Commit d61d1c66 authored by Mortier Benoit's avatar Mortier Benoit
Browse files

Merge branch '1.0.14-fixes'

Showing with 531 additions and 241 deletions
+531 -241
......@@ -71,8 +71,8 @@ documentation and additional help.
French online documentation
English online documentation
* Vincent Seynhaeve
Xls export plugin <vincent.seynhaeve@opensides.be>
* Vincent Seynhaeve <vincent.seynhaeve@opensides.be>
Xls export plugin
* Wouter Verhelst <wouter@debian.org>
accept-to-gettext code that helps for language conversation
......@@ -163,7 +163,7 @@ documentation and additional help.
* Adrian Reyer <are+fd@lihas.de>
Modifier for templates to convert german umlauts to 7-bit ASCII
* Samuel Bosquin samuel.bosquin@ibcp.fr
* Samuel Bosquin <samuel.bosquin@ibcp.fr>
Plugin FAI - LVM partitions
* IOhannes umlaeute <noc@iem.at>
......@@ -188,6 +188,15 @@ documentation and additional help.
QA on FusionDirectory
RPM packaging maintener and ArchLinux Packager
* Timothée Giet timo@timotheegiet.com
* Timothée Giet <timo@timotheegiet.com>
New breezy icon Theme
* Clement Oudot <clem.oudot@gmail.com>
HTTP header authentication
* Thomas Niercke <thomas@niercke.de>
Code and ideas for making Argonaut Events Extensible
* Paola Penati <paolapenati@hotmail.com>
Italian translation
FusionDirectory changelog
=========================
* FusionDirectory 1.0.15
[Feature] Wishlist #4832: Allow removal of user picture
[Feature] Bugs #4945: Add the possibility to use %askme% for password expiration in template
FusionDirectory plugins - Bugs #4991: we should document all the change in the webservice done recently
|Fix] Bugs #5003: Error on mixed groups when nis schema not present
[Feature] Wishlist #5010: HTTP header authentication
|Fix] Bugs #5012: [PRINTERS] old printers are not migrated after upgrade to 1.0.14
|Fix] Bugs #5013: User that will expire in two weeks is not show in dashboard
|Fix] Argonaut Deployment System - Bugs #5018: Reinstall trigger on a workstation trigger an error
|Fix] FusionDirectory plugins - Bugs #5020: PHP errors in DHCP plugin with PHP7
|Fix] Bugs #5021: Checkhook should have a way to know if other check errors occured
|Fix] Bugs #5022: Random password does not work when we use a template in read only
|Fix] Bugs #5023: Icon for section account is not found
|Fix] FusionDirectory plugins - Bugs #5026: CSV import bug ?
|Fix] FusionDirectory plugins - Bugs #5031: Icon for LDAP should be moved to core
|Fix] Bugs #5040: Uppercase login triggers php notice
|Fix] FusionDirectory plugins - Bugs #5043: GPG server info cannot be edited anymore
[Feature] FusionDirectory plugins - Bugs #5044: Use simpleManagement in GPG plugin
|Fix] Bugs #5047: add git-shell in default shell list
|Fix] Bugs #5049: probleme de traduction dans le systeme de reinitialisation des mots de passe
|Fix] Bugs #5050: mauvais encodage dans le message de demande de reinitialisation du mot de passe
|Fix] FusionDirectory plugins - Bugs #5051: add a url text field for the linkedin account url
|Fix] Bugs #5052: password storage in firefox provoque an issue in the password field of the user tab in FusionDirectory
|Fix] FusionDirectory plugins - Bugs #5055: Argonaut actions launching is broken
[Feature] FusionDirectory plugins - Bugs #5056: Need to edit class_argonautActions.inc for custom modules
|Fix] Bugs #5057: check_schema should be reviewed
|Fix] Bugs #5058: notice on 1.0.14-fixes
|Fix] FusionDirectory plugins - Bugs #5068: PHP4 constructor in FAI plugin
|Fix] FusionDirectory plugins - Bugs #5069: PHP4 constructor in mail plugin
|Fix] Bugs #5071: Fatal error in FAI plugin
|Fix] Bugs #5074: Error to add ACL
|Fix] FusionDirectory plugins - Bugs #5075: Error to add ACL
|Fix] FusionDirectory plugins - Bugs #5088: Add samba shares update action to the list
|Fix] Bugs #5089: Attribute dob of fusiondirectory schema conflicts with evolution schema
|Fix] FusionDirectory plugins - Bugs #5090: Attribute dob of fusiondirectory schema conflicts with evolution schema
|Fix] Bugs #5092: FD should not interfere with form handling
* FusionDirectory 1.0.14
|Fix] FusionDirectory plugins - Bugs #4142: Local quota
......
......@@ -1578,6 +1578,65 @@ sub get_deprecated {
return (\@obsolete_attrs, \@obsolete_classes);
}
# function that migrates printers from FD<=1.0.13 to FD>=1.0.14
sub migrate_printers {
# initiate the LDAP connexion
my %hash_ldap_param = get_ldap_connexion();
# LDAP's connection's parameters
my $base = $hash_ldap_param{base};
my $ldap = $hash_ldap_param{ldap};
my $mesg = $ldap->search(
filter => '(objectClass=gotoPrinter)',
base => $base
);
$mesg->code && die $mesg->error;
if ($mesg->count > 0) {
print ("The following printers are using the obsolete gotoPrinter objectClass:\n");
my @entries = $mesg->entries;
foreach my $entry (@entries) {
print $entry->dn()."\n";
}
if (ask_yn_question("Migrate these entries to fdPrinter objectClass?")) {
foreach my $entry (@entries) {
my $newrdn = "cn=".$entry->get_value('cn')."+ipHostNumber=".$entry->get_value('ipHostNumber');
$mesg = $ldap->moddn($entry->dn(), newrdn => $newrdn);
if ($mesg->code) {
print $entry->dn().": ".$mesg->error."\n";
next;
}
my $dn_old = $entry->dn();
$dn_old =~ s/^[^,]+,/$newrdn,/;
my @replace = ('ieee802Device', 'ipHost', 'fdPrinter');
my @classes = $entry->get_value('objectClass');
foreach my $class (@classes) {
if ($class ne 'gotoPrinter') {
push(@replace, "$class");
}
}
$entry->replace("objectClass" => \@replace);
$mesg = $ldap->add($entry);
if ($mesg->code) {
print $entry->dn().": ".$mesg->error."\n";
next;
}
undef @replace;
$mesg = $ldap->delete($dn_old);
$mesg->code && print $dn_old.": ".$mesg->error."\n";
}
}
}
# unbind to the LDAP server
my $unbind = $ldap->unbind;
$unbind->code && warn "! Unable to unbind from LDAP server: ", $unbind->error."\n";
}
# List LDAP attributes which have been deprecated
sub list_deprecated {
my ($obsolete_attrs, $obsolete_classes) = get_deprecated();
......@@ -1824,6 +1883,7 @@ die ("! You have to run this script as root\n") if ($<!=0);
$commands{"--check-ldap"} = ["Checking your LDAP tree", \&check_ldap];
$commands{"--check-ids"} = ["Checking for duplicated uid or gid numbers", \&check_id_numbers];
$commands{"--migrate-users"} = ["Migrating your users", \&migrate_users];
$commands{"--migrate-printers"} = ["Migrating your printer from FD < 1.0.14", \&migrate_printers];
$commands{"--migrate-dns"} = ["Migrating DNS zones for FD 1.0.10", \&migrate_dns];
$commands{"--migrate-acls"} = ["Migrating your ACLs", \&migrate_acls];
$commands{"--install-plugins"} = ["Installing FusionDirectory's plugins", \&install_plugins];
......@@ -1922,6 +1982,10 @@ This option check your LDAP tree for duplicated uidNumber or gidNumber among use
This option add FusionDirectory attributes to the people branch.
=item --migrate-printers
This option replace gosaPrinter objectClass by new fdPrinter objectClass.
=item --migrate-dns
This option moves DNS zones from systems branch to DNS branch, which is necessary for FusionDirectory 1.0.10 and above.
......
......@@ -1765,6 +1765,198 @@ If they are old objectClasses it will warn you and you will have to remove it by
!! Please read it carefully before applying !!
New Breezy Theme
================
In this version by default there is a new more modern theme called breezy. To active it completely go to the configuration plugin, click edit and in the "Look and feel" section select breezy
Enjoy :)
Migrate FusionDirectory from 1.0.14 to 1.0.15
=============================================
Ubuntu 12.0.4 TLS users
=======================
Since 1.0.9.2 FusionDirectory need the php-cas library for CAS server support. This library can normally found in universe in the Ubuntu repositories
In case you did not find it, grab the deb from here and install it
http://packages.ubuntu.com/trusty/all/php-cas/download
and select your preferred mirror
Upgrade FusionDirectory first
=============================
- Upgrade FusionDirectory core package before other ones to avoid dependencies errors:
apt-get install fusiondirectory
- Upgrade FusionDirectory schema package too.
apt-get install fusiondirectory-schema
Plugin deprecated
=================
The apache2 plugin as been removed in this version
apt-get remove fusiondirectory-plugin-apache2
apt-get remove fusiondirectory-plugin-apache2-schema
Upgrade of LDAP directory
=========================
- Upgrade the core template schema
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/core-fd-conf.schema
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/core-fd.schema
- if your are using the systems plugin you have to update its schema
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/systems-fd.schema
- if your are using the personal plugin you have to update its schema
fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/personal-fd.schema
Remove old schema from /etc/ldap/schema/fusiondirectory
=======================================================
The old schema are not automatically removed from /etc/ldap/schema/fusiondirectory.
You can safely remove recovery-fd.schema and asterisk-fd-conf.schema if they still exist
Check for deprecated attributes and objectClasses in your LDAP
fusiondirectory-setup --list-deprecated show deprecated attributes and objectClasses for FusionDirectory
fusiondirectory-setup --list-deprecated
List deprecated attributes and objectclasses
Deprecated attributes:
gotoXKbVariant (GOto - Gonicus Terminal Concept, value xKbvariant.) - 1.3.6.1.4.1.10098.1.1.1.27
ghGfxAdapter (Hardware definitions, value Grafikkarte) - 1.3.6.1.4.1.10098.1.1.2.9
gotoModules (GOto - Gonicus Terminal Concept, value kernel modules.) - 1.3.6.1.4.1.10098.1.1.1.32
gotoHardwareChecksum (GOto - quick way to see if something has changed) - 1.3.6.1.4.1.10098.1.1.2.12
gotoPrinterPPD (GOto - Gonicus Terminal Concept, PPD data) - 1.3.6.1.4.1.10098.1.1.11.6
fdAsteriskDriver (Driver used for asterisk DB) - 1.3.6.1.4.1.10098.1.1.9.30
fdRfc2307bis (FusionDirectory - rfc2307bis) - 1.3.6.1.4.1.38414.8.10.1
goFonAreaCode (Store area code) - 1.3.6.1.4.1.10098.1.1.9.28
gotoGroupAdminPrinter (GOto - keeps printers we are admin for) - 1.3.6.1.4.1.10098.1.1.11.17
gotoXVsync (GOto - Gonicus Terminal Concept, value xVsync.) - 1.3.6.1.4.1.10098.1.1.1.19
printerWindowsDriverName (Windows name of the printer driver) - 1.3.6.1.4.1.38414.6.10.3
printerWindowsDriverDir (Path to directory that contains windows drivers for this printer) - 1.3.6.1.4.1.38414.6.10.2
fdSipContexts (FusionDirectory - available sip contexts) - 1.3.6.1.4.1.38414.19.11.1
fdPhoneConferenceRDN (FusionDirectory - Phone conference RDN) - 1.3.6.1.4.1.38414.19.10.3
goFonPassword (Admin password for fon server) - 1.3.6.1.4.1.10098.1.1.9.27
fdSnapshotURI (FusionDirectory - Snaphost URI) - 1.3.6.1.4.1.38414.8.17.3
fdSnapshotAdminPassword (FusionDirectory - Snaphost admin password) - 1.3.6.1.4.1.38414.8.17.5
gotoAdaptPath (GOto - Gonicus Terminal Concept, value adaptpath.) - 1.3.6.1.4.1.10098.1.1.1.33
ghMemSize (Hardware definitions, value memSize) - 1.3.6.1.4.1.10098.1.1.2.2
gotoCdromEnable (GOto - Gonicus Terminal Concept, value cdromEnable.) - 1.3.6.1.4.1.10098.1.1.1.8
ghInventoryNumber (Unique number for inclusion in an inventory) - 1.3.6.1.4.1.10098.1.1.2.10
avArchiveMaxRecursion (Maximum number of archive nestings) - 1.3.6.1.4.1.10098.1.1.9.73
goLogAdmin (Admin user for log server) - 1.3.6.1.4.1.10098.1.1.9.24
gotoXMouseport (GOto - Gonicus Terminal Concept, value xMouseport.) - 1.3.6.1.4.1.10098.1.1.1.22
gotoXMouseButtons (GOto - Gonicus Terminal Concept, value xMouseButtons.) - 1.3.6.1.4.1.10098.1.1.1.23
gotoXKbLayout (GOto - Gonicus Terminal Concept, value xKblayout.) - 1.3.6.1.4.1.10098.1.1.1.26
fdCopyPaste (FusionDirectory - (de)Activate copy/paste) - 1.3.6.1.4.1.38414.8.14.5
gotoScannerBackend (GOto - Gonicus Terminal Concept, value scannerBackend.) - 1.3.6.1.4.1.10098.1.1.1.39
printerWindowsInfFile (Path to windows inf file for this printer) - 1.3.6.1.4.1.38414.6.10.1
avArchiveMaxCompressionRatio (Maximum compression ratio) - 1.3.6.1.4.1.10098.1.1.9.74
fdPhoneMacroRDN (FusionDirectory - Phone macro RDN) - 1.3.6.1.4.1.38414.19.10.2
avMaxDirectoryRecursions (Number of recursions done with directories) - 1.3.6.1.4.1.10098.1.1.9.69
gotoUserPrinter (GOto - keeps printers shown for this user) - 1.3.6.1.4.1.10098.1.1.11.12
fdPasswordHook (FusionDirectory - Password hook (external command)) - 1.3.6.1.4.1.38414.8.13.4
gotoXColordepth (GOto - Gonicus Terminal Concept, value xColordepth.) - 1.3.6.1.4.1.10098.1.1.1.21
gotoXHsync (GOto - Gonicus Terminal Concept, value xHsync.) - 1.3.6.1.4.1.10098.1.1.1.18
fdPersonalTitleInDN (FusionDirectory - Personal title in dn) - 1.3.6.1.4.1.38414.8.12.5
gotoXMouseType (Hardware definitions, value Type of mouse) - 1.3.6.1.4.1.10098.1.1.1.34
gotoNtpServer (GOto - Gonicus Terminal Concept, value ntpServer.) - 1.3.6.1.4.1.10098.1.1.1.2
goLogDriver (FD logging MDB2 driver name) - 1.3.6.1.4.1.10098.1.1.9.84
fdPrimaryGroupFilter (FusionDirectory - Primary group filter) - 1.3.6.1.4.1.38414.8.14.1
ghUsbSupport (Hardware definitions, value usbSupport) - 1.3.6.1.4.1.10098.1.1.2.3
gotoXKbModel (GOto - Gonicus Terminal Concept, value xKbmodel.) - 1.3.6.1.4.1.10098.1.1.1.25
gotoSysStatus (Keeps current system status - info shown in GOsa) - 1.3.6.1.4.1.10098.1.1.2.11
goLogDB (GOsa logging DB name) - 1.3.6.1.4.1.10098.1.1.9.83
gotoFloppyEnable (GOto - Gonicus Terminal Concept, value floppyEnable.) - 1.3.6.1.4.1.10098.1.1.1.7
gotoFontPath (GOto - Gonicus Terminal Concept, value fontPath.) - 1.3.6.1.4.1.10098.1.1.1.5
gotoAutoFs (GOto - Gonicus Terminal Concept, value autofs.) - 1.3.6.1.4.1.10098.1.1.1.31
gotoXDriver (GOto - Gonicus Terminal Concept, value xDriver.) - 1.3.6.1.4.1.10098.1.1.1.28
gotoXResolution (GOto - Gonicus Terminal Concept, value xResolution.) - 1.3.6.1.4.1.10098.1.1.1.20
goFonCountryCode (Store country code) - 1.3.6.1.4.1.10098.1.1.9.29
fdAccountRDN (FusionDirectory - use a placeholder pattern for generating account RDNs) - 1.3.6.1.4.1.38414.8.12.2
avMaxThreads (Number of AV scanning threads) - 1.3.6.1.4.1.10098.1.1.9.68
gotoScannerModel (GOto - Gonicus Terminal Concept, value scannerModel.) - 1.3.6.1.4.1.10098.1.1.1.40
gotoSndModule (GOto - Gonicus Terminal Concept, value sound Modules.) - 1.3.6.1.4.1.10098.1.1.1.29
gotoLpdEnable (GOto - Gonicus Terminal Concept, value lpdEnable.) - 1.3.6.1.4.1.10098.1.1.1.9
avHttpProxyURL (How to get the updates) - 1.3.6.1.4.1.10098.1.1.9.76
gotoRootPasswd (GOto - Gonicus Terminal Concept, value rootPasswd.) - 1.3.6.1.4.1.10098.1.1.1.14
goLogPassword (Admin password for log server) - 1.3.6.1.4.1.10098.1.1.9.25
gotoProfileServer (GOto - specifies the profile server) - 1.3.6.1.4.1.10098.1.1.11.8
avDatabaseMirror (Where to find updates) - 1.3.6.1.4.1.10098.1.1.9.75
gotoGroupPrinter (GOto - keeps printers shown for this user) - 1.3.6.1.4.1.10098.1.1.11.16
fdMailMethod (FusionDirectory - Mail method) - 1.3.6.1.4.1.38414.10.10.1
gotoFilesystem (GOto - Gonicus Terminal Concept, value filesystem.) - 1.3.6.1.4.1.10098.1.1.1.6
ghSoundAdapter (Hardware definitions, value soundAdapter) - 1.3.6.1.4.1.10098.1.1.2.7
avArchiveMaxFileSize (Maximum archive file size) - 1.3.6.1.4.1.10098.1.1.9.72
avChecksPerDay (Update checks per day) - 1.3.6.1.4.1.10098.1.1.9.78
gotoScannerEnable (GOto - Gonicus Terminal Concept, value scannerEnable.) - 1.3.6.1.4.1.10098.1.1.1.10
ghScsiDev (Hardware definitions, value scsiDev) - 1.3.6.1.4.1.10098.1.1.2.5
goFaxPassword (Admin password for fax server) - 1.3.6.1.4.1.10098.1.1.9.23
goSyslogSection (What sections wants the server for its syslog service? i.e. *.*) - 1.3.6.1.4.1.10098.1.1.9.9
gotoLpdServer (GOto - Gonicus Terminal Concept, value lpdServer.) - 1.3.6.1.4.1.10098.1.1.1.4
avUser (Username to run antivirus with) - 1.3.6.1.4.1.10098.1.1.9.70
gotoProfileQuota (GOto - save quota for home) - 1.3.6.1.4.1.10098.1.1.11.15
fdIdGenerator (FusionDirectory - An automatic way to generate new user ids) - 1.3.6.1.4.1.38414.8.12.4
avFlags (Special flags for the antivirus scan engine) - 1.3.6.1.4.1.10098.1.1.9.71
gotoScannerClients (GOto - Gonicus Terminal Concept, value scannerClients.) - 1.3.6.1.4.1.10098.1.1.1.11
gotoXMonitor (GOto - Gonicus Terminal Concept, value xMonitor.) - 1.3.6.1.4.1.10098.1.1.1.17
ghNetNic (Hardware definitions, value Network Device) - 1.3.6.1.4.1.10098.1.1.2.8
goFonAdmin (Admin user for fon server) - 1.3.6.1.4.1.10098.1.1.9.26
gotoShare (GOto - specifies a share) - 1.3.6.1.4.1.10098.1.1.11.9
ghIdeDev (Hardware definitions, value ideDev) - 1.3.6.1.4.1.10098.1.1.2.4
fdSnapshotAdminDn (FusionDirectory - Snaphost admin dn) - 1.3.6.1.4.1.38414.8.17.4
goFaxAdmin (Admin principal for fax server) - 1.3.6.1.4.1.10098.1.1.9.22
ghCpuType (Hardware definitions, value cpuType) - 1.3.6.1.4.1.10098.1.1.2.1
fdVoicemailContexts (FusionDirectory - available voicemail contexts) - 1.3.6.1.4.1.38414.19.11.2
gotoProfileFlags (GOto - Flags for Profile handling - C is for caching) - 1.3.6.1.4.1.10098.1.1.11.7
gotoUserAdminPrinter (GOto - keeps printers we are admin for) - 1.3.6.1.4.1.10098.1.1.11.13
Deprecated objectClasses:
goCupsServer (CUPS server description) - 1.3.6.1.4.1.10098.1.2.1.23
goLogDBServer (Log DB server description) - 1.3.6.1.4.1.10098.1.2.1.28
goFaxServer (Fax server description) - 1.3.6.1.4.1.10098.1.2.1.26
goNtpServer (Time server description) - 1.3.6.1.4.1.10098.1.2.1.20
goSyslogServer (Syslog server description) - 1.3.6.1.4.1.10098.1.2.1.21
goNfsServer (NFS server description) - 1.3.6.1.4.1.10098.1.2.1.19
goFonServer (Fon server description) - 1.3.6.1.4.1.10098.1.2.1.29
gosaUserTemplate (GOsa - Class for GOsa User Templates) - 1.3.6.1.4.1.10098.1.2.1.19.11
goVirusServer (Virus server definition) - 1.3.6.1.4.1.10098.1.2.1.39
fusiondirectory-setup --check-deprecated will output a list of dn using old attributes and objectClasses of they are present in your ldap server
fusiondirectory-setup --check-deprecated
List LDAP entries using deprecated attributes or objectclasses
There are no entries in the LDAP using obsolete attributes
There are no entries in the LDAP using obsolete classes
If you see the obsolete object class gotoPrinter you must run the next command and answer yes
fusiondirectory-setup --migrate-printers
fusiondirectory-setup --ldif-deprecated will output an ldif file on the console that you can use with ldapmodify to clean you ldap server from old attributes.
If they are old objectClasses it will warn you and you will have to remove it by hand, they have been specified at the fusiondirectory-setup --check-deprecated step.
!! Please read it carefully before applying !!
==== Hook ====
You must modify your hook so that they don't use quotes. The attributes are now automatically quotes and escape.
==== New Breezy Theme ====
In this version by default there is a new more modern theme called breezy. To active it completely go to the configuration plugin, click edit and in the "Look and feel" section select breezy
......
......@@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "FUSIONDIRECTORY-INSERT-SCHEMA 1"
.TH FUSIONDIRECTORY-INSERT-SCHEMA 1 "2016-06-23" "FusionDirectory 1.0.14" "FusionDirectory Documentation"
.TH FUSIONDIRECTORY-INSERT-SCHEMA 1 "2016-08-01" "FusionDirectory 1.0.15" "FusionDirectory Documentation"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
......
......@@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "FUSIONDIRECTORY-SETUP 1"
.TH FUSIONDIRECTORY-SETUP 1 "2016-06-23" "FusionDirectory 1.0.14" "FusionDirectory Documentation"
.TH FUSIONDIRECTORY-SETUP 1 "2016-08-09" "FusionDirectory 1.0.15" "FusionDirectory Documentation"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
......@@ -168,6 +168,9 @@ This option check your \s-1LDAP\s0 tree for duplicated uidNumber or gidNumber am
.IP "\-\-migrate\-users" 4
.IX Item "--migrate-users"
This option add FusionDirectory attributes to the people branch.
.IP "\-\-migrate\-printers" 4
.IX Item "--migrate-printers"
This option replace gosaPrinter objectClass by new fdPrinter objectClass.
.IP "\-\-migrate\-dns" 4
.IX Item "--migrate-dns"
This option moves \s-1DNS\s0 zones from systems branch to \s-1DNS\s0 branch, which is necessary for FusionDirectory 1.0.10 and above.
......
......@@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "FUSIONDIRECTORY.CONF 1"
.TH FUSIONDIRECTORY.CONF 1 "2016-06-23" "FusionDirectory 1.0.14" "FusionDirectory Documentation"
.TH FUSIONDIRECTORY.CONF 1 "2016-08-01" "FusionDirectory 1.0.15" "FusionDirectory Documentation"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
......
......@@ -302,11 +302,24 @@ attributetype ( 1.3.6.1.4.1.38414.8.15.5 NAME 'fdSessionLifeTime'
SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.38414.8.15.6 NAME 'fdHttpAuthActivated'
DESC 'FusionDirectory - HTTP Auth activation'
DESC 'FusionDirectory - HTTP Basic Auth activation'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.38414.8.15.7 NAME 'fdHttpHeaderAuthActivated'
DESC 'FusionDirectory - HTTP Header Auth activation'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.38414.8.15.8 NAME 'fdHttpHeaderAuthHeaderName'
DESC 'FusionDirectory - HTTP Header Auth - Header name'
EQUALITY caseExactIA5Match
SUBSTR caseExactIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
# Debugging
attributetype ( 1.3.6.1.4.1.38414.8.16.1 NAME 'fdDisplayErrors'
......@@ -581,7 +594,7 @@ objectclass ( 1.3.6.1.4.1.38414.8.2.1 NAME 'fusionDirectoryConf'
fdPrimaryGroupFilter $ fdListSummary $
fdModificationDetectionAttribute $ fdLogging $ fdLdapSizeLimit $
fdLoginAttribute $ fdForceSSL $ fdWarnSSL $ fdStoreFilterSettings $ fdSessionLifeTime $
fdHttpAuthActivated $
fdHttpAuthActivated $ fdHttpHeaderAuthActivated $ fdHttpHeaderAuthHeaderName $
fdDisplayErrors $ fdLdapMaxQueryTime $ fdLdapStats $ fdDebugLevel $
fdEnableSnapshots $ fdSnapshotBase $
fdTabHook $ fdShells $ fdDisplayHookOutput $
......
......@@ -4,12 +4,6 @@
# Attributes
attributetype ( 1.3.6.1.4.1.10098.1.1.12.1 NAME 'gosaSubtreeACL'
DESC 'GOsa - ACL entry'
OBSOLETE
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.2 NAME 'gosaUser'
DESC 'GOsa - DN of a user'
......@@ -23,13 +17,6 @@ attributetype ( 1.3.6.1.4.1.10098.1.1.12.3 NAME 'gosaObject'
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.14 NAME 'gosaDefaultLanguage'
DESC 'GOsa - Defines the default language for a user'
OBSOLETE
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.30 NAME 'gosaGroupObjects'
DESC 'GOsa - List of all object types that are in a gosaGroupOfNames'
EQUALITY caseIgnoreIA5Match
......@@ -64,61 +51,17 @@ attributetype ( 1.3.6.1.4.1.10098.1.1.12.39 NAME 'gosaSnapshotData'
DESC 'GOsa - Original data of saved object in snapshot'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.46 NAME 'gosaLoginRestriction'
DESC 'GOsa - Multivalue attribute to carry a number of allowed ips/subnets'
OBSOLETE
SUP name)
attributetype ( 1.3.6.1.4.1.10098.1.1.6.2 NAME 'academicTitle'
DESC 'Field to represent the academic title'
OBSOLETE
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
attributetype ( 1.3.6.1.4.1.15305.2.1 NAME ( 'gender' 'sex' )
DESC 'Gender: M for male, F for female'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1}
SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.15305.2.2 NAME ( 'dateOfBirth' 'dob' )
DESC 'Date of birth in ISO 8601 format'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{10}
SINGLE-VALUE )
# Classes
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.1 NAME 'gosaObject' SUP top AUXILIARY
DESC 'GOsa - Class for GOsa settings'
OBSOLETE
MUST ( )
MAY ( gosaSubtreeACL ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.2 NAME 'gosaLockEntry' SUP top STRUCTURAL
DESC 'GOsa - Class for GOsa locking'
MUST ( gosaUser $ gosaObject $ cn ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.3 NAME 'gosaCacheEntry' SUP top STRUCTURAL
DESC 'GOsa - Class for GOsa caching'
OBSOLETE
MAY ( )
MUST ( cn $ gosaUser ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.4 NAME 'gosaDepartment' SUP top AUXILIARY
DESC 'GOsa - Class to mark Departments for GOsa'
MUST ( ou $ description )
MAY ( manager $ co $ labeledURI ) )
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.6 NAME 'gosaAccount' SUP top AUXILIARY
DESC 'GOsa - Class for GOsa Accounts'
OBSOLETE
MUST ( )
MAY (
gosaLoginRestriction $
gosaDefaultLanguage $ academicTitle $ personalTitle $ dateOfBirth $ gender
) )
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.11 NAME 'gosaUserTemplate' SUP top AUXILIARY
DESC 'GOsa - Class for GOsa User Templates'
OBSOLETE
......
......@@ -248,14 +248,10 @@ class passwordRecovery extends standAlonePage {
{
parent::__construct();
$smarty = get_smarty();
if (isset($_GET['email_address']) && $_GET['email_address'] != "") {
$this->email_address = validate($_GET['email_address']);
$smarty->assign('email_address', $this->email_address);
} elseif (isset($_POST['email_address'])) {
$this->email_address = validate($_POST['email_address']);
$smarty->assign('email_address', $this->email_address);
}
/* Check for selected user... */
......@@ -264,7 +260,7 @@ class passwordRecovery extends standAlonePage {
} elseif (isset($_POST['uid'])) {
$this->uid = validate($_POST['uid']);
} else {
$this->uid = "";
$this->uid = '';
}
}
......@@ -322,13 +318,16 @@ class passwordRecovery extends standAlonePage {
$smarty->assign('usePrototype', 'FALSE');
$smarty->append('js_files', 'include/pwdStrength.js');
$smarty->append('css_files', get_template_path('login.css'));
$lang = session::global_get('lang');
$smarty->assign('lang', preg_replace('/_.*$/', '', $lang));
$smarty->assign('rtl', language_is_rtl($lang));
$smarty->display(get_template_path('headers.tpl'));
$smarty->assign('version', FD_VERSION);
$smarty->assign('step', $this->step);
$smarty->assign('delay_allowed', $this->delay_allowed);
$smarty->assign('activated', $this->activated);
$smarty->assign('email_address', $this->email_address);
$smarty->display(get_template_path('recovery.tpl'));
exit();
}
......@@ -533,13 +532,7 @@ class passwordRecovery extends standAlonePage {
/* Send the mail */
$mail_body = sprintf($this->mail_body, $this->uid, $reinit_link);
/* From */
$headers = "From: ".$this->from_mail."\r\n";
$headers .= "Reply-To: ".$this->from_mail."\r\n";
$additional_parameters = "-f".$this->from_mail;
if (mail($this->email_address, $this->mail_subject, $mail_body, $headers, $additional_parameters)) {
if (mail_utf8($this->email_address, FALSE, $this->from_mail, $this->mail_subject, $mail_body)) {
$this->step = 3;
} else {
$this->message[] = msgPool::invalid(_("Contact your administrator, there was a problem with mail server"));
......@@ -602,13 +595,7 @@ class passwordRecovery extends standAlonePage {
/* Send the mail */
$mail_body = sprintf($this->mail2_body, $this->uid);
/* From */
$headers = "From: ".$this->from_mail."\r\n";
$headers .= "Reply-To: ".$this->from_mail."\r\n";
$additional_parameters = "-f".$this->from_mail;
if (mail($this->email_address, $this->mail2_subject, $mail_body, $headers, $additional_parameters)) {
if (mail_utf8($this->email_address, FALSE, $this->from_mail, $this->mail2_subject, $mail_body)) {
$smarty = get_smarty();
$this->step = 5;
$smarty->assign('changed', TRUE);
......
......@@ -22,8 +22,6 @@
Event.observe(window, 'resize', resizeHandler);
Event.observe(window, 'load', resizeHandler);
Event.observe(window, 'load', initProgressPie);
Event.observe(window, 'keypress', keyHandler);
/* Ask before switching a plugin with this function */
function question(text, url)
......@@ -100,80 +98,6 @@ function acl_toggle_all(regex)
}
}
/* Global key handler to estimate which element gets the next focus if enter is pressed */
function keyHandler(DnEvents) {
// determines whether Netscape or Internet Explorer
k = (Prototype.Browser.Gecko) ? DnEvents.keyCode : window.event.keyCode;
if (k == 13) { // enter key pressed
if(typeof(nextfield)!='undefined') {
if(nextfield == 'login') {
return true; // submit, we finished all fields
} else { // we are not done yet, send focus to next box
eval('document.mainform.' + nextfield + '.focus()');
return false;
}
} else {
if(Prototype.Browser.Gecko) {
if(DnEvents.target.type == 'textarea') {
return true;
} else if (DnEvents.target.type != 'submit') {
// TAB
var thisfield = document.getElementById(DnEvents.target.id);
for (i = 0; i < document.forms[0].elements.length; i++) {
if(document.forms[0].elements[i].id==thisfield.id) {
// Last form element on page?
if(i!=document.forms[0].elements.length-1) {
document.forms[0].elements[i+1].focus();
}
}
}
return false;
} else {
return true;
}
// Check for konqueror
} else if(document.clientWidth) {
// do nothing ATM
} else {
if(window.event.srcElement.type == 'textarea') {
return true;
} else if (window.event.srcElement.type != 'submit') {
// TAB
var thisfield = document.getElementById(window.event.srcElement.id);
for (i = 0; i < document.forms[0].elements.length; i++) {
if(document.forms[0].elements[i].id==thisfield.id) {
// Last form element on page?
if(i!=document.forms[0].elements.length-1) {
document.forms[0].elements[i+1].focus();
}
}
}
return false;
} else {
return true;
}
}
}
} else if (k==9) {
// Tab key pressed
if(Prototype.Browser.Gecko) {
if(DnEvents.target.type == 'textarea') {
document.getElementById(DnEvents.target.id).value+="\t";
return false;
}
// Check for konqueror
} else if(document.clientWidth) {
// do nothing ATM
} else {
if(window.event.srcElement.type == 'textarea') {
document.getElementById(window.event.srcElement.id).value+="\t";
return false;
}
}
}
}
function inArray(p_val, array) {
var l = array.length;
for (var i = 0; i < l; i++) {
......@@ -232,14 +156,6 @@ function changeTripleSelectState_2nd_neg(firstTriggerField, secondTriggerField,
}
}
// work together to analyze keystrokes
if (Prototype.Browser.Gecko){
window.onkeypress= keyHandler;
} else {
document.onkeydown= keyHandler;
}
function popup(target, name) {
var mypopup=
window.open(
......@@ -579,7 +495,7 @@ function setProgressPie(context, percent)
if (percent > 75) {
r = "ED"
g = "15"
b = "15";
b = "15";
}
context.strokeStyle = "#" + r + g + b
......
......@@ -183,7 +183,7 @@ clean_smarty_compile_dir($smarty->compile_dir);
initLanguage();
$smarty->assign ('nextfield', 'username');
$smarty->assign ('focusfield', 'username');
if (isset($_POST['server'])) {
$server = $_POST['server'];
......@@ -223,7 +223,7 @@ if (isset($_REQUEST['message'])) {
/* Class with a function for each login step
* Each function can return a string to display an LDAP error, or FALSE to redirect to login
* In this case it can set global $message and assign nextfield in smarty before hand */
* In this case it can set global $message and assign focusfield in smarty before hand */
class Index {
static protected $username;
static protected $password;
......@@ -279,7 +279,7 @@ class Index {
return FALSE;
} elseif (mb_strlen(self::$password, 'UTF-8') == 0) {
$message = _('Please specify your password!');
$smarty->assign ('nextfield', 'password');
$smarty->assign ('focusfield', 'password');
return FALSE;
}
return TRUE;
......@@ -291,14 +291,14 @@ class Index {
global $ui, $config, $message, $smarty;
/* Login as user, initialize user ACL's */
$ui = ldap_login_user(self::$username, self::$password);
if ($ui === NULL || !$ui) {
if ($ui === NULL) {
if (isset($_SERVER['REMOTE_ADDR'])) {
logging::log('security', 'login', '', array(), 'Authentication failed for user "'.self::$username.'" [from '.$_SERVER['REMOTE_ADDR'].']');
} else {
logging::log('security', 'login', '', array(), 'Authentication failed for user "'.self::$username.'"');
}
$message = _('Please check the username/password combination.');
$smarty->assign ('nextfield', 'password');
$smarty->assign ('focusfield', 'password');
return FALSE;
}
return TRUE;
......@@ -328,7 +328,7 @@ class Index {
if ($expired == POSIX_ACCOUNT_EXPIRED) {
logging::log('security', 'login', '', array(), 'Account for user "'.self::$username.'" has expired');
$message = _('Account locked. Please contact your system administrator!');
$smarty->assign ('nextfield', 'password');
$smarty->assign ('focusfield', 'username');
return FALSE;
}
}
......@@ -429,6 +429,77 @@ class Index {
}
}
/* All login steps in the right order for HTTP Header login */
static function headerAuthLoginProcess()
{
global $config, $message, $ui;
self::init();
/* Reset error messages */
$message = '';
$header = $config->get_cfg_value('httpHeaderAuthHeaderName', 'AUTH_USER');
self::$username = $_SERVER['HTTP_'.$header];
if (!self::$username) {
msg_dialog::display(
_('Error'),
sprintf(
_('No value found in HTTP header "%s"'),
$header
),
FATAL_ERROR_DIALOG
);
exit();
}
$ldap = $config->get_ldap_link();
$ldap->cd($config->current['BASE']);
$verify_attr = explode(',', $config->get_cfg_value('loginAttribute', 'uid'));
$filter = '';
foreach ($verify_attr as $attr) {
$filter .= '('.$attr.'='.ldap_escape_f(self::$username).')';
}
$ldap->search('(&(|'.$filter.')(objectClass=inetOrgPerson))');
$attrs = $ldap->fetch();
if ($ldap->count() < 1) {
msg_dialog::display(
_('Error'),
sprintf(
_('Header user "%s" could not be found in the LDAP'),
self::$username
),
FATAL_ERROR_DIALOG
);
exit();
} elseif ($ldap->count() > 1) {
msg_dialog::display(
_('Error'),
sprintf(
_('Header user "%s" match several users in the LDAP'),
self::$username
),
FATAL_ERROR_DIALOG
);
exit();
}
$ui = new userinfo($config, $attrs['dn']);
$ui->loadACL();
$success = self::runSteps(array(
'loginAndCheckExpired',
'runSchemaCheck',
'checkForLockingBranch',
));
if ($success) {
/* Everything went well, redirect to main.php */
self::redirect();
}
}
/* All login steps in the right order for CAS login */
static function casLoginProcess()
{
......@@ -510,6 +581,8 @@ if ($config->get_cfg_value('httpAuthActivated') == 'TRUE') {
spl_autoload_unregister('CAS_autoload');
spl_autoload_register('CAS_autoload', TRUE, TRUE);
Index::casLoginProcess();
} elseif ($config->get_cfg_value('httpHeaderAuthActivated') == 'TRUE') {
Index::headerAuthLoginProcess();
} elseif ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) {
/* Got a formular answer, validate and try to log in */
Index::fullLoginProcess();
......
html/themes/breezy/icons/16/apps/ldap.png

238 Bytes

html/themes/legacy/icons/16/apps/ldap.png

609 Bytes

......@@ -8,7 +8,7 @@
<div id="window_container">
<div id="window_div">
<form action="index.php" method="post" name="mainform" onSubmit="js_check(this);return true;">
<form action="index.php" method="post" id="loginform" name="loginform" onSubmit="js_check(this);return true;">
{$msg_dialogs}
<div id="window_titlebar">
......@@ -25,20 +25,22 @@
</div>
<div>
<label for="username"><img class="center" src="{$personal_img|escape}" alt="{t}Username{/t}" title="{t}Username{/t}"/>&nbsp;</label>
<input type="text" name="username" id="username" maxlength="40" value="{$username|escape}"
title="{t}Username{/t}" onFocus="nextfield= 'password';" />
<label for="username">
<img class="center" src="{$personal_img|escape}" alt="{t}Username{/t}" title="{t}Username{/t}"/>&nbsp;
</label>
<input type="text" name="username" id="username" maxlength="40" value="{$username|escape}" title="{t}Username{/t}" />
<br />
<br />
<label for="password"><img class="center" src="{$password_img|escape}" alt="{t}Password{/t}" title="{t}Password{/t}" />&nbsp;</label>
<input type="password" name="password" id="password" maxlength="40" value=""
title="{t}Password{/t}" onFocus="nextfield= 'login';" />
<label for="password">
<img class="center" src="{$password_img|escape}" alt="{t}Password{/t}" title="{t}Password{/t}" />&nbsp;
</label>
<input type="password" name="password" id="password" maxlength="40" value="" title="{t}Password{/t}"/>
<br />
<a href="recovery.php">{t}I forgot my password{/t}</a>
</div>
<div>
<img class="center" src="{$directory_img|escape}" alt="{t}Directory{/t}" title="{t}Directory{/t}" />&nbsp;
<select name="server" title="{t}Directory{/t}" onchange="javascript:document.mainform.submit();">
<select name="server" title="{t}Directory{/t}" onchange="javascript:document.loginform.submit();">
{html_options options=$server_options selected=$server_id}
</select>
</div>
......@@ -58,14 +60,12 @@
</div>
<div id="window_footer" class="plugbottom">
<div>
{$message}
<!-- Display error message on demand -->
{$message}
</div>
<div>
<!-- Display error message on demand -->
<input type="submit" name="login" value="{t}Sign in{/t}"
title="{t}Click here to log in{/t}" onFocus="nextfield='login';" />
<input type="submit" name="login" value="{t}Sign in{/t}" title="{t}Click here to log in{/t}"/>
<input type="hidden" name="javascript" value="false" />
<input type="hidden" name="login" value="{t}Sign in{/t}" />
</div>
</div>
......@@ -79,8 +79,7 @@
<script type="text/javascript">
<!--
enable_keyPress = false;
nextfield= "{$nextfield}";
focus_field("{$nextfield}");
focus_field("{$focusfield}");
next_msg_dialog();
-->
</script>
......
......@@ -59,11 +59,11 @@
</tr>
<tr>
<td><label for="new_password">{t}New password{/t}</label></td>
<td><input type="password" name="new_password" id="new_password" value="" title="{t}New password{/t}" onFocus="nextfield= 'new_password_repeated';" onkeyup="testPasswordCss(document.getElementById('new_password').value);"></td>
<td><input type="password" name="new_password" id="new_password" value="" title="{t}New password{/t}" onkeyup="testPasswordCss(document.getElementById('new_password').value);" /></td>
</tr>
<tr>
<td><label for="new_password_repeated">{t}New password repeated{/t}</label></td>
<td><input type="password" name="new_password_repeated" id="new_password_repeated" maxlength="40" value="" title="{t}New password repeated{/t}" onFocus="nextfield= 'apply';"></td>
<td><input type="password" name="new_password_repeated" id="new_password_repeated" maxlength="40" value="" title="{t}New password repeated{/t}" /></td>
</tr>
<tr>
<td>{t}Password strength{/t}</td>
......
......@@ -309,6 +309,10 @@ class IconTheme
array('actions','go-up'),
array('actions','arrow-up'),
),
'actions/upload' => array(
array('actions','document-import'),
array('actions','up'),
),
'actions/down' => array(
array('actions','go-down'),
array('actions','arrow-down'),
......
......@@ -610,7 +610,7 @@ class filter
echo '<ul>';
foreach ($result as $entry) {
echo '<li>'.mark($_POST[$tag], $entry).'</li>';
echo '<li>'.mark(htmlentities($_POST[$tag], ENT_COMPAT, 'UTF-8'), htmlentities($entry, ENT_COMPAT, 'UTF-8')).'</li>';
if ($max-- == 0) {
break;
}
......
......@@ -98,8 +98,12 @@ class template
function getBase()
{
$infos = objects::infos($this->type);
return dn2base($this->dn, 'ou=templates,'.$infos['ou']);
if (is_object($this->tabObject)) {
return $this->tabObject->getBaseObject()->base;
} else {
$infos = objects::infos($this->type);
return dn2base($this->dn, 'ou=templates,'.$infos['ou']);
}
}
function getNeeded()
......@@ -219,7 +223,6 @@ class template
$this->attrs = plugin::tpl_parse_attrs($this->attrs);
$this->tabObject->adapt_from_template($this->attrs, call_user_func_array('array_merge', $this->attributes));
$this->tabObject->getBaseObject()->base = $this->getBase();
$this->applied = TRUE;
return $this->tabObject;
......
......@@ -593,7 +593,7 @@ function ldap_login_user ($username, $password)
}
}
if (!$success) {
return FALSE;
return NULL;
}
/* got user dn, fill acl's */
......@@ -2579,69 +2579,95 @@ function check_schema($cfg)
$ldap = new ldapMultiplexer(new LDAP($cfg['admin'], $cfg['password'], $cfg['connection'], FALSE, $cfg['tls']));
$objectclasses = $ldap->get_objectclasses(TRUE);
if (count($objectclasses) == 0) {
msg_dialog::display(_("LDAP warning"), _("Cannot get schema information from server. No schema check possible!"), WARNING_DIALOG);
msg_dialog::display(_('LDAP warning'), _('Cannot get schema information from server. No schema check possible!'), WARNING_DIALOG);
return $checks;
}
/* This is the default block used for each entry.
* to avoid unset indexes.
*/
$def_check = array(
"SCHEMA_FILES" => array(),
"CLASSES_REQUIRED" => array(),
"STATUS" => FALSE,
"IS_MUST_HAVE" => FALSE,
"MSG" => "",
"INFO" => ""); // There is currently no information specified for this schema extension.;
/* FusionDirectory lock entry, used to mark currently edited objects as 'in use' */
$checks['gosaLockEntry']['SCHEMA_FILES'] = array('core-fd.schema');
$checks['gosaLockEntry']['CLASSES_REQUIRED'] = array('gosaLockEntry');
$checks['gosaLockEntry']['IS_MUST_HAVE'] = TRUE;
$checks['gosaLockEntry']['INFO'] = _('Used to lock currently edited entries to avoid multiple changes at the same time.');
/* Some other checks */
$checks['posixAccount']['SCHEMA_FILES'] = array('nis.schema');
$checks['posixAccount']['CLASSES_REQUIRED'] = array('posixAccount');
$checks['posixAccount']['IS_MUST_HAVE'] = FALSE;
'SCHEMA_FILE' => '',
'CLASSES_REQUIRED' => array(),
'STATUS' => FALSE,
'IS_MUST_HAVE' => FALSE,
'MSG' => '',
'INFO' => ''
);
/* FusionDirectory core schemas */
/* core-fd */
$checks['core-fd'] = $def_check;
$checks['core-fd']['SCHEMA_FILE'] = 'core-fd.schema';
$checks['core-fd']['CLASSES_REQUIRED'] = array('gosaLockEntry');
$checks['core-fd']['IS_MUST_HAVE'] = TRUE;
$checks['core-fd']['INFO'] = _('Main FusionDirectory schema');
/* core-fd-conf */
$checks['core-fd-conf'] = $def_check;
$checks['core-fd-conf']['SCHEMA_FILE'] = 'core-fd-conf.schema';
$checks['core-fd-conf']['CLASSES_REQUIRED'] = array('fusionDirectoryConf');
$checks['core-fd-conf']['IS_MUST_HAVE'] = TRUE;
$checks['core-fd-conf']['INFO'] = _('Schema used to store FusionDirectory configuration');
/* ldapns */
$checks['ldapns'] = $def_check;
$checks['ldapns']['SCHEMA_FILE'] = 'ldapns.schema';
$checks['ldapns']['CLASSES_REQUIRED'] = array('hostObject');
$checks['ldapns']['IS_MUST_HAVE'] = FALSE;
$checks['ldapns']['INFO'] = _('Used to store trust mode information in users or groups.');
/* template-fd */
$checks['template-fd'] = $def_check;
$checks['template-fd']['SCHEMA_FILE'] = 'template-fd.schema';
$checks['template-fd']['CLASSES_REQUIRED'] = array('fdTemplate');
$checks['template-fd']['IS_MUST_HAVE'] = FALSE;
$checks['template-fd']['INFO'] = _('Used to store templates.');
/* nis */
$checks['nis'] = $def_check;
$checks['nis']['SCHEMA_FILE'] = 'nis.schema';
$checks['nis']['CLASSES_REQUIRED'] = array('posixAccount');
$checks['nis']['IS_MUST_HAVE'] = FALSE;
$checks['nis']['INFO'] = _('Used to store POSIX information.');
foreach ($checks as $name => $value) {
foreach ($value['CLASSES_REQUIRED'] as $class) {
if (!isset($objectclasses[$name])) {
if (!isset($objectclasses[$class])) {
$checks[$name]['STATUS'] = FALSE;
if ($value['IS_MUST_HAVE']) {
$checks[$name]['STATUS'] = FALSE;
$checks[$name]['MSG'] = sprintf(_("Missing required object class '%s'!"), $class);
$checks[$name]['MSG'] = sprintf(_('Missing required object class "%s"!'), $class);
} else {
$checks[$name]['STATUS'] = TRUE;
$checks[$name]['MSG'] = sprintf(_("Missing optional object class '%s'!"), $class);
$checks[$name]['MSG'] = sprintf(_('Missing optional object class "%s"!'), $class);
}
} else {
$checks[$name]['STATUS'] = TRUE;
$checks[$name]['MSG'] = sprintf(_("Class(es) available"));
$checks[$name]['MSG'] = sprintf(_('Class(es) available'));
}
}
}
$tmp = $objectclasses;
/* The FusionDirectory base schema */
$checks['posixGroup'] = $def_check;
$checks['posixGroup']['SCHEMA_FILES'] = array("core-fd.schema");
$checks['posixGroup']['CLASSES_REQUIRED'] = array("posixGroup");
$checks['posixGroup']['SCHEMA_FILE'] = 'nis.schema';
$checks['posixGroup']['CLASSES_REQUIRED'] = array('posixGroup');
$checks['posixGroup']['STATUS'] = TRUE;
$checks['posixGroup']['IS_MUST_HAVE'] = TRUE;
$checks['posixGroup']['MSG'] = "";
$checks['posixGroup']['INFO'] = "";
$checks['posixGroup']['MSG'] = '';
$checks['posixGroup']['INFO'] = '';
/* Depending on mixed groups plugin installation status, we need different schema configurations */
if (class_available('mixedGroup') && isset($tmp['posixGroup']['STRUCTURAL'])) {
$checks['posixGroup']['STATUS'] = FALSE;
$checks['posixGroup']['MSG'] = _('You have installed the mixed groups plugin, but your schema configuration does not support this.');
$checks['posixGroup']['INFO'] = _('In order to use mixed groups the objectClass "posixGroup" must be AUXILIARY');
} elseif (!class_available('mixedGroup') && !isset($tmp['posixGroup']['STRUCTURAL'])) {
$checks['posixGroup']['STATUS'] = FALSE;
$checks['posixGroup']['MSG'] = _('Your schema is configured to support mixed groups, but this plugin is not present.');
$checks['posixGroup']['INFO'] = _('The objectClass "posixGroup" must be STRUCTURAL');
if (isset($objectclasses['posixGroup'])) {
$checks['posixGroup']['IS_MUST_HAVE'] = TRUE;
/* Depending on mixed groups plugin installation status, we need different schema configurations */
if (class_available('mixedGroup') && isset($objectclasses['posixGroup']['STRUCTURAL'])) {
$checks['posixGroup']['STATUS'] = FALSE;
$checks['posixGroup']['MSG'] = _('You have installed the mixed groups plugin, but your schema configuration does not support this.');
$checks['posixGroup']['INFO'] = _('In order to use mixed groups the objectClass "posixGroup" must be AUXILIARY');
} elseif (!class_available('mixedGroup') && !isset($objectclasses['posixGroup']['STRUCTURAL'])) {
$checks['posixGroup']['STATUS'] = FALSE;
$checks['posixGroup']['MSG'] = _('Your schema is configured to support mixed groups, but this plugin is not present.');
$checks['posixGroup']['INFO'] = _('The objectClass "posixGroup" must be STRUCTURAL');
}
}
return $checks;
......@@ -3443,4 +3469,23 @@ function ldap_escape_dn($str, $ignore = '')
{
return ldap_escape($str, $ignore, LDAP_ESCAPE_DN);
}
function mail_utf8($to, $from_user, $from_email, $subject, $message, $type = 'plain')
{
$subject = "=?UTF-8?B?".base64_encode($subject)."?=";
if ($from_user) {
$from_user = "=?UTF-8?B?".base64_encode($from_user)."?=";
$headers = "From: $from_user <$from_email>\r\n";
$headers .= "Reply-To: $from_user <$from_email>\r\n";
} else {
$headers = "From: <$from_email>\r\n";
$headers .= "Reply-To: <$from_email>\r\n";
}
$headers .= "MIME-Version: 1.0" . "\r\n" .
"Content-type: text/$type; charset=UTF-8" . "\r\n";
$additional_parameters = "-f".$from_email;
return mail($to, $subject, $message, $headers, $additional_parameters);
}
?>
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment