1 <?php
2 /*
3 This code is part of GOsa (https://gosa.gonicus.de)
4 Copyright (C) 2004-2005 Cajus Pollmeier
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
21 class sambaAccount extends plugin
22 {
23 /* Definitions */
24 var $plHeadline= "Samba";
25 var $plDescription= "This does something";
27 /* Switch for Samba version */
28 var $samba3= FALSE;
29 var $uidNumber= 65535;
30 var $gidNumber= 65535;
32 /* Samba 2 attributes */
33 var $pwdLastSet= "0";
34 var $logonTime= "0";
35 var $logoffTime= "2147483647";
36 var $kickoffTime= "2147483647";
37 var $pwdCanChange= "0";
38 var $pwdMustChange= "0";
39 var $password_expires= 0;
40 var $acctFlags= "[UX ]";
41 var $smbHome= "";
42 var $homeDrive= "";
43 var $scriptPath= "";
44 var $profilePath= "";
45 var $rid= "";
46 var $primaryGroupID= "";
48 /* Samba 3 attributes */
49 var $SID= "";
50 var $ridBase= 0;
51 var $sambaSID= "";
52 var $sambaPwdLastSet= "0";
53 var $sambaLogonTime= "0";
54 var $sambaLogoffTime= "2147483647";
55 var $sambaKickoffTime= "2147483647";
56 var $sambaPwdCanChange= "";
57 var $sambaPwdMustChange= "0";
58 var $sambaAcctFlags= "[UX ]";
59 var $sambaHomePath= "";
60 var $sambaHomeDrive= "";
61 var $sambaLogonScript= "";
62 var $sambaProfilePath= "";
63 var $sambaPrimaryGroupSID= "";
64 var $sambaDomainName= "";
65 var $sambaUserWorkstations= "";
66 var $sambaBadPasswordCount= "";
67 var $sambaBadPasswordTime= "";
68 var $sambaPasswordHistory= "";
69 var $sambaLogonHours= "";
70 var $orig_sambaDomainName= "";
71 var $sambaMungedDial= "";
72 var $mungedObject;
74 /* Helper */
75 var $cache = array();
76 var $display_information = FALSE;
77 var $dialog;
78 var $show_ws_dialog= FALSE;
79 var $logon_time_set= 0;
80 var $logoff_time_set= 0;
81 var $kickoff_time_set= 0;
83 /* attribute list for save action */
84 var $ctxattributes= array();
85 var $attributes= array();
86 var $objectclasses= array();
88 var $uid = "";
90 var $CopyPasteVars = array("kickoff_time_set","logoff_time_set","logon_time_set","mungedObject","orig_sambaDomainName");
92 function sambaAccount ($config, $dn= NULL, $parent= NULL)
93 {
94 /* Load attributes depending on the samba version */
95 $this->samba3= ($config->current['SAMBAVERSION'] == 3);
97 if ($this->samba3){
98 $this->attributes= array ("sambaSID", "sambaPwdLastSet", "sambaLogonTime",
99 "sambaLogoffTime", "sambaKickoffTime", "sambaPwdCanChange",
100 "sambaPwdMustChange", "sambaAcctFlags", "uid", "sambaMungedDial",
101 "sambaHomePath", "sambaHomeDrive", "sambaLogonScript",
102 "sambaProfilePath", "sambaPrimaryGroupSID", "sambaDomainName",
103 "sambaUserWorkstations", "sambaPasswordHistory",
104 "sambaLogonHours", "sambaBadPasswordTime",
105 "sambaBadPasswordCount");
106 $this->objectclasses= array ("sambaSamAccount");
107 $this->mungedObject= new sambaMungedDial;
108 $this->ctxattributes= $this->mungedObject->ctxattributes;
109 } else {
110 $this->attributes= array ("pwdLastSet", "logonTime", "logoffTime", "kickoffTime",
111 "pwdCanChange", "pwdMustChange", "acctFlags", "profilePath", "uid",
112 "smbHome", "homeDrive", "scriptPath", "rid", "primaryGroupID");
113 $this->objectclasses= array ("sambaAccount");
114 }
116 plugin::plugin ($config, $dn, $parent);
118 /* set user id */
119 if(isset($this->attrs['uid'])){
120 $this->uid = $this->attrs['uid'][0];
121 }
123 /* Get samba Domain in case of samba 3 */
124 if ($this->samba3 && $this->sambaSID != ""){
125 $this->SID= preg_replace ("/-[^-]+$/", "", $this->sambaSID);
126 $ldap= $this->config->get_ldap_link();
127 $ldap->cd($this->config->current['BASE']);
128 $ldap->search ("(&(objectClass=sambaDomain)(sambaSID=$this->SID))",array("sambaAlgorithmicRidBase","sambaDomainName"));
129 if ($ldap->count() != 0){
130 $attrs= $ldap->fetch();
131 if(isset($attrs['sambaAlgorithmicRidBase'])){
132 $this->ridBase= $attrs['sambaAlgorithmicRidBase'][0];
133 } else {
134 $this->ridBase= $this->config->current['RIDBASE'];
135 }
136 if ($this->sambaDomainName == ""){
137 $this->sambaDomainName= $attrs['sambaDomainName'][0];
138 }
139 } else {
140 if ($this->sambaDomainName == ""){
141 $this->sambaDomainName= "DEFAULT";
142 }
143 $this->ridBase= $this->config->current['RIDBASE'];
144 $this->SID= $this->config->current['SID'];
145 }
147 /* Save in order to compare later on */
148 $this->orig_sambaDomainName= $this->sambaDomainName;
149 }
151 /* Fill mungedDial field */
152 if ($this->samba3 && isset($this->attrs['sambaMungedDial'])){
153 $this->mungedObject->load($this->sambaMungedDial);
154 }
156 /* Password expiery */
157 if(isset($this->attrs['sambaPwdMustChange']) &&
158 $this->attrs['sambaPwdMustChange'][0] != 0){
159 $this->password_expires= 1;
160 }
162 if(isset($this->attrs['sambaLogonTime']) && ! (
163 $this->attrs['sambaLogonTime'][0] == 0 ||
164 $this->attrs['sambaLogonTime'][0] == 2147483647
165 )){
166 $this->logon_time_set= 1;
167 }
168 if(isset($this->attrs['sambaLogoffTime']) && ! (
169 $this->attrs['sambaLogoffTime'][0] == 0 ||
170 $this->attrs['sambaLogoffTime'][0] == 2147483647
171 )){
172 $this->logoff_time_set= 1;
173 }
175 /* Account expiery */
176 if(isset($this->attrs['sambaKickoffTime']) && ! (
177 $this->attrs['sambaKickoffTime'][0] == 0 ||
178 $this->attrs['sambaKickoffTime'][0] == 2147483647
179 )){
180 $this->kickoff_time_set= 1;
181 }
183 /* Get global filter config */
184 if (!is_global("sambafilter")){
185 $ui= get_userinfo();
186 $base= get_base_from_people($ui->dn);
187 $sambafilter= array( "depselect" => $base, "regex" => "*");
188 register_global("sambafilter", $sambafilter);
189 }
191 /* Save initial account state */
192 $this->initially_was_account= $this->is_account;
193 }
195 function execute()
196 {
197 /* Call parent execute */
198 plugin::execute();
201 /* Do we need to flip is_account state? */
202 if (isset($_POST['modify_state'])){
204 /* Only change account state if allowed */
205 if($this->is_account && $this->acl == "#all#"){
206 $this->is_account= !$this->is_account;
207 }elseif(!$this->is_account && chkacl($this->acl,"create") == ""){
208 $this->is_account= !$this->is_account;
209 }
210 }
212 /* Do we represent a valid account? */
213 if (!$this->is_account && $this->parent == NULL){
214 $display= "<img alt=\"\"src=\"images/stop.png\" align=\"middle\"> <b>".
215 _("This account has no samba extensions.")."</b>";
216 $display.= back_to_main();
217 return ($display);
218 }
220 /* Show tab dialog headers */
221 $display= "";
222 if ($this->parent != NULL){
223 if ($this->is_account){
224 $display= $this->show_header(_("Remove samba account"),
225 _("This account has samba features enabled. You can disable them by clicking below."));
226 } else {
227 $obj= $this->parent->by_object['posixAccount'];
229 /* Samba3 dependency on posix accounts are enabled
230 in the moment, because I need to rely on unique
231 uidNumbers. There'll be a better solution later
232 on. */
233 if ($obj->is_account){
235 $display= $this->show_header(_("Create samba account"),
236 _("This account has samba features disabled. You can enable them by clicking below."));
237 } else {
238 $display= $this->show_header(_("Create samba account"),
239 _("This account has samba features disabled. Posix features are needed for samba accounts, enable them first."), TRUE);
240 }
241 return ($display);
242 }
243 }
246 /* Open Samaba Logong hours dialog */
247 if(isset($_POST['SetSambaLogonHours']) && $this->samba3 && chkacl($this->acl,"sambaLogonHours") == ""){
248 $this->dialog = new sambaLogonHours($this->config,$this->dn,$this->sambaLogonHours);
249 }
251 /* Cancel dialog */
252 if(isset($_POST['cancel_logonHours'])){
253 $this->dialog = NULL;
254 }
256 /* Save selected logon hours */
257 if(isset($_POST['save_logonHours'])){
258 $this->dialog->save_object();
259 $this->sambaLogonHours = $this->dialog->save();
260 $this->dialog = NULL;
261 }
263 /* Display dialog */
264 if((isset($this->dialog)) && (is_object($this->dialog))){
265 $this->dialog->save_object();
266 return($this->dialog->execute());
267 }
270 /* Prepare templating */
271 $smarty= get_smarty();
273 /* PHP Fehler "Undefined index: sambaPwdMustChangeACL" */
274 #hickert test
275 $smarty->assign("sambaPwdMustChangeACL", chkacl($this->acl, "sambaPwdMustChangeACL"));
276 #hickert test
277 $smarty->assign("sambaPwdMustChange",$this->sambaPwdMustChange);
279 if ($this->sambaPwdMustChange=="0"){
280 $date= getdate();
281 } else {
282 $date= getdate($this->sambaPwdMustChange);
283 }
285 if ($this->sambaLogonTime=="2147483647" || $this->sambaLogonTime=="0"){
286 $sambaLogonTime_date= getdate();
287 } else {
288 $sambaLogonTime_date= getdate($this->sambaLogonTime);
289 }
291 if ($this->sambaLogoffTime=="2147483647" || $this->sambaLogoffTime=="0"){
292 $sambaLogoffTime_date= getdate();
293 } else {
294 $sambaLogoffTime_date= getdate($this->sambaLogoffTime);
295 }
297 if ($this->sambaKickoffTime=="2147483647" || $this->sambaKickoffTime=="0"){
298 $sambaKickoffTime_date= getdate();
299 } else {
300 $sambaKickoffTime_date= getdate($this->sambaKickoffTime);
301 }
303 /* Remove user workstations? */
304 if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
305 $tmp= $this->sambaUserWorkstations;
306 foreach($_POST['workstation_list'] as $name){
307 $tmp= preg_replace("/$name/", '', $tmp);
308 $this->is_modified= TRUE;
309 }
310 $tmp= preg_replace('/,+/', ',', $tmp);
311 $this->sambaUserWorkstations= trim($tmp, ',');
312 }
314 /* Add user workstation? */
315 if (isset($_POST["add_ws"])){
316 $this->show_ws_dialog= TRUE;
317 $this->dialog= TRUE;
318 }
320 /* Add user workstation finished? */
321 if (isset($_POST["add_ws_finish"]) || isset($_POST["add_ws_cancel"])){
322 $this->show_ws_dialog= FALSE;
323 $this->dialog= FALSE;
324 }
326 /* Add user workstation? */
327 if (isset($_POST["add_ws_finish"]) && isset($_POST['wslist'])){
328 $tmp= $this->sambaUserWorkstations;
329 foreach($_POST['wslist'] as $ws){
330 $tmp.= ",$ws";
331 }
332 $tmp= preg_replace('/,+/', ',', $tmp);
333 $this->sambaUserWorkstations= trim($tmp, ',');
334 $this->is_modified= TRUE;
335 }
337 /* Show ws dialog */
338 if ($this->show_ws_dialog){
340 /* Save data */
341 $sambafilter= get_global("sambafilter");
342 foreach( array("depselect", "regex") as $type){
343 if (isset($_POST[$type])){
344 $sambafilter[$type]= $_POST[$type];
345 }
346 }
347 if (isset($_GET['search'])){
348 $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
349 if ($s == "**"){
350 $s= "*";
351 }
352 $sambafilter['regex']= $s;
353 }
354 register_global("sambafilter", $sambafilter);
356 /* Get workstation list */
357 $exclude= "";
358 foreach(split(',', $this->sambaUserWorkstations) as $ws){
359 $exclude.= "(cn=$ws$)";
360 }
361 if ($exclude != ""){
362 $exclude= "(!(|$exclude))";
363 }
364 $acl= array($this->config->current['BASE'] => ":all");
365 $regex= $sambafilter['regex'];
366 $filter= "(&(objectClass=sambaSAMAccount)$exclude(uid=*$)(|(uid=$regex)(cn=$regex)))";
367 $res= get_list($filter, $acl, $sambafilter['depselect'], array("uid"), GL_SUBSEARCH | GL_SIZELIMIT);
368 $wslist= array();
369 foreach ($res as $attrs){
370 $wslist[]= preg_replace('/\$/', '', $attrs['uid'][0]);
371 }
372 asort($wslist);
374 $smarty->assign("search_image", get_template_path('images/search.png'));
375 $smarty->assign("launchimage", get_template_path('images/small_filter.png'));
376 $smarty->assign("tree_image", get_template_path('images/tree.png'));
377 $smarty->assign("deplist", $this->config->idepartments);
378 $smarty->assign("alphabet", generate_alphabet());
379 foreach( array("depselect", "regex") as $type){
380 $smarty->assign("$type", $sambafilter[$type]);
381 }
382 $smarty->assign("hint", print_sizelimit_warning());
383 $smarty->assign("wslist", $wslist);
384 $smarty->assign("apply", apply_filter());
385 $display= $smarty->fetch (get_template_path('samba3_workstations.tpl', TRUE,
386 dirname(__FILE__)));
387 return ($display);
388 }
390 /* Fill calendar */
391 $days= array();
392 for($d= 1; $d<32; $d++){
393 $days[]= $d;
394 }
395 $years= array();
396 for($y= $date['year']-4; $y<$date['year']+4; $y++){
397 $years[]= $y;
398 }
399 $months= array(_("January"), _("February"), _("March"), _("April"),
400 _("May"), _("June"), _("July"), _("August"), _("September"),
401 _("October"), _("November"), _("December"));
402 $smarty->assign("day", $date["mday"]);
403 $smarty->assign("days", $days);
404 $smarty->assign("months", $months);
405 $smarty->assign("month", $date["mon"]-1);
406 $smarty->assign("years", $years);
407 $smarty->assign("year", $date["year"]);
409 $sambaLogonTime_days= array();
410 for($d= 1; $d<32; $d++){
411 $sambaLogonTime_days[]= $d;
412 }
413 $sambaLogonTime_years= array();
414 for($y= $date['year']-4; $y<$date['year']+4; $y++){
415 $sambaLogonTime_years[]= $y;
416 }
417 $sambaLogonTime_months= array(_("January"), _("February"), _("March"), _("April"),
418 _("May"), _("June"), _("July"), _("August"), _("September"),
419 _("October"), _("November"), _("December"));
420 $smarty->assign("sambaLogonTime_day", $sambaLogonTime_date["mday"]);
421 $smarty->assign("sambaLogonTime_days", $sambaLogonTime_days);
422 $smarty->assign("sambaLogonTime_months", $sambaLogonTime_months);
423 $smarty->assign("sambaLogonTime_month", $sambaLogonTime_date["mon"]-1);
424 $smarty->assign("sambaLogonTime_years", $sambaLogonTime_years);
425 $smarty->assign("sambaLogonTime_year", $sambaLogonTime_date["year"]);
427 $sambaLogoffTime_days= array();
428 for($d= 1; $d<32; $d++){
429 $sambaLogoffTime_days[]= $d;
430 }
431 $sambaLogoffTime_years= array();
432 for($y= $date['year']-4; $y<$date['year']+4; $y++){
433 $sambaLogoffTime_years[]= $y;
434 }
435 $sambaLogoffTime_months= array(_("January"), _("February"), _("March"), _("April"),
436 _("May"), _("June"), _("July"), _("August"), _("September"),
437 _("October"), _("November"), _("December"));
438 $smarty->assign("sambaLogoffTime_day", $sambaLogoffTime_date["mday"]);
439 $smarty->assign("sambaLogoffTime_days", $sambaLogoffTime_days);
440 $smarty->assign("sambaLogoffTime_months", $sambaLogoffTime_months);
441 $smarty->assign("sambaLogoffTime_month", $sambaLogoffTime_date["mon"]-1);
442 $smarty->assign("sambaLogoffTime_years", $sambaLogoffTime_years);
443 $smarty->assign("sambaLogoffTime_year", $sambaLogoffTime_date["year"]);
445 $sambaKickoffTime_days= array();
446 for($d= 1; $d<32; $d++){
447 $sambaKickoffTime_days[]= $d;
448 }
449 $sambaKickoffTime_years= array();
450 for($y= $date['year']-4; $y<$date['year']+4; $y++){
451 $sambaKickoffTime_years[]= $y;
452 }
453 $sambaKickoffTime_months= array(_("January"), _("February"), _("March"), _("April"),
454 _("May"), _("June"), _("July"), _("August"), _("September"),
455 _("October"), _("November"), _("December"));
456 //$smarty->assign("sambaKickoffTime_day", $sambaKickoffTime_date["mday"]-1);
457 $smarty->assign("sambaKickoffTime_day", $sambaKickoffTime_date["mday"]); // hickert
458 $smarty->assign("sambaKickoffTime_days", $sambaKickoffTime_days);
459 $smarty->assign("sambaKickoffTime_months", $sambaKickoffTime_months);
460 $smarty->assign("sambaKickoffTime_month", $sambaKickoffTime_date["mon"]-1);
461 $smarty->assign("sambaKickoffTime_years", $sambaKickoffTime_years);
462 $smarty->assign("sambaKickoffTime_year", $sambaKickoffTime_date["year"]);
464 /* Fill boxes */
465 if ($this->samba3){
466 $domains= array();
467 foreach($this->config->data['SERVERS']['SAMBA'] as $name => $content){
468 $domains[]= $name;
469 }
470 $smarty->assign("domains", $domains);
471 }
472 $letters= array("");
473 for ($i= 68; $i<91; $i++){
474 $letters[]= chr($i).":";
475 }
476 $smarty->assign("drives", $letters);
478 /* Fill terminal server settings */
479 if ($this->samba3){
480 foreach ($this->ctxattributes as $attr){
481 /* Fill common attributes */
482 if (isset($this->mungedObject->ctx[$attr])){
483 $smarty->assign("$attr", $this->mungedObject->ctx[$attr]);
484 // Set field to blank if value is 0
485 if(in_array($attr, array("CtxMaxConnectionTime", "CtxMaxDisconnectionTime", "CtxMaxIdleTime"))) {
486 if($this->mungedObject->ctx[$attr] == 0) {
487 $smarty->assign("$attr", "");
488 }
489 }
490 } else {
491 $smarty->assign("$attr", "");
492 }
493 $smarty->assign("$attr"."ACL", chkacl($this->acl, $attr));
494 }
496 /* Assign enum values for preset items */
497 $shadowModeVals= array( "0" => _("disabled"),
498 "1" => _("input on, notify on"),
499 "2" => _("input on, notify off"),
500 "3" => _("input off, notify on"),
501 "4" => _("input off, nofify off"));
503 $brokenConnModeVals= array( "0" => _("disconnect"),
504 "1" => _("reset"));
506 $reConnModeVals= array( "0" => _("from any client"),
507 "1" => _("from previous client only"));
509 /* Fill preset items */
510 $smarty->assign("shadow", $shadowModeVals);
511 $smarty->assign("brokenconn", $brokenConnModeVals);
512 $smarty->assign("reconn", $reConnModeVals);
514 /* Fill preset items with values */
515 $smarty->assign("shadowmode", $this->mungedObject->getShadow());
516 $smarty->assign("shadowACL", chkacl($this->acl,"shadow"));
517 $smarty->assign("brokenconnmode", $this->mungedObject->getBrokenConn());
518 $smarty->assign("brokenconnACL", chkacl($this->acl,"brokenconn"));
519 $smarty->assign("reconnmode", $this->mungedObject->getReConn());
520 $smarty->assign("reconnACL", chkacl($this->acl,"reconn"));
522 if($_SESSION['js']){
523 /* Set form elements to disabled/enable state */
524 $smarty->assign("tsloginstate", $this->mungedObject->getTsLogin()?"":"disabled");
525 $smarty->assign("inheritstate", $this->mungedObject->getInheritMode()?"disabled":"");
526 }else{
527 $smarty->assign("tsloginstate", "");
528 $smarty->assign("inheritstate", "");
529 }
531 /* Set checkboxes to checked or unchecked state */
532 $smarty->assign("tslogin", $this->mungedObject->getTsLogin()?"checked":"");
533 $smarty->assign("tsloginACL", chkacl($this->acl,"tslogin"));
535 $smarty->assign("inherit", $this->mungedObject->getInheritMode()?"checked":"");
536 $smarty->assign("inheritACL", chkacl($this->acl,"inherit"));
539 $smarty->assign("connectclientdrives",
540 $this->mungedObject->getConnectClientDrives()?"checked":"");
541 $smarty->assign("connectclientdrivesACL", chkacl($this->acl,"connectclientdrives"));
542 $smarty->assign("connectclientprinters",
543 $this->mungedObject->getConnectClientPrinters()?"checked":"");
544 $smarty->assign("connectclientprintersACL", chkacl($this->acl,"connectclientprinters"));
545 $smarty->assign("defaultprinter",
546 $this->mungedObject->getDefaultPrinter()?"checked":"");
547 $smarty->assign("defaultprinterACL", chkacl($this->acl,"defaultprinter"));
548 $smarty->assign("CtxMaxConnectionTimeF",
549 $this->mungedObject->getCtxMaxConnectionTimeF()?"checked":"");
550 $smarty->assign("CtxMaxDisconnectionTimeF",
551 $this->mungedObject->getCtxMaxDisconnectionTimeF()?"checked":"");
552 $smarty->assign("CtxMaxIdleTimeF",
553 $this->mungedObject->getCtxMaxIdleTimeF()?"checked":"");
555 /* Fill sambaUserWorkstations */
556 $ws= split(",", $this->sambaUserWorkstations);
557 sort($ws);
559 /* Tidy checks for empty option, and smarty will produce one if array[0]="" */
560 if(($ws[0]=="")&&(count($ws)==1)) $ws=array();
563 $smarty->assign("workstations", $ws);
564 $smarty->assign("sambaUserWorkstationACL", chkacl($this->acl,"sambaUserWorkstation"));
565 }
567 /* Variables */
568 foreach($this->attributes as $val){
569 $smarty->assign("$val", $this->$val);
570 $smarty->assign("$val"."ACL", chkacl($this->acl,$val));
571 }
574 /* 'sambaAcctFlags' checkboxes */
575 /* Check for 'lock-account'-flag: 'D' or 'L' */
576 if (is_integer(strpos($this->sambaAcctFlags, "D")) ||
577 is_integer(strpos($this->sambaAcctFlags, "L"))) {
578 $smarty->assign("flagsD", "checked");
579 } else {
580 $smarty->assign("flagsD", "");
581 }
583 /* Check for no_password_required flag 'N' */
584 if (is_integer(strpos($this->sambaAcctFlags, "N"))) {
585 $smarty->assign("flagsN", "checked");
586 } else {
587 $smarty->assign("flagsN", "");
588 }
590 /* 'normal' Checkboxes */
591 if($this->samba3){
592 if ($this->sambaPwdCanChange=="1"){
593 $smarty->assign("flagsP", "checked");
594 } else {
595 $smarty->assign("flagsP", "");
596 }
597 }else{
598 if ($this->pwdCanChange=="1"){
599 $smarty->assign("flagsP", "checked");
600 } else {
601 $smarty->assign("flagsP", "");
602 }
603 }
604 if ($this->password_expires=="1"){
605 $smarty->assign("flagsC", "checked");
606 } else {
607 $smarty->assign("flagsC", "");
608 }
609 if ($this->logon_time_set=="1"){
610 $smarty->assign("flagsT", "checked");
611 } else {
612 $smarty->assign("flagsT", "");
613 }
614 if ($this->logoff_time_set=="1"){
615 $smarty->assign("flagsO", "checked");
616 } else {
617 $smarty->assign("flagsO", "");
618 }
619 if ($this->kickoff_time_set=="1"){
620 $smarty->assign("flagsK", "checked");
621 } else {
622 $smarty->assign("flagsK", "");
623 }
625 $smarty->assign("allow_pwchangeACL", chkacl($this->acl, "allow_pwchange"));
626 $smarty->assign("password_expiresACL", chkacl($this->acl, "password_expires"));
627 $smarty->assign("no_password_requiredACL", chkacl($this->acl, "no_password_required"));
628 $smarty->assign("temporary_disableACL", chkacl($this->acl, "temporary_disable"));
629 $smarty->assign("sambaDomainNameACL", chkacl($this->acl, "sambaDomainName"));
630 $smarty->assign("logon_time_setACL", chkacl($this->acl, "logon_time_set"));
631 $smarty->assign("logoff_time_setACL", chkacl($this->acl, "logoff_time_set"));
632 $smarty->assign("kickoff_time_setACL", chkacl($this->acl, "kickoff_time_set"));
633 $smarty->assign("sambaLogonTimeACL", chkacl($this->acl, "sambaLogonTime"));
634 $smarty->assign("sambaLogoffTimeACL", chkacl($this->acl, "sambaLogoffTime"));
635 $smarty->assign("sambaKickoffTimeACL", chkacl($this->acl, "sambaKickoffTime"));
637 $smarty->assign("sambaLogonHoursACL", chkacl($this->acl, "sambaLogonHours"));
639 /* In case of javascript, disable some fields on demand */
640 if ($this->samba3){
641 foreach($this->mungedObject->getOnDemandFlags() as $key => $value) {
642 $smarty->assign("$key", "$value");
643 }
644 }
646 /* Create additional info for sambaKickOffTime and sambaPwdMustChange.
647 e.g. Display effective kickoff time. Domain policy + user settings.
648 */
649 $additional_info_PwdMustChange = "";
651 /* Calculate effective max Password Age
652 This can only be calculated if sambaPwdLastSet ist set.
653 */
654 if(isset($this->attrs['sambaPwdLastSet'][0])){
655 $last = $this->attrs['sambaPwdLastSet'][0];
657 $sid = $this->get_domain_info();
658 if(isset($sid['sambaMaxPwdAge'][0])){
659 $d = ($last + $sid['sambaMaxPwdAge'][0]) - time();
661 /* A negative value means the password is outdated
662 */
663 if($d < 0){
664 $additional_info_PwdMustChange = sprintf(_("The password is outdated since %s, by domain policy."),
665 date("d.m.Y H:i:s",$last + $sid['sambaMaxPwdAge'][0]));
666 }else{
667 if($this->password_expires && ($last + $sid['sambaMaxPwdAge'][0]) > $this->sambaPwdMustChange){
668 $additional_info_PwdMustChange = sprintf(_("The password is valid till %s, by user policy."),
669 date("d.m.Y H:i:s", $this->sambaPwdMustChange));
670 }else{
671 $additional_info_PwdMustChange = sprintf(_("The password is valid till %s, by domain policy."),
672 date("d.m.Y H:i:s", ($last + $sid['sambaMaxPwdAge'][0])));
673 }
674 }
675 }
676 }
677 $smarty->assign("additional_info_PwdMustChange",$additional_info_PwdMustChange);
678 $smarty->assign("samba_information","");
679 $smarty->assign("display_information",$this->display_information);
680 if($this->display_information){
681 $smarty->assign("samba_information",$this->get_samba_information());
682 }
684 /* Show main page */
685 if ($this->samba3){
686 $display.= $smarty->fetch (get_template_path('samba3.tpl', TRUE, dirname(__FILE__)));
687 } else {
688 $display.= $smarty->fetch (get_template_path('samba2.tpl', TRUE, dirname(__FILE__)));
689 }
691 return ($display);
692 }
694 function remove_from_parent()
695 {
696 /* Cancel if there's nothing to do here */
697 if (!$this->initially_was_account){
698 return;
699 }
701 /* include global link_info */
702 $ldap= $this->config->get_ldap_link();
704 plugin::remove_from_parent();
706 /* Keep uid attribute for gosaAccount */
707 unset($this->attrs['uid']);
708 unset($this->attrs['uidNumber']);
709 unset($this->attrs['gidNumber']);
711 /* Remove objectClass for sambaIdmapEntry */
712 $tmp= array();
713 for ($i= 0; $i<count($this->attrs["objectClass"]); $i++){
714 if ($this->attrs['objectClass'][$i] != 'sambaIdmapEntry'){
715 $tmp[]= $this->attrs['objectClass'][$i];
716 }
717 }
718 $this->attrs['objectClass']= $tmp;
720 @DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__,
721 $this->attributes, "Save");
722 $ldap->cd($this->dn);
723 $this->cleanup();
724 $ldap->modify ($this->attrs);
726 show_ldap_error($ldap->get_error(), _("Removing Samba account failed"));
728 /* Optionally execute a command after we're done */
729 $this->handle_post_events("remove",array("uid"=>$this->uid));
730 }
733 /* Check for input problems */
734 function check()
735 {
736 /* Call common method to give check the hook */
737 $message= plugin::check();
739 if ($this->samba3){
741 /* sambaHomePath requires sambaHomeDrive and vice versa */
742 if(!empty($this->sambaHomePath) && empty($this->sambaHomeDrive)){
743 $message[]= sprintf(_("Please select a value for 'Home drive'."));
744 }
745 if(!empty($this->sambaHomeDrive) && empty($this->sambaHomePath)){
746 $message[]= sprintf(_("Please specify a value for 'Home path'."));
747 }
749 /* Strings */
750 foreach (array( "sambaHomePath" => _("Home directory"),
751 "sambaProfilePath" => _("Profile path")) as $key => $val){
752 if (!$this->mungedObject->is_samba_path($this->$key)){
753 $message[]= sprintf(_("The value specified as '%s' contains invalid characters!"), $val);
754 }
755 }
757 /* Numeric values */
758 foreach (array( "CtxMaxConnectionTime" => _("Connection"),
759 "CtxMaxDisconnectionTime" => _("Disconnection"),
760 "CtxMaxIdleTime" => _("IDLE")) as $key => $val){
762 if (isset($this->mungedObject->ctx[$key]) && !is_id($this->mungedObject->ctx[$key]) && $val != 0){
763 $message[]= sprintf(_("The timeout property '%s' is checked and contains invalid or no characters!"), $val);
764 }
765 }
767 /* Too many workstations? Windows usrmgr only supports eight */
768 if (substr_count($this->sambaUserWorkstations, ",") >= 8){
769 $message[]= _("The windows user manager only allows eight clients. You've specified more than eight.");
770 }
771 }
773 return ($message);
774 }
777 /* Force password set, if this account doesn't have any samba passwords */
778 function password_change_needed()
779 {
780 if(!$this->initially_was_account && $this->is_account){
781 $ldap = $this->config->get_ldap_link();
782 $ldap->cat($this->dn,array("sambaLMPassword","sambaNTPassword"));
783 $attrs = $ldap->fetch();
784 if(!isset($attrs['sambaLMPassword']) || !isset($attrs['sambaNTPassword'])){
785 return(TRUE);
786 }
787 }
788 return(FALSE);
789 }
792 /* Save data to object */
793 function save_object()
794 {
795 /* We only care if we are on the sambaTab... */
796 if (isset($_POST['sambaTab'])){
797 plugin::save_object();
799 if(isset($_POST['display_information'])){
800 $this->display_information = !$this->display_information;
801 }
803 /* Take care about access options */
804 if (chkacl ($this->acl, "acctFlags") == ""){
805 if ($this->samba3){
806 $attrname= "sambaPwdCanChange";
807 } else {
808 $attrname= "pwdCanChange";
809 }
810 if (isset($_POST["allow_pwchange"]) && $_POST["allow_pwchange"] == 1){
811 $tmp= 1;
812 } else {
813 $tmp= 0;
814 }
815 if ($this->$attrname != $tmp){
816 $this->is_modified= TRUE;
817 }
818 $this->pwdCanChange= $tmp;
819 $this->sambaPwdCanChange= $tmp;
820 }
821 $tmp= "UX";
822 if (isset($_POST["no_password_required"])){
823 if ($_POST["no_password_required"] == 1){
824 $tmp.= "N";
825 }
826 }
828 if(chkacl($this->acl,"sambaPwdMustChange") == ""){
829 if (isset($_POST["password_expires"])){
830 if ($_POST["password_expires"] == 1){
831 $this->password_expires= 1;
832 }
833 } else {
834 $this->password_expires= 0;
835 }
836 }
838 if (isset($_POST["temporary_disable"])){
839 if ($_POST["temporary_disable"] == 1){
840 if (is_integer(strpos($this->sambaAcctFlags, "L"))) {
841 $tmp.= "L";
842 } else {
843 $tmp.= "D";
844 }
845 }
846 }
848 if(chkacl($this->acl,"sambaLogonTime") ==""){
849 if (isset($_POST["logon_time_set"])){
850 if ($_POST["logon_time_set"] == 1){
851 $this->logon_time_set= 1;
852 }
853 } else {
854 $this->logon_time_set= 0;
855 }
856 }
858 if(chkacl($this->acl,"sambaLogoffTime") == ""){
859 if (isset($_POST["logoff_time_set"])){
860 if ($_POST["logoff_time_set"] == 1){
861 $this->logoff_time_set= 1;
862 }
863 } else {
864 $this->logoff_time_set= 0;
865 }
866 }
868 if(chkacl($this->acl,"sambaKickoffTime") == ""){
869 if (isset($_POST["kickoff_time_set"])){
870 if ($_POST["kickoff_time_set"] == 1){
871 $this->kickoff_time_set= 1;
872 }
873 } else {
874 $this->kickoff_time_set= 0;
875 }
876 }
878 $fill= "";
879 for ($i= strlen($tmp); $i<12; $i++){
880 $fill.= " ";
881 }
883 $tmp= "[$tmp$fill]";
885 /* Only save if acl's are set */
886 if (chkacl ($this->acl, "acctFlags") == ""){
887 if ($this->samba3){
888 $attrname= "sambaAcctFlags";
889 } else {
890 $attrname= "acctFlags";
891 }
892 if ($this->$attrname != $tmp){
893 $this->is_modified= TRUE;
894 }
895 $this->$attrname= $tmp;
896 }
898 /* Save sambaDomain attribute */
899 if (chkacl ($this->acl, "sambaDomainName") == "" && $this->samba3 &&
900 isset ($_POST['sambaDomainName'])){
902 $this->sambaDomainName= validate($_POST['sambaDomainName']);
903 }
905 /* Save CTX values */
906 if ($this->samba3){
907 /* Save obvious values */
908 foreach($this->ctxattributes as $val){
909 if (isset($_POST[$val]) && chkacl($this->acl, "$val") == ""){
910 if (get_magic_quotes_gpc()) {
911 $this->mungedObject->ctx[$val]= stripcslashes(validate($_POST[$val]));
912 } else {
913 $this->mungedObject->ctx[$val]= validate($_POST[$val]);
914 }
915 }
916 }
918 /* Save checkbox states. */
919 if (chkacl($this->acl, "tslogin") == ""){
920 $this->mungedObject->setTsLogin(!isset($_POST['tslogin']));
921 }
922 // Need to do some index checking to avoid messages like "index ... not found"
923 if(isset($_POST['brokenconn'])) {
924 if (chkacl($this->acl, "brokenconn") == ""){
925 $this->mungedObject->setBrokenConn($_POST['brokenconn'] == '1');
926 }
927 }
928 if(isset($_POST['reconn'])) {
929 if (chkacl($this->acl, "reconn") == ""){
930 $this->mungedObject->setReConn($_POST['reconn'] == '1');
931 }
932 }
933 if (chkacl($this->acl, "inherit") == "") {
934 $this->mungedObject->setInheritMode(isset($_POST['inherit']));
935 }
936 if (chkacl($this->acl, "CtxMaxConnectionTime") == "") {
937 $this->mungedObject->setCtxMaxConnectionTimeF(!isset($_POST['CtxMaxConnectionTimeF']));
938 }
939 if (chkacl($this->acl, "CtxMaxDisconnectionTime") == ""){
940 $this->mungedObject->setCtxMaxDisconnectionTimeF(
941 !isset($_POST['CtxMaxDisconnectionTimeF']));
942 }
943 if (chkacl($this->acl, "CtxMaxIdleTime") == ""){
944 $this->mungedObject->setCtxMaxIdleTimeF(!isset($_POST['CtxMaxIdleTimeF']));
945 }
946 if (chkacl($this->acl, "connectclientdrives") == ""){
947 $this->mungedObject->setConnectClientDrives(isset($_POST['connectclientdrives']));
948 }
949 if (chkacl($this->acl, "connectclientprinters") == ""){
950 $this->mungedObject->setConnectClientPrinters(isset($_POST['connectclientprinters']));
951 }
952 if (chkacl($this->acl, "defaultprinter") == ""){
953 $this->mungedObject->setDefaultPrinter(isset($_POST['defaultprinter']));
954 }
956 /* Save combo boxes. Takes two values */
957 if(isset($_POST['reconn'])) {
958 $this->mungedObject->setShadow((isset($_POST['shadow'])
959 && chkacl($this->acl, "shadow") == ""), $_POST['shadow']);
960 }
962 /* Check for changes */
963 if ($this->sambaMungedDial != $this->mungedObject->getMunged()){
964 $this->is_modified= TRUE;
965 }
966 }
967 }
968 }
971 /* Save to LDAP */
972 function save()
973 {
974 /* Load uid and gid of this 'dn' */
975 $ldap= $this->config->get_ldap_link();
976 $ldap->cat($this->dn, array('uidNumber', 'gidNumber'));
977 $tmp= $ldap->fetch();
978 $this->uidNumber= $tmp['uidNumber'][0];
979 $this->gidNumber= $tmp['gidNumber'][0];
981 plugin::save();
983 /* Remove objectClass for sambaIdmapEntry */
984 $tmp= array();
985 for ($i= 0; $i<count($this->attrs["objectClass"]); $i++){
986 if ($this->attrs['objectClass'][$i] != 'sambaIdmapEntry'){
987 $tmp[]= $this->attrs['objectClass'][$i];
988 }
989 }
990 $this->attrs['objectClass']= $tmp;
992 /* Generate rid / primaryGroupId */
993 if ($this->samba3){
994 if (!isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'])){
995 print_red (_("Warning: This account has an undefined samba SID assigned. The problem can not be fixed by GOsa!"));
996 } else {
997 $this->SID= $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'];
998 $this->ridBase= $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'];
999 }
1001 /* Need to generate a new uniqe uid/gid combination? */
1002 if ($this->sambaSID == "" || $this->orig_sambaDomainName != $this->sambaDomainName){
1003 $uidNumber= $this->uidNumber;
1004 while(TRUE){
1005 $sid= $this->SID."-".($uidNumber*2 + $this->ridBase);
1006 $ldap->cd($this->config->current['BASE']);
1007 $ldap->search("(sambaSID=$sid)", array("sambaSID"));
1008 if ($ldap->count() == 0){
1009 break;
1010 }
1011 $uidNumber++;
1012 }
1013 $this->attrs['sambaSID']= $sid;
1015 /* Check for users primary group */
1016 $ldap->cd($this->config->current['BASE']);
1017 $ldap->search("(&(objectClass=posixGroup)(gidNumber=".$this->gidNumber."))", array("cn"));
1018 if ($ldap->count() != 1){
1019 print_red(_("Warning: Can't identify users primary group - no conversion to a samba group possible!"));
1020 } else {
1021 $attrs= $ldap->fetch();
1022 $g= new group($this->config, $ldap->getDN());
1023 if ($g->sambaSID == ""){
1024 $g->sambaDomainName= $this->sambaDomainName;
1025 $g->smbgroup= TRUE;
1026 $g->save ();
1027 }
1028 $this->attrs['sambaPrimaryGroupSID']= $g->sambaSID;
1029 }
1030 }
1032 if ($this->sambaHomeDrive == ""){
1033 $this->attrs["sambaHomeDrive"]= array();
1034 }
1036 /* Generate munged dial value */
1037 $this->attrs["sambaMungedDial"]= $this->mungedObject->getMunged();
1039 /* User wants me to fake the idMappings? This is useful for
1040 making winbind resolve the user names in a reasonable amount
1041 of time in combination with larger databases. */
1042 if (isset($this->config->current['SAMBAIDMAPPING']) &&
1043 preg_match('/true/i', $this->config->current['SAMBAIDMAPPING'])){
1044 $this->attrs['objectClass'][]= "sambaIdmapEntry";
1045 }
1048 /* Password expiery */
1049 if ($this->password_expires == "1"){
1050 $this->attrs['sambaPwdMustChange']= $this->sambaPwdMustChange;
1051 } else {
1052 $this->attrs['sambaPwdMustChange']= array();
1053 }
1054 /* Make sure not to save zero in sambaPwdLastset */
1055 if ($this->sambaPwdLastSet != "0"){
1056 $this->attrs['sambaPwdLastSet']= $this->sambaPwdLastSet;
1057 } else {
1058 $this->attrs['sambaPwdLastSet']= array();
1059 }
1060 /* Account expiery */
1061 if ($this->logon_time_set == "1"){
1062 $this->attrs['sambaLogonTime']= $this->sambaLogonTime;
1063 } else {
1064 $this->attrs['sambaLogonTime']= array();
1065 }
1066 if ($this->logoff_time_set == "1"){
1067 $this->attrs['sambaLogoffTime']= $this->sambaLogoffTime;
1068 } else {
1069 $this->attrs['sambaLogoffTime']= array();
1070 }
1071 if ($this->kickoff_time_set == "1"){
1072 # Add one day in unixtime format to be compatible with usrmgr
1073 //$this->attrs['sambaKickoffTime']= $this->sambaKickoffTime + 86400;
1074 $this->attrs['sambaKickoffTime']= $this->sambaKickoffTime; //hickert
1075 } else {
1076 $this->attrs['sambaKickoffTime']= array();
1077 }
1078 } else {
1079 /* Not samba3 */
1080 $this->attrs['rid']= $this->uidNumber*2 + 1000;
1081 $this->attrs['primaryGroupID']= $this->gidNumber*2 +1001;
1083 if ($this->homeDrive == ""){
1084 $this->attrs["homeDrive"]= array();
1085 }
1087 /* Password expiery */
1088 if ($this->password_expires == "1"){
1089 $this->attrs['pwdMustChange']= $this->pwdMustChange;
1090 } else {
1091 $this->attrs['pwdMustChange']= 2147483647;
1092 }
1093 /* Make sure not to save zero in pwdLastset */
1094 if ($this->pwdLastSet != "0"){
1095 $this->attrs['pwdLastSet']= $this->pwdLastSet;
1096 } else {
1097 $this->attrs['pwdLastSet']= array();
1098 }
1099 /* Account expiery */
1100 if ($this->logon_time_set == "1"){
1101 $this->attrs['logonTime']= $this->logonTime;
1102 } else {
1103 $this->attrs['logonTime']= array();
1104 }
1105 if ($this->logoff_time_set == "1"){
1106 $this->attrs['logoffTime']= $this->logoffTime;
1107 } else {
1108 $this->attrs['logoffTime']= array();
1109 }
1110 if ($this->kickoff_time_set == "1"){
1111 # Add one day in unixtime format to be compatible with usrmgr
1112 $this->attrs['kickoffTime']= $this->kickoffTime + 86400;
1113 } else {
1114 $this->attrs['kickoffTime']= array();
1115 }
1116 }
1118 /* Write back to ldap */
1119 $ldap->cd($this->dn);
1120 $this->cleanup();
1121 $ldap->modify ($this->attrs);
1123 show_ldap_error($ldap->get_error(), _("Saving Samba account failed"));
1125 /* Optionally execute a command after we're done */
1126 if ($this->initially_was_account == $this->is_account){
1127 if ($this->is_modified){
1128 $this->handle_post_events("modify",array("uid" => $this->uid));
1129 }
1130 } else {
1131 $this->handle_post_events("add",array("uid" => $this->uid));
1132 }
1134 }
1136 function adapt_from_template($dn)
1137 {
1138 plugin::adapt_from_template($dn);
1139 $this->sambaSID= "";
1140 $this->sambaPrimaryGroupSID= "";
1142 /* Fill mungedDial field */
1143 if ($this->samba3 && isset($this->attrs['sambaMungedDial'])){
1144 $this->mungedObject->load($this->sambaMungedDial);
1145 }
1147 /* Password expiery */
1148 if(isset($this->attrs['sambaPwdMustChange']) &&
1149 $this->attrs['sambaPwdMustChange'][0] != 0){
1150 $this->password_expires= 1;
1151 }
1153 if(isset($this->attrs['sambaLogonTime']) && ! (
1154 $this->attrs['sambaLogonTime'][0] == 0 ||
1155 $this->attrs['sambaLogonTime'][0] == 2147483647
1156 )){
1157 $this->logon_time_set= 1;
1158 }
1159 if(isset($this->attrs['sambaLogoffTime']) && ! (
1160 $this->attrs['sambaLogoffTime'][0] == 0 ||
1161 $this->attrs['sambaLogoffTime'][0] == 2147483647
1162 )){
1163 $this->logoff_time_set= 1;
1164 }
1166 /* Account expiery */
1167 if(isset($this->attrs['sambaKickoffTime']) && ! (
1168 $this->attrs['sambaKickoffTime'][0] == 0 ||
1169 $this->attrs['sambaKickoffTime'][0] == 2147483647
1170 )){
1171 $this->kickoff_time_set= 1;
1172 }
1174 /* Get global filter config */
1175 if (!is_global("sambafilter")){
1176 $ui= get_userinfo();
1177 $base= get_base_from_people($ui->dn);
1178 $sambafilter= array( "depselect" => $base, "regex" => "*");
1179 register_global("sambafilter", $sambafilter);
1180 }
1181 }
1184 /*! \brief Returns the samba Domain object, selected in the samba tab.
1185 */
1186 function get_domain_info()
1187 {
1188 /* Only search once, return last result if available
1189 */
1190 if(!isset($this->cache['DOMAIN'][$this->sambaDomainName])){
1191 $this->cache['DOMAIN'][$this->sambaDomainName] = array();
1192 if(!empty($this->sambaDomainName) && isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName])){
1193 $cfg = $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName];
1194 $ldap = $this->config->get_ldap_link();
1195 $ldap->cd($this->config->current['BASE']);
1196 $ldap->search("(&(objectClass=sambaDomain)(sambaSID=".$cfg['SID']."))",array("*"));
1197 if($ldap->count()){
1198 $this->cache['DOMAIN'][$this->sambaDomainName] = $ldap->fetch();
1199 }
1200 }
1201 }
1202 return($this->cache['DOMAIN'][$this->sambaDomainName]);
1203 }
1207 function get_samba_information()
1208 {
1210 /* Defaults
1211 */
1212 $sambaMinPwdLength = "unset";
1213 $sambaPwdHistoryLength = "unset";
1214 $sambaLogonToChgPwd = "unset";
1215 $sambaMaxPwdAge = "unset";
1216 $sambaMinPwdAge = "unset";
1217 $sambaLockoutDuration = "unset";
1218 $sambaLockoutThreshold = "unset";
1219 $sambaForceLogoff = "unset";
1220 $sambaRefuseMachinePwdChange = "unset";
1221 $sambaPwdLastSet = "unset";
1222 $sambaLogonTime = "unset";
1223 $sambaLogoffTime = "unset";
1225 $sambaKickoffTime = "unset";
1226 $sambaPwdCanChange = "unset";
1227 $sambaPwdMustChange = "unset";
1228 $sambaBadPasswordCount = "unset";
1229 $sambaBadPasswordTime = "unset";
1231 /* Domain attributes
1232 */
1233 $domain_attributes = array("sambaMinPwdLength","sambaPwdHistoryLength","sambaMaxPwdAge",
1234 "sambaMinPwdAge","sambaLockoutDuration","sambaRefuseMachinePwdChange",
1235 "sambaLogonToChgPwd","sambaLockoutThreshold","sambaForceLogoff");
1237 /* User attributes
1238 */
1239 $user_attributes = array("sambaBadPasswordTime","sambaPwdLastSet","sambaLogonTime","sambaLogoffTime",
1240 "sambaKickoffTime","sambaPwdCanChange","sambaPwdMustChange","sambaBadPasswordCount");
1242 /* Get samba SID object and parse settings.
1243 */
1244 $ldap = $this->config->get_ldap_link();
1245 $ldap->cd($this->config->current['BASE']);
1246 if(!empty($this->sambaDomainName) && isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName])){
1247 $attrs = $this->get_domain_info();
1248 foreach($domain_attributes as $attr){
1249 if(isset($attrs[$attr])){
1250 $$attr = $attrs[$attr][0];
1251 }
1252 }
1253 }
1254 /* Get user infos
1255 */
1256 foreach($user_attributes as $attr){
1257 if(isset($this->attrs[$attr])){
1258 $$attr = $this->attrs[$attr][0];
1259 }
1260 }
1261 if($this->password_expires){
1262 $sambaPwdMustChange = $this->sambaPwdMustChange;
1263 }
1264 if($this->kickoff_time_set){
1265 $sambaKickoffTime = $this->sambaKickoffTime;
1266 }
1267 $sambaPwdCanChange = $this->sambaPwdCanChange;
1270 /* DOMAIN Attributes
1271 */
1273 /* sambaMinPwdLength: Password length has a default of 5
1274 */
1275 if($sambaMinPwdLength == "unset" || $sambaMinPwdLength == 5){
1276 $sambaMinPwdLength = "5 <i>("._("default").")</i>";
1277 }
1279 /* sambaPwdHistoryLength: Length of Password History Entries (default: 0 => off)
1280 */
1281 if($sambaPwdHistoryLength == "unset" || $sambaPwdHistoryLength == 0){
1282 $sambaPwdHistoryLength = _("Off")." <i>("._("default").")</i>";
1283 }
1285 /* sambaLogonToChgPwd: Force Users to logon for password change (default: 0 => off, 2 => on)
1286 */
1287 if($sambaLogonToChgPwd == "unset" || $sambaLogonToChgPwd == 0){
1288 $sambaLogonToChgPwd = _("Off")." <i>("._("default").")</i>";
1289 }else{
1290 $sambaLogonToChgPwd = _("On");
1291 }
1293 /* sambaMaxPwdAge: Maximum password age, in seconds (default: -1 => never expire passwords)'
1294 */
1295 if($sambaMaxPwdAge == "unset" || $sambaMaxPwdAge == "-1"){
1296 $sambaMaxPwdAge = _("disabled")." <i>("._("default").")</i>";
1297 }else{
1298 $sambaMaxPwdAge .= " "._("seconds");
1299 }
1300 /* sambaMinPwdAge: Minimum password age, in seconds (default: 0 => allow immediate password change
1301 */
1302 if($sambaMinPwdAge == "unset" || $sambaMinPwdAge == 0){
1303 $sambaMinPwdAge = _("disabled")." <i>("._("default").")</i>";
1304 }else{
1305 $sambaMinPwdAge .= " "._("seconds");
1306 }
1308 /* sambaLockoutDuration: Lockout duration in minutes (default: 30, -1 => forever)
1309 */
1310 if($sambaLockoutDuration == "unset" || $sambaLockoutDuration == 30){
1311 $sambaLockoutDuration = "30 "._("minutes")." <i>("._("default").")</i>";
1312 }elseif($sambaLockoutDuration == -1){
1313 $sambaLockoutDuration = _("forever");
1314 }else{
1315 $sambaLockoutDuration .= " "._("minutes");
1316 }
1318 /* sambaLockoutThreshold: Lockout users after bad logon attempts (default: 0 => off
1319 */
1320 if($sambaLockoutThreshold == "unset" || $sambaLockoutThreshold == 0){
1321 $sambaLockoutThreshold = _("disabled")." <i>("._("default").")</i>";
1322 }
1324 /* sambaForceLogoff: Disconnect Users outside logon hours (default: -1 => off, 0 => on
1325 */
1326 if($sambaForceLogoff == "unset" || $sambaForceLogoff == -1){
1327 $sambaForceLogoff = _("off")." <i>("._("default").")</i>";
1328 }else{
1329 $sambaForceLogoff = _("on");
1330 }
1332 /* sambaRefuseMachinePwdChange: Allow Machine Password changes (default: 0 => off
1333 */
1334 if($sambaRefuseMachinePwdChange == "none" || $sambaRefuseMachinePwdChange == 0){
1335 $sambaRefuseMachinePwdChange = _("off")." <i>("._("default").")</i>";
1336 }else{
1337 $sambaRefuseMachinePwdChange = _("on");
1338 }
1340 /* USER Attributes
1341 */
1342 /* sambaBadPasswordTime: Time of the last bad password attempt
1343 */
1344 if($sambaBadPasswordTime == "unset" || empty($sambaBadPasswordTime)){
1345 $sambaBadPasswordTime = "<i>("._("unset").")</i>";
1346 }else{
1347 $sambaBadPasswordTime = date("d.m.Y H:i:s",$sambaBadPasswordTime);
1348 }
1350 /* sambaBadPasswordCount: Bad password attempt count
1351 */
1352 if($sambaBadPasswordCount == "unset" || empty($sambaBadPasswordCount)){
1353 $sambaBadPasswordCount = "<i>("._("unset").")</i>";
1354 }else{
1355 $sambaBadPasswordCount = date("d.m.Y H:i:s",$sambaBadPasswordCount);
1356 }
1358 /* sambaPwdLastSet: Timestamp of the last password update
1359 */
1360 if($sambaPwdLastSet == "unset" || empty($sambaPwdLastSet)){
1361 $sambaPwdLastSet = "<i>("._("unset").")</i>";
1362 }else{
1363 $sambaPwdLastSet = date("d.m.Y H:i:s",$sambaPwdLastSet);
1364 }
1366 /* sambaLogonTime: Timestamp of last logon
1367 */
1368 if($sambaLogonTime == "unset" || empty($sambaLogonTime)){
1369 $sambaLogonTime = "<i>("._("unset").")</i>";
1370 }else{
1371 $sambaLogonTime = date("d.m.Y H:i:s",$sambaLogonTime);
1372 }
1374 /* sambaLogoffTime: Timestamp of last logoff
1375 */
1376 if($sambaLogoffTime == "unset" || empty($sambaLogoffTime)){
1377 $sambaLogoffTime = "<i>("._("unset").")</i>";
1378 }else{
1379 $sambaLogoffTime = date("d.m.Y H:i:s",$sambaLogoffTime);
1380 }
1382 /* sambaKickoffTime: Timestamp of when the user will be logged off automatically
1383 */
1384 if($sambaKickoffTime == "unset" || empty($sambaKickoffTime)){
1385 $sambaKickoffTime = "<i>("._("unset").")</i>";
1386 }else{
1387 $sambaKickoffTime = date("d.m.Y H:i:s",$sambaKickoffTime);
1388 }
1390 /* sambaPwdMustChange: Timestamp of when the password will expire
1391 */
1392 if($sambaPwdMustChange == "unset" || empty($sambaPwdMustChange)){
1393 $sambaPwdMustChange = "<i>("._("unset").")</i>";
1394 }else{
1395 $sambaPwdMustChange = date("d.m.Y H:i:s",$sambaPwdMustChange);
1396 }
1399 /* sambaPwdCanChange: Timestamp of when the user is allowed to update the password
1400 */
1401 if($sambaPwdCanChange == "unset" || empty($sambaPwdCanChange)){
1402 $sambaPwdCanChange = "<i>("._("unset").")</i>";
1403 }elseif($sambaPwdCanChange != "unset" && time() > $sambaPwdCanChange){
1404 $sambaPwdCanChange = _("immediately") ;
1405 }else{
1406 $days = floor((($sambaPwdCanChange - time()) / 60 / 60 / 24)) ;
1407 $hours = floor((($sambaPwdCanChange - time()) / 60 / 60) % 24) ;
1408 $minutes = floor((($sambaPwdCanChange - time()) / 60 ) % 60) ;
1410 $sambaPwdCanChange = " ".$days." "._("days");
1411 $sambaPwdCanChange.= " ".$hours." "._("hours");
1412 $sambaPwdCanChange.= " ".$minutes." "._("minutes");
1413 }
1415 $str =
1416 "\n<table style='width:100%;'><tr><td style='width:50%; border-right: solid 1px #B0B0B0;'>".
1417 "\n<table>".
1418 "\n<tr><td><b>"._("Domain attributes")."</b></td></tr>".
1419 "\n<tr><td>"._("Min password length").": </td><td>".$sambaMinPwdLength."</td></tr>".
1420 "\n<tr><td>"._("Min password length").": </td><td>".$sambaMinPwdLength."</td></tr>".
1421 "\n<tr><td>"._("Password history").": </td><td>".$sambaPwdHistoryLength."</td></tr>".
1422 "\n<tr><td>"._("Force password change").": </td><td>".$sambaLogonToChgPwd."</td></tr>".
1423 "\n<tr><td>"._("Maximum password age").": </td><td>".$sambaMaxPwdAge."</td></tr>".
1424 "\n<tr><td>"._("Minimum password age").": </td><td>".$sambaMinPwdAge."</td></tr>".
1425 "\n<tr><td>"._("Lockout duration").": </td><td>".$sambaLockoutDuration."</td></tr>".
1426 "\n<tr><td>"._("Bad lockout attempt").": </td><td>".$sambaLockoutThreshold."</td></tr>".
1427 "\n<tr><td>"._("Disconnect time").": </td><td>".$sambaForceLogoff."</td></tr>".
1428 "\n<tr><td>"._("Refuse machine password change").":</td><td>".$sambaRefuseMachinePwdChange."</td></tr>".
1429 "\n</table></td><td style='vertical-align: top;'><table>".
1430 "\n<tr><td><b>"._("User attributes")."</b></td></tr>".
1431 "\n<tr><td>"._("Last failed login").": </td><td>".$sambaBadPasswordTime."</td></tr>".
1432 "\n<tr><td>"._("Logon attempts").": </td><td>".$sambaBadPasswordCount."</td></tr>".
1433 "\n<tr><td>"._("Last password update").": </td><td>".$sambaPwdLastSet."</td></tr>".
1434 "\n<tr><td>"._("Last logon").": </td><td>".$sambaLogonTime."</td></tr>".
1435 "\n<tr><td>"._("Last logoff").": </td><td>".$sambaLogoffTime."</td></tr>".
1436 "\n<tr><td>"._("Automatic logoff").": </td><td>".$sambaKickoffTime."</td></tr>".
1437 "\n<tr><td>"._("Password expires").": </td><td>".$sambaPwdMustChange."</td></tr>".
1438 "\n<tr><td>"._("Password change available").": </td><td>".$sambaPwdCanChange."</td></tr>".
1439 "\n</table></td></tr></table>";
1440 return($str);
1441 }
1444 function PrepareForCopyPaste($source)
1445 {
1446 plugin::PrepareForCopyPaste($source);
1448 /* Set a new SID */
1449 $this->sambaSID = "";
1450 }
1451 }
1452 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1453 ?>