![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 <?php
3 /*
4 This code is part of GOsa (https://gosa.gonicus.de)
5 Copyright (C) 2007 Fabian Hickert
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
24 /****************
25 * FUNCTIONS
27 Step_Migrate - Constructor.
28 update_strings - Used to update the displayed step informations.
29 initialize_checks - Initialize migration steps.
30 check_ldap_permissions - Check if the used admin account has full access to the ldap database.
31 check_gosaAccounts - Check if there are users without the required objectClasses.
32 migrate_gosaAccounts - Migrate selected users to GOsa user accounts.
33 check_organizationalUnits - Check if there are departments, that are not visible for GOsa
34 migrate_organizationalUnits - Migrate selected departments
35 check_administrativeAccount - Check if there is at least one acl entry available
36 checkBase - Check if there is a root object available
38 get_user_list - Get list of available users
39 get_group_list - Get list of groups
41 create_admin
42 create_admin_user
44 execute - Generate html output of this plugin
45 save_object - Save posts
46 array_to_ldif - Create ldif output of an ldap result array
48 ****************/
52 class Step_Migrate extends setup_step
53 {
54 var $languages = array();
55 var $attributes = array();
56 var $header_image = "images/monitoring.png";
57 var $checks = array();
59 /* Department migration attributes */
60 var $dep_migration_dialog = FALSE;
61 var $deps_to_migrate = array();
63 /* Department migration attributes */
64 var $users_migration_dialog= FALSE;
65 var $users_to_migrate = array();
67 /* Create Acl attributes */
68 var $acl_create_dialog = FALSE;
69 var $acl_create_type = "group";
70 var $acl_create_selected= ""; // Currently selected element, that should receive admin rights
71 var $acl_create_changes = ""; // Contains ldif information about changes
72 var $acl_create_confirmed= FALSE;
74 /* Checks initialised ? */
75 var $checks_initialised = FALSE;
77 /* Users outside to people ou */
78 var $outside_users = array();
79 var $outside_users_dialog = FALSE;
81 /* Users outside to groups ou */
82 var $outside_groups = array();
83 var $outside_groups_dialog = FALSE;
85 /* Win-Workstations outside to reserved ou */
86 var $outside_winstations = array();
87 var $outside_winstations_dialog = FALSE;
89 /* check for multiple use of same uidNumber */
90 var $check_uidNumbers = array();
91 var $check_uidNumbers_dialog = FALSE;
93 /* check for multiple use of same gidNumber */
94 var $check_gidNumbers = array();
95 var $check_gidNumbers_dialog = FALSE;
98 function Step_Migrate()
99 {
100 $this->update_strings();
101 }
103 function update_strings()
104 {
105 $this->s_title = _("LDAP inspection");
106 $this->s_title_long = _("LDAP inspection");
107 $this->s_info = _("Analyze your current LDAP for GOsa compatibility");
108 }
110 function initialize_checks()
111 {
112 $this->checks = array();
113 $this->checks['root']['TITLE'] = _("Checking for root object");
114 $this->checks['root']['STATUS'] = FALSE;
115 $this->checks['root']['STATUS_MSG']= "";
116 $this->checks['root']['ERROR_MSG'] = "";
117 $this->checkBase();
119 $this->checks['permissions']['TITLE'] = _("Checking permissions on ldap database");
120 $this->checks['permissions']['STATUS'] = FALSE;
121 $this->checks['permissions']['STATUS_MSG']= "";
122 $this->checks['permissions']['ERROR_MSG'] = "";
123 $this->check_ldap_permissions();
125 $this->checks['deps_visible']['TITLE'] = _("Checking for invisible deparmtments");
126 $this->checks['deps_visible']['STATUS'] = FALSE;
127 $this->checks['deps_visible']['STATUS_MSG']= "";
128 $this->checks['deps_visible']['ERROR_MSG'] = "";
129 $this->check_organizationalUnits();
131 $this->checks['users_visible']['TITLE'] = _("Checking for invisible user");
132 $this->checks['users_visible']['STATUS'] = FALSE;
133 $this->checks['users_visible']['STATUS_MSG']= "";
134 $this->checks['users_visible']['ERROR_MSG'] = "";
135 $this->check_gosaAccounts();
137 $this->checks['acls']['TITLE'] = _("Checking for administrational account");
138 $this->checks['acls']['STATUS'] = FALSE;
139 $this->checks['acls']['STATUS_MSG']= "";
140 $this->checks['acls']['ERROR_MSG'] = "";
141 $this->check_administrativeAccount();
143 $this->checks['outside_users']['TITLE'] = _("Checking for users outside the people department.");
144 $this->checks['outside_users']['STATUS'] = FALSE;
145 $this->checks['outside_users']['STATUS_MSG']= "";
146 $this->checks['outside_users']['ERROR_MSG'] = "";
147 $this->search_outside_users();
149 $this->checks['outside_groups']['TITLE'] = _("Checking for groups outside the groups department.");
150 $this->checks['outside_groups']['STATUS'] = FALSE;
151 $this->checks['outside_groups']['STATUS_MSG']= "";
152 $this->checks['outside_groups']['ERROR_MSG'] = "";
153 $this->search_outside_groups();
155 $this->checks['outside_winstations']['TITLE'] = _("Checking for windows workstations outside the winstation department.");
156 $this->checks['outside_winstations']['STATUS'] = FALSE;
157 $this->checks['outside_winstations']['STATUS_MSG']= "";
158 $this->checks['outside_winstations']['ERROR_MSG'] = "";
159 $this->search_outside_winstations();
161 $this->checks['uidNumber_usage']['TITLE'] = _("Checking for multiple use of same uidNumber value.");
162 $this->checks['uidNumber_usage']['STATUS'] = FALSE;
163 $this->checks['uidNumber_usage']['STATUS_MSG']= "";
164 $this->checks['uidNumber_usage']['ERROR_MSG'] = "";
165 $this->check_uidNumber();
167 $this->checks['gidNumber_usage']['TITLE'] = _("Checking for multiple use of same gidNumber value.");
168 $this->checks['gidNumber_usage']['STATUS'] = FALSE;
169 $this->checks['gidNumber_usage']['STATUS_MSG']= "";
170 $this->checks['gidNumber_usage']['ERROR_MSG'] = "";
171 $this->check_gidNumber();
172 }
175 function check_uidNumber()
176 {
177 $cv = $this->parent->captured_values;
178 $ldap = new LDAP($cv['admin'],
179 $cv['password'],
180 $cv['connection'],
181 FALSE,
182 $cv['tls']);
184 $ldap->cd($cv['base']);
185 $res = $ldap->search("uidNumber=*",array("dn","uidNumber"));
186 if(!$res){
187 $this->checks['uidNumber_usage']['STATUS'] = FALSE;
188 $this->checks['uidNumber_usage']['STATUS_MSG']= _("Ldap query failed.");
189 $this->checks['uidNumber_usage']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
190 return(false);
191 }
193 $this->check_uidNumbers= array();
194 $tmp = array();
195 while($attrs = $ldap->fetch()){
196 $tmp[$attrs['uidNumber'][0]][] = $attrs;
197 }
199 foreach($tmp as $id => $entries){
200 if(count($entries) > 1){
201 foreach($entries as $entry){
202 $this->check_uidNumbers[base64_encode($entry['dn'])] = $entry;
203 }
204 }
205 }
207 if($this->check_uidNumbers){
208 $this->checks['uidNumber_usage']['STATUS'] = FALSE;
209 $this->checks['uidNumber_usage']['STATUS_MSG']= _("Failed");
210 $this->checks['uidNumber_usage']['ERROR_MSG'] =
211 sprintf(_("Found %s duplicated uidNumber values."),count($this->check_uidNumbers));
212 return(false);
213 }else{
214 $this->checks['uidNumber_usage']['STATUS'] = TRUE;
215 $this->checks['uidNumber_usage']['STATUS_MSG']= _("Ok");
216 $this->checks['uidNumber_usage']['ERROR_MSG'] = "";
217 return(TRUE);
218 }
219 }
221 function check_gidNumber()
222 {
223 $cv = $this->parent->captured_values;
224 $ldap = new LDAP($cv['admin'],
225 $cv['password'],
226 $cv['connection'],
227 FALSE,
228 $cv['tls']);
230 $ldap->cd($cv['base']);
231 $res = $ldap->search("gidNumber=*",array("dn","gidNumber"));
232 if(!$res){
233 $this->checks['gidNumber_usage']['STATUS'] = FALSE;
234 $this->checks['gidNumber_usage']['STATUS_MSG']= _("Ldap query failed.");
235 $this->checks['gidNumber_usage']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
236 return(false);
237 }
239 $this->check_gidNumbers= array();
240 $tmp = array();
241 while($attrs = $ldap->fetch()){
242 $tmp[$attrs['gidNumber'][0]][] = $attrs;
243 }
245 foreach($tmp as $id => $entries){
246 if(count($entries) > 1){
247 foreach($entries as $entry){
248 $this->check_gidNumbers[base64_encode($entry['dn'])] = $entry;
249 }
250 }
251 }
253 if($this->check_gidNumbers){
254 $this->checks['gidNumber_usage']['STATUS'] = FALSE;
255 $this->checks['gidNumber_usage']['STATUS_MSG']= _("Failed");
256 $this->checks['gidNumber_usage']['ERROR_MSG'] =
257 sprintf(_("Found %s duplicated gidNumber values."),count($this->check_gidNumbers));
258 return(false);
259 }else{
260 $this->checks['gidNumber_usage']['STATUS'] = TRUE;
261 $this->checks['gidNumber_usage']['STATUS_MSG']= _("Ok");
262 $this->checks['gidNumber_usage']['ERROR_MSG'] = "";
263 return(TRUE);
264 }
265 }
268 /* Search for winstations outside the winstation ou */
269 function search_outside_winstations()
270 {
271 $cv = $this->parent->captured_values;
272 $ldap = new LDAP($cv['admin'],
273 $cv['password'],
274 $cv['connection'],
275 FALSE,
276 $cv['tls']);
278 /* Get winstation ou */
279 if($cv['generic_settings']['wws_ou_active']) {
280 $winstation_ou = $cv['generic_settings']['ws_ou'];
281 }else{
282 $winstation_ou = "ou=winstations";
283 }
285 $ldap->cd($cv['base']);
286 $res = $ldap->search("(&(objectClass=posixGroup)(sambaGroupType=2)(sambaSID=*))",array("dn","sambaSID"));
287 if(!$res){
288 $this->checks['outside_winstations']['STATUS'] = FALSE;
289 $this->checks['outside_winstations']['STATUS_MSG']= _("Ldap query failed.");
290 $this->checks['outside_winstations']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
291 return(false);
292 }
294 $this->outside_winstations = array();
295 while($attrs = $ldap->fetch()){
296 if(preg_match("/-516$/","",$attrs['sambaSID'][0]) && !preg_match("/^[^,]+,".normalizePreg($winstation_ou)."/",$attrs['dn'])){
297 $this->outside_winstations[base64_encode($attrs['dn'])] = $attrs;
298 }
299 }
301 if(count($this->outside_winstations)){
302 $this->checks['outside_winstations']['STATUS'] = FALSE;
303 $this->checks['outside_winstations']['STATUS_MSG']= _("Failed");
304 $this->checks['outside_winstations']['ERROR_MSG'] =
305 sprintf(_("Found %s winstations outside the predefined winstation department ou '%s'."),count($this->outside_winstations),$winstation_ou);
306 return(false);
307 }else{
308 $this->checks['outside_winstations']['STATUS'] = TRUE;
309 $this->checks['outside_winstations']['STATUS_MSG']= _("Ok");
310 $this->checks['outside_winstations']['ERROR_MSG'] = "";
311 return(TRUE);
312 }
313 }
316 /* Search for groups outside the group ou */
317 function search_outside_groups()
318 {
319 $cv = $this->parent->captured_values;
320 $ldap = new LDAP($cv['admin'],
321 $cv['password'],
322 $cv['connection'],
323 FALSE,
324 $cv['tls']);
326 $group_ou = $cv['groupou'];
327 $ldap->cd($cv['base']);
328 $res = $ldap->search("(objectClass=posixGroup)",array("dn"));
329 if(!$res){
330 $this->checks['outside_groups']['STATUS'] = FALSE;
331 $this->checks['outside_groups']['STATUS_MSG']= _("Ldap query failed.");
332 $this->checks['outside_groups']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
333 return(false);
334 }
337 $this->outside_groups = array();
338 while($attrs = $ldap->fetch()){
339 if(!preg_match("/^[^,]+,".normalizePreg($group_ou)."/",$attrs['dn'])){
340 $attrs['selected'] = FALSE;
341 $attrs['ldif'] = "";
342 $this->outside_groups[base64_encode($attrs['dn'])] = $attrs;
343 }
344 }
346 if(count($this->outside_groups)){
347 $this->checks['outside_groups']['STATUS'] = FALSE;
348 $this->checks['outside_groups']['STATUS_MSG']= _("Failed");
349 $this->checks['outside_groups']['ERROR_MSG'] =
350 sprintf(_("Found %s groups outside the selected group ou '%s'."),count($this->outside_groups),$group_ou);
351 $this->checks['outside_groups']['ERROR_MSG'].= "<input type='submit' name='outside_groups_dialog' value='"._("Migrate")."'>";
352 return(false);
353 }else{
354 $this->checks['outside_groups']['STATUS'] = TRUE;
355 $this->checks['outside_groups']['STATUS_MSG']= _("Ok");
356 $this->checks['outside_groups']['ERROR_MSG'] = "";
357 return(TRUE);
358 }
359 }
361 /* Search for users outside the people ou */
362 function search_outside_users()
363 {
364 $cv = $this->parent->captured_values;
365 $ldap = new LDAP($cv['admin'],
366 $cv['password'],
367 $cv['connection'],
368 FALSE,
369 $cv['tls']);
370 $people_ou = $cv['peopleou'];
371 $ldap->cd($cv['base']);
372 $res = $ldap->search("(objectClass=gosaAccount)",array("dn"));
373 if(!$res){
374 $this->checks['outside_users']['STATUS'] = FALSE;
375 $this->checks['outside_users']['STATUS_MSG']= _("Ldap query failed.");
376 $this->checks['outside_users']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
377 return(false);
378 }
381 $this->outside_users = array();
382 while($attrs = $ldap->fetch()){
383 if(!preg_match("/^[^,]+,".normalizePreg($people_ou)."/",$attrs['dn'])){
384 $attrs['selected'] = FALSE;
385 $attrs['ldif'] = "";
386 $this->outside_users[base64_encode($attrs['dn'])] = $attrs;
387 }
388 }
390 if(count($this->outside_users)){
391 $this->checks['outside_users']['STATUS'] = FALSE;
392 $this->checks['outside_users']['STATUS_MSG']= _("Failed");
393 $this->checks['outside_users']['ERROR_MSG'] =
394 sprintf(_("Found %s users outside the selected user ou '%s'."),count($this->outside_users),$people_ou);
395 $this->checks['outside_users']['ERROR_MSG'].= "<input type='submit' name='outside_users_dialog' value='"._("Migrate")."'>";
396 return(false);
397 }else{
398 $this->checks['outside_users']['STATUS'] = TRUE;
399 $this->checks['outside_users']['STATUS_MSG']= _("Ok");
400 $this->checks['outside_users']['ERROR_MSG'] = "";
401 return(TRUE);
402 }
403 }
406 /* Check ldap accessibility
407 * Create and remove a dummy object,
408 * to ensure that we have the necessary permissions
409 */
410 function check_ldap_permissions()
411 {
412 $cv = $this->parent->captured_values;
413 $ldap = new LDAP($cv['admin'],
414 $cv['password'],
415 $cv['connection'],
416 FALSE,
417 $cv['tls']);
419 /* Create dummy entry
420 */
421 $name = "GOsa_setup_text_entry_".session_id().rand(0,999999);
422 $dn = "ou=".$name.",".$cv['base'];
423 $testEntry= array();
424 $testEntry['objectClass'][]= "top";
425 $testEntry['objectClass'][]= "organizationalUnit";
426 $testEntry['objectClass'][]= "gosaDepartment";
427 $testEntry['description']= "Created by GOsa setup, this object can be removed.";
428 $testEntry['ou'] = $name;
430 /* check if simple ldap cat will be successful
431 */
432 $res = $ldap->cat($cv['base']);
433 if(!$res){
434 $this->checks['permissions']['STATUS'] = FALSE;
435 $this->checks['permissions']['STATUS_MSG']= _("Ldap query failed.");
436 $this->checks['permissions']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
437 return(false);
438 }
440 /* Try to create dummy object
441 */
442 $ldap->cd ($dn);
443 $ldap->create_missing_trees($dn);
444 $res = $ldap->add($testEntry);
445 if(!$res){
446 gosa_log($ldap->get_error());
447 $this->checks['permissions']['STATUS'] = FALSE;
448 $this->checks['permissions']['STATUS_MSG']= _("Failed");
449 $this->checks['permissions']['ERROR_MSG'] =
450 sprintf(_("The specified user '%s' does not have full access to your ldap database."),$cv['admin']);
451 return(false);
452 }
454 /* Try to remove created entry
455 */
456 $res = $ldap->rmDir($dn);
457 if(!$res){
458 gosa_log($ldap->get_error());
459 $this->checks['permissions']['STATUS'] = FALSE;
460 $this->checks['permissions']['STATUS_MSG']= _("Failed");
461 $this->checks['permissions']['ERROR_MSG'] =
462 sprintf(_("The specified user '%s' does not have full access to your ldap database."),$cv['admin']);
463 return(false);
464 }
466 /* Create & remove of dummy object was successful */
467 $this->checks['permissions']['STATUS'] = TRUE;
468 $this->checks['permissions']['STATUS_MSG']= _("Ok");
469 $this->checks['permissions']['ERROR_MSG'] = "";
470 return(true);
471 }
474 /* Check if there are users which will
475 * be invisible for GOsa
476 */
477 function check_gosaAccounts()
478 {
479 /* Remember old list of ivisible users, to be able to set
480 * the 'html checked' status for the checkboxes again
481 */
482 $cnt_ok = 0;
483 $old = $this->users_to_migrate;
484 $this->users_to_migrate = array();
486 /* Get collected configuration settings */
487 $cv = $this->parent->captured_values;
489 /* Establish ldap connection */
490 $ldap = new LDAP($cv['admin'],
491 $cv['password'],
492 $cv['connection'],
493 FALSE,
494 $cv['tls']);
496 /* Get all invisible users
497 */
498 $ldap->cd($cv['base']);
499 $res =$ldap->search("(&(|(objectClass=posixAccount)(objectClass=inetOrgPerson)(objectClass=organizationalPerson))(!(objectClass=gosaAccount)))",array("sn","givenName","cn","uid"));
500 while($attrs = $ldap->fetch()){
501 if(!preg_match("/,dc=addressbook,/",$attrs['dn'])){
502 $attrs['checked'] = FALSE;
503 $attrs['before'] = "";
504 $attrs['after'] = "";
506 /* Set objects to selected, that were selected before reload */
507 if(isset($old[base64_encode($attrs['dn'])])){
508 $attrs['checked'] = $old[base64_encode($attrs['dn'])]['checked'];
509 }
510 $this->users_to_migrate[base64_encode($attrs['dn'])] = $attrs;
511 }
512 }
514 /* No invisible */
515 if(!$res){
516 $this->checks['users_visible']['STATUS'] = FALSE;
517 $this->checks['users_visible']['STATUS_MSG']= _("Ldap query failed.");
518 $this->checks['users_visible']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
519 }elseif(count($this->users_to_migrate) == 0){
520 $this->checks['users_visible']['STATUS'] = TRUE;
521 $this->checks['users_visible']['STATUS_MSG']= _("Ok");
522 $this->checks['users_visible']['ERROR_MSG'] = "";
523 }else{
524 $this->checks['users_visible']['STATUS'] = FALSE;
525 $this->checks['users_visible']['STATUS_MSG']= "";
526 $this->checks['users_visible']['ERROR_MSG'] = sprintf(_("Found %s users that will not be visible in GOsa."),
527 count($this->users_to_migrate));
528 $this->checks['users_visible']['ERROR_MSG'] .= "<input type='submit' name='users_visible_migrate' value='"._("Migrate")."'>";
529 }
530 }
533 /* Start user account migration
534 */
535 function migrate_gosaAccounts($only_ldif = FALSE)
536 {
537 /* Get collected configuration settings */
538 $cv = $this->parent->captured_values;
540 /* Establish ldap connection */
541 $ldap = new LDAP($cv['admin'],
542 $cv['password'],
543 $cv['connection'],
544 FALSE,
545 $cv['tls']);
547 /* Add gosaAccount objectClass to the selected users
548 */
549 foreach($this->users_to_migrate as $key => $dep){
550 if($dep['checked']){
552 /* Get old objectClasses */
553 $ldap->cat($dep['dn'],array("objectClass"));
554 $attrs = $ldap->fetch();
556 /* Create new objectClass array */
557 $new_attrs = array();
558 $new_attrs['objectClass']= array("gosaAccount","inetOrgPerson","organizationalPerson");
559 for($i = 0 ; $i < $attrs['objectClass']['count']; $i ++ ){
560 if(!in_array_ics($attrs['objectClass'][$i], $new_attrs['objectClass'])){
561 $new_attrs['objectClass'][] = $attrs['objectClass'][$i];
562 }
563 }
565 /* Set info attributes for current object,
566 * or write changes to the ldap database
567 */
568 if($only_ldif){
569 $this->users_to_migrate[$key]['before'] = $this->array_to_ldif($attrs);
570 $this->users_to_migrate[$key]['after'] = $this->array_to_ldif($new_attrs);
571 }else{
572 $ldap->cd($attrs['dn']);
573 if(!$ldap->modify($new_attrs)){
574 print_red(sprintf(_("Failed to migrate the department '%s' into GOsa, error message is as follows '%s'."),$attrs['dn'],$ldap->get_error()));
575 return(false);
576 }
577 }
578 }
579 }
580 return(TRUE);
581 }
584 /* Check if there are invisible organizational Units
585 */
586 function check_organizationalUnits()
587 {
588 $cnt_ok = 0;
589 $old = $this->deps_to_migrate;
590 $this->deps_to_migrate = array();
592 /* Get collected configuration settings */
593 $cv = $this->parent->captured_values;
595 /* Establish ldap connection */
596 $ldap = new LDAP($cv['admin'],
597 $cv['password'],
598 $cv['connection'],
599 FALSE,
600 $cv['tls']);
602 /* Skip GOsa internal departments */
603 $skip_dns = array("/^ou=people,/","/^ou=groups,/","/(,|)ou=configs,/","/(,|)ou=systems,/",
604 "/^ou=apps,/","/^ou=mime,/","/^ou=aclroles,/","/^ou=incoming,/",
605 "/ou=snapshots,/","/(,|)dc=addressbook,/","/^(,|)ou=machineaccounts,/",
606 "/(,|)ou=winstations,/");
609 /* Get all invisible departments */
610 $ldap->cd($cv['base']);
611 $res = $ldap->search("(&(objectClass=organizationalUnit)(!(objectClass=gosaDepartment)))",array("ou","description","dn"));
612 while($attrs = $ldap->fetch()){
613 $attrs['checked'] = FALSE;
614 $attrs['before'] = "";
615 $attrs['after'] = "";
617 /* Set objects to selected, that were selected before reload */
618 if(isset($old[base64_encode($attrs['dn'])])){
619 $attrs['checked'] = $old[base64_encode($attrs['dn'])]['checked'];
620 }
621 $this->deps_to_migrate[base64_encode($attrs['dn'])] = $attrs;
622 }
624 /* Filter returned list of departments and ensure that
625 * GOsa internal departments will not be listed
626 */
627 foreach($this->deps_to_migrate as $key => $attrs){
628 $dn = $attrs['dn'];
629 $skip = false;
630 foreach($skip_dns as $skip_dn){
631 if(preg_match($skip_dn,$dn)){
632 $skip = true;
633 }
634 }
635 if($skip){
636 unset($this->deps_to_migrate[$key]);
637 }
638 }
640 /* If we have no invisible departments found
641 * tell the user that everything is ok
642 */
643 if(!$res){
644 $this->checks['deps_visible']['STATUS'] = FALSE;
645 $this->checks['deps_visible']['STATUS_MSG']= _("Ldap query failed.");
646 $this->checks['deps_visible']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
647 }elseif(count($this->deps_to_migrate) == 0 ){
648 $this->checks['deps_visible']['STATUS'] = TRUE;
649 $this->checks['deps_visible']['STATUS_MSG']= _("Ok");
650 $this->checks['deps_visible']['ERROR_MSG'] = "";
651 }else{
652 $this->checks['deps_visible']['STATUS'] = FALSE;
653 $this->checks['deps_visible']['STATUS_MSG']= "";//sprintf(_("%s entries found"),count($this->deps_to_migrate));
654 $this->checks['deps_visible']['ERROR_MSG'] = sprintf(_("Found %s departments that will not be visible in GOsa."),count($this->deps_to_migrate));
655 $this->checks['deps_visible']['ERROR_MSG'] .= "<input type='submit' name='deps_visible_migrate' value='"._("Migrate")."'>";
656 }
657 }
661 /* Start deparmtment migration */
662 function migrate_organizationalUnits($only_ldif = FALSE)
663 {
664 /* Get collected configuration settings */
665 $cv = $this->parent->captured_values;
667 /* Establish ldap connection */
668 $ldap = new LDAP($cv['admin'],
669 $cv['password'],
670 $cv['connection'],
671 FALSE,
672 $cv['tls']);
674 /* Add gosaDepartment objectClass to each selected entry
675 */
676 foreach($this->deps_to_migrate as $key => $dep){
677 if($dep['checked']){
679 /* Get current objectClasses */
680 $ldap->cat($dep['dn'],array("objectClass","description"));
681 $attrs = $ldap->fetch();
683 /* Create new objectClass attribute including gosaDepartment*/
684 $new_attrs = array();
685 for($i = 0 ; $i < $attrs['objectClass']['count']; $i ++ ){
686 $new_attrs['objectClass'][] = $attrs['objectClass'][$i];
687 }
688 $new_attrs['objectClass'][] = "gosaDepartment";
690 /* Append description it is missing */
691 if(!isset($attrs['description'])){
692 $new_attrs['description'][] = "GOsa department";
693 }
695 /* Depending on the parameter >only_diff< we save the changes as ldif
696 * or we write our changes directly to the ldap database
697 */
698 if($only_ldif){
699 $this->deps_to_migrate[$key]['before'] = $this->array_to_ldif($attrs);
700 $this->deps_to_migrate[$key]['after'] = $this->array_to_ldif($new_attrs);
701 }else{
702 $ldap->cd($attrs['dn']);
703 if(!$ldap->modify($new_attrs)){
704 print_red(sprintf(_("Failed to migrate the department '%s' into GOsa, error message is as follows '%s'."),$attrs['dn'],$ldap->get_error()));
705 return(false);
706 }
707 }
708 }
709 }
710 return(TRUE);
711 }
714 /* Check Acls if there is at least one object with acls defined
715 */
716 function check_administrativeAccount()
717 {
718 /* Establish ldap connection */
719 $cv = $this->parent->captured_values;
720 $ldap = new LDAP($cv['admin'],
721 $cv['password'],
722 $cv['connection'],
723 FALSE,
724 $cv['tls']);
726 /* Search for gosaAcls */
727 $ldap->cd($cv['base']);
728 $res = $ldap->search("(&(objectClass=gosaAccount)(|(objectClass=posixAccount)".
729 "(objectClass=inetOrgPerson)(objectClass=organizationalPerson)))");
730 if(!$res){
731 $this->checks['acls']['STATUS'] = FALSE;
732 $this->checks['acls']['STATUS_MSG']= _("Ldap query failed.");
733 $this->checks['acls']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
734 }elseif($ldap->count()){
735 $this->checks['acls']['STATUS'] = TRUE;
736 $this->checks['acls']['STATUS_MSG']= _("Ok");
737 }else{
738 $this->checks['acls']['STATUS'] = FALSE;
739 $this->checks['acls']['STATUS_MSG']= _("Failed");
740 $this->checks['acls']['ERROR_MSG'].= "<input type='submit' name='create_acls' value='"._("Create adminitrational account")."'>";
741 }
742 return($ldap->count()>=1);
743 }
747 function create_admin($only_ldif = FALSE)
748 {
749 /* Reset '' */
750 $this->acl_create_changes="";
752 /* Object that should receive admin acls */
753 $dn = $this->acl_create_selected;
755 /* Get collected configuration settings */
756 $cv = $this->parent->captured_values;
758 /* Establish ldap connection */
759 $ldap = new LDAP($cv['admin'],
760 $cv['password'],
761 $cv['connection'],
762 FALSE,
763 $cv['tls']);
765 /* Get current base attributes */
766 $ldap->cd($cv['base']);
767 $ldap->cat($cv['base'],array("dn","objectClass","gosaAclEntry"));
768 $attrs = $ldap->fetch();
770 /* Add acls for the selcted user to the base */
771 $attrs_new['objectClass'] = array("gosaACL");
773 for($i = 0; $i < $attrs['objectClass']['count']; $i ++){
774 if(!in_array_ics($attrs['objectClass'][$i],$attrs_new['objectClass'])){
775 $attrs_new['objectClass'][] = $attrs['objectClass'][$i];
776 }
777 }
779 $acl = "0:sub:".base64_encode($dn).":all;cmdrw";
780 $attrs_new['gosaAclEntry'][] = $acl;
781 if(isset($attrs['gosaAclEntry'])){
782 for($i = 0 ; $i < $attrs['gosaAclEntry']['count']; $i ++){
784 $prio = preg_replace("/[:].*$/","",$attrs['gosaAclEntry'][$i]);
785 $rest = preg_replace("/^[^:]/","",$attrs['gosaAclEntry'][$i]);
787 $data = ($prio+1).$rest;
788 $attrs_new['gosaAclEntry'][] = $data;
789 }
790 }
792 if($only_ldif){
793 $this->acl_create_changes ="\n".$cv['base']."\n";
794 $this->acl_create_changes.=$this->array_to_ldif($attrs)."\n";
795 $this->acl_create_changes.="\n".$cv['base']."\n";
796 $this->acl_create_changes.=$this->array_to_ldif($attrs_new);
797 }else{
799 $ldap->cd($cv['base']);
800 if(!$ldap->modify($attrs_new)){
801 print_red(sprintf(_("Adding acls for user '%s' failed, ldap says '%s'."),$dn,$ldap->get_error()));
802 }
803 }
804 }
807 function create_admin_user()
808 {
809 if(isset($_POST['new_user_password']) && !empty($_POST['new_user_password'])){
810 $pwd = $_POST['new_user_password'];
811 }else{
812 print_red(_("Please specify a valid password for the new GOsa admin user."));
813 return(FALSE);
814 }
816 /* Establish ldap connection */
817 $cv = $this->parent->captured_values;
818 $ldap = new LDAP($cv['admin'],
819 $cv['password'],
820 $cv['connection'],
821 FALSE,
822 $cv['tls']);
824 /* Get current base attributes */
825 $ldap->cd($cv['base']);
827 if($cv['peopledn'] == "cn"){
828 $dn = "cn=System Administrator,".$cv['peopleou'].",".$cv['base'];
829 }else{
830 $dn = "uid=admin,".$cv['peopleou'].",".$cv['base'];
831 }
833 $methods = @passwordMethod::get_available_methods_if_not_loaded();
834 $p_m = $methods[$cv['encryption']];
835 $p_c = new $p_m(array());
836 $hash = $p_c->generate_hash($pwd);
838 $new_user=array();
839 $new_user['objectClass']= array("top","person","gosaAccount","organizationalPerson","inetOrgPerson");
840 $new_user['givenName'] = "System";
841 $new_user['sn'] = "Administrator";
842 $new_user['cn'] = "System Administrator";
843 $new_user['uid'] = "admin";
844 $new_user['userPassword'] = $hash;
846 $ldap->cd($cv['base']);
847 $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$dn));
848 $ldap->cd($dn);
849 $res = $ldap->add($new_user);
850 $this->acl_create_selected = $dn;
851 $this->create_admin();
853 if(!$res){
854 print_red($ldap->get_error());
855 }
857 $this->acl_create_dialog=FALSE;
858 $this->check_administrativeAccount();
859 }
862 function migrate_outside_groups($perform = FALSE)
863 {
864 /* Establish ldap connection */
865 $cv = $this->parent->captured_values;
866 $ldap = new LDAP($cv['admin'],
867 $cv['password'],
868 $cv['connection'],
869 FALSE,
870 $cv['tls']);
872 $ldap->cd($cv['base']);
874 /* Check if there was a destination department posted */
875 if(isset($_POST['move_group_to'])){
876 $destination_dep = $_POST['move_group_to'];
877 }else{
878 print_red(_("Couldn't move users to specified department."));
879 return(false);
880 }
882 foreach($this->outside_groups as $b_dn => $data){
883 $this->outside_groups[$b_dn]['ldif'] ="";
884 if($data['selected']){
885 $dn = base64_decode($b_dn);
886 $d_dn = preg_replace("/,.*$/",",".base64_decode($destination_dep),$dn);
887 if(!$perform){
888 $this->outside_groups[$b_dn]['ldif'] = _("Group will be moved from").":<br>\t".$dn."<br>"._("to").":<br>\t".$d_dn;
891 /* Check if there are references to this object */
892 $ldap->search("(&(member=".$dn.")(|(objectClass=gosaGroupOfNames)(objectClass=groupOfNames)))",array('dn'));
893 $refs = "";
894 while($attrs = $ldap->fetch()){
895 $ref_dn = $attrs['dn'];
896 $refs .= "<br />\t".$ref_dn;
897 }
898 if(!empty($refs)){
899 $this->outside_groups[$b_dn]['ldif'] .= "<br /><br /><i>"._("Updating following references too").":</i>".$refs;
900 }
902 }else{
903 $this->move($dn,$d_dn);
904 }
905 }
906 }
907 }
910 function migrate_outside_users($perform = FALSE)
911 {
912 /* Establish ldap connection */
913 $cv = $this->parent->captured_values;
914 $ldap = new LDAP($cv['admin'],
915 $cv['password'],
916 $cv['connection'],
917 FALSE,
918 $cv['tls']);
920 $ldap->cd($cv['base']);
922 /* Check if there was a destination department posted */
923 if(isset($_POST['move_user_to'])){
924 $destination_dep = $_POST['move_user_to'];
925 }else{
926 print_red(_("Couldn't move users to specified department."));
927 return(false);
928 }
930 foreach($this->outside_users as $b_dn => $data){
931 $this->outside_users[$b_dn]['ldif'] ="";
932 if($data['selected']){
933 $dn = base64_decode($b_dn);
934 $d_dn = preg_replace("/,.*$/",",".base64_decode($destination_dep),$dn);
935 if(!$perform){
936 $this->outside_users[$b_dn]['ldif'] = _("User will be moved from").":<br>\t".$dn."<br>"._("to").":<br>\t".$d_dn;
938 /* Check if there are references to this object */
939 $ldap->search("(&(member=".$dn.")(|(objectClass=gosaGroupOfNames)(objectClass=groupOfNames)))",array('dn'));
940 $refs = "";
941 while($attrs = $ldap->fetch()){
942 $ref_dn = $attrs['dn'];
943 $refs .= "<br />\t".$ref_dn;
944 }
945 if(!empty($refs)){
946 $this->outside_users[$b_dn]['ldif'] .= "<br /><br /><i>"._("Updating following references too").":</i>".$refs;
947 }
949 }else{
950 $this->move($dn,$d_dn);
951 }
952 }
953 }
954 }
957 function execute()
958 {
959 /* Initialise checks if this is the first call */
960 if(!$this->checks_initialised || isset($_POST['reload'])){
961 $this->initialize_checks();
962 $this->checks_initialised = TRUE;
963 }
965 /*************
966 * Groups outside the group ou
967 *************/
969 if(isset($_POST['outside_groups_dialog_cancel'])){
970 $this->outside_groups_dialog = FALSE;
971 $this->dialog = FALSE;
972 }
974 if(isset($_POST['outside_groups_dialog_whats_done'])){
975 $this->migrate_outside_groups(FALSE);
976 }
978 if(isset($_POST['outside_groups_dialog_perform'])){
979 $this->migrate_outside_groups(TRUE);
980 $this->search_outside_groups();
981 }
983 if(isset($_POST['outside_groups_dialog'])){
984 $this->outside_groups_dialog = TRUE;
985 $this->dialog = TRUE;
986 }
988 if($this->outside_groups_dialog){
989 $smarty = get_smarty();
990 $smarty->assign("ous",$this->get_all_group_ous());
991 $smarty->assign("method","outside_groups");
992 $smarty->assign("outside_groups",$this->outside_groups);
993 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
994 }
996 /*************
997 * User outside the people ou
998 *************/
1000 if(isset($_POST['outside_users_dialog_cancel'])){
1001 $this->outside_users_dialog = FALSE;
1002 $this->dialog = FALSE;
1003 }
1005 if(isset($_POST['outside_users_dialog_whats_done'])){
1006 $this->migrate_outside_users(FALSE);
1007 }
1009 if(isset($_POST['outside_users_dialog_perform'])){
1010 $this->migrate_outside_users(TRUE);
1011 $this->search_outside_users();
1012 }
1014 if(isset($_POST['outside_users_dialog'])){
1015 $this->outside_users_dialog = TRUE;
1016 $this->dialog = TRUE;
1017 }
1019 if($this->outside_users_dialog){
1020 $smarty = get_smarty();
1021 $smarty->assign("ous",$this->get_all_people_ous());
1022 $smarty->assign("method","outside_users");
1023 $smarty->assign("outside_users",$this->outside_users);
1024 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1025 }
1027 /*************
1028 * Root object check
1029 *************/
1031 if(isset($_POST['retry_root_create'])){
1033 $state = $this->checks['root']['STATUS'];
1034 $this->checkBase(FALSE);
1035 if($state != $this->checks['root']['STATUS']){
1036 $this->initialize_checks();
1037 }
1038 }
1040 /*************
1041 * User Migration handling
1042 *************/
1044 if(isset($_POST['retry_acls'])){
1045 $this->check_administrativeAccount();
1046 }
1048 if(isset($_POST['create_acls'])){
1049 $this->acl_create_dialog = TRUE;
1050 $this->dialog = TRUE;
1051 }
1053 if(isset($_POST['create_acls_cancel'])){
1054 $this->acl_create_dialog = FALSE;
1055 $this->dialog = FALSE;
1056 }
1058 if(isset($_POST['create_acls_create_confirmed'])){
1059 $this->create_admin();
1060 }
1062 if(isset($_POST['create_acls_create'])){
1063 $this->create_admin(TRUE);
1064 }
1066 if(isset($_POST['create_admin_user'])){
1067 $this->create_admin_user();
1068 }
1070 if($this->acl_create_dialog){
1071 $smarty = get_smarty();
1072 $smarty->assign("new_user_password",@$_POST['new_user_password']);
1073 $smarty->assign("users" ,$this->get_user_list());
1074 $smarty->assign("users_cnt" ,count($this->get_user_list()));
1075 $smarty->assign("groups",$this->get_group_list());
1076 $smarty->assign("groups_cnt",count($this->get_group_list()));
1077 $smarty->assign("type" ,$this->acl_create_type);
1078 $smarty->assign("method","create_acls");
1079 $smarty->assign("acl_create_selected",$this->acl_create_selected);
1080 $smarty->assign("what_will_be_done_now",$this->acl_create_changes);
1081 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1082 }
1084 /*************
1085 * User Migration handling
1086 *************/
1088 /* Refresh list of deparments */
1089 if(isset($_POST['users_visible_migrate_refresh'])){
1090 $this->check_gosaAccounts();
1091 }
1093 /* Open migration dialog */
1094 if(isset($_POST['users_visible_migrate'])){
1095 $this->users_migration_dialog = TRUE;
1096 $this->dialog =TRUE;
1097 }
1099 /* Close migration dialog */
1100 if(isset($_POST['users_visible_migrate_close'])){
1101 $this->users_migration_dialog = FALSE;
1102 $this->dialog =FALSE;
1103 }
1105 /* Start migration */
1106 if(isset($_POST['users_visible_migrate_migrate'])){
1107 if($this->migrate_gosaAccounts()){
1108 $this->check_gosaAccounts();
1109 }
1110 }
1112 /* Start migration */
1113 if(isset($_POST['users_visible_migrate_whatsdone'])){
1114 $this->migrate_gosaAccounts(TRUE);
1115 }
1117 /* Display migration dialog */
1118 if($this->users_migration_dialog){
1119 $smarty = get_smarty();
1120 $smarty->assign("users_to_migrate",$this->users_to_migrate);
1121 $smarty->assign("method","migrate_users");
1122 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1123 }
1126 /*************
1127 * Department Migration handling
1128 *************/
1130 /* Refresh list of deparments */
1131 if(isset($_POST['deps_visible_migrate_refresh'])){
1132 $this->check_organizationalUnits();
1133 }
1135 /* Open migration dialog */
1136 if(isset($_POST['deps_visible_migrate'])){
1137 $this->dep_migration_dialog = TRUE;
1138 $this->dialog =TRUE;
1139 }
1141 /* Close migration dialog */
1142 if(isset($_POST['deps_visible_migrate_close'])){
1143 $this->dep_migration_dialog = FALSE;
1144 $this->dialog =FALSE;
1145 }
1147 /* Start migration */
1148 if(isset($_POST['deps_visible_migrate_migrate'])){
1149 if($this->migrate_organizationalUnits()){
1150 $this->check_organizationalUnits();
1151 }
1152 }
1154 /* Start migration */
1155 if(isset($_POST['deps_visible_migrate_whatsdone'])){
1156 $this->migrate_organizationalUnits(TRUE);
1157 }
1159 /* Display migration dialog */
1160 if($this->dep_migration_dialog){
1161 $smarty = get_smarty();
1162 $smarty->assign("deps_to_migrate",$this->deps_to_migrate);
1163 $smarty->assign("method","migrate_deps");
1164 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1165 }
1167 $smarty = get_smarty();
1168 $smarty->assign("checks",$this->checks);
1169 $smarty->assign("method","default");
1170 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1171 }
1174 function save_object()
1175 {
1176 /* Capture all selected groups from outside_groups_dialog */
1177 if($this->outside_groups_dialog){
1178 foreach($this->outside_groups as $dn => $data){
1179 if(isset($_POST['select_group_'.$dn])){
1180 $this->outside_groups[$dn]['selected'] = TRUE;
1181 }else{
1182 $this->outside_groups[$dn]['selected'] = FALSE;
1183 }
1184 }
1185 }
1187 /* Capture all selected users from outside_users_dialog */
1188 if($this->outside_users_dialog){
1189 foreach($this->outside_users as $dn => $data){
1190 if(isset($_POST['select_user_'.$dn])){
1191 $this->outside_users[$dn]['selected'] = TRUE;
1192 }else{
1193 $this->outside_users[$dn]['selected'] = FALSE;
1194 }
1195 }
1196 }
1198 /* Get "create acl" dialog posts */
1199 if($this->acl_create_dialog){
1200 if(isset($_POST['create_acls_create'])){
1201 if(isset($_POST['create_acls_selected'])){
1202 $this->acl_create_selected = base64_decode($_POST['create_acls_selected']);
1203 }else{
1204 $this->acl_create_selected = "";
1205 }
1206 }
1208 if(isset($_POST['create_acls_create_abort'])){
1209 $this->acl_create_selected = "";
1210 }
1212 if(isset($_POST['acl_create_type'])){
1213 $this->acl_create_type = $_POST['acl_create_type'];
1214 }
1215 }
1217 /* Get selected departments */
1218 if($this->dep_migration_dialog){
1219 foreach($this->deps_to_migrate as $id => $data){
1220 if(isset($_POST['migrate_'.$id])){
1221 $this->deps_to_migrate[$id]['checked'] = TRUE;
1222 }else{
1223 $this->deps_to_migrate[$id]['checked'] = FALSE;
1224 }
1225 }
1226 }
1228 /* Get selected users */
1229 if($this->users_migration_dialog){
1230 foreach($this->users_to_migrate as $id => $data){
1231 if(isset($_POST['migrate_'.$id])){
1232 $this->users_to_migrate[$id]['checked'] = TRUE;
1233 }else{
1234 $this->users_to_migrate[$id]['checked'] = FALSE;
1235 }
1236 }
1237 }
1238 }
1241 /* Check if the root object exists.
1242 * If the parameter just_check is true, then just check if the
1243 * root object is missing and update the info messages.
1244 * If the Parameter is false, try to create a new root object.
1245 */
1246 function checkBase($just_check = TRUE)
1247 {
1248 /* Get collected setup informations */
1249 $cv = $this->parent->captured_values;
1251 /* Establish ldap connection */
1252 $ldap = new LDAP($cv['admin'],
1253 $cv['password'],
1254 $cv['connection'],
1255 FALSE,
1256 $cv['tls']);
1258 /* Check if root object exists */
1259 $ldap->cd($cv['base']);
1260 $res = $ldap->search("(objectClass=*)");
1261 $err = ldap_errno($ldap->cid);
1263 if( !$res ||
1264 $err == 0x20 || # LDAP_NO_SUCH_OBJECT
1265 $err == 0x40) { # LDAP_NAMING_VIOLATION
1267 /* Root object doesn't exists
1268 */
1269 if($just_check){
1270 $this->checks['root']['STATUS'] = FALSE;
1271 $this->checks['root']['STATUS_MSG']= _("Failed");
1272 $this->checks['root']['ERROR_MSG'].= "<input type='submit' name='retry_root_create' value='"._("Try to create root object")."'>";
1273 return(FALSE);
1274 }else{
1276 echo "REMOVE this : Autocreation of the root object will be done by create_missing_tree later. !!!!!!!";
1278 /* Try to find out which values are necessary */
1279 $tmp = $ldap->get_objectclasses();
1280 $oc = $tmp['organization'];
1282 $must_attrs = $oc['MUST'];
1283 if(!is_array($must_attrs)){
1284 $must_attrs = array($must_attrs);
1285 }
1287 /* Root object does not exists try to create it */
1288 $ldapadd["objectclass"][0]="top";
1289 $ldapadd["objectclass"][1]="organization";
1291 /* Try to fill all collected must attributes */
1292 $base_parts = preg_split("/,/",$cv['base']);
1293 foreach($must_attrs as $attr){
1294 foreach($base_parts as $part){
1295 if(preg_match("/^".$attr."=/",$part) && !isset($ldapadd[$attr])){
1296 $ldapadd[$attr]= preg_replace("/^[^=]*+=/","",$part);
1297 }
1298 }
1299 }
1301 /* Add root object */
1302 $ldap->cd($cv['base']);
1303 $res = $ldap->add($ldapadd);
1305 /* Add root object */
1306 $ldap->cd($cv['base']);
1307 # $res = $ldap->create_missing_trees($cv['base']);
1309 /* If adding failed, tell the user */
1310 if(!$res){
1311 $this->checks['root']['STATUS'] = FALSE;
1312 $this->checks['root']['STATUS_MSG']= _("Failed");
1313 $this->checks['root']['ERROR_MSG'] = _("Root object couldn't be created, you should try it on your own.");
1314 $this->checks['root']['ERROR_MSG'].= "<input type='submit' name='retry_root_create' value='"._("Try to create root object")."'>";
1315 return($res);;
1316 }
1317 }
1318 }
1320 /* Create & remove of dummy object was successful */
1321 $this->checks['root']['STATUS'] = TRUE;
1322 $this->checks['root']['STATUS_MSG']= _("Ok");
1323 }
1326 /* Return ldif information for a
1327 * given attribute array
1328 */
1329 function array_to_ldif($atts)
1330 {
1331 $ret = "";
1332 unset($atts['count']);
1333 unset($atts['dn']);
1334 foreach($atts as $name => $value){
1335 if(is_numeric($name)) {
1336 continue;
1337 }
1338 if(is_array($value)){
1339 unset($value['count']);
1340 foreach($value as $a_val){
1341 $ret .= $name.": ". $a_val."\n";
1342 }
1343 }else{
1344 $ret .= $name.": ". $value."\n";
1345 }
1346 }
1347 return(preg_replace("/\n$/","",$ret));
1348 }
1351 function get_user_list()
1352 {
1353 /* Get collected configuration settings */
1354 $cv = $this->parent->captured_values;
1356 /* Establish ldap connection */
1357 $ldap = new LDAP($cv['admin'],
1358 $cv['password'],
1359 $cv['connection'],
1360 FALSE,
1361 $cv['tls']);
1363 $ldap->cd($cv['base']);
1364 $ldap->search("(objectClass=gosaAccount)",array("dn"));
1366 $tmp = array();
1367 while($attrs = $ldap->fetch()){
1368 $tmp[base64_encode($attrs['dn'])] = @LDAP::fix($attrs['dn']);
1369 }
1370 return($tmp);
1371 }
1374 function get_all_people_ous()
1375 {
1376 /* Get collected configuration settings */
1377 $cv = $this->parent->captured_values;
1379 /* Establish ldap connection */
1380 $ldap = new LDAP($cv['admin'],
1381 $cv['password'],
1382 $cv['connection'],
1383 FALSE,
1384 $cv['tls']);
1386 $ldap->cd($cv['base']);
1387 $ldap->search("(".$cv['peopleou'].")",array("dn"));
1389 if($ldap->count() == 0 ){
1390 $add_dn = $cv['peopleou'].",".$cv['base'];
1391 $naming_attr = preg_replace("/=.*$/","",$add_dn);
1392 $naming_value = preg_replace("/^[^=]*+=([^,]*).*$/","\\1",$add_dn);
1393 $add = array();
1394 $add['objectClass'] = array("organizationalUnit");
1395 $add[$naming_attr] = $naming_value;
1397 $ldap->cd($cv['base']);
1398 $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$add_dn));
1399 $ldap->cd($add_dn);
1400 $ldap->add($add);
1401 }
1403 $ldap->search("(".$cv['peopleou'].")",array("dn"));
1404 $tmp = array();
1405 while($attrs= $ldap->fetch()){
1406 if(!preg_match("/ou=snapshots,/",$attrs['dn'])){
1407 $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);
1408 }
1409 }
1410 return($tmp);
1411 }
1414 function get_all_group_ous()
1415 {
1416 /* Get collected configuration settings */
1417 $cv = $this->parent->captured_values;
1419 /* Establish ldap connection */
1420 $ldap = new LDAP($cv['admin'],
1421 $cv['password'],
1422 $cv['connection'],
1423 FALSE,
1424 $cv['tls']);
1426 $ldap->cd($cv['base']);
1427 $ldap->search("(".$cv['groupou'].")",array("dn"));
1429 if($ldap->count() == 0 ){
1430 $add_dn = $cv['groupou'].",".$cv['base'];
1431 $naming_attr = preg_replace("/=.*$/","",$add_dn);
1432 $naming_value = preg_replace("/^[^=]*+=([^,]*).*$/","\\1",$add_dn);
1433 $add = array();
1434 $add['objectClass'] = array("organizationalUnit");
1435 $add[$naming_attr] = $naming_value;
1437 $ldap->cd($cv['base']);
1438 $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$add_dn));
1439 $ldap->cd($add_dn);
1440 $ldap->add($add);
1441 }
1443 $ldap->search("(".$cv['groupou'].")",array("dn"));
1444 $tmp = array();
1445 while($attrs= $ldap->fetch()){
1446 if(!preg_match("/ou=snapshots,/",$attrs['dn'])){
1447 $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);
1448 }
1449 }
1450 return($tmp);
1451 }
1454 function get_group_list()
1455 {
1456 /* Get collected configuration settings */
1457 $cv = $this->parent->captured_values;
1459 /* Establish ldap connection */
1460 $ldap = new LDAP($cv['admin'],
1461 $cv['password'],
1462 $cv['connection'],
1463 FALSE,
1464 $cv['tls']);
1466 $ldap->cd($cv['base']);
1467 $ldap->search("(objectClass=posixGroup)",array("dn"));
1469 $tmp = array();
1470 while($attrs = $ldap->fetch()){
1471 $tmp[base64_encode($attrs['dn'])] = @LDAP::fix($attrs['dn']);
1472 }
1473 return($tmp);
1474 }
1477 function move($source,$destination)
1478 {
1479 /* Get collected configuration settings */
1480 $cv = $this->parent->captured_values;
1482 /* Establish ldap connection */
1483 $ldap = new LDAP($cv['admin'],
1484 $cv['password'],
1485 $cv['connection'],
1486 FALSE,
1487 $cv['tls']);
1489 /* Update object references in gosaGroupOfNames */
1490 $ogs_to_fix = array();
1491 $ldap->cd($cv['base']);
1492 $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::fix($source).'))', array('cn','member'));
1493 while ($attrs= $ldap->fetch()){
1494 $dn = $attrs['dn'];
1495 $attrs = $this->cleanup_array($attrs);
1496 $member_new = array($destination);
1497 foreach($attrs['member'] as $member){
1498 if($member != $source){
1499 $member_new[] = $member;
1500 }
1501 }
1502 $attrs['member'] = $member_new;
1503 $ogs_to_fix[$dn] = $attrs;
1504 }
1506 /* Copy source to destination dn */
1507 $ldap->cat($source);
1508 $new_data = $this->cleanup_array($ldap->fetch());
1509 $ldap->cd($destination);
1510 $res = $ldap->add($new_data);
1512 /* Display warning if copy failed */
1513 if(!$res){
1514 print_red(_("Failed to copy '%s' to '%s'. Ldap says '%s'."),$source,$destination,$ldap->get_error());
1515 }else{
1516 $res = $ldap->rmDir($source);
1517 show_ldap_error($ldap->get_error(),_("Something went wrong while copying dns."));
1519 /* Object is copied, so update its references */
1520 foreach($ogs_to_fix as $dn => $data){
1521 $ldap->cd($dn);
1522 $ldap->modify($data);
1523 }
1524 }
1525 }
1528 /* Cleanup ldap result to be able to write it be to ldap */
1529 function cleanup_array($attrs)
1530 {
1531 foreach($attrs as $key => $value) {
1532 if(is_numeric($key) || in_array($key,array("count","dn"))){
1533 unset($attrs[$key]);
1534 }
1535 if(is_array($value) && isset($value['count'])){
1536 unset($attrs[$key]['count']);
1537 }
1538 }
1539 return($attrs);
1540 }
1541 }
1543 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1544 ?>