<para>Display attributes: List of attributes to show as label for the
|
||||
options in select box. Attribute wildcards are surrounded by "$", e.g.
|
||||
"$cn$" will be replaced by "cn" attribute. Default is "$dn$".</para>
|
||||
|
||||
<para>Presentation:</para>
|
||||
|
||||
<screenshot>
|
||||
|
@ -1641,7 +1945,7 @@
|
|||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>§attribute|;§; attribute values separted by ";" (you can set
|
||||
<para>§attribute|;§; attribute values separated by ";" (you can set
|
||||
other separators if you want)</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
|
|
@ -1,410 +1,486 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
|
||||
<chapter>
|
||||
<title>Tools</title>
|
||||
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
|
||||
<chapter>
|
||||
<title>Tools</title>
|
||||
|
||||
<para></para>
|
||||
<para/>
|
||||
|
||||
<section id="a_accountProfile">
|
||||
<title>Profile editor</title>
|
||||
<section id="a_accountProfile">
|
||||
<title>Profile editor</title>
|
||||
|
||||
<para>The account profiles are templates for your accounts. Here you can
|
||||
specify default values which can then be loaded when you create
|
||||
accounts. You may also load a template for an existing account to reset
|
||||
it to default values. When you create a new account then LAM will always
|
||||
load the profile named <emphasis role="bold">"default"</emphasis>. This
|
||||
account profile can include default values for all your accounts.</para>
|
||||
<para>The account profiles are templates for your accounts. Here you can
|
||||
specify default values which can then be loaded when you create accounts.
|
||||
You may also load a template for an existing account to reset it to
|
||||
default values. When you create a new account then LAM will always load
|
||||
the profile named <emphasis role="bold">"default"</emphasis>. This account
|
||||
profile can include default values for all your accounts.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/profileEditor2.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/profileEditor2.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para>You can enter the LDAP suffix, RDN identifier and various other
|
||||
attributes depending on account type and activated modules.</para>
|
||||
<para>You can enter the LDAP suffix, RDN identifier and various other
|
||||
attributes depending on account type and activated modules.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/profileEditor.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/profileEditor.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para><emphasis role="bold">Import/export:</emphasis></para>
|
||||
<para><emphasis role="bold">Import/export:</emphasis></para>
|
||||
|
||||
<para>Profiles can be exported to and imported from other server
|
||||
profiles.</para>
|
||||
<para>Profiles can be exported to and imported from other server
|
||||
profiles.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/profileEditor3.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/profileEditor3.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/profileEditor4.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/profileEditor4.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para>There is a special export target called "*Global templates". All
|
||||
profiles exported here will be copied to all other server profiles
|
||||
(incl. new ones). But existing profiles with the same name are not
|
||||
overwritten. So a profile in global templates is treated as default
|
||||
profile for all server profiles.</para>
|
||||
<para>There is a special export target called "*Global templates". All
|
||||
profiles exported here will be copied to all other server profiles (incl.
|
||||
new ones). But existing profiles with the same name are not overwritten.
|
||||
So a profile in global templates is treated as default profile for all
|
||||
server profiles.</para>
|
||||
|
||||
<para>Use this if you would like to setup default profiles that are
|
||||
valid for all server profiles.</para>
|
||||
<para>Use this if you would like to setup default profiles that are valid
|
||||
for all server profiles.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/profileEditor5.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
</section>
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/profileEditor5.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>File upload</title>
|
||||
<section id="tool_upload">
|
||||
<title>File upload</title>
|
||||
|
||||
<para>When you need to create lots of accounts then you can use LAM's
|
||||
file upload to create them. LAM will read a CSV formatted file and
|
||||
create the related LDAP entries. Please check the data in you CSV file
|
||||
carefully. LAM will do less checks for the file upload than for single
|
||||
account creation.</para>
|
||||
<para>When you need to create lots of accounts then you can use LAM's file
|
||||
upload to create them. In contrast to <link linkend="tool_upload">LDAP
|
||||
import/export</link> this operates on account type level.</para>
|
||||
|
||||
<para>At the first page please select the account type and what
|
||||
extensions should be activated.</para>
|
||||
<para>LAM will read a CSV formatted file and create the related LDAP
|
||||
entries. Please check the data in you CSV file carefully. LAM will do less
|
||||
checks for the file upload than for single account creation.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/fileUpload1.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
<para>At the first page please select the account type and what extensions
|
||||
should be activated.</para>
|
||||
|
||||
<para>The next page shows all available options for the file upload. You
|
||||
will also find a sample CSV file which can be used as template for your
|
||||
CSV file. All red options are required columns in the file. You need to
|
||||
specify a value for each account.</para>
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/fileUpload1.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para>When you upload the CSV file then LAM first does some checks on
|
||||
this file. This includes syntax checks and if all required data was
|
||||
entered. No changes in the LDAP directory are done at this time.</para>
|
||||
<para>The next page shows all available options for the file upload. You
|
||||
will also find a sample CSV file which can be used as template for your
|
||||
CSV file. All red options are required columns in the file. You need to
|
||||
specify a value for each account.</para>
|
||||
|
||||
<para>If the checks were successful then LAM will ask again if you want
|
||||
to create the accounts. You will also have the chance to check the
|
||||
upload by viewing the changes in LDIF format.</para>
|
||||
<para>When you upload the CSV file then LAM first does some checks on this
|
||||
file. This includes syntax checks and if all required data was entered. No
|
||||
changes in the LDAP directory are done at this time.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/fileUpload2.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
</section>
|
||||
<para>If the checks were successful then LAM will ask again if you want to
|
||||
create the accounts. You will also have the chance to check the upload by
|
||||
viewing the changes in LDIF format.</para>
|
||||
|
||||
<section>
|
||||
<title id="toolMultiEdit">Multi edit</title>
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/fileUpload2.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
</section>
|
||||
|
||||
<para>This tool allows you to modify a large list of LDAP entries in
|
||||
batch mode. You can add new attributes/object classes, remove attributes
|
||||
and set attributes to a specific value.</para>
|
||||
<section>
|
||||
<title id="toolMultiEdit">Multi edit</title>
|
||||
|
||||
<para>At the beginning, you need to specify where the entries are stored
|
||||
that should be changed. You can select an account suffix, the tree
|
||||
suffix or enter your own DN by selecting "Other".</para>
|
||||
<para>This tool allows you to modify a large list of LDAP entries in batch
|
||||
mode. You can add new attributes/object classes, remove attributes and set
|
||||
attributes to a specific value.</para>
|
||||
|
||||
<para>Next, enter an additional LDAP filter to limit the entries that
|
||||
should be changed. E.g. use "(objectclass=inetOrgPerson)" to filter for
|
||||
users. You may also enter e.g. "(!(objectClass=passwordSelfReset))" to
|
||||
match all accounts that do not yet have the <link
|
||||
linkend="passwordSelfResetUser">password self reset</link>
|
||||
feature.</para>
|
||||
<para>At the beginning, you need to specify where the entries are stored
|
||||
that should be changed. You can select an account suffix, the tree suffix
|
||||
or enter your own DN by selecting "Other".</para>
|
||||
|
||||
<literallayout>
|
||||
<para>Next, enter an additional LDAP filter to limit the entries that
|
||||
should be changed. E.g. use "(objectclass=inetOrgPerson)" to filter for
|
||||
users. You may also enter e.g. "(!(objectClass=passwordSelfReset))" to
|
||||
match all accounts that do not yet have the <link
|
||||
linkend="passwordSelfResetUser">password self reset</link> feature.</para>
|
||||
|
||||
<literallayout>
|
||||
</literallayout>
|
||||
|
||||
<para>Now, it is time to define the changes that should be done. The
|
||||
following operations are possible:</para>
|
||||
<para>Now, it is time to define the changes that should be done. The
|
||||
following operations are possible:</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>Add: Adds an attribute value if not yet existing. Please do
|
||||
not use for single-value attributes that already have a
|
||||
value.</para>
|
||||
</listitem>
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>Add: Adds an attribute value if not yet existing. Please do not
|
||||
use for single-value attributes that already have a value.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Modify: Sets an attribute to the given value. If the attribute
|
||||
does not yet exist then it is added. If the attribute has multiple
|
||||
values then all other values are removed.</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>Modify: Sets an attribute to the given value. If the attribute
|
||||
does not yet exist then it is added. If the attribute has multiple
|
||||
values then all other values are removed.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Delete: Deletes the specified value from this attribute. If
|
||||
you leave the value field blank then all attribute values are
|
||||
removed.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
<listitem>
|
||||
<para>Delete: Deletes the specified value from this attribute. If you
|
||||
leave the value field blank then all attribute values are
|
||||
removed.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para>Please note that all actions are run as separate LDAP commands.
|
||||
You cannot add an object class and a required attribute at the same
|
||||
time.</para>
|
||||
<para>Please note that all actions are run as separate LDAP commands. You
|
||||
cannot add an object class and a required attribute at the same
|
||||
time.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/multiEdit1.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para><emphasis role="bold">Dry run</emphasis></para>
|
||||
|
||||
<para>You should always start with a dry run. It will not do any changes
|
||||
to your LDAP directory but print out all modifications that will be done.
|
||||
You will also be able to download the changes in LDIF format to use with
|
||||
ldapmodify. This is useful if you want to adjust some actions
|
||||
manually.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/multiEdit2.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para><emphasis role="bold">Apply changes</emphasis></para>
|
||||
|
||||
<para>This will run the actions against your LDAP directory. You will see
|
||||
which accounts are edited in the progress area and also if any errors
|
||||
occurred.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/multiEdit3.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
</section>
|
||||
|
||||
<section id="tool_importexport">
|
||||
<title>LDAP import/export</title>
|
||||
|
||||
<para>Here you can import and export plain LDAP data. In contrast to <link
|
||||
linkend="tool_upload">file upload</link> this operates on plain LDAP
|
||||
attribute level.</para>
|
||||
|
||||
<section>
|
||||
<title>Import</title>
|
||||
|
||||
<para>The LDAP import supports input data in <ulink
|
||||
url="https://en.wikipedia.org/wiki/LDAP_Data_Interchange_Format">LDIF</ulink>
|
||||
format. You can provide plain text or upload an LDIF file.</para>
|
||||
|
||||
<para>The "Don't stop on errors" option will cause the import to
|
||||
continue even if entries could not be created.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/multiEdit1.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para><emphasis role="bold">Dry run</emphasis></para>
|
||||
|
||||
<para>You should always start with a dry run. It will not do any changes
|
||||
to your LDAP directory but print out all modifications that will be
|
||||
done. You will also be able to download the changes in LDIF format to
|
||||
use with ldapmodify. This is useful if you want to adjust some actions
|
||||
manually.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/multiEdit2.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para><emphasis role="bold">Apply changes</emphasis></para>
|
||||
|
||||
<para>This will run the actions against your LDAP directory. You will
|
||||
see which accounts are edited in the progress area and also if any
|
||||
errors occured.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/multiEdit3.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
<graphic fileref="images/tool_import.png"/>
|
||||
</screenshot>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>OU editor</title>
|
||||
<title>Export</title>
|
||||
|
||||
<para>This is a simple editor to add/delete organisational units in your
|
||||
LDAP tree. This way you can structure the accounts.</para>
|
||||
<para>Here you can export your plain LDAP data as LDIF or CSV
|
||||
file.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/ouEditor.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
<graphic fileref="images/tool_export.png"/>
|
||||
</screenshot>
|
||||
|
||||
<para>Base DN: this is the starting point of the export. Enter a DN or
|
||||
press the magnifying glass icon to open the DN selection dialog.</para>
|
||||
|
||||
<para>Search scope: You can export just the base DN, base DN + its
|
||||
direct children or the whole subtree.</para>
|
||||
|
||||
<para>Search filter: this can be used to filter the entries by
|
||||
specifying a standard LDAP filter. The preselected filter
|
||||
"(objectclass=*)" matches all entries.</para>
|
||||
|
||||
<para>Attributes: the list of attributes that should be part of export.
|
||||
"*" matches all standard attributes (excluding system
|
||||
attributes).</para>
|
||||
|
||||
<para>Include system attributes: this will also include system
|
||||
attributes like the entry creation time and creator's DN.</para>
|
||||
|
||||
<para>Save as file: will save to file instead of printing the data on
|
||||
the web page.</para>
|
||||
|
||||
<para>Export format: you can select LDIF or CSV (e.g. for usage in
|
||||
spreadsheet applications).</para>
|
||||
|
||||
<para>End of line: use the one appropriate for your operating
|
||||
system.</para>
|
||||
</section>
|
||||
</section>
|
||||
|
||||
<section id="pdfEditor">
|
||||
<title>PDF editor</title>
|
||||
<section>
|
||||
<title>OU editor</title>
|
||||
|
||||
<para>All accounts in LAM may be exported as PDF files. You can specify
|
||||
the page structure and displayed information by editing the PDF
|
||||
profiles.</para>
|
||||
<para>This is a simple editor to add/delete organisational units in your
|
||||
LDAP tree. This way you can structure the accounts.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/pdfEditor2.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/ouEditor.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
</section>
|
||||
|
||||
<para>When you export accounts to PDF then each account will get its own
|
||||
page inside the PDF. There is a headline on each page where you can show
|
||||
a page title. You may also add a logo to each page. To add more logos
|
||||
please use the logo management on the PDF editor main page.</para>
|
||||
<section id="pdfEditor">
|
||||
<title>PDF editor</title>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/pdfEditor.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
<para>All accounts in LAM may be exported as PDF files. You can specify
|
||||
the page structure and displayed information by editing the PDF
|
||||
profiles.</para>
|
||||
|
||||
<para>The main part is structured into sections of information. Each
|
||||
section has a title. This can either be static text or the value of an
|
||||
attribute. You may also insert a static text block as section. Sections
|
||||
can be moved by using the arrows next to the section title.</para>
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/pdfEditor2.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para>Each section can contain multiple fields which usually represent
|
||||
LDAP attributes. You can simply add new fields by selecting the field
|
||||
name and its position. Then use the arrows to move the field inside the
|
||||
section.</para>
|
||||
<para>When you export accounts to PDF then each account will get its own
|
||||
page inside the PDF. There is a headline on each page where you can show a
|
||||
page title. You may also add a logo to each page. To add more logos please
|
||||
use the logo management on the PDF editor main page.</para>
|
||||
|
||||
<literallayout>
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/pdfEditor.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para>The main part is structured into sections of information. Each
|
||||
section has a title. This can either be static text or the value of an
|
||||
attribute. You may also insert a static text block as section. Sections
|
||||
can be moved by using the arrows next to the section title.</para>
|
||||
|
||||
<para>Each section can contain multiple fields which usually represent
|
||||
LDAP attributes. You can simply add new fields by selecting the field name
|
||||
and its position. Then use the arrows to move the field inside the
|
||||
section.</para>
|
||||
|
||||
<literallayout>
|
||||
</literallayout>
|
||||
|
||||
<para><emphasis role="bold">Import/export:</emphasis></para>
|
||||
<para><emphasis role="bold">Import/export:</emphasis></para>
|
||||
|
||||
<para>PDF structures can be exported to and imported from other server
|
||||
profiles.</para>
|
||||
<para>PDF structures can be exported to and imported from other server
|
||||
profiles.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/pdfEditor3.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/pdfEditor4.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para>There is a special export target called "*Global templates". All PDF
|
||||
structures exported here will be copied to all other server profiles
|
||||
(incl. new ones). But existing PDF structures with the same name are not
|
||||
overwritten. So a PDF structure in global templates is treated as default
|
||||
structure for all server profiles.</para>
|
||||
|
||||
<para>Use this if you would like to setup default PDF structures that are
|
||||
valid for all server profiles.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/pdfEditor5.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para><emphasis role="bold">Logo management:</emphasis></para>
|
||||
|
||||
<para>You can upload image files to put a custom logo on the PDF files.
|
||||
The image file name must end with .png or .jpg.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/pdfEditor6.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Schema browser</title>
|
||||
|
||||
<para>Here you browse the schema of your LDAP server. You can view what
|
||||
object classes, attributes, syntaxes and matching rules are available.
|
||||
This is useful if you need to check if a certain object class is
|
||||
available.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schemaBrowser.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Server information</title>
|
||||
|
||||
<para>This shows information and statistics about your LDAP server. This
|
||||
includes the suffixes, used overlays, connection data and operation
|
||||
statistics. You will need "cn=monitor" setup to see all details. Some data
|
||||
may not be available depending on your LDAP server software.</para>
|
||||
|
||||
<para>Please see the following links how to setup "cn=monitor":</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para><ulink
|
||||
url="http://www.openldap.org/doc/admin24/monitoringslapd.html">OpenLDAP</ulink></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><ulink type=""
|
||||
url="http://directory.fedoraproject.org/wiki/Howto:CN%3DMonitor_LDAP_Monitoring">389
|
||||
server</ulink></para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/serverInfo.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title id="tool_webauthn">Webauthn devices</title>
|
||||
|
||||
<para>See the <link linkend="a_webauthn">Webauthn/FIDO2 appendix</link>
|
||||
for an overview about Webauthn/FIDO2 in LAM.</para>
|
||||
|
||||
<para>Here you can manage your webauthn/FIDO2 devices.</para>
|
||||
|
||||
<para>You can register additional security devices and remove old ones. If
|
||||
no more device is registered then LAM will ask you for registration on
|
||||
next login.</para>
|
||||
|
||||
<screenshot>
|
||||
<graphic fileref="images/tool_webauthn1.png"/>
|
||||
</screenshot>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Tests</title>
|
||||
|
||||
<para>This allows you to check if your LDAP schema is compatible with LAM
|
||||
and to find possible problems.</para>
|
||||
|
||||
<section>
|
||||
<title>Lamdaemon test</title>
|
||||
|
||||
<para>LAM provides an external script to manage home directories and
|
||||
quotas. You can test here if everything is setup correctly.</para>
|
||||
|
||||
<para>If you get an error like "no tty present and no askpass program
|
||||
specified" then the path to the lamdaemon.pl may be wrong. Please see
|
||||
the <link linkend="a_lamdaemon">lamdaemon installation
|
||||
instructions</link> for setup details.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/pdfEditor3.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/pdfEditor4.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para>There is a special export target called "*Global templates". All
|
||||
PDF structures exported here will be copied to all other server profiles
|
||||
(incl. new ones). But existing PDF structures with the same name are not
|
||||
overwritten. So a PDF structure in global templates is treated as
|
||||
default structure for all server profiles.</para>
|
||||
|
||||
<para>Use this if you would like to setup default PDF structures that
|
||||
are valid for all server profiles.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/pdfEditor5.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para><emphasis role="bold">Logo management:</emphasis></para>
|
||||
|
||||
<para>You can upload image files to put a custom logo on the PDF files.
|
||||
The image file name must end with .png or .jpg and the size must not
|
||||
exceed 2000x300px.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/pdfEditor6.png" />
|
||||
<imagedata fileref="images/lamdaemonTest.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Schema browser</title>
|
||||
<title>Schema test</title>
|
||||
|
||||
<para>Here you browse the schema of your LDAP server. You can view what
|
||||
object classes, attributes, syntaxes and matching rules are available.
|
||||
This is useful if you need to check if a certain object class is
|
||||
available.</para>
|
||||
<para>This will test if your LDAP schema supports all object classes and
|
||||
attributes of the active LAM modules. If you get a message that
|
||||
something is missing please check that you installed all <link
|
||||
linkend="a_schema">required schemas</link>.</para>
|
||||
|
||||
<para>If you get error messages about object class violations then this
|
||||
test can tell you what is missing.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schemaBrowser.png" />
|
||||
<imagedata fileref="images/schemaTest.png"/>
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Server information</title>
|
||||
|
||||
<para>This shows information and statistics about your LDAP server. This
|
||||
includes the suffixes, used overlays, connection data and operation
|
||||
statistics. You will need "cn=monitor" setup to see all details. Some
|
||||
data may not be available depending on your LDAP server software.</para>
|
||||
|
||||
<para>Please see the following links how to setup "cn=monitor":</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para><ulink
|
||||
url="http://www.openldap.org/doc/admin24/monitoringslapd.html">OpenLDAP</ulink></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><ulink type=""
|
||||
url="http://directory.fedoraproject.org/wiki/Howto:CN%3DMonitor_LDAP_Monitoring">389
|
||||
server</ulink></para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/serverInfo.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Tests</title>
|
||||
|
||||
<para>This allows you to check if your LDAP schema is compatible with
|
||||
LAM and to find possible problems.</para>
|
||||
|
||||
<section>
|
||||
<title>Lamdaemon test</title>
|
||||
|
||||
<para>LAM provides an external script to manage home directories and
|
||||
quotas. You can test here if everything is setup correctly.</para>
|
||||
|
||||
<para>If you get an error like "no tty present and no askpass program
|
||||
specified" then the path to the lamdaemon.pl may be wrong. Please see
|
||||
the <link linkend="a_lamdaemon">lamdaemon installation
|
||||
instructions</link> for setup details.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/lamdaemonTest.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Schema test</title>
|
||||
|
||||
<para>This will test if your LDAP schema supports all object classes
|
||||
and attributes of the active LAM modules. If you get a message that
|
||||
something is missing please check that you installed all <link
|
||||
linkend="a_schema">required schemas</link>.</para>
|
||||
|
||||
<para>If you get error messages about object class violations then
|
||||
this test can tell you what is missing.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schemaTest.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
</section>
|
||||
</section>
|
||||
</chapter>
|
||||
</section>
|
||||
</chapter>
|
||||
|
|
|
@ -15,7 +15,6 @@
|
|||
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="appendix-schema.xml"/>
|
||||
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="appendix-security.xml"/>
|
||||
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="appendix-ldapConfig.xml"/>
|
||||
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="appendix-email.xml"/>
|
||||
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="appendix-lamdaemon.xml"/>
|
||||
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="appendix-selfResetSchema.xml"/>
|
||||
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="appendix-design.xml"/>
|
||||
|
|
Before Width: | Height: | Size: 33 KiB After Width: | Height: | Size: 72 KiB |
After Width: | Height: | Size: 16 KiB |
After Width: | Height: | Size: 32 KiB |
Before Width: | Height: | Size: 22 KiB After Width: | Height: | Size: 25 KiB |
Before Width: | Height: | Size: 28 KiB After Width: | Height: | Size: 31 KiB |
Before Width: | Height: | Size: 13 KiB After Width: | Height: | Size: 9.3 KiB |
Before Width: | Height: | Size: 18 KiB After Width: | Height: | Size: 21 KiB |
Before Width: | Height: | Size: 7.0 KiB After Width: | Height: | Size: 6.5 KiB |
Before Width: | Height: | Size: 4.6 KiB After Width: | Height: | Size: 16 KiB |
Before Width: | Height: | Size: 14 KiB After Width: | Height: | Size: 70 KiB |
After Width: | Height: | Size: 35 KiB |
Before Width: | Height: | Size: 20 KiB After Width: | Height: | Size: 43 KiB |
Before Width: | Height: | Size: 39 KiB After Width: | Height: | Size: 78 KiB |
Before Width: | Height: | Size: 26 KiB After Width: | Height: | Size: 59 KiB |
After Width: | Height: | Size: 30 KiB |
After Width: | Height: | Size: 30 KiB |
After Width: | Height: | Size: 56 KiB |
After Width: | Height: | Size: 33 KiB |
After Width: | Height: | Size: 70 KiB |
Before Width: | Height: | Size: 17 KiB After Width: | Height: | Size: 30 KiB |
After Width: | Height: | Size: 51 KiB |
After Width: | Height: | Size: 47 KiB |
After Width: | Height: | Size: 39 KiB |
After Width: | Height: | Size: 80 KiB |
After Width: | Height: | Size: 156 KiB |
After Width: | Height: | Size: 60 KiB |
After Width: | Height: | Size: 52 KiB |
After Width: | Height: | Size: 51 KiB |
After Width: | Height: | Size: 53 KiB |
After Width: | Height: | Size: 45 KiB |
After Width: | Height: | Size: 17 KiB |
After Width: | Height: | Size: 43 KiB |
After Width: | Height: | Size: 37 KiB |
After Width: | Height: | Size: 25 KiB |
After Width: | Height: | Size: 45 KiB |
After Width: | Height: | Size: 44 KiB |
Before Width: | Height: | Size: 68 KiB After Width: | Height: | Size: 39 KiB |
Before Width: | Height: | Size: 26 KiB After Width: | Height: | Size: 22 KiB |
Before Width: | Height: | Size: 48 KiB After Width: | Height: | Size: 36 KiB |