<?php /* $Id$ This code is part of LDAP Account Manager (http://www.sourceforge.net/projects/lam) Copyright (C) 2003 Roland Gruber This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /** * Manages Samba 3 domain entries. * * @package tools * @author Roland Gruber */ /** access to configuration options */ include_once ("../lib/config.inc"); /** access to LDAP server */ include_once ("../lib/ldap.inc"); /** Samba 3 domain object */ include_once ("../lib/account.inc"); // start session session_save_path("../sess"); @session_start(); setlanguage(); // add/edit domain if (($_GET['action'] == "edit") || ($_GET['action'] == "new")) { // get list of domains $domlist = search_domains($_SESSION['config']->get_Suffix('domain')); // get possible suffixes $domsuff = $_SESSION['ldap']->search_units($_SESSION['config']->get_Suffix('domain')); if ($_GET['action'] == "edit") { // remove "\'" $_GET['DN'] = str_replace("\\", "", $_GET['DN']); $_GET['DN'] = str_replace("'", "", $_GET['DN']); // load attributes from domain for ($i = 0; $i < sizeof($domlist); $i++) { if ($domlist[$i]->dn == $_GET['DN']) { $domain = $domlist[$i]; break; } } // get suffix $tmp_arr = explode(",", $domain->dn); array_shift($tmp_arr); $domain_suffix = implode(",", $tmp_arr); } else { $domain = new samba3domain(); $domain_suffix = $_SESSION['config']->get_Suffix('domain'); } // display page echo $_SESSION['header']; echo "<title>Domain Management</title>\n"; echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../style/layout.css\">\n"; echo "</head>\n"; echo "<body>\n"; // print message, if needed if ($_SESSION['domain_message']) StatusMessage("INFO", $_SESSION['domain_message'], ""); // print fieldset echo "<form action=\"domain.php\" method=\"post\">\n"; echo "<p> </p>\n"; echo "<fieldset class=\"domedit\">\n"; echo "<legend class=\"domedit\"><b>" . _("Domain Settings") . "</b></legend>\n"; echo "<table border=0>\n"; // domain name echo "<tr>\n"; echo "<td>\n"; echo "<b>" . _("Domain name") . ":</b>\n"; echo "</td>\n"; echo "<td>\n"; if ($_GET['action'] == "edit") { echo $domain->name . "\n"; } else echo "<input tabindex=\"1\" type=\"text\" name=\"dom_name\">\n"; echo "</td>\n"; echo ("<td>"); // help link echo "<a href=\"help.php?HelpNumber=651\" target=\"lamhelp\">"; echo "<img src=\"../graphics/help.png\" alt=\"" . _('Help') . "\" title=\"" . _('Help') . "\">"; echo "</a>\n"; echo ("</td>\n"); echo "</tr>\n"; echo "<tr>\n"; echo "<td> </td><td> </td>\n"; echo "</tr>\n"; // domain SID echo "<tr>\n"; echo "<td>\n"; echo "<b>" . _("Domain SID") . ": </b>\n"; echo "</td>\n"; echo "<td>\n"; if ($_GET['action'] == "edit") { echo $domain->SID . "\n"; } else echo "<input tabindex=\"2\" type=\"text\" size=\"50\" name=\"dom_SID\">\n"; echo "</td>\n"; echo "<td>"; // help link echo "<a href=\"help.php?HelpNumber=653\" target=\"lamhelp\">"; echo "<img src=\"../graphics/help.png\" alt=\"" . _('Help') . "\" title=\"" . _('Help') . "\">"; echo "</a>\n"; echo "</td>\n"; echo "</tr>\n"; echo "<tr>\n"; echo "<td> </td><td> </td>\n"; echo "</tr>\n"; // next RID echo "<tr>\n"; echo "<td><b>" . _("Next RID") . ": </b></td>\n"; echo "<td>\n"; echo "<input tabindex=\"3\" type=\"text\" name=\"dom_nextRID\" value=\"" . $domain->nextRID . "\">\n"; echo "</td>\n"; echo "<td>"; // help link echo "<a href=\"help.php?HelpNumber=654\" target=\"lamhelp\">"; echo "<img src=\"../graphics/help.png\" alt=\"" . _('Help') . "\" title=\"" . _('Help') . "\">"; echo "</a>\n"; echo "</td>\n"; echo "</tr>\n"; // next user RID echo "<tr>\n"; echo "<td><b>" . _("Next User RID") . ": </b></td>\n"; echo "<td>\n"; echo "<input tabindex=\"4\" type=\"text\" name=\"dom_nextUserRID\" value=\"" . $domain->nextUserRID . "\">\n"; echo "</td>\n"; echo "<td>"; // help link echo "<a href=\"help.php?HelpNumber=655\" target=\"lamhelp\">"; echo "<img src=\"../graphics/help.png\" alt=\"" . _('Help') . "\" title=\"" . _('Help') . "\">"; echo "</a>\n"; echo "</td>\n"; echo "</tr>\n"; // next group RID echo "<tr>\n"; echo "<td><b>" . _("Next Group RID") . ": </b></td>\n"; echo "<td>\n"; echo "<input tabindex=\"5\" type=\"text\" name=\"dom_nextGroupRID\" value=\"" . $domain->nextGroupRID . "\">\n"; echo "</td>\n"; echo "<td>"; // help link echo "<a href=\"help.php?HelpNumber=656\" target=\"lamhelp\">"; echo "<img src=\"../graphics/help.png\" alt=\"" . _('Help') . "\" title=\"" . _('Help') . "\">"; echo "</a>\n"; echo "</td>\n"; echo "</tr>\n"; echo "<tr>\n"; echo "<td> </td><td> </td>\n"; echo "</tr>\n"; // algorithmic RID base echo "<tr>\n"; echo "<td><b>" . _("Algorithmic RID Base") . ": </b></td>\n"; echo "<td>\n"; if ($_GET['action'] == "edit") echo $domain->RIDbase . "\n"; else echo "<input tabindex=\"6\" type=\"text\" name=\"dom_RIDbase\" value=\"" . $domain->RIDbase . "\">\n"; echo "</td>\n"; echo "<td>"; // help link echo "<a href=\"help.php?HelpNumber=657\" target=\"lamhelp\">"; echo "<img src=\"../graphics/help.png\" alt=\"" . _('Help') . "\" title=\"" . _('Help') . "\">"; echo "</a>\n"; echo "</td>\n"; echo "</tr>\n"; echo "<tr>\n"; echo "<td> </td><td> </td>\n"; echo "</tr>\n"; // domain suffix echo "<tr>\n"; echo "<td>\n"; echo "<b>" . _("Suffix") . ": </b>\n"; echo "</td>\n"; echo "<td>\n"; echo "<select tabindex=\"7\" name=\"dom_suffix\">\n"; for ($i = 0; $i < sizeof($domsuff); $i++) { if ($domsuff[$i] == $domain_suffix) echo "<option selected>" . $domain_suffix . "</option>\n"; else echo "<option>" . $domsuff[$i] . "</option>\n"; } echo "</select>"; echo "</td>\n"; echo "<td>"; // help link echo "<a href=\"help.php?HelpNumber=652\" target=\"lamhelp\">"; echo "<img src=\"../graphics/help.png\" alt=\"" . _('Help') . "\" title=\"" . _('Help') . "\">"; echo "</a>\n"; echo "</td>\n"; echo "</tr>\n"; echo "<tr>\n"; echo "<td> </td><td> </td>\n"; echo "</tr>\n"; echo "</table>\n"; echo "</fieldset>\n"; // post DN and old RID values echo "<input type=\"hidden\" name=\"dom_DN\" value=\"" . $domain->dn . "\">"; echo "<input type=\"hidden\" name=\"dom_oldnextRID\" value=\"" . $domain->nextRID . "\">"; echo "<input type=\"hidden\" name=\"dom_oldnextUserRID\" value=\"" . $domain->nextUserRID . "\">"; echo "<input type=\"hidden\" name=\"dom_oldnextGroupRID\" value=\"" . $domain->nextGroupRID . "\">"; // edit or add operation if ($_GET['action'] == "edit") echo "<input type=\"hidden\" name=\"edit\" value=\"yes\">"; else echo "<input type=\"hidden\" name=\"add\" value=\"yes\">"; echo "<p> </p>\n"; echo "<p>\n"; echo "<input tabindex=\"8\" type=\"submit\" name=\"sub_save\" value=\"" . _("Submit") . "\">\n"; echo "<input tabindex=\"9\" type=\"reset\" value=\"" . _("Reset") . "\">\n"; echo "<input tabindex=\"10\" type=\"submit\" name=\"sub_back\" value=\"" . _("Cancel") . "\">\n"; echo "</p>\n"; echo "</form>\n"; echo "</body>\n"; echo "</html>\n"; } // delete domain, ask if sure elseif ($_GET['action'] == "delete") { // remove "\'" and make array $DNs = str_replace("\\", "", $_GET['DN']); $DNs = str_replace("'", "", $DNs); $DNs = explode(";", $DNs); // display page echo $_SESSION['header']; echo "<title>Domain Management</title>\n"; echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../style/layout.css\">\n"; echo "</head>\n"; echo "<body>\n"; echo "<p> </p>\n"; echo "<fieldset class=\"domedit\"><legend class=\"domedit\"><b>" . _("Delete domain(s)") . "</b></legend>\n"; echo "<p><b>" . _("Do you really want to delete domain(s):") . "</b></p>\n"; echo "<p> </p>\n"; for ($i = 0; $i < sizeof($DNs); $i++) { echo "<p>" . $DNs[$i] . "</p>\n"; } echo "<p> </p>\n"; echo "<form action=\"domain.php\" method=\"post\">\n"; echo "<input type=\"hidden\" name=\"delDN\" value=\"" . implode(";", $DNs) . "\">\n"; echo "<input type=\"submit\" name=\"sub_delete\" value=\"" . _("Delete") . "\">\n"; echo "<input type=\"submit\" name=\"sub_back\" value=\"" . _("Cancel") . "\">\n"; echo "</form>\n"; echo "</fieldset>\n"; echo "</body>\n"; echo "</html>\n"; } // save domain elseif ($_POST['sub_save']) { echo $_SESSION['header']; echo "<title>Domain Management</title>\n"; echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../style/layout.css\">\n"; echo "</head>\n"; echo "<body>\n"; // check input if ($_POST['add']) { // check for existing domains $suffix = $_SESSION['config']->get_Suffix('domain'); $server = $_SESSION['ldap']->server; $filter = "(|(sambasid=" . $_POST['dom_SID'] . ")(sambadomainname=" . $_POST['dom_name'] . "))"; $sr = @ldap_search($server, $suffix, $filter, array()); $info = @ldap_get_entries($_SESSION["ldap"]->server, $sr); } if ($_POST['add'] && !eregi("^[a-z0-9_\\-]+$", $_POST['dom_name'])) StatusMessage("ERROR", "", _("Domain name is invalid!")); elseif ($_POST['add'] && !eregi("^S-[0-9]-[0-9]-[0-9]{2,2}-[0-9]*-[0-9]*-[0-9]*$", $_POST['dom_SID'])) { StatusMessage("ERROR", "", _("Samba 3 domain SID is invalid!")); } elseif ($_POST['add'] && ($info["count"] > 0)) { StatusMessage("ERROR", "", _("This Samba 3 domain is already present!")); } elseif ($_POST['dom_nextRID'] && !is_numeric($_POST['dom_nextRID'])) StatusMessage("ERROR", "", _("Next RID is not a number!")); elseif ($_POST['dom_nextUserRID'] && !is_numeric($_POST['dom_nextUserRID'])) StatusMessage("ERROR", "", _("Next user RID is not a number!")); elseif ($_POST['dom_nextGroupRID'] && !is_numeric($_POST['dom_nextGroupRID'])) StatusMessage("ERROR", "", _("Next group RID is not a number!")); elseif ($_POST['add'] && !is_numeric($_POST['dom_RIDbase'])) StatusMessage("ERROR", "", _("Algorithmic RID base is not a number!")); // edit entry elseif ($_POST['edit'] == "yes") { $success = true; // change attributes $attr = array(); if ($_POST['dom_nextRID'] != $_POST['dom_oldnextRID']) $attr['sambaNextRid'] = $_POST['dom_nextRID']; if ($_POST['dom_nextUserRID'] != $_POST['dom_oldnextUserRID']) $attr['sambaNextUserRid'] = $_POST['dom_nextUserRID']; if ($_POST['dom_nextGroupRID'] != $_POST['dom_oldnextGroupRID']) $attr['sambaNextGroupRid'] = $_POST['dom_nextGroupRID']; if (sizeof($attr) > 0) $success = ldap_modify($_SESSION['ldap']->server(), $_POST['dom_DN'], $attr); // change suffix $RDN = explode(",", $_POST['dom_DN']); $RDN = $RDN[0]; $newDN = $RDN . "," . $_POST['dom_suffix']; if ($_POST['dom_DN'] != $newDN) { $success = ldap_rename($_SESSION['ldap']->server(), $_POST['dom_DN'], $RDN, $_POST['dom_suffix'], true); } if ($success) StatusMessage("INFO", _("Domain has been modified."), $_POST['dom_DN']); else StatusMessage("ERROR", "", _("Failed to modify domain!")); } // add entry else { $DN = "sambaDomainName" . "=" . $_POST['dom_name'] . "," . $_POST['dom_suffix']; $attr = array(); $attr['objectclass'] = "sambaDomain"; $attr['sambaDomainName'] = $_POST['dom_name']; $attr['sambaSID'] = $_POST['dom_SID']; if ($_POST['dom_nextRID']) $attr['sambaNextRid'] = $_POST['dom_nextRID']; if ($_POST['dom_nextGroupRID']) $attr['sambaNextGroupRid'] = $_POST['dom_nextGroupRID']; if ($_POST['dom_nextUserRID']) $attr['sambaNextUserRid'] = $_POST['dom_nextUserRID']; $attr['sambaAlgorithmicRidBase'] = $_POST['dom_RIDbase']; // write to LDAP if (@ldap_add($_SESSION['ldap']->server(), $DN, $attr)) { StatusMessage("INFO", "Domain has been created.", $DN); } else StatusMessage("ERROR", "", _("Failed to add domain!") . "\n<br>" . ldap_error($_SESSION['ldap']->server())); } echo "<p> </p>\n"; echo "<p><a href=\"lists/listdomains.php\">" . _("Back to domain list") . "</a></p>\n"; echo "</body>\n"; echo "</html>\n"; } // back to list elseif ($_POST['sub_back']) { metaRefresh("lists/listdomains.php"); } // delete domain, user was sure elseif ($_POST['sub_delete']) { $DNs = explode(";", $_POST['delDN']); // display page echo $_SESSION['header']; echo "<title>Domain Management</title>\n"; echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../style/layout.css\">\n"; echo "</head>\n"; echo "<body>\n"; // delete DNs for ($i = 0; $i < sizeof($DNs); $i++) { if (ldap_delete($_SESSION['ldap']->server(), $DNs[$i])) StatusMessage("INFO", _("Domain deleted successfully."), $DNs[$i]); else StatusMessage("ERROR", _("Unable to delete domain!"), $DNs[$i]); } echo "<p> </p>\n"; echo "<p><a href=\"lists/listdomains.php\">" . _("Back to domain list") . "</a></p>\n"; echo "</body>\n"; echo "</html>\n"; } ?>