getConfiguredTypes();
foreach ($types as $type) {
$entry206Example .= "" . $type->getAlias() . ":
\n";
$descriptions = $type->getBaseType()->getListAttributeDescriptions();
$attributes = array_keys($descriptions);
for ($a = 0; $a < sizeof($attributes); $a++) {
$entry206Example .= "#" . $attributes[$a] . ": " . $descriptions[$attributes[$a]];
if ($a < (sizeof($attributes) - 1)) {
$entry206Example .= ", ";
}
}
$entry206Example .= "
";
}
}
$helpArray = array (
// 200 - 299
// configuration wizard
// configuration login
// config profile management
"200" => array ("Headline" => _("Login"),
"Text" => _("Please enter the configuration password. This is NOT your LDAP password. It is stored in your .conf-file. If this is the first time you log in, enter \"lam\".")),
"201" => array ("Headline" => _("Server address"),
"Text" => _("This is the server address of your LDAP server. Use ldap:// for unencrypted LDAP connections or TLS encrypted connections. LDAP+SSL (LDAPS) encrypted connections are specified with ldaps://. The port value is optional.") .
" " . _("TLS cannot be combined with ldaps://.") .
"
" .
_("Examples") .
":
" .
_("ldap://localhost:389 connects to localhost using a standard LDAP connection on port 389") .
"
" .
_("ldaps://ldap.domain.com connects to ldap.domain.com using an encrypted LDAP connection.") .
"
" .
_("Note") .
":
" .
_("When using ldaps:// or TLS be sure to use exactly the same IP/domain name as in your certificate!")),
"202" => array ("Headline" => _("LDAP suffix"),
"Text" => _("This is the suffix of the LDAP tree from where to search for LDAP entries. Only entries in this subtree will be displayed in the account list. When creating a new accont this will be the DN where it is saved.") .
"
".
_("Example").
":
".
_("ou=People,dc=yourcompany,dc=com will read and store all accounts in this subtree.")),
"203" => array ("Headline" => _("Tree suffix"),
"Text" => _("This is the suffix for the LDAP tree viewer.") .
"
".
_("Example").
":
".
_("dc=yourcompany,dc=com")),
"204" => array ("Headline" => _("SSL certificate"),
"Text" => _("This is only needed for TLS/SSL connections. By default, LAM will use the certificate authorities installed on your system. If you have a private CA in your company you can upload your CA certificates here and override the system certificates.")),
"205" => array ("Headline" => _("Follow referrals"),
"Text" => _("Specifies if LAM should automatically follow referrals. Activate if you use referrals in your LDAP directory.")),
"206" => array ("Headline" => _("List attributes"),
"Text" => _("This is the list of attributes to show in the account list. The entries can either be predefined values, \"#attribute\", or individual ones, \"attribute:description\". Several entries are separated by semicolons.") .
"
" .
_("Example") . ": #homeDirectory;#uid;#uidNumber;#gidNumber;mail:Mail address
" .
"" . _("Predefined values") . ":
" . $entry206Example),
"207" => array ("Headline" => _("Valid users"),
"Text" => _("This is a list of valid DN entries of all users that are allowed to login to LDAP Account Manager. Please enter one DN per line.") .
"
" .
_("Example") .
":
cn=admin,dc=yourdomain,dc=org
cn=manager,dc=yourdomain,dc=org"),
"208" => array ("Headline" => _("Maximum list entries"),
"Text" => _("This is the number of rows to show in the account list. If more entries are found the list will be split into several pages.")),
"209" => array ("Headline" => _("Default language"),
"Text" => _("This defines the language of the login window and sets this language as the default language. Users can change the language at login.")),
"210" => array ("Headline" => _("Script path"),
"Text" => _("This is the absolute path to an external script for setting quotas and creating home directories.")),
"211" => array ("Headline" => _("Enforce language"),
"Text" => _("If enabled then the default language will be enforced and cannot be chosen by the user.")),
"212" => array ("Headline" => _("Change password"),
"Text" => _("If you want to change the current preferences password, please enter it here.")),
"213" => array ("Headline" => _('Time zone'),
"Text" => _('Please select your local time zone.')),
"214" => array ("Headline" => _("Cache timeout"),
"Text" => _("This is the time in minutes which LAM caches its LDAP searches. Shorter times will stress LDAP more but decrease the possibility that changes are not identified.")),
"215" => array ("Headline" => _("Access level"),
"Text" => _("You can specify if LAM allows full write access, password changes or only read access.")),
"217" => array ("Headline" => _("Account types and modules"),
"Text" => _("Here you can select which plugins you want to use for account management.") . "
"
. _("Account types define which sorts of LDAP entries (e.g. users and groups) should be managed. The account modules define which properties (e.g. Unix and Samba) can be edited.")),
"218" => array ("Headline" => _("Script servers"),
"Text" => _("This is a list of the servers where the lamdaemon scripts are stored. LDAP Account Manager will make a SSH connection to the servers with the user name and password provided at login. Multiple servers are separated by semicolons. You can append a descriptive name after a colon.") . "
"
. _("If your server runs on another port then add a comma and the port number after the server.") . "
"
. _("Examples") . ":
my.server.name
127.0.0.1:LOCAL;192.168.0.2,12345:Servername
my.server.name:SERVER:/prefix"),
"219" => array ("Headline" => _("Rights for the home directory"),
"Text" => _("This defines the rights for the home directories which are created by lamdaemon.")),
"220" => array ("Headline" => _("Login method"),
"Text" => _("The number of users who may login to LAM is restricted. This can be either a fixed list of DNs or LAM can search LDAP to find a DN which matches the given user name.")),
"221" => array ("Headline" => _("LDAP search"),
"Text" => _("Please enter the LDAP suffix where LAM should start to search for users. The LDAP filter needs to match the given user name to exactly one DN. The value \"%USER%\" will be replaced by the user name from the login page.")),
"222" => array ("Headline" => _("LDAP search limit"),
"Text" => _("Here you can set a limit for LDAP searches. This will restrict the number of results for LDAP searches. Please use this if LAM's LDAP queries produce too much load.")),
"223" => array ("Headline" => _("HTTP authentication"),
"Text" => _("If enabled then LAM will use user and password that is provided by the web server via HTTP authentication.")),
"224" => array ("Headline" => _("Bind user and password"),
"Text" => _("Here you can specify the DN and password of the bind user that will be used for the LDAP search. This is required if your LDAP server does not allow anonymous access.")),
"225" => array ("Headline" => _('Base URL'),
"Text" => _("Please enter the base URL of your webserver (e.g. https://www.example.com). This is used to generate links in emails.")),
"230" => array ("Headline" => _("Profile management") . " - " . _("Add profile"),
"Text" => _("Please enter the name of the new profile and the password to change its settings. Profile names may contain letters, numbers and -/_.")),
"231" => array ("Headline" => _("Profile management") . " - " . _("Rename profile"),
"Text" => _("Please enter the new name of the profile. The name may contain letters, numbers and -/_.")),
"232" => array ("Headline" => _("Profile management") . " - " . _("Delete profile"),
"Text" => _("This will delete the selected profile.")),
"233" => array ("Headline" => _("Profile management") . " - " . _("Set profile password"),
"Text" => _("This changes the password of the selected profile.")),
"234" => array ("Headline" => _("Profile management") . " - " . _("Change default profile"),
"Text" => _("This changes the profile which is selected by default at login.")),
"235" => array ("Headline" => _("Change master password"),
"Text" => _("If you want to change your master configuration password, please enter it here.")),
"236" => array ("Headline" => _("Master password"),
"Text" => _("Please enter the master configuration password. This is NOT your LDAP password. It is stored in your config.cfg file. If this is the first time you log in, enter \"lam\".")),
"237" => array ("Headline" => _("Base module"),
"Text" => _("Every account type needs exactly one base module. This module provides a structural object class.")),
"238" => array ("Headline" => _("Session timeout"),
"Text" => _("This is the time (in minutes) of inactivity after which a user is automatically logged off.")),
"239" => array ("Headline" => _("Log level"),
"Text" => _("Please select your prefered log level. Messages with a lower level will not be logged.")),
"240" => array ("Headline" => _("Log destination"),
"Text" => _("Here you can select where LAM should save its log messages. System logging will go to Syslog on Unix systems and event log on Windows. You can also select an extra file.")),
"241" => array ("Headline" => _("Allowed hosts"),
"Text" => _("This is a list of IP addresses from hosts who may access LAM. You can use \"*\" as wildcard (e.g. 192.168.0.*).")),
"242" => array ("Headline" => _("Password policy"),
"Text" => _("Here you can specify minimum requirements for passwords. The character classes are: lowercase, uppercase, numeric and symbols.")),
"243" => array ("Headline" => _('Email format'),
"Text" => _('Please change this setting only if you experience problems in receiving emails from LAM. This defines the line ending of emails.')),
"244" => array ("Headline" => _('PHP error reporting'),
"Text" => _('Defines if the PHP error reporting setting from php.ini is used or the setting preferred by LAM ("E_ALL & ~E_NOTICE"). If you do not develop LAM modules please use the default. This will prevent displaying messages that are useful only for developers.')),
"245" => array ("Headline" => _('Encrypt session'),
"Text" => _('Encrypts sensitive data like passwords in your session. This requires the PHP OpenSSL extension.')),
"246" => array ("Headline" => _('Number of rules that must match'),
"Text" => _('Specifies the number of above password rules that must be fulfilled.')),
"247" => array ("Headline" => _('Password must not contain user name'),
"Text" => _('Specifies if the password must not contain the user name.')),
"248" => array ("Headline" => _('Password must not contain part of user/first/last name'),
"Text" => _('Specifies if the password must not contain 3 or more characters of the user/first/last name.')),
"249" => array ("Headline" => _('External password check'),
"Text" => _('Please specify the URL (e.g. "https://api.pwnedpasswords.com/range/{SHA1PREFIX}") of your external password check.')),
"250" => array ("Headline" => _("Filter"),
"Text" => _("Here you can input simple filter expressions (e.g. 'value' or 'v*'). The filter is case-insensitive.")),
"251" => array ("Headline" => _("Remote server"),
"Text" => _("Please enter the syslog remote server in format \"server:port\".")),
"260" => array ("Headline" => _("Additional LDAP filter"),
"Text" => _('Use this to enter an additional LDAP filter (e.g. "(cn!=admin)") to reduce the number of visible elements for this account type.')
. ' ' . _('You can use the wildcard @@LOGIN_DN@@ which will be substituted with the DN of the user who is currently logged in to LAM.')
. ' ' . _('By default LAM will show all accounts that match the selected account modules.')),
"261" => array ("Headline" => _("Hidden"),
"Text" => _('Hidden account types will not show up in LAM. This is useful if you want to display e.g. only groups but still need to manage their members.')),
"262" => array ("Headline" => _("No new entries"),
"Text" => _('If checked then the user will not be able to create new entries of this account type.')),
"263" => array ("Headline" => _("Disallow delete"),
"Text" => _('If checked then the user will not be able to delete entries of this account type.')),
"264" => array ("Headline" => _('Custom label'),
"Text" => _('Here you can overwrite the display name for this account type.')),
"265" => array ("Headline" => _('Read-only'),
"Text" => _('Sets this account type to read-only.')),
"266" => array ("Headline" => _("Paged results"),
"Text" => _("This is a workaround for Active Directory. Enable it if you get messages about size limit exceeded.")),
"267" => array ("Headline" => _('Template'),
"Text" => _('Please select the template for the new server profile. You can either select an existing server profile or use one of the built-in templates.')),
"268" => array ("Headline" => _('Display name'),
"Text" => _('This name is shown on the login page as server name. Defaults to server address if empty.')),
"269" => array ("Headline" => _('Referential integrity overlay'),
"Text" => _('Activate this checkbox if you have any server side extension for referential integrity in place. LAM will then skip cleanup tasks like deletion of group memberships on account deletion.')),
"270" => array ("Headline" => _('Bind user and password'),
"Text" => _('Please enter the DN and password to use for all jobs.')),
"271" => array ("Headline" => _('Database type'),
"Text" => _('Please select the type of database to use for job data.')),
"272" => array ("Headline" => _('Cron configuration'),
"Text" => _('Please add this line to your webserver\'s crontab.')),
"273" => array ("Headline" => _('Database host'),
"Text" => _('Enter the host name of your database server.')),
"274" => array ("Headline" => _('Database port'),
"Text" => _('Enter the port number of your database server. The default port will be used if empty.')),
"275" => array ("Headline" => _('Database user and password'),
"Text" => _('Please enter the user name and password to connect to the database.')),
"276" => array ("Headline" => _('Database name'),
"Text" => _('This is the database name on the server.')),
'280' => array ("Headline" => _('Allow setting specific passwords'),
"Text" => _('Allows to set a specific password via input field.')),
'281' => array ("Headline" => _('Allow to display password on screen'),
"Text" => _('Allows to display a randomly generated password on screen.')),
'282' => array ("Headline" => _('Default password output'),
"Text" => _('Default method to output a random password.')),
'283' => array ("Headline" => _('Force password change by default'),
"Text" => _('Enforce password change on next login by default.')),
'284' => array ("Headline" => _('User name'),
"Text" => _('User name for SSH connection to lamdaemon server. If empty the user name of the person who is logged into LAM will be used.')),
'285' => array ("Headline" => _('SSH key file'),
"Text" => _('Path to SSH key file to connect to lamdaemon server. If empty then password authentication with the person\'s password who is logged into LAM will be used.')),
'286' => array ("Headline" => _('SSH key password'),
"Text" => _('Password to unlock SSH key file.')),
'287' => array ("Headline" => _('Licence'),
"Text" => _('Please enter your licence key.')),
// 300 - 399
// profile editor, file upload
"301" => array ("Headline" => _("RDN identifier"),
"Text" => _("This is the identifier for the relative DN value. It must be one of the given allowed LDAP attributes (e.g. user accounts usually use \"uid\" while groups use \"cn\").")),
"302" => array ("Headline" => _("Overwrite"),
"Text" => _("Set to true to overwrite an existing LDAP entry.")),
"360" => array ("Headline" => _("Profile name"),
"Text" => _("Name under which the profile will be saved. If a profile with the same name exists, it will be overwritten.")),
"361" => array ("Headline" => _("DN suffix"),
"Text" => _("The account will be saved under this LDAP suffix.")),
"362" => array ("Headline" => _("Import profiles"),
"Text" => _("Here you can import account profiles from other server profiles (overwrite existing).")),
"363" => array ("Headline" => _("Export profile"),
"Text" => _("Here you can export account profiles to other server profiles (overwrite existing). You may also export a profile to the global templates. In this case it will always be copied to all server profiles that do not yet have a profile with this name.")),
// 400 - 499
// account pages
"400" => array ("Headline" => _("DN suffix") . '/' . _("RDN identifier"),
"Text" => _("The account will be saved under this LDAP suffix.") . '
' . _("This is the identifier for the relative DN value. It must be one of the given allowed LDAP attributes (e.g. user accounts usually use \"uid\" while groups use \"cn\").")),
"401" => array ("Headline" => _("Load profile"),
"Text" => _("Here you can load an account profile to set default settings for your account. The \"default\" profile is automatically loaded for new accounts.")),
"403" => array ("Headline" => _("Create PDF file"),
"Text" => _("Here you can select a PDF structure and export the account to a PDF file.")),
"404" => array ("Headline" => _("Password"),
"Text" => _("Please enter the password which you want to set for this account. You may also generate a random password (12 characters) which will be displayed on your screen.")),
"405" => array ("Headline" => _("PDF structure"),
"Text" => _("The PDF structure defines what information is exported as PDF file and how the pages are structured. You can manage the PDF structures in the PDF editor (under \"Tools\").")),
"406" => array ("Headline" => _("Force password change"),
"Text" => _("If you set this option then the user has to change his password at the next login.")),
"407" => array ("Headline" => _("Send via mail"),
"Text" => _("Sends the password to the user via mail. Please edit your LAM server profile to setup the mail settings.")),
"408" => array ("Headline" => _("Import PDF structures"),
"Text" => _("Here you can import PDF structures from other server profiles (overwrite existing).")),
"409" => array ("Headline" => _("Export PDF structure"),
"Text" => _("Here you can export PDF structures to other server profiles (overwrite existing). You may also export a structure to the global templates. In this case it will always be copied to all server profiles that do not yet have a structure with this name.")),
"410" => array ("Headline" => _("Alternate recipient"),
"Text" => _("Here you can enter an alternative mail address for the password. To use the user's primary email address please leave the field blank.")),
"411" => array ("Headline" => _("Font"),
"Text" => _("Please select the font for the PDF file. Dejavu will work on all systems but does not support e.g. Chinese and Japanese. The other fonts require that an appropriate font is installed on the system where the PDF is opened.")),
// 500 - 599
// LAM Pro
"501" => array ("Headline" => _("LDAP suffix"),
"Text" => _("LAM will search for accounts in this part of the LDAP tree.")),
"502" => array ("Headline" => _("LDAP user and password"),
"Text" => _("LAM will use this LDAP DN and password to search for accounts. It is sufficient to specify an account with read rights. If nothing is inserted then LAM will try to connect anonymously.")),
"503" => array ("Headline" => _("LDAP search attribute"),
"Text" => _("This is needed to find the LDAP DNs of your user accounts. E.g. if you use \"uid\" and your user inputs \"miller\" then LAM will search for an account with uid=miller.")),
"504" => array ("Headline" => _("Login attribute label"),
"Text" => _("This text should shortly describe your selected LDAP search attribute (e.g. email or user name).")),
"505" => array ("Headline" => _("Login caption"),
"Text" => _("This text is displayed on top of the self service login page. You can also input HTML code here.")),
"506" => array ("Headline" => _("Main page caption"),
"Text" => _("This text is displayed on top of the self service main page. You can also input HTML code here.")),
"507" => array ("Headline" => _("Add new group"),
"Text" => _("Adds a new group element to the list of self service options. Use this to structure the input fields.")),
"508" => array ("Headline" => _("Add input field"),
"Text" => _("Adds a new self service option to the selected group element.")),
"509" => array ("Headline" => _("Page header"),
"Text" => _("This HTML code will be placed on top of all self service pages. E.g. you can use this to place your custom logo. Any HTML code is permitted.")),
"510" => array ("Headline" => _("Additional CSS links"),
"Text" => _("Here you can specify additional CSS links to change the layout of the self service pages. This is useful to adapt them to your corporate design. Please enter one link per line.")),
"511" => array ("Headline" => _("Password field label"),
"Text" => _('This text is placed as label for the password field on the login page. LAM will use "Password" if you do not enter any text.')),
"512" => array ("Headline" => _("Additional LDAP filter"),
"Text" => _('Use this to enter an additional LDAP filter (e.g. "(objectClass=passwordSelfReset)") to reduce the number of accounts who may use self service.')),
"513" => array ("Headline" => _('Use for all operations'),
"Text" => _('By default all modifications are done as the user that authenticated in self service. If active then LAM will use the connection user for all LDAP modifications and searches.')),
"514" => array ("Headline" => _('2-factor authentication'),
"Text" => _('You can enable 2-factor authentication here (e.g. via mobile device).')),
"515" => array ("Headline" => _('Base URL'),
"Text" => _('URL of external 2-factor authentication service.')),
"515a" => array ("Headline" => _('Base URLs'),
"Text" => _('URLs of external 2-factor authentication service. Enter one per line.')),
"516" => array ("Headline" => _('Disable certificate check'),
"Text" => _('This will disable the check of the SSL certificates for the 2-factor authentication service. Not recommended for production usage.')),
"517" => array ("Headline" => _('Label'),
"Text" => _('Use this to overwrite the default label for the 2-factor input field. Default is "PIN+Token".')),
"518" => array ("Headline" => _('Caption'),
"Text" => _('This text is displayed on top of the 2-factor page. You can also input HTML code here.')),
"519" => array ("Headline" => _('Optional'),
"Text" => _('If checked then also users who did not setup a second factor are able to login.')),
"520" => array ("Headline" => _("Generate random password"),
"Text" => _("This will set a random password and display it on the screen or send it to the user via mail. Please edit your LAM server profile to setup the mail settings.")),
"521" => array ("Headline" => _('Google reCAPTCHA'),
"Text" => _('Please enter the site and secret key you got from Google reCAPTCHA.')),
"522" => array ("Headline" => _('Secure login'),
"Text" => _('Protect the self service login with a captcha.')),
"523" => array ("Headline" => _('Base color'),
"Text" => _('Background color for self service pages.')),
"524" => array ("Headline" => _('Client id'),
"Text" => _('Please enter your client id for the verification API.')),
"525" => array ("Headline" => _('Secret key'),
"Text" => _('Please enter your secret key for the verification API.')),
"526" => array ("Headline" => _('Login footer'),
"Text" => _('This text is displayed as footer on the self service login page.')),
"527" => array ("Headline" => _('Main page footer'),
"Text" => _('This text is displayed as footer on the self service main page.')),
"528" => array ("Headline" => _('User name attribute'),
"Text" => _('The attribute (e.g. "uid") that contains the user name for the 2-factor service.')),
"529" => array ("Headline" => _('Domain'),
"Text" => _('Please enter the webauthn domain. This is the public domain of the webserver (e.g. "example.com"). Do not include protocol or port.')),
"550" => array ("Headline" => _("From address"),
"Text" => _("This email address will be set as sender address of all password mails. If empty the system default (php.ini) will be used.")),
"551" => array ("Headline" => _("Subject"),
"Text" => _('The subject of all password mails.')),
"552" => array ("Headline" => _("Text"),
"Text" => _('The mail text of all password mails.') .
'
' . _('Format') . ':