1 <?php
3 /*
4 This code is part of GOsa (https://gosa.gonicus.de)
5 Copyright (C) 2007 Fabian Hickert
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
24 /****************
25 * FUNCTIONS
27 Step_Migrate - Constructor.
28 update_strings - Used to update the displayed step informations.
29 initialize_checks - Initialize migration steps.
30 check_ldap_permissions - Check if the used admin account has full access to the ldap database.
31 check_gosaAccounts - Check if there are users without the required objectClasses.
32 migrate_gosaAccounts - Migrate selected users to GOsa user accounts.
33 check_organizationalUnits - Check if there are departments, that are not visible for GOsa
34 migrate_organizationalUnits - Migrate selected departments
35 check_administrativeAccount - Check if there is at least one acl entry available
36 checkBase - Check if there is a root object available
38 get_user_list - Get list of available users
39 get_group_list - Get list of groups
41 create_admin
42 create_admin_user
44 execute - Generate html output of this plugin
45 save_object - Save posts
46 array_to_ldif - Create ldif output of an ldap result array
48 ****************/
52 class Step_Migrate extends setup_step
53 {
54 var $languages = array();
55 var $attributes = array();
56 var $header_image = "images/monitoring.png";
57 var $checks = array();
59 /* Department migration attributes */
60 var $dep_migration_dialog = FALSE;
61 var $deps_to_migrate = array();
62 var $show_details = FALSE;
64 /* Department migration attributes */
65 var $users_migration_dialog= FALSE;
66 var $users_to_migrate = array();
68 /* Create Acl attributes */
69 var $acl_create_dialog = FALSE;
70 var $acl_create_selected= ""; // Currently selected element, that should receive admin rights
71 var $acl_create_changes = ""; // Contains ldif information about changes
72 var $acl_create_confirmed= FALSE;
74 /* Checks initialised ? */
75 var $checks_initialised = FALSE;
77 /* Users outside to people ou */
78 var $outside_users = array();
79 var $outside_users_dialog = FALSE;
81 /* Users outside to groups ou */
82 var $outside_groups = array();
83 var $outside_groups_dialog = FALSE;
85 /* Device migration */
86 var $device_dialog = FALSE;
87 var $device = array();
89 /* Win-Workstations outside to reserved ou */
90 var $outside_winstations = array();
91 var $outside_winstations_dialog = FALSE;
93 /* check for multiple use of same uidNumber */
94 var $check_uidNumbers = array();
95 var $check_uidNumbers_dialog = FALSE;
97 /* check for multiple use of same gidNumber */
98 var $check_gidNumbers = array();
99 var $check_gidNumbers_dialog = FALSE;
101 var $group_list = array();
103 function Step_Migrate()
104 {
105 $this->update_strings();
106 }
108 function update_strings()
109 {
110 $this->s_title = _("LDAP inspection");
111 $this->s_title_long = _("LDAP inspection");
112 $this->s_info = _("Analyze your current LDAP for GOsa compatibility");
113 }
115 function initialize_checks()
116 {
117 $this->checks = array();
118 $this->checks['root']['TITLE'] = _("Checking for root object");
119 $this->checks['root']['STATUS'] = FALSE;
120 $this->checks['root']['STATUS_MSG']= "";
121 $this->checks['root']['ERROR_MSG'] = "";
122 $this->checkBase();
124 $this->checks['permissions']['TITLE'] = _("Checking permissions on LDAP database");
125 $this->checks['permissions']['STATUS'] = FALSE;
126 $this->checks['permissions']['STATUS_MSG']= "";
127 $this->checks['permissions']['ERROR_MSG'] = "";
128 $this->check_ldap_permissions();
130 $this->checks['deps_visible']['TITLE'] = _("Checking for invisible departments");
131 $this->checks['deps_visible']['STATUS'] = FALSE;
132 $this->checks['deps_visible']['STATUS_MSG']= "";
133 $this->checks['deps_visible']['ERROR_MSG'] = "";
135 $this->checks['users_visible']['TITLE'] = _("Checking for invisible users");
136 $this->checks['users_visible']['STATUS'] = FALSE;
137 $this->checks['users_visible']['STATUS_MSG']= "";
138 $this->checks['users_visible']['ERROR_MSG'] = "";
139 $this->check_gosaAccounts();
141 $this->checks['acls']['TITLE'] = _("Checking for super administrator");
142 $this->checks['acls']['STATUS'] = FALSE;
143 $this->checks['acls']['STATUS_MSG']= "";
144 $this->checks['acls']['ERROR_MSG'] = "";
145 $this->check_administrativeAccount();
147 $this->checks['outside_users']['TITLE'] = _("Checking for users outside the people tree");
148 $this->checks['outside_users']['STATUS'] = FALSE;
149 $this->checks['outside_users']['STATUS_MSG']= "";
150 $this->checks['outside_users']['ERROR_MSG'] = "";
151 $this->search_outside_users();
153 $this->checks['outside_groups']['TITLE'] = _("Checking for groups outside the groups tree");
154 $this->checks['outside_groups']['STATUS'] = FALSE;
155 $this->checks['outside_groups']['STATUS_MSG']= "";
156 $this->checks['outside_groups']['ERROR_MSG'] = "";
157 $this->search_outside_groups();
158 $this->check_organizationalUnits();
160 $this->checks['outside_winstations']['TITLE'] = _("Checking for windows workstations outside the winstation tree");
161 $this->checks['outside_winstations']['STATUS'] = FALSE;
162 $this->checks['outside_winstations']['STATUS_MSG']= "";
163 $this->checks['outside_winstations']['ERROR_MSG'] = "";
164 $this->search_outside_winstations();
166 $this->checks['uidNumber_usage']['TITLE'] = _("Checking for duplicated UID numbers");
167 $this->checks['uidNumber_usage']['STATUS'] = FALSE;
168 $this->checks['uidNumber_usage']['STATUS_MSG']= "";
169 $this->checks['uidNumber_usage']['ERROR_MSG'] = "";
170 $this->check_uidNumber();
172 $this->checks['gidNumber_usage']['TITLE'] = _("Checking for duplicate GID numbers");
173 $this->checks['gidNumber_usage']['STATUS'] = FALSE;
174 $this->checks['gidNumber_usage']['STATUS_MSG']= "";
175 $this->checks['gidNumber_usage']['ERROR_MSG'] = "";
176 $this->check_gidNumber();
178 $this->checks['old_style_devices']['TITLE'] = _("Checking for old style USB devices");
179 $this->checks['old_style_devices']['STATUS'] = FALSE;
180 $this->checks['old_style_devices']['STATUS_MSG']= "";
181 $this->checks['old_style_devices']['ERROR_MSG'] = "";
182 $this->check_usb_devices();
183 }
186 /* Check if there are uidNumbers which are used more than once.
187 */
188 function check_uidNumber()
189 {
190 /* Establish ldap connection */
191 $cv = $this->parent->captured_values;
192 $ldap_l = new LDAP($cv['admin'],
193 $cv['password'],
194 $cv['connection'],
195 FALSE,
196 $cv['tls']);
198 $ldap = new ldapMultiplexer($ldap_l);
200 $ldap->cd($cv['base']);
201 $res = $ldap->search("(&(objectClass=posixAccount)(uidNumber=*))",array("dn","uidNumber"));
202 if(!$res){
203 $this->checks['uidNumber_usage']['STATUS'] = FALSE;
204 $this->checks['uidNumber_usage']['STATUS_MSG']= _("LDAP query failed");
205 $this->checks['uidNumber_usage']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
206 return(false);
207 }
209 $this->check_uidNumbers= array();
210 $tmp = array();
211 while($attrs = $ldap->fetch()){
212 $tmp[$attrs['uidNumber'][0]][] = $attrs;
213 }
215 foreach($tmp as $id => $entries){
216 if(count($entries) > 1){
217 foreach($entries as $entry){
218 $this->check_uidNumbers[base64_encode($entry['dn'])] = $entry;
219 }
220 }
221 }
223 if($this->check_uidNumbers){
224 $this->checks['uidNumber_usage']['STATUS'] = FALSE;
225 $this->checks['uidNumber_usage']['STATUS_MSG']= "<font style='color:#F0A500'>"._("Warning")."</font>";
226 $this->checks['uidNumber_usage']['ERROR_MSG'] =
227 sprintf(_("Found %s duplicate values for attribute 'uidNumber'."),count($this->check_uidNumbers));
228 return(false);
229 }else{
230 $this->checks['uidNumber_usage']['STATUS'] = TRUE;
231 $this->checks['uidNumber_usage']['STATUS_MSG']= _("Ok");
232 $this->checks['uidNumber_usage']['ERROR_MSG'] = "";
233 return(TRUE);
234 }
235 }
238 /* Check if there are duplicated gidNumbers present in ldap
239 */
240 function check_gidNumber()
241 {
242 /* Establish ldap connection */
243 $cv = $this->parent->captured_values;
244 $ldap_l = new LDAP($cv['admin'],
245 $cv['password'],
246 $cv['connection'],
247 FALSE,
248 $cv['tls']);
250 $ldap = new ldapMultiplexer($ldap_l);
252 $ldap->cd($cv['base']);
253 $res = $ldap->search("(&(objectClass=posixGroup)(gidNumber=*))",array("dn","gidNumber"));
254 if(!$res){
255 $this->checks['gidNumber_usage']['STATUS'] = FALSE;
256 $this->checks['gidNumber_usage']['STATUS_MSG']= _("LDAP query failed");
257 $this->checks['gidNumber_usage']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
258 return(false);
259 }
261 $this->check_gidNumbers= array();
262 $tmp = array();
263 while($attrs = $ldap->fetch()){
264 $tmp[$attrs['gidNumber'][0]][] = $attrs;
265 }
267 foreach($tmp as $id => $entries){
268 if(count($entries) > 1){
269 foreach($entries as $entry){
270 $this->check_gidNumbers[base64_encode($entry['dn'])] = $entry;
271 }
272 }
273 }
275 if($this->check_gidNumbers){
276 $this->checks['gidNumber_usage']['STATUS'] = FALSE;
277 $this->checks['gidNumber_usage']['STATUS_MSG']= "<font style='color:#F0A500'>"._("Warning")."</font>";
278 $this->checks['gidNumber_usage']['ERROR_MSG'] =
279 sprintf(_("Found %s duplicate values for attribute 'gidNumber'."),count($this->check_gidNumbers));
280 return(false);
281 }else{
282 $this->checks['gidNumber_usage']['STATUS'] = TRUE;
283 $this->checks['gidNumber_usage']['STATUS_MSG']= _("Ok");
284 $this->checks['gidNumber_usage']['ERROR_MSG'] = "";
285 return(TRUE);
286 }
287 }
290 /* Search for winstations outside the winstation ou
291 */
292 function search_outside_winstations()
293 {
294 /* Establish ldap connection */
295 $cv = $this->parent->captured_values;
296 $ldap_l = new LDAP($cv['admin'],
297 $cv['password'],
298 $cv['connection'],
299 FALSE,
300 $cv['tls']);
302 $ldap = new ldapMultiplexer($ldap_l);
304 /* Get winstation ou */
305 if($cv['generic_settings']['wws_ou_active']) {
306 $winstation_ou = $cv['generic_settings']['ws_ou'];
307 }else{
308 $winstation_ou = "ou=winstations";
309 }
311 if($cv['samba_version'] == 3){
312 $oc = "sambaSamAccount";
313 }else{
314 $oc = "sambaAccount";
315 }
317 $ldap->cd($cv['base']);
318 $res = $ldap->search("(&(objectClass=".$oc.")(uid=*$))",array("dn","sambaSID"));
319 if(!$res){
320 $this->checks['outside_winstations']['STATUS'] = FALSE;
321 $this->checks['outside_winstations']['STATUS_MSG']= _("LDAP query failed");
322 $this->checks['outside_winstations']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
323 return(false);
324 }
326 $this->outside_winstations = array();
327 while($attrs = $ldap->fetch()){
328 if((!preg_match("/^[^,]+,".normalizePreg($winstation_ou)."/",$attrs['dn'])) && !preg_match("/,dc=addressbook,/",$attrs['dn'])){
329 $attrs['selected'] = FALSE;
330 $attrs['ldif'] = "";
331 $this->outside_winstations[base64_encode($attrs['dn'])] = $attrs;
332 }
333 }
335 if(count($this->outside_winstations)){
336 $this->checks['outside_winstations']['STATUS'] = FALSE;
337 $this->checks['outside_winstations']['STATUS_MSG']= _("Failed");
338 $this->checks['outside_winstations']['ERROR_MSG'] =
339 sprintf(_("Found %s winstations outside the predefined winstation department ou '%s'."),count($this->outside_winstations),$winstation_ou);
340 $this->checks['outside_winstations']['ERROR_MSG'].= "<input type='submit' name='outside_winstations_dialog' value='"._("Migrate")."...'>";
341 return(false);
342 }else{
343 $this->checks['outside_winstations']['STATUS'] = TRUE;
344 $this->checks['outside_winstations']['STATUS_MSG']= _("Ok");
345 $this->checks['outside_winstations']['ERROR_MSG'] = "";
346 return(TRUE);
347 }
348 }
351 /* Search for groups outside the group ou
352 */
353 function search_outside_groups()
354 {
355 /* Establish ldap connection */
356 $cv = $this->parent->captured_values;
357 $ldap_l = new LDAP($cv['admin'],
358 $cv['password'],
359 $cv['connection'],
360 FALSE,
361 $cv['tls']);
363 $ldap = new ldapMultiplexer($ldap_l);
365 $group_ou = $cv['groupou'];
366 $ldap->cd($cv['base']);
368 /***********
369 * Get all gosaDepartments to be able to
370 * validate correct ldap tree position of every single user
371 ***********/
372 $valid_deps = array();
373 $valid_deps['/'] = $cv['base'];
374 $ldap->search("(&(objectClass=gosaDepartment)(ou=*))",array("dn","ou"));
375 while($attrs = $ldap->fetch()){
376 $valid_deps[] = $attrs['dn'];
377 }
379 /***********
380 * Get all groups
381 ***********/
382 $res = $ldap->search("(objectClass=posixGroup)",array("dn"));
383 if(!$res){
384 $this->checks['outside_groups']['STATUS'] = FALSE;
385 $this->checks['outside_groups']['STATUS_MSG']= _("LDAP query failed");
386 $this->checks['outside_groups']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
387 return(false);
388 }
390 $this->outside_groups = array();
391 $this->groups_list = array();;
392 while($attrs = $ldap->fetch()){
393 $group_db_base = preg_replace("/^[^,]+,".normalizePreg($group_ou)."+,/i","",$attrs['dn']);
395 /* Check if entry is not an addressbook only user
396 * and verify that he is in a valid department
397 */
398 if( !preg_match("/".normalizePreg("dc=addressbook,")."/",$group_db_base) &&
399 !in_array($group_db_base,$valid_deps)
400 ){
401 $attrs['selected'] = FALSE;
402 $attrs['ldif'] = "";
403 $this->outside_groups[base64_encode($attrs['dn'])] = $attrs;
404 }
405 $this->group_list[] = $attrs['dn'];
406 }
408 if(count($this->outside_groups)){
409 $this->checks['outside_groups']['STATUS'] = FALSE;
410 $this->checks['outside_groups']['STATUS_MSG']= "<font style='color:#F0A500'>"._("Warning")."</font>";
411 $this->checks['outside_groups']['ERROR_MSG'] =
412 sprintf(_("Found %s groups outside the configured tree '%s'."),count($this->outside_groups),$group_ou);
413 $this->checks['outside_groups']['ERROR_MSG'].= " <input type='submit' name='outside_groups_dialog' value='"._("Move")."...'>";
414 return(false);
415 }else{
416 $this->checks['outside_groups']['STATUS'] = TRUE;
417 $this->checks['outside_groups']['STATUS_MSG']= _("Ok");
418 $this->checks['outside_groups']['ERROR_MSG'] = "";
419 return(TRUE);
420 }
421 }
423 /* Search for users outside the people ou
424 */
425 function search_outside_users()
426 {
427 /* Establish ldap connection */
428 $cv = $this->parent->captured_values;
429 $ldap_l = new LDAP($cv['admin'],
430 $cv['password'],
431 $cv['connection'],
432 FALSE,
433 $cv['tls']);
435 $ldap = new ldapMultiplexer($ldap_l);
436 $ldap->cd($cv['base']);
439 /***********
440 * Get all gosaDepartments to be able to
441 * validate correct ldap tree position of every single user
442 ***********/
443 $valid_deps = array();
444 $valid_deps['/'] = $cv['base'];
445 $ldap->search("(&(objectClass=gosaDepartment)(ou=*))",array("dn","ou"));
446 while($attrs = $ldap->fetch()){
447 $valid_deps[] = $attrs['dn'];
448 }
450 /***********
451 * Search for all users
452 ***********/
453 $res = $ldap->search("(&(objectClass=gosaAccount)(!(uid=*$)))",array("dn"));
454 if(!$res){
455 $this->checks['outside_users']['STATUS'] = FALSE;
456 $this->checks['outside_users']['STATUS_MSG']= _("LDAP query failed");
457 $this->checks['outside_users']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
458 return(false);
459 }
461 /***********
462 * Check if returned users are within a valid GOsa deparmtment. (peopleou,gosaDepartment,base)
463 ***********/
464 $this->outside_users = array();
465 $people_ou = trim($cv['peopleou']);
466 if(!empty($people_ou)){
467 $people_ou = $people_ou.",";
468 }
470 while($attrs = $ldap->fetch()){
471 $people_db_base = preg_replace("/^[^,]+,".normalizePreg($people_ou)."/i","",$attrs['dn']);
473 /* Check if entry is not an addressbook only user
474 * and verify that he is in a valid department
475 */
476 if( !preg_match("/".normalizePreg("dc=addressbook,")."/",$people_db_base) &&
477 !in_array($people_db_base,$valid_deps)
478 ){
479 $attrs['selected'] = FALSE;
480 $attrs['ldif'] = "";
481 $this->outside_users[base64_encode($attrs['dn'])] = $attrs;
482 }
483 }
485 if(count($this->outside_users)){
486 $this->checks['outside_users']['STATUS'] = FALSE;
487 $this->checks['outside_users']['STATUS_MSG']= "<font style='color:#F0A500'>"._("Warning")."</font>";
488 $this->checks['outside_users']['ERROR_MSG'] =
489 sprintf(_("Found %s user(s) outside the configured tree '%s'."),count($this->outside_users),$people_ou);
490 $this->checks['outside_users']['ERROR_MSG'].= "<input type='submit' name='outside_users_dialog' value='"._("Move")."...'>";
491 return(false);
492 }else{
493 $this->checks['outside_users']['STATUS'] = TRUE;
494 $this->checks['outside_users']['STATUS_MSG']= _("Ok");
495 $this->checks['outside_users']['ERROR_MSG'] = "";
496 return(TRUE);
497 }
498 }
501 /* Check ldap accessibility
502 * Create and remove a dummy object,
503 * to ensure that we have the necessary permissions
504 */
505 function check_ldap_permissions()
506 {
507 /* Establish ldap connection */
508 $cv = $this->parent->captured_values;
509 $ldap_l = new LDAP($cv['admin'],
510 $cv['password'],
511 $cv['connection'],
512 FALSE,
513 $cv['tls']);
515 $ldap = new ldapMultiplexer($ldap_l);
517 /* Create dummy entry
518 */
519 $name = "GOsa_setup_text_entry_".session_id().rand(0,999999);
520 $dn = "ou=".$name.",".$cv['base'];
521 $testEntry= array();
522 $testEntry['objectClass'][]= "top";
523 $testEntry['objectClass'][]= "organizationalUnit";
524 $testEntry['objectClass'][]= "gosaDepartment";
525 $testEntry['description']= "Created by GOsa setup, this object can be removed.";
526 $testEntry['ou'] = $name;
528 /* check if simple ldap cat will be successful
529 */
530 $res = $ldap->cat($cv['base']);
531 if(!$res){
532 $this->checks['permissions']['STATUS'] = FALSE;
533 $this->checks['permissions']['STATUS_MSG']= _("LDAP query failed");
534 $this->checks['permissions']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
535 return(false);
536 }
538 /* Try to create dummy object
539 */
540 $ldap->cd ($dn);
541 $ldap->create_missing_trees($dn);
542 $res = $ldap->add($testEntry);
543 $ldap->cat($dn);
544 if(!$ldap->count()){
545 new log("view","setup/".get_class($this),$dn,array(),$ldap->get_error());
547 $this->checks['permissions']['STATUS'] = FALSE;
548 $this->checks['permissions']['STATUS_MSG']= _("Failed");
549 $this->checks['permissions']['ERROR_MSG'] =
550 sprintf(_("The specified user '%s' does not have full access to your ldap database."),$cv['admin']);
551 return(false);
552 }
554 /* Try to remove created entry
555 */
556 $res = $ldap->rmDir($dn);
557 $ldap->cat($dn);
558 if($ldap->count()){
559 new log("view","setup/".get_class($this),$dn,array(),$ldap->get_error());
560 $this->checks['permissions']['STATUS'] = FALSE;
561 $this->checks['permissions']['STATUS_MSG']= _("Failed");
562 $this->checks['permissions']['ERROR_MSG'] =
563 sprintf(_("The specified user '%s' does not have full access to your ldap database."),$cv['admin']);
564 return(false);
565 }
567 /* Create & remove of dummy object was successful */
568 $this->checks['permissions']['STATUS'] = TRUE;
569 $this->checks['permissions']['STATUS_MSG']= _("Ok");
570 $this->checks['permissions']['ERROR_MSG'] = "";
571 return(true);
572 }
575 /* Check if there are users which will
576 * be invisible for GOsa
577 */
578 function check_gosaAccounts()
579 {
580 /* Remember old list of ivisible users, to be able to set
581 * the 'html checked' status for the checkboxes again
582 */
583 $cnt_ok = 0;
584 $old = $this->users_to_migrate;
585 $this->users_to_migrate = array();
587 /* Establish ldap connection */
588 $cv = $this->parent->captured_values;
589 $ldap_l = new LDAP($cv['admin'],
590 $cv['password'],
591 $cv['connection'],
592 FALSE,
593 $cv['tls']);
595 $ldap = new ldapMultiplexer($ldap_l);
597 /* Get all invisible users
598 */
599 $ldap->cd($cv['base']);
600 $res =$ldap->search("(&(|(objectClass=posixAccount)(&(objectClass=inetOrgPerson)(objectClass=organizationalPerson)))(!(objectClass=gosaAccount))(uid=*))",array("sn","givenName","cn","uid"));
601 while($attrs = $ldap->fetch()){
602 if(!preg_match("/,dc=addressbook,/",$attrs['dn'])){
603 $attrs['checked'] = FALSE;
604 $attrs['before'] = "";
605 $attrs['after'] = "";
607 /* Set objects to selected, that were selected before reload */
608 if(isset($old[base64_encode($attrs['dn'])])){
609 $attrs['checked'] = $old[base64_encode($attrs['dn'])]['checked'];
610 }
611 $this->users_to_migrate[base64_encode($attrs['dn'])] = $attrs;
612 }
613 }
615 /* No invisible */
616 if(!$res){
617 $this->checks['users_visible']['STATUS'] = FALSE;
618 $this->checks['users_visible']['STATUS_MSG']= _("LDAP query failed");
619 $this->checks['users_visible']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
620 }elseif(count($this->users_to_migrate) == 0){
621 $this->checks['users_visible']['STATUS'] = TRUE;
622 $this->checks['users_visible']['STATUS_MSG']= _("Ok");
623 $this->checks['users_visible']['ERROR_MSG'] = "";
624 }else{
625 $this->checks['users_visible']['STATUS'] = FALSE;
626 $this->checks['users_visible']['STATUS_MSG']= "<font style='color:#F0A500'>"._("Warning")."</font>";
627 $this->checks['users_visible']['ERROR_MSG'] = sprintf(_("Found %s user(s) that will not be visible in GOsa."),
628 count($this->users_to_migrate));
629 $this->checks['users_visible']['ERROR_MSG'] .= "<input type='submit' name='users_visible_migrate' value='"._("Migrate")."...'>";
630 }
631 }
634 /* Start user account migration
635 */
636 function migrate_gosaAccounts($only_ldif = FALSE)
637 {
638 $this->show_details= $only_ldif;
640 /* Establish ldap connection */
641 $cv = $this->parent->captured_values;
642 $ldap_l = new LDAP($cv['admin'],
643 $cv['password'],
644 $cv['connection'],
645 FALSE,
646 $cv['tls']);
648 $ldap = new ldapMultiplexer($ldap_l);
650 /* Add gosaAccount objectClass to the selected users
651 */
652 foreach($this->users_to_migrate as $key => $dep){
653 if($dep['checked']){
655 /* Get old objectClasses */
656 $ldap->cat($dep['dn'],array("objectClass"));
657 $attrs = $ldap->fetch();
659 /* Create new objectClass array */
660 $new_attrs = array();
661 $new_attrs['objectClass']= array("gosaAccount","inetOrgPerson","organizationalPerson");
662 for($i = 0 ; $i < $attrs['objectClass']['count']; $i ++ ){
663 if(!in_array_ics($attrs['objectClass'][$i], $new_attrs['objectClass'])){
664 $new_attrs['objectClass'][] = $attrs['objectClass'][$i];
665 }
666 }
668 /* Set info attributes for current object,
669 * or write changes to the ldap database
670 */
671 if($only_ldif){
672 $this->users_to_migrate[$key]['before'] = $this->array_to_ldif($attrs);
673 $this->users_to_migrate[$key]['after'] = $this->array_to_ldif($new_attrs);
674 }else{
675 $ldap->cd($attrs['dn']);
676 if(!$ldap->modify($new_attrs)){
677 msg_dialog::display(_("Migration error"), sprintf(_("Cannot migrate department '%s':")."<br><br><i>%s</i>",LDAP::fix($attrs['dn']),$ldap->get_error()), ERROR_DIALOG);
678 return(false);
679 }
680 }
681 }
682 }
683 return(TRUE);
684 }
687 /* Check if there are invisible organizational Units
688 */
689 function check_organizationalUnits()
690 {
691 $cnt_ok = 0;
692 $old = $this->deps_to_migrate;
693 $this->deps_to_migrate = array();
695 /* Establish ldap connection */
696 $cv = $this->parent->captured_values;
697 $ldap_l = new LDAP($cv['admin'],
698 $cv['password'],
699 $cv['connection'],
700 FALSE,
701 $cv['tls']);
703 $ldap = new ldapMultiplexer($ldap_l);
705 /* Skip GOsa internal departments */
706 $skip_dns = array("/".$cv['peopleou']."/","/".$cv['groupou']."/","/^ou=people,/","/^ou=groups,/","/^ou=sudoers,/",
707 "/(,|)ou=configs,/","/(,|)ou=systems,/",
708 "/(,|)ou=apps,/","/(,|)ou=mime,/","/(,|)ou=devices/","/^ou=aclroles,/","/^ou=incoming,/",
709 "/ou=snapshots,/","/(,|)dc=addressbook,/","/^(,|)ou=machineaccounts,/",
710 "/(,|)ou=winstations,/");
712 /* Get all invisible departments */
713 $ldap->cd($cv['base']);
714 $res = $ldap->search("(&(objectClass=organizationalUnit)(!(objectClass=gosaDepartment)))",array("ou","description","dn"));
715 while($attrs = $ldap->fetch()){
716 $attrs['checked'] = FALSE;
717 $attrs['before'] = "";
718 $attrs['after'] = "";
720 /* Set objects to selected, that were selected before reload */
721 if(isset($old[base64_encode($attrs['dn'])])){
722 $attrs['checked'] = $old[base64_encode($attrs['dn'])]['checked'];
723 }
724 $this->deps_to_migrate[base64_encode($attrs['dn'])] = $attrs;
725 }
727 /* Filter returned list of departments and ensure that
728 * GOsa internal departments will not be listed
729 */
730 foreach($this->deps_to_migrate as $key => $attrs){
731 $dn = $attrs['dn'];
732 $skip = false;;
734 /* Check if this object is an application release object
735 e.g. groups-> application menus.
736 */
737 if(preg_match("/^.*,[ ]*cn=/",$dn)){
738 $cn_dn = preg_replace("/^.*,[ ]*cn=/","cn=",$dn);
739 if(in_array($cn_dn,$this->group_list)){
740 $skip = true;
741 }
742 }
744 foreach($skip_dns as $skip_dn){
745 if(preg_match($skip_dn,$dn)){
746 $skip = true;
747 }
748 }
749 if($skip){
750 unset($this->deps_to_migrate[$key]);
751 }
752 }
754 /* If we have no invisible departments found
755 * tell the user that everything is ok
756 */
757 if(!$res){
758 $this->checks['deps_visible']['STATUS'] = FALSE;
759 $this->checks['deps_visible']['STATUS_MSG']= _("LDAP query failed");
760 $this->checks['deps_visible']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
761 }elseif(count($this->deps_to_migrate) == 0 ){
762 $this->checks['deps_visible']['STATUS'] = TRUE;
763 $this->checks['deps_visible']['STATUS_MSG']= _("Ok");
764 $this->checks['deps_visible']['ERROR_MSG'] = "";
765 }else{
766 $this->checks['deps_visible']['STATUS'] = TRUE;
767 $this->checks['deps_visible']['STATUS_MSG']= '<font style="color:#FFA500">'._("Warning").'</font>';
768 $this->checks['deps_visible']['ERROR_MSG'] = sprintf(_("Found %s department(s) that will not be visible in GOsa."),count($this->deps_to_migrate));
769 $this->checks['deps_visible']['ERROR_MSG'] .= " <input type='submit' name='deps_visible_migrate' value='"._("Migrate")."...'>";
770 }
771 }
775 /* Start deparmtment migration */
776 function migrate_organizationalUnits($only_ldif = FALSE)
777 {
778 $this->show_details= $only_ldif;
780 /* Establish ldap connection */
781 $cv = $this->parent->captured_values;
782 $ldap_l = new LDAP($cv['admin'],
783 $cv['password'],
784 $cv['connection'],
785 FALSE,
786 $cv['tls']);
788 $ldap = new ldapMultiplexer($ldap_l);
790 /* Add gosaDepartment objectClass to each selected entry
791 */
792 foreach($this->deps_to_migrate as $key => $dep){
793 if($dep['checked']){
795 /* Get current objectClasses */
796 $ldap->cat($dep['dn'],array("objectClass","description"));
797 $attrs = $ldap->fetch();
799 /* Create new objectClass attribute including gosaDepartment*/
800 $new_attrs = array();
801 for($i = 0 ; $i < $attrs['objectClass']['count']; $i ++ ){
802 $new_attrs['objectClass'][] = $attrs['objectClass'][$i];
803 }
804 $new_attrs['objectClass'][] = "gosaDepartment";
806 /* Append description it is missing */
807 if(!isset($attrs['description'])){
808 $new_attrs['description'][] = "GOsa department";
809 }
811 /* Depending on the parameter >only_diff< we save the changes as ldif
812 * or we write our changes directly to the ldap database
813 */
814 if($only_ldif){
815 $this->deps_to_migrate[$key]['before'] = $this->array_to_ldif($attrs);
816 $this->deps_to_migrate[$key]['after'] = $this->array_to_ldif($new_attrs);
817 }else{
818 $ldap->cd($attrs['dn']);
819 if(!$ldap->modify($new_attrs)){
820 msg_dialog::display(_("Migration error"), sprintf(_("Cannot migrate department '%s':")."<br><br><i>%s</i>",LDAP::fix($attrs['dn']), $ldap->get_error()), ERROR_DIALOG);
821 return(false);
822 }
823 }
824 }
825 }
826 return(TRUE);
827 }
830 /* Check Acls if there is at least one object with acls defined
831 */
832 function check_administrativeAccount()
833 {
834 /* Establish ldap connection */
835 $cv = $this->parent->captured_values;
836 $ldap_l = new LDAP($cv['admin'],
837 $cv['password'],
838 $cv['connection'],
839 FALSE,
840 $cv['tls']);
842 $ldap = new ldapMultiplexer($ldap_l);
843 $ldap->cd($cv['base']);
844 $res = $ldap->cat($cv['base']);
846 if(!$res){
847 $this->checks['acls']['STATUS'] = FALSE;
848 $this->checks['acls']['STATUS_MSG']= _("LDAP query failed");
849 $this->checks['acls']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
850 }else{
851 $found = false;
852 $username = "";
853 $attrs = $ldap->fetch();
854 if(isset($attrs['gosaAclEntry'])){
855 $acls = $attrs['gosaAclEntry'];
856 for($i = 0 ; $i < $acls['count'] ; $i++){
857 $acl = $acls[$i];
858 $tmp = split(":",$acl);
859 if($tmp[1] == "psub"){
860 $members = split(",",$tmp[2]);
861 foreach($members as $member){
862 $member = base64_decode($member);
864 /* Check if acl owner is a valid GOsa user account */
865 $ldap->cat($member,array("objectClass","uid","cn"));
866 $ret = $ldap->fetch();
868 if(isset($ret['objectClass']) && in_array("posixGroup",$ret['objectClass'])){
869 $found = TRUE;
870 $username .= "ACL-Group: ".$ret['cn'][0]."<br>";
871 }elseif(isset($ret['objectClass']) && in_array("gosaAccount",$ret['objectClass']) &&
872 in_array("organizationalPerson",$ret['objectClass']) &&
873 in_array("inetOrgPerson",$ret['objectClass'])){
874 $found = TRUE;
875 $username .= "ACL: ".$ret['uid'][0]."<br>";
876 }
877 }
878 }elseif($tmp[1] == "role"){
880 /* Check if acl owner is a valid GOsa user account */
881 $ldap->cat(base64_decode($tmp[2]),array("gosaAclTemplate"));
882 $ret = $ldap->fetch();
884 if(isset($ret['gosaAclTemplate'])){
885 $cnt = $ret['gosaAclTemplate']['count'];
886 for($e = 0 ; $e < $cnt ; $e++){
888 $a_str = $ret['gosaAclTemplate'][$e];
889 if(preg_match("/^[0-9]*:psub:/",$a_str) && preg_match("/:all;cmdrw$/",$a_str)){
891 $members = split(",",$tmp[3]);
892 foreach($members as $member){
893 $member = base64_decode($member);
895 /* Check if acl owner is a valid GOsa user account */
896 $ldap->cat($member,array("objectClass","uid"));
897 $ret = $ldap->fetch();
899 if(isset($ret['objectClass']) && in_array("gosaAccount",$ret['objectClass']) &&
900 in_array("organizationalPerson",$ret['objectClass']) &&
901 in_array("inetOrgPerson",$ret['objectClass'])){
902 $found = TRUE;
903 $username .= "ACL Role: ".$ret['uid'][0]."<br>";
904 }
905 }
906 }
907 }
908 }
909 }
910 }
911 }
913 # For debugging
914 #echo $username;
916 if($found){
917 $this->checks['acls']['STATUS'] = TRUE;
918 $this->checks['acls']['STATUS_MSG']= _("Ok");
919 $this->checks['acls']['ERROR_MSG'] = "";
920 }else{
921 $this->checks['acls']['STATUS'] = FALSE;
922 $this->checks['acls']['STATUS_MSG']= _("Failed");
923 $this->checks['acls']['ERROR_MSG']= _("There is no GOsa administrator account inside your LDAP.")." ";
924 $this->checks['acls']['ERROR_MSG'].= "<input type='submit' name='create_acls' value='"._("Create")."'>";
925 }
926 }
927 return($ldap->count()>=1);
928 }
932 function create_admin($only_ldif = FALSE)
933 {
934 /* Reset '' */
935 $this->acl_create_changes="";
937 /* Object that should receive admin acls */
938 $dn = $this->acl_create_selected;
940 /* Get collected configuration settings */
941 $cv = $this->parent->captured_values;
943 /* On first call check for rid/sid base */
944 $ldap_l = new LDAP($cv['admin'],
945 $cv['password'],
946 $cv['connection'],
947 FALSE,
948 $cv['tls']);
950 $ldap = new ldapMultiplexer($ldap_l);
952 /* Get current base attributes */
953 $ldap->cd($cv['base']);
954 $ldap->cat($cv['base'],array("dn","objectClass","gosaAclEntry"));
955 $attrs = $ldap->fetch();
957 /* Add acls for the selcted user to the base */
958 $attrs_new = array();
959 $attrs_new['objectClass'] = array("gosaACL");
961 for($i = 0; $i < $attrs['objectClass']['count']; $i ++){
962 if(!in_array_ics($attrs['objectClass'][$i],$attrs_new['objectClass'])){
963 $attrs_new['objectClass'][] = $attrs['objectClass'][$i];
964 }
965 }
967 $acl = "0:psub:".base64_encode($dn).":all;cmdrw";
968 $attrs_new['gosaAclEntry'][] = $acl;
969 if(isset($attrs['gosaAclEntry'])){
970 for($i = 0 ; $i < $attrs['gosaAclEntry']['count']; $i ++){
972 $prio = preg_replace("/[:].*$/","",$attrs['gosaAclEntry'][$i]);
973 $rest = preg_replace("/^[^:]/","",$attrs['gosaAclEntry'][$i]);
975 $data = ($prio+1).$rest;
976 $attrs_new['gosaAclEntry'][] = $data;
977 }
978 }
980 if($only_ldif){
981 $this->acl_create_changes ="\n".($ldap->fix($cv['base']))."\n";
982 $this->acl_create_changes.=$this->array_to_ldif($attrs)."\n";
983 $this->acl_create_changes.="\n".($ldap->fix($cv['base']))."\n";
984 $this->acl_create_changes.=$this->array_to_ldif($attrs_new);
985 }else{
987 $ldap->cd($cv['base']);
988 if(!$ldap->modify($attrs_new)){
989 msg_dialog::display(_("Migration error"), sprintf(_("Cannot add ACL for user '%s':")."<br><br><i>%s</i>", LDAP::fix($dn), $ldap->get_error()), ERROR_DIALOG);
990 return(FALSE);
991 }else{
992 return(TRUE);
993 }
994 }
995 }
998 function create_admin_user()
999 {
1000 $pw1 = $pw2 = "";
1001 $uid = "";
1003 if(isset($_POST['new_user_uid'])){
1004 $uid = $_POST['new_user_uid'];
1005 }
1006 if(isset($_POST['new_user_password'])){
1007 $pw1 = $_POST['new_user_password'];
1008 }
1009 if(isset($_POST['new_user_password2'])){
1010 $pw2 = $_POST['new_user_password2'];
1011 }
1013 if(empty($pw1) || empty($pw2) | ($pw1 != $pw2)){
1014 msg_dialog::display(_("Password error"), _("Provided passwords do not match!"), ERROR_DIALOG);
1015 return false;
1016 }
1018 if(!tests::is_uid($uid) || empty($uid)){
1019 msg_dialog::display(_("Input error"), _("Specify a valid user ID!"), ERROR_DIALOG);
1020 return false;
1021 }
1023 /* On first call check for rid/sid base */
1024 $cv = $this->parent->captured_values;
1025 $ldap_l = new LDAP($cv['admin'],
1026 $cv['password'],
1027 $cv['connection'],
1028 FALSE,
1029 $cv['tls']);
1031 $ldap = new ldapMultiplexer($ldap_l);
1033 /* Get current base attributes */
1034 $ldap->cd($cv['base']);
1036 $people_ou = trim($cv['peopleou']);
1037 if(!empty($people_ou)){
1038 $people_ou = trim($people_ou).",";
1039 }
1041 if($cv['peopledn'] == "cn"){
1042 $dn = "cn=System Administrator-".$uid.",".$people_ou.$cv['base'];
1043 }else{
1044 $dn = "uid=".$uid.",".$people_ou.$cv['base'];
1045 }
1047 $hash = passwordMethod::make_hash($pw2, $cv['encryption']);
1049 $new_user=array();
1050 $new_user['objectClass']= array("top","person","gosaAccount","organizationalPerson","inetOrgPerson");
1051 $new_user['givenName'] = "System";
1052 $new_user['sn'] = "Administrator";
1053 $new_user['cn'] = "System Administrator-".$uid;
1054 $new_user['uid'] = $uid;
1055 $new_user['userPassword'] = $hash;
1057 $ldap->cd($cv['base']);
1059 $ldap->cat($dn,array("dn"));
1060 if($ldap->count()){
1061 msg_dialog::display(_("Error"), sprintf(_("Adding an administrative user failed: object '%s' already exists!"), LDAP::fix($dn)), ERROR_DIALOG);
1062 return(FALSE);
1063 }
1065 $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$dn));
1066 $ldap->cd($dn);
1067 $res = $ldap->add($new_user);
1068 $this->acl_create_selected = $dn;
1069 $this->create_admin();
1071 if(!$res){
1072 msg_dialog::display(_("LDAP error"), $ldap->get_error(), ERROR_DIALOG);
1073 return(FALSE);
1074 }
1076 $this->acl_create_dialog=FALSE;
1077 $this->check_administrativeAccount();
1078 return(TRUE);
1079 }
1082 function migrate_outside_winstations($perform = FALSE)
1083 {
1084 /* Establish ldap connection */
1085 $cv = $this->parent->captured_values;
1086 $ldap_l = new LDAP($cv['admin'],
1087 $cv['password'],
1088 $cv['connection'],
1089 FALSE,
1090 $cv['tls']);
1092 $ldap = new ldapMultiplexer($ldap_l);
1094 $ldap->cd($cv['base']);
1096 /* Check if there was a destination department posted */
1097 if(isset($_POST['move_winstation_to'])){
1098 $destination_dep = $_POST['move_winstation_to'];
1099 }else{
1100 msg_dialog::display(_("LDAP error"), _("Cannot move users to the requested department!"), ERROR_DIALOG);
1101 return(false);
1102 }
1104 foreach($this->outside_winstations as $b_dn => $data){
1105 $this->outside_winstations[$b_dn]['ldif'] ="";
1106 if($data['selected']){
1107 $dn = base64_decode($b_dn);
1108 $d_dn = preg_replace("/,.*$/",",".base64_decode($destination_dep),$dn);
1109 if(!$perform){
1110 $this->outside_winstations[$b_dn]['ldif'] = _("Winstation will be moved from").":<br>\t".($ldap->fix($dn))."<br>"._("to").":<br>\t".($ldap->fix($d_dn));
1113 /* Check if there are references to this object */
1114 $ldap->search("(&(member=".LDAP::prepare4filter($dn).")(|(objectClass=gosaGroupOfNames)(objectClass=groupOfNames)))",array('dn'));
1115 $refs = "";
1116 while($attrs = $ldap->fetch()){
1117 $ref_dn = $attrs['dn'];
1118 $refs .= "<br />\t".$ref_dn;
1119 }
1120 if(!empty($refs)){
1121 $this->outside_winstations[$b_dn]['ldif'] .= "<br /><br /><i>"._("Updating following references too").":</i>".$refs;
1122 }
1124 }else{
1125 $this->move($dn,$d_dn);
1126 }
1127 }
1128 }
1129 }
1132 function migrate_outside_groups($perform = FALSE)
1133 {
1134 /* Establish ldap connection */
1135 $cv = $this->parent->captured_values;
1136 $ldap_l = new LDAP($cv['admin'],
1137 $cv['password'],
1138 $cv['connection'],
1139 FALSE,
1140 $cv['tls']);
1142 $ldap = new ldapMultiplexer($ldap_l);
1143 $ldap->cd($cv['base']);
1145 /* Check if there was a destination department posted */
1146 if(isset($_POST['move_group_to'])){
1147 $destination_dep = $_POST['move_group_to'];
1148 }else{
1149 msg_dialog::display(_("LDAP error"), _("Cannot move users to the requested department!"), ERROR_DIALOG);
1150 return(false);
1151 }
1153 foreach($this->outside_groups as $b_dn => $data){
1154 $this->outside_groups[$b_dn]['ldif'] ="";
1155 if($data['selected']){
1156 $dn = base64_decode($b_dn);
1157 $d_dn = preg_replace("/,.*$/",",".base64_decode($destination_dep),$dn);
1158 if(!$perform){
1160 $this->outside_groups[$b_dn]['ldif'] = _("Group will be moved from").":<br>\t".($ldap->fix($dn))."<br>"._("to").":<br>\t".($ldap->fix($d_dn));
1162 /* Check if there are references to this object */
1163 $ldap->search("(&(member=".LDAP::prepare4filter($dn).")(|(objectClass=gosaGroupOfNames)(objectClass=groupOfNames)))",array('dn'));
1164 $refs = "";
1165 while($attrs = $ldap->fetch()){
1166 $ref_dn = $attrs['dn'];
1167 $refs .= "<br />\t".$ref_dn;
1168 }
1169 if(!empty($refs)){
1170 $this->outside_groups[$b_dn]['ldif'] .= "<br /><br /><i>"._("Updating following references too").":</i>".$refs;
1171 }
1173 }else{
1174 $this->move($dn,$d_dn);
1175 }
1176 }
1177 }
1178 }
1181 function migrate_outside_users($perform = FALSE)
1182 {
1183 /* Establish ldap connection */
1184 $cv = $this->parent->captured_values;
1185 $ldap_l = new LDAP($cv['admin'],
1186 $cv['password'],
1187 $cv['connection'],
1188 FALSE,
1189 $cv['tls']);
1191 $ldap = new ldapMultiplexer($ldap_l);
1192 $ldap->cd($cv['base']);
1194 /* Check if there was a destination department posted */
1195 if(isset($_POST['move_user_to'])){
1196 $destination_dep = $_POST['move_user_to'];
1197 }else{
1198 msg_dialog::display(_("LDAP error"), _("Cannot move users to the requested department!"), ERROR_DIALOG);
1199 return(false);
1200 }
1202 foreach($this->outside_users as $b_dn => $data){
1203 $this->outside_users[$b_dn]['ldif'] ="";
1204 if($data['selected']){
1205 $dn = base64_decode($b_dn);
1206 $d_dn = preg_replace("/,.*$/",",".base64_decode($destination_dep),$dn);
1207 if(!$perform){
1208 $this->outside_users[$b_dn]['ldif'] = _("User will be moved from").":<br>\t".($ldap->fix($dn))."<br>"._("to").":<br>\t".($ldap->fix($d_dn));
1210 /* Check if there are references to this object */
1211 $ldap->search("(&(member=".LDAP::prepare4filter($dn).")(|(objectClass=gosaGroupOfNames)(objectClass=groupOfNames)))",array('dn'));
1212 $refs = "";
1213 while($attrs = $ldap->fetch()){
1214 $ref_dn = $attrs['dn'];
1215 $refs .= "<br />\t".$ref_dn;
1216 }
1217 if(!empty($refs)){
1218 $this->outside_users[$b_dn]['ldif'] .= "<br /><br /><i>"._("The following references will be updated").":</i>".$refs;
1219 }
1221 }else{
1222 $this->move($dn,$d_dn);
1223 }
1224 }
1225 }
1226 }
1229 function execute()
1230 {
1231 /* Initialise checks if this is the first call */
1232 if(!$this->checks_initialised || isset($_POST['reload'])){
1233 $this->initialize_checks();
1234 $this->checks_initialised = TRUE;
1235 }
1237 /*************
1238 * Winstations outside the group ou
1239 *************/
1241 if(isset($_POST['outside_winstations_dialog_cancel'])){
1242 $this->outside_winstations_dialog = FALSE;
1243 $this->dialog = FALSE;
1244 $this->show_details = FALSE;
1245 }
1247 if(isset($_POST['outside_winstations_dialog_whats_done'])){
1248 $this->migrate_outside_winstations(FALSE);
1249 }
1251 if(isset($_POST['outside_winstations_dialog_perform'])){
1252 $this->migrate_outside_winstations(TRUE);
1253 $this->search_outside_winstations();
1254 $this->dialog = FALSE;
1255 $this->show_details = FALSE;
1256 $this->outside_winstations_dialog = FALSE;
1257 }
1259 if(isset($_POST['outside_winstations_dialog'])){
1260 $this->outside_winstations_dialog = TRUE;
1261 $this->dialog = TRUE;
1262 }
1264 if($this->outside_winstations_dialog){
1266 /* Fix displayed dn syntax */
1267 $tmp = $this->outside_winstations;
1268 foreach($tmp as $key => $data){
1269 $tmp[$key]['dn'] = @LDAP::fix($data['dn']);
1270 }
1272 $smarty = get_smarty();
1273 $smarty->assign("ous",$this->get_all_winstation_ous());
1274 $smarty->assign("method","outside_winstations");
1275 $smarty->assign("outside_winstations",$tmp);
1276 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1277 }
1278 /*************
1279 * Groups outside the group ou
1280 *************/
1282 if(isset($_POST['outside_groups_dialog_cancel'])){
1283 $this->outside_groups_dialog = FALSE;
1284 $this->show_details = FALSE;
1285 $this->dialog = FALSE;
1286 }
1288 if(isset($_POST['outside_groups_dialog_whats_done'])){
1289 $this->show_details= TRUE;
1290 $this->migrate_outside_groups(FALSE);
1291 }
1293 if(isset($_POST['outside_groups_dialog_refresh'])){
1294 $this->show_details= FALSE;
1295 }
1297 if(isset($_POST['outside_groups_dialog_perform'])){
1298 $this->migrate_outside_groups(TRUE);
1299 $this->dialog = FALSE;
1300 $this->show_details = FALSE;
1301 $this->outside_groups_dialog = FALSE;
1302 $this->initialize_checks();
1303 }
1305 if(isset($_POST['outside_groups_dialog'])){
1306 $this->outside_groups_dialog = TRUE;
1307 $this->dialog = TRUE;
1308 }
1310 if($this->outside_groups_dialog){
1312 /* Fix displayed dn syntax */
1313 $tmp = $this->outside_groups;
1314 foreach($tmp as $key => $data){
1315 $tmp[$key]['dn'] = @LDAP::fix($data['dn']);
1316 }
1318 $smarty = get_smarty();
1319 $smarty->assign("ous",$this->get_all_group_ous());
1320 $smarty->assign("method","outside_groups");
1321 $smarty->assign("outside_groups",$tmp);
1322 $smarty->assign("group_details", $this->show_details);
1323 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1324 }
1326 /*************
1327 * User outside the people ou
1328 *************/
1330 if(isset($_POST['outside_users_dialog_cancel'])){
1331 $this->outside_users_dialog = FALSE;
1332 $this->dialog = FALSE;
1333 $this->show_details = FALSE;
1334 }
1336 if(isset($_POST['outside_users_dialog_whats_done'])){
1337 $this->show_details= TRUE;
1338 $this->migrate_outside_users(FALSE);
1339 }
1341 if(isset($_POST['outside_users_dialog_perform'])){
1342 $this->migrate_outside_users(TRUE);
1343 $this->initialize_checks();
1344 $this->dialog = FALSE;
1345 $this->show_details = FALSE;
1346 $this->outside_users_dialog = FALSE;
1347 }
1349 if (isset($_POST['outside_users_dialog_refresh'])){
1350 $this->show_details= FALSE;
1351 }
1353 if(isset($_POST['outside_users_dialog'])){
1354 $this->outside_users_dialog = TRUE;
1355 $this->dialog = TRUE;
1356 }
1358 if($this->outside_users_dialog){
1360 /* Fix displayed dn syntax */
1361 $tmp = $this->outside_users;
1362 foreach($tmp as $key => $data){
1363 $tmp[$key]['dn'] = @LDAP::fix($data['dn']);
1364 }
1366 $smarty = get_smarty();
1367 $smarty->assign("ous",$this->get_all_people_ous());
1368 $smarty->assign("method","outside_users");
1369 $smarty->assign("outside_users",$tmp);
1370 $smarty->assign("user_details", $this->show_details);
1371 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1372 }
1374 /*************
1375 * Root object check
1376 *************/
1378 if(isset($_POST['retry_root_create'])){
1380 $state = $this->checks['root']['STATUS'];
1381 $this->checkBase(FALSE);
1382 if($state != $this->checks['root']['STATUS']){
1383 $this->initialize_checks();
1384 }
1385 }
1387 /*************
1388 * User Migration handling
1389 *************/
1391 if(isset($_POST['retry_acls'])){
1392 $this->check_administrativeAccount();
1393 }
1395 if(isset($_POST['create_acls'])){
1396 $this->acl_create_dialog = TRUE;
1397 $this->dialog = TRUE;
1398 }
1400 if(isset($_POST['create_acls_cancel'])){
1401 $this->acl_create_dialog = FALSE;
1402 $this->dialog = FALSE;
1403 $this->show_details = FALSE;
1404 }
1406 # if(isset($_POST['create_acls_create_confirmed'])){
1407 # if($this->create_admin()){
1408 # $this->acl_create_dialog = FALSE;
1409 # $this->dialog = FALSE;
1410 # $this->show_details = FALSE;
1411 # $this->initialize_checks();
1412 # }
1413 # }
1415 if(isset($_POST['create_acls_create'])){
1416 $this->create_admin(TRUE);
1417 }
1419 if(isset($_POST['create_admin_user'])){
1420 if($this->create_admin_user()){
1421 $this->dialog = FALSE;
1422 $this->show_details = FALSE;
1423 }
1424 }
1426 if($this->acl_create_dialog){
1427 $smarty = get_smarty();
1429 $uid = "admin";
1430 if(isset($_POST['new_user_uid'])){
1431 $uid = $_POST['new_user_uid'];
1432 }
1434 $smarty->assign("new_user_uid",$uid);
1435 $smarty->assign("new_user_password",@$_POST['new_user_password']);
1436 $smarty->assign("new_user_password2",@$_POST['new_user_password2']);
1437 $smarty->assign("method","create_acls");
1438 $smarty->assign("acl_create_selected",$this->acl_create_selected);
1439 $smarty->assign("what_will_be_done_now",$this->acl_create_changes);
1440 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1441 }
1443 /*************
1444 * User Migration handling
1445 *************/
1447 /* Refresh list of deparments */
1448 if(isset($_POST['users_visible_migrate_refresh'])){
1449 $this->check_gosaAccounts();
1450 }
1452 /* Open migration dialog */
1453 if(isset($_POST['users_visible_migrate'])){
1454 $this->show_details= FALSE;
1455 $this->users_migration_dialog = TRUE;
1456 $this->dialog =TRUE;
1457 }
1459 /* Close migration dialog */
1460 if(isset($_POST['users_visible_migrate_close'])){
1461 $this->users_migration_dialog = FALSE;
1462 $this->dialog =FALSE;
1463 $this->show_details = FALSE;
1464 }
1466 /* Start migration */
1467 if(isset($_POST['users_visible_migrate_migrate'])){
1468 if($this->migrate_gosaAccounts()){
1469 $this->initialize_checks();
1470 $this->dialog = FALSE;
1471 $this->show_details = FALSE;
1472 $this->users_migration_dialog = FALSE;
1473 }
1474 }
1476 /* Start migration */
1477 if(isset($_POST['users_visible_migrate_whatsdone'])){
1478 $this->migrate_gosaAccounts(TRUE);
1479 }
1481 /* Display migration dialog */
1482 if($this->users_migration_dialog){
1484 /* Fix displayed dn syntax */
1485 $tmp = $this->users_to_migrate;
1486 foreach($tmp as $key => $data){
1487 $tmp[$key]['dn'] = @LDAP::fix($data['dn']);
1488 }
1490 $smarty = get_smarty();
1491 $smarty->assign("users_to_migrate",$tmp);
1492 $smarty->assign("method","migrate_users");
1493 $smarty->assign("user_details", $this->show_details);
1494 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1495 }
1498 /*************
1499 * Department Migration handling
1500 *************/
1502 /* Refresh list of deparments */
1503 if(isset($_POST['deps_visible_migrate_refresh'])){
1504 $this->check_organizationalUnits();
1505 $this->show_details= FALSE;
1506 }
1508 /* Open migration dialog */
1509 if(isset($_POST['deps_visible_migrate'])){
1510 $this->dep_migration_dialog = TRUE;
1511 $this->dialog =TRUE;
1512 }
1514 /* Close migration dialog */
1515 if(isset($_POST['deps_visible_migrate_close'])){
1516 $this->dep_migration_dialog = FALSE;
1517 $this->dialog =FALSE;
1518 $this->show_details = FALSE;
1519 }
1521 /* Start migration */
1522 if(isset($_POST['deps_visible_migrate_migrate'])){
1523 if($this->migrate_organizationalUnits()){
1524 $this->show_details= FALSE;
1525 $this->check_organizationalUnits();
1526 $this->dialog = FALSE;
1527 $this->dep_migration_dialog = FALSE;
1528 }
1529 }
1531 /* Start migration */
1532 if(isset($_POST['deps_visible_migrate_whatsdone'])){
1533 $this->migrate_organizationalUnits(TRUE);
1534 }
1536 /* Display migration dialog */
1537 if($this->dep_migration_dialog){
1538 $smarty = get_smarty();
1540 /* Fix displayed dn syntax */
1541 $tmp = $this->deps_to_migrate;
1542 foreach($tmp as $key => $data){
1543 $tmp[$key]['dn'] = @LDAP::fix($data['dn']);
1544 }
1546 $smarty->assign("deps_to_migrate",$tmp);
1547 $smarty->assign("method","migrate_deps");
1548 $smarty->assign("deps_details", $this->show_details);
1549 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1550 }
1553 /*************
1554 * Device migration
1555 *************/
1557 if($this->device_dialog) {
1558 $this->check_device_posts();
1559 }
1561 if(isset($_POST['device_dialog_cancel'])){
1562 $this->device_dialog = FALSE;
1563 $this->show_details = FALSE;
1564 $this->dialog = FALSE;
1565 }
1567 if(isset($_POST['device_dialog_whats_done'])){
1568 $this->show_details= TRUE;
1569 }
1571 if(isset($_POST['device_dialog_refresh'])){
1572 $this->show_details= FALSE;
1573 }
1575 if(isset($_POST['migrate_devices'])){
1576 $this->migrate_usb_devices();
1577 # $this->dialog = FALSE;
1578 # $this->show_details = FALSE;
1579 # $this->device_dialog = FALSE;
1580 # $this->initialize_checks();
1581 }
1583 if(isset($_POST['device_dialog'])){
1584 $this->device_dialog = TRUE;
1585 $this->dialog = TRUE;
1586 }
1588 if($this->device_dialog){
1589 $smarty = get_smarty();
1590 $smarty->assign("method","devices");
1591 $smarty->assign("devices",$this->device);
1592 $smarty->assign("device_details", $this->show_details);
1593 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1594 }
1596 $smarty = get_smarty();
1597 $smarty->assign("checks",$this->checks);
1598 $smarty->assign("method","default");
1599 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1600 }
1603 function save_object()
1604 {
1605 $this->is_completed= TRUE;
1607 /* Capture all selected winstations from outside_winstations_dialog */
1608 if($this->outside_winstations_dialog){
1609 foreach($this->outside_winstations as $dn => $data){
1610 if(isset($_POST['select_winstation_'.$dn])){
1611 $this->outside_winstations[$dn]['selected'] = TRUE;
1612 }else{
1613 $this->outside_winstations[$dn]['selected'] = FALSE;
1614 }
1615 }
1616 }
1618 /* Capture all selected groups from outside_groups_dialog */
1619 if($this->outside_groups_dialog){
1620 foreach($this->outside_groups as $dn => $data){
1621 if(isset($_POST['select_group_'.$dn])){
1622 $this->outside_groups[$dn]['selected'] = TRUE;
1623 }else{
1624 $this->outside_groups[$dn]['selected'] = FALSE;
1625 }
1626 }
1627 }
1629 /* Capture all selected users from outside_users_dialog */
1630 if($this->outside_users_dialog){
1631 foreach($this->outside_users as $dn => $data){
1632 if(isset($_POST['select_user_'.$dn])){
1633 $this->outside_users[$dn]['selected'] = TRUE;
1634 }else{
1635 $this->outside_users[$dn]['selected'] = FALSE;
1636 }
1637 }
1638 }
1640 /* Get "create acl" dialog posts */
1641 if($this->acl_create_dialog){
1643 if(isset($_POST['create_acls_create_abort'])){
1644 $this->acl_create_selected = "";
1645 }
1646 }
1648 /* Get selected departments */
1649 if($this->dep_migration_dialog){
1650 foreach($this->deps_to_migrate as $id => $data){
1651 if(isset($_POST['migrate_'.$id])){
1652 $this->deps_to_migrate[$id]['checked'] = TRUE;
1653 }else{
1654 $this->deps_to_migrate[$id]['checked'] = FALSE;
1655 }
1656 }
1657 }
1659 /* Get selected users */
1660 if($this->users_migration_dialog){
1661 foreach($this->users_to_migrate as $id => $data){
1662 if(isset($_POST['migrate_'.$id])){
1663 $this->users_to_migrate[$id]['checked'] = TRUE;
1664 }else{
1665 $this->users_to_migrate[$id]['checked'] = FALSE;
1666 }
1667 }
1668 }
1669 }
1672 /* Check if the root object exists.
1673 * If the parameter just_check is true, then just check if the
1674 * root object is missing and update the info messages.
1675 * If the Parameter is false, try to create a new root object.
1676 */
1677 function checkBase($just_check = TRUE)
1678 {
1679 /* Establish ldap connection */
1680 $cv = $this->parent->captured_values;
1681 $ldap_l = new LDAP($cv['admin'],
1682 $cv['password'],
1683 $cv['connection'],
1684 FALSE,
1685 $cv['tls']);
1687 $ldap = new ldapMultiplexer($ldap_l);
1689 /* Check if root object exists */
1690 $ldap->cd($cv['base']);
1691 $ldap->set_size_limit(1);
1692 $res = $ldap->search("(objectClass=*)");
1693 $ldap->set_size_limit(0);
1694 $err = ldap_errno($ldap->cid);
1696 if( !$res ||
1697 $err == 0x20 || # LDAP_NO_SUCH_OBJECT
1698 $err == 0x40) { # LDAP_NAMING_VIOLATION
1700 /* Root object doesn't exists
1701 */
1702 if($just_check){
1703 $this->checks['root']['STATUS'] = FALSE;
1704 $this->checks['root']['STATUS_MSG']= _("Failed");
1705 $this->checks['root']['ERROR_MSG'] = _("The LDAP root object is missing. It is required to use your LDAP service.").' ';
1706 $this->checks['root']['ERROR_MSG'].= "<input type='submit' name='retry_root_create' value='"._("Try to create root object")."'>";
1707 return(FALSE);
1708 }else{
1710 /* Add root object */
1711 $ldap->cd($cv['base']);
1712 $res = $ldap->create_missing_trees($cv['base']);
1714 /* If adding failed, tell the user */
1715 if(!$res){
1716 $this->checks['root']['STATUS'] = FALSE;
1717 $this->checks['root']['STATUS_MSG']= _("Failed");
1718 $this->checks['root']['ERROR_MSG'] = _("Root object couldn't be created, you should try it on your own.");
1719 $this->checks['root']['ERROR_MSG'].= " <input type='submit' name='retry_root_create' value='"._("Try to create root object")."'>";
1720 return($res);;
1721 }
1722 }
1723 }
1725 /* Create & remove of dummy object was successful */
1726 $this->checks['root']['STATUS'] = TRUE;
1727 $this->checks['root']['STATUS_MSG']= _("Ok");
1728 }
1731 /* Return ldif information for a
1732 * given attribute array
1733 */
1734 function array_to_ldif($atts)
1735 {
1736 $ret = "";
1737 unset($atts['count']);
1738 unset($atts['dn']);
1739 foreach($atts as $name => $value){
1740 if(is_numeric($name)) {
1741 continue;
1742 }
1743 if(is_array($value)){
1744 unset($value['count']);
1745 foreach($value as $a_val){
1746 $ret .= $name.": ". $a_val."\n";
1747 }
1748 }else{
1749 $ret .= $name.": ". $value."\n";
1750 }
1751 }
1752 return(preg_replace("/\n$/","",$ret));
1753 }
1756 function get_user_list()
1757 {
1758 /* Establish ldap connection */
1759 $cv = $this->parent->captured_values;
1760 $ldap_l = new LDAP($cv['admin'],
1761 $cv['password'],
1762 $cv['connection'],
1763 FALSE,
1764 $cv['tls']);
1766 $ldap = new ldapMultiplexer($ldap_l);
1767 $ldap->cd($cv['base']);
1768 $ldap->search("(objectClass=gosaAccount)",array("dn"));
1770 $tmp = array();
1771 while($attrs = $ldap->fetch()){
1772 $tmp[base64_encode($attrs['dn'])] = @LDAP::fix($attrs['dn']);
1773 }
1774 return($tmp);
1775 }
1778 function get_all_people_ous()
1779 {
1780 /* Get collected configuration settings */
1781 $cv = $this->parent->captured_values;
1782 $people_ou = trim($cv['peopleou']);
1784 /* Establish ldap connection */
1785 $cv = $this->parent->captured_values;
1786 $ldap_l = new LDAP($cv['admin'],
1787 $cv['password'],
1788 $cv['connection'],
1789 FALSE,
1790 $cv['tls']);
1792 $ldap = new ldapMultiplexer($ldap_l);
1794 /*****************
1795 * If people ou is NOT empty
1796 * search for for all objects matching the given container
1797 *****************/
1798 if(!empty($people_ou)){
1799 $ldap->search("(".$people_ou.")",array("dn"));
1801 /* Create people ou if there is currently none */
1802 if($ldap->count() == 0 ){
1803 $add_dn = $cv['peopleou'].",".$cv['base'];
1804 $naming_attr = preg_replace("/=.*$/","",$add_dn);
1805 $naming_value = preg_replace("/^[^=]*+=([^,]*).*$/","\\1",$add_dn);
1806 $add = array();
1807 $add['objectClass'] = array("organizationalUnit");
1808 $add[$naming_attr] = $naming_value;
1809 $ldap->cd($cv['base']);
1810 $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$add_dn));
1811 $ldap->cd($add_dn);
1812 $ldap->add($add);
1813 }
1815 /* Create result */
1816 $ldap->search("(".$cv['peopleou'].")",array("dn"));
1817 $tmp = array();
1818 while($attrs= $ldap->fetch()){
1819 if(!preg_match("/ou=snapshots,/",$attrs['dn'])){
1820 $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);
1821 }
1822 }
1823 } else{
1825 /************
1826 * If people ou is empty
1827 * Get all valid gosaDepartments
1828 ************/
1829 $ldap->cd($cv['base']);
1830 $tmp = array();
1831 $ldap->search("(&(objectClass=gosaDepartment)(ou=*))",array("dn"));
1832 $tmp[base64_encode($cv['base'])] = $ldap->fix($cv['base']);
1833 while($attrs = $ldap->fetch()){
1834 $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);;
1835 }
1836 }
1837 return($tmp);
1838 }
1841 function get_all_winstation_ous()
1842 {
1843 /* Establish ldap connection */
1844 $cv = $this->parent->captured_values;
1845 $ldap_l = new LDAP($cv['admin'],
1846 $cv['password'],
1847 $cv['connection'],
1848 FALSE,
1849 $cv['tls']);
1851 $ldap = new ldapMultiplexer($ldap_l);
1853 /* Get winstation ou */
1854 if($cv['generic_settings']['wws_ou_active']) {
1855 $winstation_ou = $cv['generic_settings']['ws_ou'];
1856 }else{
1857 $winstation_ou = "ou=winstations";
1858 }
1860 $ldap->cd($cv['base']);
1861 $ldap->search("(".$winstation_ou.")",array("dn"));
1863 if($ldap->count() == 0 ){
1864 $add_dn = $winstation_ou.",ou=systems,".$cv['base'];
1865 $naming_attr = preg_replace("/=.*$/","",$add_dn);
1866 $naming_value = preg_replace("/^[^=]*+=([^,]*).*$/","\\1",$add_dn);
1867 $add = array();
1868 $add['objectClass'] = array("organizationalUnit");
1869 $add[$naming_attr] = $naming_value;
1871 $ldap->cd($cv['base']);
1872 $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$add_dn));
1873 $ldap->cd($add_dn);
1874 $ldap->add($add);
1875 }
1877 $ldap->search("(".$winstation_ou.")",array("dn"));
1878 $tmp = array();
1879 while($attrs= $ldap->fetch()){
1880 if(!preg_match("/ou=snapshots,/",$attrs['dn'])){
1881 $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);
1882 }
1883 }
1884 return($tmp);
1885 }
1888 function get_all_group_ous()
1889 {
1890 /* Establish ldap connection */
1891 $cv = $this->parent->captured_values;
1892 $ldap_l = new LDAP($cv['admin'],
1893 $cv['password'],
1894 $cv['connection'],
1895 FALSE,
1896 $cv['tls']);
1898 $ldap = new ldapMultiplexer($ldap_l);
1900 $group_ou = trim($cv['groupou']);
1901 if(!empty($group_ou)){
1902 $group_ou = trim($group_ou);
1903 }
1905 /************
1906 * If group ou is NOT empty
1907 * Get all valid group ous, create one if necessary
1908 ************/
1909 $ldap->cd($cv['base']);
1910 if(!empty($group_ou)){
1911 $ldap->search("(".$group_ou.")",array("dn"));
1912 if($ldap->count() == 0 ){
1913 $add_dn = $group_ou.$cv['base'];
1914 $naming_attr = preg_replace("/=.*$/","",$add_dn);
1915 $naming_value = preg_replace("/^[^=]*+=([^,]*).*$/","\\1",$add_dn);
1916 $add = array();
1917 $add['objectClass'] = array("organizationalUnit");
1918 $add[$naming_attr] = $naming_value;
1920 $ldap->cd($cv['base']);
1921 $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$add_dn));
1922 $ldap->cd($add_dn);
1923 $ldap->add($add);
1924 }
1925 $ldap->search("(".$group_ou.")",array("dn"));
1926 $tmp = array();
1927 while($attrs= $ldap->fetch()){
1928 if(!preg_match("/ou=snapshots,/",$attrs['dn'])){
1929 $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);
1930 }
1931 }
1932 }else{
1933 /************
1934 * If group ou is empty
1935 * Get all valid gosaDepartments
1936 ************/
1937 $ldap->cd($cv['base']);
1938 $tmp = array();
1939 $ldap->search("(&(objectClass=gosaDepartment)(ou=*))",array("dn"));
1940 $tmp[base64_encode($cv['base'])] = $ldap->fix($cv['base']);
1941 while($attrs = $ldap->fetch()){
1942 $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);;
1943 }
1944 }
1945 return($tmp);
1946 }
1949 function get_group_list()
1950 {
1951 /* Establish ldap connection */
1952 $cv = $this->parent->captured_values;
1953 $ldap_l = new LDAP($cv['admin'],
1954 $cv['password'],
1955 $cv['connection'],
1956 FALSE,
1957 $cv['tls']);
1959 $ldap = new ldapMultiplexer($ldap_l);
1961 $ldap->cd($cv['base']);
1962 $ldap->search("(objectClass=posixGroup)",array("dn"));
1964 $tmp = array();
1965 while($attrs = $ldap->fetch()){
1966 $tmp[base64_encode($attrs['dn'])] = @LDAP::fix($attrs['dn']);
1967 }
1968 return($tmp);
1969 }
1972 function move($source,$destination)
1973 {
1974 /* Establish ldap connection */
1975 $cv = $this->parent->captured_values;
1976 $ldap_l = new LDAP($cv['admin'],
1977 $cv['password'],
1978 $cv['connection'],
1979 FALSE,
1980 $cv['tls']);
1982 $ldap = new ldapMultiplexer($ldap_l);
1984 /* Update object references in gosaGroupOfNames */
1985 $ogs_to_fix = array();
1986 $ldap->cd($cv['base']);
1987 $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::prepare4filter($source).'))', array('cn','member'));
1988 while ($attrs= $ldap->fetch()){
1989 $dn = $attrs['dn'];
1990 $attrs = $this->cleanup_array($attrs);
1991 $member_new = array($destination);
1992 foreach($attrs['member'] as $member){
1993 if($member != $source){
1994 $member_new[] = $member;
1995 }
1996 }
1997 $attrs['member'] = $member_new;
1998 $ogs_to_fix[$dn] = $attrs;
1999 }
2001 /* Copy source to destination dn */
2002 $ldap->cat($source);
2003 $new_data = $this->cleanup_array($ldap->fetch());
2004 $ldap->cd($destination);
2005 $res = $ldap->add($new_data);
2007 /* Display warning if copy failed */
2008 if(!$res){
2009 msg_dialog::display(_("LDAP error"), sprintf(_("Copy '%s' to '%s' failed:")."<br><br><i>%s</i>", LDAP::fix($source), LDAP::fix($destination), $ldap->get_error()), ERROR_DIALOG);
2010 }else{
2011 $res = $ldap->rmDir($source);
2012 if (!$ldap->success()){
2013 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $source, LDAP_DEL, get_class()));
2014 }
2016 /* Object is copied, so update its references */
2017 foreach($ogs_to_fix as $dn => $data){
2018 $ldap->cd($dn);
2019 $ldap->modify($data);
2020 }
2021 }
2022 }
2025 /* Cleanup ldap result to be able to write it be to ldap */
2026 function cleanup_array($attrs)
2027 {
2028 foreach($attrs as $key => $value) {
2029 if(is_numeric($key) || in_array($key,array("count","dn"))){
2030 unset($attrs[$key]);
2031 }
2032 if(is_array($value) && isset($value['count'])){
2033 unset($attrs[$key]['count']);
2034 }
2035 }
2036 return($attrs);
2037 }
2040 function check_device_posts()
2041 {
2042 foreach($this->device as $key => $device){
2043 if(isset($_POST["migrate_".$key])){
2044 $this->device[$key]['DETAILS'] =TRUE;
2045 }else{
2046 $this->device[$key]['DETAILS'] =FALSE;
2047 }
2048 }
2049 }
2052 function check_usb_devices ()
2053 {
2054 /* Establish ldap connection */
2055 $cv = $this->parent->captured_values;
2056 $ldap_l = new LDAP($cv['admin'],
2057 $cv['password'],
2058 $cv['connection'],
2059 FALSE,
2060 $cv['tls']);
2062 $ldap = new ldapMultiplexer($ldap_l);
2063 $ldap->cd($cv['base']);
2064 $res = $ldap->search("(&(|(objectClass=posixAccount)(objectClass=posixGroup))(gotoHotplugDevice=*))",
2065 array("cn","gotoHotplugDevice","gosaUnitTag"));
2067 if(!$res){
2068 $this->checks['old_style_devices']['STATUS'] = FALSE;
2069 $this->checks['old_style_devices']['STATUS_MSG']= _("LDAP query failed");
2070 $this->checks['old_style_devices']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
2071 return;
2072 }
2075 /* If adding failed, tell the user */
2076 if($ldap->count()){
2078 $this->device = array();
2079 while($attrs = $ldap->fetch()){
2081 for ($j= 0; $j < $attrs['gotoHotplugDevice']['count']; $j++){
2083 $after = "";
2084 $current= "";
2086 $entry= $attrs['gotoHotplugDevice'][$j];
2088 @list($name,$desc,$serial,$vendor,$product) = explode('|', $entry);
2090 $add = 1;
2091 $new_name = $name;
2092 while(isset($dest[$new_name])){
2093 $new_name = $name."_".$add;
2094 $add ++;
2095 }
2096 $name = $new_name;
2097 $newdn= "cn=$name,ou=devices,".preg_replace('/^[^,]+,/', '', $attrs['dn']);
2099 if (!isset($dest[$name])){
2100 $dest[$name]= $newdn;
2102 $current.= "dn: ".$attrs['dn']."\n";
2104 for ($c= 0; $c < $attrs['gotoHotplugDevice']['count']; $c++){
2105 if($c == $j){
2106 $current.= "<b>gotoHotplugDevice: ".$attrs['gotoHotplugDevice'][$c]."</b>\n";
2107 }else{
2108 $current.= "gotoHotplugDevice: ".$attrs['gotoHotplugDevice'][$c]."\n";
2109 }
2110 }
2112 $after.= "dn: $newdn\n";
2113 $after.= "changetype: add\n";
2114 $after.= "objectClass: top\n";
2115 $after.= "objectClass: gotoDevice\n";
2116 if (isset($attrs['gosaunittag'][0])){
2117 $after.= "objectClass: gosaAdminiafter\n";
2118 $after.= "gosaUnitTag: ".$attrs['gosaunittag'][0]."\n";
2119 }
2120 $after.= "cn: $name\n";
2121 $after.= "gotoHotplugDevice: $desc|$serial|$vendor|$product\n\n";
2123 $this->device[] = array(
2124 'CURRENT' => $current,
2125 'AFTER' => $after,
2126 'OLD_DEVICE' => $entry,
2127 'DN' => $attrs['dn'],
2128 'NEW_DN' => $newdn,
2129 'DEVICE_NAME' => $name,
2130 'DETAILS' => FALSE);
2131 }
2132 }
2133 }
2135 $this->checks['old_style_devices']['STATUS'] = FALSE;
2136 $this->checks['old_style_devices']['STATUS_MSG']= _("Failed");
2137 $this->checks['old_style_devices']['ERROR_MSG'] =
2138 sprintf(_("There are %s devices that need to be migrated."),count($this->device)).
2139 "<input type='submit' name='device_dialog' value='"._("Migrate")."'>";
2140 }else{
2141 $this->checks['old_style_devices']['STATUS'] = TRUE;
2142 $this->checks['old_style_devices']['STATUS_MSG']= _("Ok");
2143 $this->checks['old_style_devices']['ERROR_MSG'] = "";
2144 }
2145 }
2147 function migrate_usb_devices ()
2148 {
2149 /* Establish ldap connection */
2150 $cv = $this->parent->captured_values;
2151 $ldap_l = new LDAP($cv['admin'],
2152 $cv['password'],
2153 $cv['connection'],
2154 FALSE,
2155 $cv['tls']);
2157 $ldap = new ldapMultiplexer($ldap_l);
2159 /* Walk through migrateable devices and initiate migration for all
2160 devices that are checked (DETAILS==TRUE)
2161 */
2162 foreach($this->device as $key => $device){
2163 if($device['DETAILS']){
2165 /* Get source object and verify that the specified device is a
2166 member attribute of it.
2167 */
2168 $ldap->cd($cv['base']);
2169 $ldap->cat($device['DN']);
2170 $attrs = $ldap->fetch();
2171 if(in_array($device['OLD_DEVICE'],$attrs['gotoHotplugDevice'])){
2173 /* Create new hotplug device object 'gotoDevice'
2174 */
2175 @list($name,$desc,$serial,$vendor,$product) = explode('|', $device['OLD_DEVICE']);
2176 $newdn = $device['NEW_DN'];
2177 $new_attr = array();
2178 $new_attr['cn'] = $device['DEVICE_NAME'];
2179 $new_attr['objectClass'] = array('top','gotoDevice');
2180 $new_attr['gotoHotplugDevice'] = "$desc|$serial|$vendor|$product";
2182 /* Add new object
2183 */
2184 $ldap->cd($cv['base']);
2185 $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$newdn));
2186 $ldap->cd($newdn);
2187 $ldap->add($new_attr);
2188 if(!$ldap->success()){
2189 msg_dialog::display(_("LDAP error"),
2190 sprintf(_("Ldap add failed for %s with error %s"),
2191 "<b>".LDAP::fix($newdn)."</b>",
2192 "<br><br><i>".$ldap->get_error()."</i>"), ERROR_DIALOG);
2193 }else{
2194 $update['gotoHotplugDevice'] = array();
2195 for($i = 0 ; $i < $attrs['gotoHotplugDevice']['count'] ; $i++){
2196 if($attrs['gotoHotplugDevice'][$i] == $device['OLD_DEVICE']){
2197 continue;
2198 }
2199 $update['gotoHotplugDevice'][] = $attrs['gotoHotplugDevice'][$i];
2200 }
2202 $ldap->cd($device['DN']);
2203 $ldap->modify($update);
2204 $ldap->cat($device['DN'],array("gotoHotplugDevice"));
2205 if(!$ldap->success()){
2206 msg_dialog::display(_("LDAP error"),
2207 sprintf(_("Ldap update failed for %s with error %s"),
2208 "<b>".LDAP::fix($device['DN'])."</b>",
2209 "<br><br><i>".$ldap->get_error()."</b>"), ERROR_DIALOG);
2210 }else{
2211 unset($this->device[$key]);
2212 }
2213 }
2214 }
2215 }
2216 }
2217 }
2218 }
2220 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
2221 ?>