Commit 48333c0e authored by Mortier Benoit's avatar Mortier Benoit
Browse files

Merge branch '1.0.10'


Signed-off-by: default avatarMortier Benoit <benoit.mortier@opensides.be>

Conflicts:
	Changelog
	contrib/bin/fusiondirectory-setup
	contrib/docs/UPGRADE
	contrib/man/fusiondirectory-insert-schema.1
	contrib/man/fusiondirectory-setup.1
	contrib/man/fusiondirectory.conf.5
	html/index.php
	include/class_config.inc
	include/functions.inc
	include/simpleplugin/class_simplePlugin.inc
	include/variables_common.inc
	locale/ar/fusiondirectory.po
	locale/ca/fusiondirectory.po
	locale/cs_CZ/fusiondirectory.po
	locale/de/fusiondirectory.po
	locale/el_GR/fusiondirectory.po
	locale/en/fusiondirectory.po
	locale/es/fusiondirectory.po
	locale/es_CO/fusiondirectory.po
	locale/es_VE/fusiondirectory.po
	locale/fa_IR/fusiondirectory.po
	locale/fr/fusiondirectory.po
	locale/id/fusiondirectory.po
	locale/it_IT/fusiondirectory.po
	locale/lv/fusiondirectory.po
	locale/nb/fusiondirectory.po
	locale/nl/fusiondirectory.po
	locale/pl/fusiondirectory.po
	locale/pt/fusiondirectory.po
	locale/pt_BR/fusiondirectory.po
	locale/ru/fusiondirectory.po
	locale/ru@petr1708/fusiondirectory.po
	locale/sv/fusiondirectory.po
	locale/ug/fusiondirectory.po
	locale/vi_VN/fusiondirectory.po
	locale/zh/fusiondirectory.po
	plugins/admin/groups/class_ogroup.inc
parents a9be5a0f 820264f2
......@@ -2,7 +2,7 @@
host = https://www.transifex.com
type = PO
[FusionDirectory-109.core]
[FusionDirectory-110.core]
file_filter = locale/<lang>/fusiondirectory.po
source_file = locale/en/fusiondirectory.po
source_lang = en
......
FusionDirectory changelog
=========================
* FusionDirectory 1.0.10
[Feature] Bugs #1217: DNS service must be redone
|Fix] Bugs #2171: creating CNAME entries is not intuitive
|Fix] Bugs #2573: when changing the address range of a no used zone name, the reverse of the dns of this zone break
|Fix] Bugs #4251: When I have DNS zone created, DNS plugin asks for subnet and netmask for that zone.
|Fix] Bugs #4468: Error when I try to move a system with the DNS tab activate
|Fix] Bugs #4476: rewrite the part about fusiondirectory core in the documentation
|Fix] Bugs #4477: rewrite the configuration password recovery page as this as been integrated into the configuration in core
|Fix] Bugs #4480: LDAP::convert and LDAP::fix functions are causing problems
|Fix] Bugs #4482: Debug log prevent connection in some cases
[Feature] Bugs #4484: allow ldap ipv6 uris
|Fix] Bugs #4490: nagios.tpl file is not used anymore
|Fix] Bugs #4495: Use ldap_escape in compute_dn
[Feature] Bugs #4496: DNS plugin should support RFC 2317 for reverse zones
|Fix] Bugs #4498: Bad error message when we will use a GID with a non-existent group
[Feature] Bugs #4504: Support for split horizon should be added
|Fix] Bugs #4505: fusiondirectory-setup --migrate-users not work when the users don't have all the samba attributs
|Fix] Bugs #4508: second email and first email are inverted in the password recovery configuration page
|Fix] Bugs #4509: Force GID option is broken
|Fix] Bugs #4511: Add a button to launch argonaut-ldap2zone from FusionDirectory
|Fix] Bugs #4512: when using cyrus in unix hierarchy mode and creating a user and activating mail tab at the same time, the mailbox is not created
|Fix] Bugs #4514: It takes too long to load the reference tab for a DNS zone
[Feature] Bugs #4515: fusiondirectory-setup need an option to migrate the dns 1.0.9.x version to 1.0.10
|Fix] Bugs #4517: Some obsolete objectClass are still searched for in config
|Fix] Bugs #4518: Plugin deletion contains some useless ldap operation
|Fix] Bugs #4519: ldap::rmdir_recursive is not optimal
|Fix] Bugs #4520: Syslog server field should be removed
|Fix] Bugs #4521: LDAP server field should be removed (gotoLdapField)
|Fix] Bugs #4523: ntp server should be removed
[Feature] Bugs #4525: we should have attribute for start and end date into the personal-fd.schema and add it to the personal schema
[Feature] Bugs #4526: add "co" attribute into personal-fd.schema and into personal plugin
[Feature] Bugs #4527: create a community plugin to manage community aka organization and projects
[Feature] Bugs #4528: tab community on the user
[Feature] Bugs #4529: The category in department and organization should be a dropdown filled from the configuration backend
[Feature] Bugs #4530: in the department and organization we need to add the labeledUri
[Feature] Bugs #4531: The co (country friendlyName) in department and organization should be added and be dropdown filled from the configuration backend
[Feature] Bugs #4532: the personal plugin should have a field where we can put the badge number
[Feature] Bugs #4533: make a subcontracting plugin
|Fix] Bugs #4540: Problème avec les vcf (vcards)
|Fix] Bugs #4541: [intégration du schéma OPENNEBULA et création du plugin de gestion des groupes]
|Fix] Bugs #4542: fusiondirectory-setup --deprecated-ldif not found the asterisk deprecated
[Feature] Bugs #4543: Add an option to fusiondirectory-setup to see the uid that are duplicated
[Feature] Bugs #4544: Possibility to see the uid that are duplicate when we install FusionDirectory
|Fix] Bugs #4545: When we migrate an old FusionDirectory we not have argonautClientProtocol attribute
|Fix] Bugs #4555: the terminal plugin has an error with the latest ntp removal fix
|Fix] Bugs #4557: when a user is on top people branch and get an acl in subtree for a lower branch i get " The supplied base is not valid and has been reset to the previous value! "
[Feature] Bugs #4561: be able to select all user from ou=people,dc=opensides,dc=be but be confined to your branch for all the rest
[Feature] Bugs #4562: add http auth
|Fix] Bugs #4563: DNS zone serial is not updated when record are changed through the DNS tab of a system
|Fix] Bugs #4569: Groups containing unknown type objects or deleted objects does not appear
|Fix] Bugs #4575: Error with samba plugin and sambantpassword attribute
[Feature] Bugs #4576: create tab for the plugin community onto organization and department
[Feature] Bugs #4580: Newsletter plugin
|Fix] Bugs #4591: It’s impossible to delete root records in DNS zones
|Fix] Bugs #4592: its best if we use the /html/themes everywher in place of /html/images evertime is possible
|Fix] Bugs #4600: 'base' sticky or not ?
|Fix] Bugs #4602: assignements / object selection step : sometimes the current object doesn't shows up
|Fix] Bugs #4603: With debug set, toggle button is absent when selecting users to add them to a group
|Fix] Bugs #4605: inside group selections of users, the selections is not showing all users
[Feature] Bugs #4606: the login column is missing in the groupOfname user selection list
|Fix] Bugs #4608: assignements / object selection step : sometimes the current object doesn't shows up
|Fix] Bugs #4610: postalAddress (and homepostalAddress) content should stick to the RFC
|Fix] Bugs #4610: postalAddress (and homepostalAddress) content should stick to the RFC
|Fix] Bugs #4611: setRequired should be public
|Fix] Bugs #4613: Error about sambaUnixIdPool is unclear
|Fix] FusionDirectory plugins - Bugs #4620: postalAddress (and homepostalAddress) content should stick to the RFC
|Fix] FusionDirectory plugins - Bugs #4622: DNS record should be sorted
[Feature] Wishlist #2843: Assigning multiple domain names for servers.
[Feature] Wishlist #3265: rewrite DNS plugins
|Fix] Wishlist #4252: Systems plugin - when enable "Add to DNS" should be able to check about adding PTR and more A records
|Fix] Wishlist #4478: Using %askme% in User id and group id in templates does not work
|Fix] Wishlist #4486: possible documentation tweaks
|Fix] Wishlist #4492: "login" name in group add page
|Fix] Wishlist #4497: The order of user id and group id are inverted
[Feature] Wishlist #4560: community users and entities management specifications
[Feature] Wishlist #4564: Add a C modifier for counting an array
[Feature] Wishlist #4565: Fixedbutton themes should replace the default one
[Feature] Wishlist #4609: Add "project/org full name" attribute in dep community's tab
* FusionDirectory 1.0.9.3
Bugs #4444: Debug log prevent connection in some cases
Bugs #4452: Adding a user to a group using "Groups and roles" tab creates some PHP errors
Bugs #4453: Adding a user to a group using "Groups and roles" with trustMode fails
Bugs #4456: Can't find a way to specify a '/' in distribution or media name in the repository plugin
Bugs #4457: FusionDirectory don't find the dns server if he is in a department
Bugs #4459: Desactivate other authentification method from configuration file
Bugs #4463: There are still traces of the rsyslog plugin in the schema and config class
Bugs #4464: There are still traces of the rsyslog plugin in the schema and config class
Bugs #4465: remove from the service-fd.schema objectClass no longer used
Bugs #4466: Pull request 11 from github
Bugs #4479: In primary group in unix tab there is a «None» option
Bugs #4481: «Enable primary group filter» option is obsolete
Bugs #4485: 'fusiondirectory-insert-schema -m' should check if the specificed file exists
Wishlist #4385: Locked users can connect using SSH keys
Wishlist #4473: Locked users can connect using SSH keys
[Fix] Bugs #4444: Debug log prevent connection in some cases
[Fix] Bugs #4452: Adding a user to a group using "Groups and roles" tab creates some PHP errors
[Fix] Bugs #4453: Adding a user to a group using "Groups and roles" with trustMode fails
[Fix] Bugs #4456: Can't find a way to specify a '/' in distribution or media name in the repository plugin
[Fix] Bugs #4457: FusionDirectory don't find the dns server if he is in a department
[Feature] Bugs #4459: Desactivate other authentification method from configuration file
[Fix] Bugs #4463: There are still traces of the rsyslog plugin in the schema and config class
[Fix] Bugs #4464: There are still traces of the rsyslog plugin in the schema and config class
[Fix] Bugs #4465: remove from the service-fd.schema objectClass no longer used
[Fix] Bugs #4466: Pull request 11 from github
[Fix] Bugs #4479: In primary group in unix tab there is a «None» option
[Fix] Bugs #4481: «Enable primary group filter» option is obsolete
[Fix] Bugs #4485: 'fusiondirectory-insert-schema -m' should check if the specificed file exists
[Fix] Wishlist #4385: Locked users can connect using SSH keys
[Fix] Wishlist #4473: Locked users can connect using SSH keys
* FusionDirectory 1.0.9.2
......
......@@ -57,6 +57,8 @@ use XML::Twig;
# To hide password input
use Term::ReadKey;
use Data::Dumper;
# fd's directory and class.cache file's path declaration
my %vars = (
fd_home => "/var/www/fusiondirectory",
......@@ -89,6 +91,8 @@ my $configrdn = "cn=config,ou=fusiondirectory";
my $userrdn = "ou=people";
my $aclrolerdn = "ou=aclroles";
my $grouprdn = "ou=groups";
my $systemrdn = "ou=systems";
my $dnsrdn = "ou=dns";
#################################################################################################################################################
......@@ -1043,6 +1047,58 @@ sub check_ldap {
$unbind->code && warn "! Unable to unbind from LDAP server: ", $unbind->error."\n";
}
# function that check for duplicated uid or gid numbers
sub check_id_numbers {
read_ldap_config();
# initiate the LDAP connexion
my %hash_ldap_param = get_ldap_connexion();
# LDAP's connection's parameters
my $ldap = $hash_ldap_param{ldap};
my $base = $hash_ldap_param{base};
check_id_numbers_generic($ldap, $base, 'posixAccount','uidNumber','users');
check_id_numbers_generic($ldap, $base, 'posixGroup','gidNumber','groups');
}
sub check_id_numbers_generic {
my ($ldap, $base, $objectClass, $attribute, $type) = @_;
my $mesg = $ldap->search(
filter => "(&(objectClass=$objectClass)($attribute=*))",
base => $base,
attrs => [$attribute]
);
$mesg->code && die $mesg->error;
my @entries = $mesg->entries;
my %tmp = ();
foreach my $entry (@entries) {
if (not defined $tmp{$entry->get_value($attribute)}) {
$tmp{$entry->get_value($attribute)} = ();
}
push @{$tmp{$entry->get_value($attribute)}}, $entry->dn();
}
my $dups = 0;
while (my ($id, $dns) = each %tmp) {
if (scalar(@$dns) > 1) {
$dups = 1;
print "The following $type use the same $attribute $id:\n";
foreach my $dn (@$dns) {
print "\t$dn\n";
}
}
}
if ($dups == 0) {
print "There are no duplicated ${attribute}s\n";
}
}
# function that create a directory and copy plugin files in it
sub create_and_copy_plugin_dir {
my ($plugin_dir,$dest_dir) = @_;
......@@ -1154,7 +1210,7 @@ sub migrate_users {
if (ask_yn_question("Add the inetOrgPerson objectClass to all these entries?")) {
foreach my $entry (@entries) {
$mesg = $ldap->modify($entry->dn(), add => { "objectClass" => ["person","organizationalPerson","inetOrgPerson"]});
$mesg->code && print $mesg->error;
$mesg->code && print $mesg->error."\n";
}
}
}
......@@ -1191,22 +1247,23 @@ sub migrate_users {
) {
push(@replace, "fdPersonalInfo");
}
if (
($entry->exists('sambaLMPassword') || $entry->exists('sambaNTPassword') ||
$entry->exists('sambaPwdLastSet') || $entry->exists('sambaBadPasswordCount') ||
$entry->exists('sambaBadPasswordTime'))
&& !(grep {$_ eq 'sambaSamAccount'} @classes)
) {
@delete = ('sambaLMPassword','sambaNTPassword','sambaPwdLastSet','sambaBadPasswordCount','sambaBadPasswordTime');
if (!(grep {$_ eq 'sambaSamAccount'} @classes)) {
foreach my $sambaAttr ('sambaLMPassword','sambaNTPassword','sambaPwdLastSet','sambaBadPasswordCount','sambaBadPasswordTime') {
if ($entry->exists($sambaAttr)) {
push(@delete, $sambaAttr);
}
}
}
}
if (scalar(@delete) > 0) {
$mesg = $ldap->modify($entry->dn(), delete => \@delete );
$mesg->code && print $mesg->error;
$mesg = $ldap->modify($entry->dn(), delete => \@delete, replace => [ "objectClass" => \@replace ]);
$mesg->code && print $entry->dn()." (deleting samba attributes): ".$mesg->error."\n";
} else {
$mesg = $ldap->modify($entry->dn(), replace => [ "objectClass" => \@replace ]);
$mesg->code && print $entry->dn().": ".$mesg->error."\n";
}
$mesg = $ldap->modify($entry->dn(), replace => { "objectClass" => \@replace });
$mesg->code && print $mesg->error;
undef @replace;
undef @delete;
}
}
}
......@@ -1216,6 +1273,128 @@ sub migrate_users {
$unbind->code && warn "! Unable to unbind from LDAP server: ", $unbind->error."\n";
}
# function that moves DNS zones from systems to ou=dns
sub migrate_dns {
# initiate the LDAP connexion
my %hash_ldap_param = get_ldap_connexion();
# LDAP's connection's parameters
my $base = $hash_ldap_param{base};
my $ldap = $hash_ldap_param{ldap};
# Search for DNS zones
my $mesg = $ldap->search(
base => "$base",
filter => "(&(objectClass=dNSZone)(relativeDomainName=@)(!(|(zoneName=*.arpa)(zoneName=*.arpa.))))",
attrs => ['zoneName']
);
$mesg->code && die $mesg->error;
my @entries = $mesg->entries;
print "There are ".$mesg->count." DNS zones in the LDAP\n";
my @baddns = ();
foreach my $entry (@entries) {
if ($entry->dn() !~ m/$dnsrdn/) {
if (scalar(@baddns) == 0) {
print "The following are not in the DNS branch ($dnsrdn):\n";
}
print $entry->dn()."\n";
push @baddns, $entry->dn();
}
}
if (scalar(@baddns) == 0) {
print "They all already are in the DNS branch ($dnsrdn):\n";
} else {
if (ask_yn_question("Move these entries to the DNS branch ($dnsrdn)?")) {
foreach my $entrydn (@baddns) {
$entrydn =~ m/^([^,]+),(.+$systemrdn,(.+))$/ or die "Could not parse dn ".$entrydn."\n";
my $rdn = $1;
my $systemdn = $2;
my $entrybase = $3;
if (!branch_exists($ldap, "$dnsrdn,$entrybase")) {
create_branch($ldap, $entrybase, $dnsrdn);
}
my $result = $ldap->moddn (
$entrydn,
newrdn => $rdn,
deleteoldrdn => '1',
newsuperior => "$dnsrdn,$entrybase"
);
$result->code && die "Migration of DNS zone entry failed, LDAP error: ".$result->error."\n";
my $zoneDn = "$rdn,$dnsrdn,$entrybase";
$mesg = $ldap->search(
base => $zoneDn,
filter => "(&(objectClass=dNSZone)(relativeDomainName=*)(!(|(zoneName=*.arpa)(zoneName=*.arpa.))))"
);
$mesg->code && die $mesg->error;
@entries = $mesg->entries;
foreach my $entry (@entries) {
$entry->dn() =~ m/^([^,]+),(relativeDomainName=[^,]+),$zoneDn$/ or next;
$rdn = $1;
my $relativeDomainName = $2;
if ($rdn eq $relativeDomainName) {
my %replace = ();
my @attributes = $entry->attributes();
foreach my $attr (@attributes) {
$replace{$attr} = $entry->get_value($attr, asref => 1)
}
$result = $ldap->modify (
"$rdn,$zoneDn",
replace => \%replace
);
$result->code && die "Migration of DNS zone subentry failed, LDAP error: ".$result->error."\n";
$result = $ldap->delete ($entry->dn());
} else {
$result = $ldap->moddn (
$entry->dn(),
newrdn => $rdn,
deleteoldrdn => '1',
newsuperior => $zoneDn
);
}
$result->code && die "Migration of DNS zone subentry failed, LDAP error: ".$result->error."\n";
}
$mesg = $ldap->search(
base => $systemdn,
scope => 'base',
filter => '(objectClass=*)'
);
$mesg->code && die $mesg->error;
my $system_entry = $mesg->shift_entry;
$system_entry->get_value('objectClass');
my @classes = $system_entry->get_value('objectClass');
if (grep {$_ eq 'fdDNSHost'} @classes) {
$result = $ldap->modify (
"$systemdn",
add => {
'fdDNSZoneDn' => $zoneDn,
}
);
} else {
$result = $ldap->modify (
"$systemdn",
add => {
'fdDNSZoneDn' => $zoneDn,
'objectClass' => 'fdDNSHost'
}
);
}
$result->code && print "Could not add DNS tab on $systemdn, LDAP error: ".$result->error."\nYou'll need to activate it yourself\n";
}
}
}
}
sub migrate_acls {
# initiate the LDAP connexion
my %hash_ldap_param = get_ldap_connexion();
......@@ -1530,6 +1709,12 @@ sub read_ldap_config {
if (($mesg->entries)[0]->exists('fdAclRoleRDN')) {
$aclrolerdn = ($mesg->entries)[0]->get_value('fdAclRoleRDN');
}
if (($mesg->entries)[0]->exists('fdSystemRDN')) {
$systemrdn = ($mesg->entries)[0]->get_value('fdSystemRDN');
}
if (($mesg->entries)[0]->exists('fdDnsRDN')) {
$dnsrdn = ($mesg->entries)[0]->get_value('fdDnsRDN');
}
}
return ($mesg->entries)[0];
......@@ -1617,18 +1802,20 @@ die ("! You have to run this script as root\n") if ($<!=0);
$commands{"--check-directories"} = ["Checking FusionDirectory's directories", \&check_directories];
$commands{"--check-config"} = ["Checking FusionDirectory's config file", \&check_config];
$commands{"--check-ldap"} = ["Checking your LDAP tree", \&check_ldap];
$commands{"--check-ids"} = ["Checking for duplicated uid or gid numbers", \&check_id_numbers];
$commands{"--migrate-users"} = ["Migrating your users", \&migrate_users];
$commands{"--migrate-dns"} = ["Migrating DNS zones for FD 1.0.10", \&migrate_dns];
$commands{"--migrate-acls"} = ["Migrating your ACLs", \&migrate_acls];
$commands{"--install-plugins"} = ["Installing FusionDirectory's plugins", \&install_plugins];
$commands{"--encrypt-passwords"} = ["Encrypt passwords in fusiondirectory.conf", \&encrypt_passwords];
$commands{"--show-version"} = ["Show FusionDirectory version from variables_common.inc", \&show_version];
$commands{"--show-version"} = ["Show FusionDirectory version from variables_common.inc", \&show_version];
$commands{"--list-vars"} = ["List possible vars to give --set", \&list_vars];
$commands{"--write-vars"} = ["Choose FusionDirectory Directories", \&write_vars];
$commands{"--set-VAR=value"} = ["Set the variable VAR to value see --list-vars", \&die]; # Won't be called because it contains uppercase
$commands{"--list-deprecated"} = ["List deprecated attributes and objectclasses", \&list_deprecated];
$commands{"--check-deprecated"} = ["List LDAP entries using deprecated attributes or objectclasses", \&check_deprecated];
$commands{"--check-deprecated"} = ["List LDAP entries using deprecated attributes or objectclasses", \&check_deprecated];
$commands{"--ldif-deprecated"} = ["# Print an LDIF removing deprecated attributes",\&ldif_deprecated];
$commands{"--show-config"} = ["Show an LDAP dump of the FusionDirectory configuration",\&show_ldap_config];
$commands{"--show-config"} = ["Show an LDAP dump of the FusionDirectory configuration", \&show_ldap_config];
$commands{"--set-config-VAR=value"} = ["Set the value in LDAP of a configuration field",\&set_config_var];
my $usage = 0;
......@@ -1707,10 +1894,18 @@ This option perform a check on FusionDirectory's config file.
This option check your LDAP tree. Looking for admin account, and groups or people branch. If one of those don't exists, the script will ask you what to do.
=item --check-ids
This option check your LDAP tree for duplicated uidNumber or gidNumber among users and groups.
=item --migrate-users
This option add FusionDirectory attributes to the people branch.
=item --migrate-dns
This option moves DNS zones from systems branch to DNS branch, which is necessary for FusionDirectory 1.0.10 and above.
=item --migrate-acls
This option will migrated old GOsa style acl from 1.0.7 into FusionDirectory acl roles in 1.0.8
......
......@@ -1099,6 +1099,172 @@ step at the exception of the gosaAccount class that is migrated with **fusiondir
Please read it carefully before applying !!
Migrate FusionDirectory from 1.0.9.3 to 1.0.10
==============================================
Ubuntu 12.0.4 TLS users
=======================
Since 1.0.9.2 FusionDirectory need the php-cas library for CAS server support. This library can normally found in universe in the Ubuntu repositories
In case you did not find it, grab the deb from here and install it
http://packages.ubuntu.com/trusty/all/php-cas/download
and select your preferred mirror
Upgrade FusionDirectory first
=============================
Upgrade FusionDirectory core package before other ones to avoid dependencies errors:
apt-get install fusiondirectory
Upgrade FusionDirectory schema package too.
apt-get install fusiondirectory-schema
Upgrade of LDAP directory
=========================
- Upgrade the core configuration schema
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/core-fd.schema
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/core-fd-conf.schema
- if your are using the personal plugin you have to update his schema
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/personal-fd.schema
- if your are using the system plugin you have to update his schema
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/systems-fd.schema
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/systems-fd-conf.schema
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/service-fd.schema
- if your are using the dns plugin you have to update his schema
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/dns-fd-conf.schema
and install a new schema
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/dns-fd.schema
Remove old schema from /etc/ldap/schema/fusiondirectory
=======================================================
The old schema are not automatically removed from /etc/ldap/schema/fusiondirectory.
You can safely remove recovery-fd.schema and asterisk-fd-conf.schema if they still exist
Check for deprecated attributes and objectClasses in your LDAP
fusiondirectory-setup --list-deprecated show deprecated attributes and objectClasses for FusionDirectory
fusiondirectory-setup --list-deprecated
List deprecated attributes and objectclasses
Deprecated attributes:
gotoFilesystem (GOto - Gonicus Terminal Concept, value filesystem.) - 1.3.6.1.4.1.10098.1.1.1.6
gotoFloppyEnable (GOto - Gonicus Terminal Concept, value floppyEnable.) - 1.3.6.1.4.1.10098.1.1.1.7
gotoSysStatus (Keeps current system status - info shown in GOsa) - 1.3.6.1.4.1.10098.1.1.2.11
gotoXColordepth (GOto - Gonicus Terminal Concept, value xColordepth.) - 1.3.6.1.4.1.10098.1.1.1.21
gotoHardwareChecksum (GOto - quick way to see if something has changed) - 1.3.6.1.4.1.10098.1.1.2.12
goFaxPassword (Admin password for fax server) - 1.3.6.1.4.1.10098.1.1.9.23
gotoNtpServer (GOto - Gonicus Terminal Concept, value ntpServer.) - 1.3.6.1.4.1.10098.1.1.1.2
gotoXDriver (GOto - Gonicus Terminal Concept, value xDriver.) - 1.3.6.1.4.1.10098.1.1.1.28
fdSnapshotAdminDn (FusionDirectory - Snaphost admin dn) - 1.3.6.1.4.1.38414.8.17.4
fdPersonalTitleInDN (FusionDirectory - Personal title in dn) - 1.3.6.1.4.1.38414.8.12.5
gotoXMouseport (GOto - Gonicus Terminal Concept, value xMouseport.) - 1.3.6.1.4.1.10098.1.1.1.22
gotoAdaptPath (GOto - Gonicus Terminal Concept, value adaptpath.) - 1.3.6.1.4.1.10098.1.1.1.33
goFonCountryCode (Store country code) - 1.3.6.1.4.1.10098.1.1.9.29
gotoSndModule (GOto - Gonicus Terminal Concept, value sound Modules.) - 1.3.6.1.4.1.10098.1.1.1.29
gotoXKbLayout (GOto - Gonicus Terminal Concept, value xKblayout.) - 1.3.6.1.4.1.10098.1.1.1.26
gotoProfileFlags (GOto - Flags for Profile handling - C is for caching) - 1.3.6.1.4.1.10098.1.1.11.7
ghSoundAdapter (Hardware definitions, value soundAdapter) - 1.3.6.1.4.1.10098.1.1.2.7
gotoScannerModel (GOto - Gonicus Terminal Concept, value scannerModel.) - 1.3.6.1.4.1.10098.1.1.1.40
gotoScannerEnable (GOto - Gonicus Terminal Concept, value scannerEnable.) - 1.3.6.1.4.1.10098.1.1.1.10
gosaSubtreeACL (GOsa - ACL entry) - 1.3.6.1.4.1.10098.1.1.12.1
ghUsbSupport (Hardware definitions, value usbSupport) - 1.3.6.1.4.1.10098.1.1.2.3
gotoLpdEnable (GOto - Gonicus Terminal Concept, value lpdEnable.) - 1.3.6.1.4.1.10098.1.1.1.9
gotoProfileQuota (GOto - save quota for home) - 1.3.6.1.4.1.10098.1.1.11.15
gotoScannerBackend (GOto - Gonicus Terminal Concept, value scannerBackend.) - 1.3.6.1.4.1.10098.1.1.1.39
goSyslogSection (What sections wants the server for its syslog service? i.e. *.*) - 1.3.6.1.4.1.10098.1.1.9.9
fdAccountRDN (FusionDirectory - use a placeholder pattern for generating account RDNs) - 1.3.6.1.4.1.38414.8.12.2
goFaxAdmin (Admin principal for fax server) - 1.3.6.1.4.1.10098.1.1.9.22
goLogDriver (FD logging MDB2 driver name) - 1.3.6.1.4.1.10098.1.1.9.84
ghNetNic (Hardware definitions, value Network Device) - 1.3.6.1.4.1.10098.1.1.2.8
academicTitle (Field to represent the academic title) - 1.3.6.1.4.1.10098.1.1.6.2
fdPhoneMacroRDN (FusionDirectory - Phone macro RDN) - 1.3.6.1.4.1.38414.19.10.2
gosaLoginRestriction (GOsa - Multivalue attribute to carry a number of allowed ips/subnets) - 1.3.6.1.4.1.10098.1.1.12.46
gotoLpdServer (GOto - Gonicus Terminal Concept, value lpdServer.) - 1.3.6.1.4.1.10098.1.1.1.4
ghCpuType (Hardware definitions, value cpuType) - 1.3.6.1.4.1.10098.1.1.2.1
gotoXMonitor (GOto - Gonicus Terminal Concept, value xMonitor.) - 1.3.6.1.4.1.10098.1.1.1.17
fdRfc2307bis (FusionDirectory - rfc2307bis) - 1.3.6.1.4.1.38414.8.10.1
gotoXVsync (GOto - Gonicus Terminal Concept, value xVsync.) - 1.3.6.1.4.1.10098.1.1.1.19
fdSipContexts (FusionDirectory - available sip contexts) - 1.3.6.1.4.1.38414.19.11.1
gotoShare (GOto - specifies a share) - 1.3.6.1.4.1.10098.1.1.11.9
fdCopyPaste (FusionDirectory - (de)Activate copy/paste) - 1.3.6.1.4.1.38414.8.14.5
goLogPassword (Admin password for log server) - 1.3.6.1.4.1.10098.1.1.9.25
gotoCdromEnable (GOto - Gonicus Terminal Concept, value cdromEnable.) - 1.3.6.1.4.1.10098.1.1.1.8
gotoProfileServer (GOto - specifies the profile server) - 1.3.6.1.4.1.10098.1.1.11.8
fdSnapshotAdminPassword (FusionDirectory - Snaphost admin password) - 1.3.6.1.4.1.38414.8.17.5
ghMemSize (Hardware definitions, value memSize) - 1.3.6.1.4.1.10098.1.1.2.2
fdSnapshotURI (FusionDirectory - Snaphost URI) - 1.3.6.1.4.1.38414.8.17.3
gotoAutoFs (GOto - Gonicus Terminal Concept, value autofs.) - 1.3.6.1.4.1.10098.1.1.1.31
goFonAreaCode (Store area code) - 1.3.6.1.4.1.10098.1.1.9.28
ghInventoryNumber (Unique number for inclusion in an inventory) - 1.3.6.1.4.1.10098.1.1.2.10
fdPhoneConferenceRDN (FusionDirectory - Phone conference RDN) - 1.3.6.1.4.1.38414.19.10.3
gotoXMouseType (Hardware definitions, value Type of mouse) - 1.3.6.1.4.1.10098.1.1.1.34
fdPrimaryGroupFilter (FusionDirectory - Primary group filter) - 1.3.6.1.4.1.38414.8.14.1
gotoXHsync (GOto - Gonicus Terminal Concept, value xHsync.) - 1.3.6.1.4.1.10098.1.1.1.18
gosaDefaultLanguage (GOsa - Defines the default language for a user) - 1.3.6.1.4.1.10098.1.1.12.14
ghIdeDev (Hardware definitions, value ideDev) - 1.3.6.1.4.1.10098.1.1.2.4
gotoXKbVariant (GOto - Gonicus Terminal Concept, value xKbvariant.) - 1.3.6.1.4.1.10098.1.1.1.27
gotoModules (GOto - Gonicus Terminal Concept, value kernel modules.) - 1.3.6.1.4.1.10098.1.1.1.32
gotoXMouseButtons (GOto - Gonicus Terminal Concept, value xMouseButtons.) - 1.3.6.1.4.1.10098.1.1.1.23
fdIdGenerator (FusionDirectory - An automatic way to generate new user ids) - 1.3.6.1.4.1.38414.8.12.4
fdVoicemailContexts (FusionDirectory - available voicemail contexts) - 1.3.6.1.4.1.38414.19.11.2
ghScsiDev (Hardware definitions, value scsiDev) - 1.3.6.1.4.1.10098.1.1.2.5
goFonAdmin (Admin user for fon server) - 1.3.6.1.4.1.10098.1.1.9.26
ghGfxAdapter (Hardware definitions, value Grafikkarte) - 1.3.6.1.4.1.10098.1.1.2.9
fdPasswordHook (FusionDirectory - Password hook (external command)) - 1.3.6.1.4.1.38414.8.13.4
gotoXKbModel (GOto - Gonicus Terminal Concept, value xKbmodel.) - 1.3.6.1.4.1.10098.1.1.1.25
gotoRootPasswd (GOto - Gonicus Terminal Concept, value rootPasswd.) - 1.3.6.1.4.1.10098.1.1.1.14
goLogDB (GOsa logging DB name) - 1.3.6.1.4.1.10098.1.1.9.83
goLogAdmin (Admin user for log server) - 1.3.6.1.4.1.10098.1.1.9.24
gotoXResolution (GOto - Gonicus Terminal Concept, value xResolution.) - 1.3.6.1.4.1.10098.1.1.1.20
gotoScannerClients (GOto - Gonicus Terminal Concept, value scannerClients.) - 1.3.6.1.4.1.10098.1.1.1.11
gotoFontPath (GOto - Gonicus Terminal Concept, value fontPath.) - 1.3.6.1.4.1.10098.1.1.1.5
goFonPassword (Admin password for fon server) - 1.3.6.1.4.1.10098.1.1.9.27
Deprecated objectClasses:
goNfsServer (NFS server description) - 1.3.6.1.4.1.10098.1.2.1.19
goCupsServer (CUPS server description) - 1.3.6.1.4.1.10098.1.2.1.23
gosaCacheEntry (GOsa - Class for GOsa caching) - 1.3.6.1.4.1.10098.1.2.1.19.3
gosaObject (GOsa - Class for GOsa settings) - 1.3.6.1.4.1.10098.1.2.1.19.1
goFaxServer (Fax server description) - 1.3.6.1.4.1.10098.1.2.1.26
goFonServer (Fon server description) - 1.3.6.1.4.1.10098.1.2.1.29
gosaUserTemplate (GOsa - Class for GOsa User Templates) - 1.3.6.1.4.1.10098.1.2.1.19.11
gosaAccount (GOsa - Class for GOsa Accounts) - 1.3.6.1.4.1.10098.1.2.1.19.6
goLogDBServer (Log DB server description) - 1.3.6.1.4.1.10098.1.2.1.28
goSyslogServer (Syslog server description) - 1.3.6.1.4.1.10098.1.2.1.21
goNtpServer (Time server description) - 1.3.6.1.4.1.10098.1.2.1.20
fusiondirectory-setup --check-deprecated will output a list of dn using old attributes and objectClasses of they are present in your ldap server
fusiondirectory-setup --check-deprecated
List LDAP entries using deprecated attributes or objectclasses
There are no entries in the LDAP using obsolete attributes
There are no entries in the LDAP using obsolete classes
fusiondirectory-setup --ldif-deprecated will output an ldif file on the console that you can use with ldapmodify to clean you ldap server from old attributes.
If they are old objectClasses it will warn you and you will have to remove it by hand, they have been specified at the **fusiondirectory-setup --check-deprecated** step.
!! Please read it carefully before applying !!
---
* Further information
......
......@@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "FUSIONDIRECTORY-INSERT-SCHEMA 1"
.TH FUSIONDIRECTORY-INSERT-SCHEMA 1 "2016-01-29" "FusionDirectory 1.0.9.3" "FusionDirectory Documentation"
.TH FUSIONDIRECTORY-INSERT-SCHEMA 1 "2016-02-10" "FusionDirectory 1.0.10" "FusionDirectory Documentation"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
......