index cf289a263dbf5c79dbe1bddb91a7246cbfc8e68b..e238692681b07d10b98eacf6ad93cc7efb34c57c 100644 (file)
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-*/
+ */
+
+
+
+/****************
+ * FUNCTIONS
+
+Step_Migrate - Constructor.
+update_strings - Used to update the displayed step informations.
+initialize_checks - Initialize migration steps.
+check_ldap_permissions - Check if the used admin account has full access to the ldap database.
+check_gosaAccounts - Check if there are users without the required objectClasses.
+migrate_gosaAccounts - Migrate selected users to GOsa user accounts.
+check_organizationalUnits - Check if there are departments, that are not visible for GOsa
+migrate_organizationalUnits - Migrate selected departments
+check_administrativeAccount - Check if there is at least one acl entry available
+checkBase - Check if there is a root object available
+
+get_user_list - Get list of available users
+get_group_list - Get list of groups
+
+create_admin
+create_admin_user
+
+execute - Generate html output of this plugin
+save_object - Save posts
+array_to_ldif - Create ldif output of an ldap result array
+
+ ****************/
+
class Step_Migrate extends setup_step
class Step_Migrate extends setup_step
var $users_migration_dialog= FALSE;
var $users_to_migrate = array();
var $users_migration_dialog= FALSE;
var $users_to_migrate = array();
+ /* Create Acl attributes */
+ var $acl_create_dialog = FALSE;
+ var $acl_create_type = "group";
+ var $acl_create_selected= ""; // Currently selected element, that should receive admin rights
+ var $acl_create_changes = ""; // Contains ldif information about changes
+ var $acl_create_confirmed= FALSE;
+
+ /* Checks initialised ? */
+ var $checks_initialised = FALSE;
+
+ /* Users outside to people ou */
+ var $outside_users = array();
+ var $outside_users_dialog = FALSE;
+
+ /* Users outside to groups ou */
+ var $outside_groups = array();
+ var $outside_groups_dialog = FALSE;
+
+ /* Win-Workstations outside to reserved ou */
+ var $outside_winstations = array();
+ var $outside_winstations_dialog = FALSE;
+
+ /* check for multiple use of same uidNumber */
+ var $check_uidNumbers = array();
+ var $check_uidNumbers_dialog = FALSE;
+
+ /* check for multiple use of same gidNumber */
+ var $check_gidNumbers = array();
+ var $check_gidNumbers_dialog = FALSE;
+
+
function Step_Migrate()
{
$this->update_strings();
function Step_Migrate()
{
$this->update_strings();
- $this->initialize_checks();
}
function update_strings()
}
function update_strings()
$this->s_title_long = _("LDAP inspection");
$this->s_info = _("Analyze your current LDAP for GOsa compatibility");
}
$this->s_title_long = _("LDAP inspection");
$this->s_info = _("Analyze your current LDAP for GOsa compatibility");
}
-
+
function initialize_checks()
{
$this->checks = array();
function initialize_checks()
{
$this->checks = array();
+ $this->checks['root']['TITLE'] = _("Checking for root object");
+ $this->checks['root']['STATUS'] = FALSE;
+ $this->checks['root']['STATUS_MSG']= "";
+ $this->checks['root']['ERROR_MSG'] = "";
+ $this->checkBase();
+
$this->checks['permissions']['TITLE'] = _("Checking permissions on ldap database");
$this->checks['permissions']['STATUS'] = FALSE;
$this->checks['permissions']['STATUS_MSG']= "";
$this->checks['permissions']['TITLE'] = _("Checking permissions on ldap database");
$this->checks['permissions']['STATUS'] = FALSE;
$this->checks['permissions']['STATUS_MSG']= "";
$this->checks['deps_visible']['STATUS'] = FALSE;
$this->checks['deps_visible']['STATUS_MSG']= "";
$this->checks['deps_visible']['ERROR_MSG'] = "";
$this->checks['deps_visible']['STATUS'] = FALSE;
$this->checks['deps_visible']['STATUS_MSG']= "";
$this->checks['deps_visible']['ERROR_MSG'] = "";
- $this->check_visible_organizationalUnits();
+ $this->check_organizationalUnits();
$this->checks['users_visible']['TITLE'] = _("Checking for invisible user");
$this->checks['users_visible']['STATUS'] = FALSE;
$this->checks['users_visible']['STATUS_MSG']= "";
$this->checks['users_visible']['ERROR_MSG'] = "";
$this->checks['users_visible']['TITLE'] = _("Checking for invisible user");
$this->checks['users_visible']['STATUS'] = FALSE;
$this->checks['users_visible']['STATUS_MSG']= "";
$this->checks['users_visible']['ERROR_MSG'] = "";
- $this->check_visible_gosaAccounts();
+ $this->check_gosaAccounts();
+
+ $this->checks['acls']['TITLE'] = _("Checking for administrational account");
+ $this->checks['acls']['STATUS'] = FALSE;
+ $this->checks['acls']['STATUS_MSG']= "";
+ $this->checks['acls']['ERROR_MSG'] = "";
+ $this->check_administrativeAccount();
+
+ $this->checks['outside_users']['TITLE'] = _("Checking for users outside the people department.");
+ $this->checks['outside_users']['STATUS'] = FALSE;
+ $this->checks['outside_users']['STATUS_MSG']= "";
+ $this->checks['outside_users']['ERROR_MSG'] = "";
+ $this->search_outside_users();
+
+ $this->checks['outside_groups']['TITLE'] = _("Checking for groups outside the groups department.");
+ $this->checks['outside_groups']['STATUS'] = FALSE;
+ $this->checks['outside_groups']['STATUS_MSG']= "";
+ $this->checks['outside_groups']['ERROR_MSG'] = "";
+ $this->search_outside_groups();
+
+ $this->checks['outside_winstations']['TITLE'] = _("Checking for windows workstations outside the winstation department.");
+ $this->checks['outside_winstations']['STATUS'] = FALSE;
+ $this->checks['outside_winstations']['STATUS_MSG']= "";
+ $this->checks['outside_winstations']['ERROR_MSG'] = "";
+ $this->search_outside_winstations();
+
+ $this->checks['uidNumber_usage']['TITLE'] = _("Checking for multiple use of same uidNumber value.");
+ $this->checks['uidNumber_usage']['STATUS'] = FALSE;
+ $this->checks['uidNumber_usage']['STATUS_MSG']= "";
+ $this->checks['uidNumber_usage']['ERROR_MSG'] = "";
+ $this->check_uidNumber();
+
+ $this->checks['gidNumber_usage']['TITLE'] = _("Checking for multiple use of same gidNumber value.");
+ $this->checks['gidNumber_usage']['STATUS'] = FALSE;
+ $this->checks['gidNumber_usage']['STATUS_MSG']= "";
+ $this->checks['gidNumber_usage']['ERROR_MSG'] = "";
+ $this->check_gidNumber();
+ }
+
+
+ function check_uidNumber()
+ {
+ $cv = $this->parent->captured_values;
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ $ldap->cd($cv['base']);
+ $res = $ldap->search("uidNumber=*",array("dn","uidNumber"));
+ if(!$res){
+ $this->checks['uidNumber_usage']['STATUS'] = FALSE;
+ $this->checks['uidNumber_usage']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['uidNumber_usage']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
+ return(false);
+ }
+
+ $this->check_uidNumbers= array();
+ $tmp = array();
+ while($attrs = $ldap->fetch()){
+ $tmp[$attrs['uidNumber'][0]][] = $attrs;
+ }
+
+ foreach($tmp as $id => $entries){
+ if(count($entries) > 1){
+ foreach($entries as $entry){
+ $this->check_uidNumbers[base64_encode($entry['dn'])] = $entry;
+ }
+ }
+ }
+
+ if($this->check_uidNumbers){
+ $this->checks['uidNumber_usage']['STATUS'] = FALSE;
+ $this->checks['uidNumber_usage']['STATUS_MSG']= _("Failed");
+ $this->checks['uidNumber_usage']['ERROR_MSG'] =
+ sprintf(_("Found %s duplicated uidNumber values."),count($this->check_uidNumbers));
+ return(false);
+ }else{
+ $this->checks['uidNumber_usage']['STATUS'] = TRUE;
+ $this->checks['uidNumber_usage']['STATUS_MSG']= _("Ok");
+ $this->checks['uidNumber_usage']['ERROR_MSG'] = "";
+ return(TRUE);
+ }
+ }
+
+ function check_gidNumber()
+ {
+ $cv = $this->parent->captured_values;
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ $ldap->cd($cv['base']);
+ $res = $ldap->search("gidNumber=*",array("dn","gidNumber"));
+ if(!$res){
+ $this->checks['gidNumber_usage']['STATUS'] = FALSE;
+ $this->checks['gidNumber_usage']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['gidNumber_usage']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
+ return(false);
+ }
+
+ $this->check_gidNumbers= array();
+ $tmp = array();
+ while($attrs = $ldap->fetch()){
+ $tmp[$attrs['gidNumber'][0]][] = $attrs;
+ }
+
+ foreach($tmp as $id => $entries){
+ if(count($entries) > 1){
+ foreach($entries as $entry){
+ $this->check_gidNumbers[base64_encode($entry['dn'])] = $entry;
+ }
+ }
+ }
+
+ if($this->check_gidNumbers){
+ $this->checks['gidNumber_usage']['STATUS'] = FALSE;
+ $this->checks['gidNumber_usage']['STATUS_MSG']= _("Failed");
+ $this->checks['gidNumber_usage']['ERROR_MSG'] =
+ sprintf(_("Found %s duplicated gidNumber values."),count($this->check_gidNumbers));
+ return(false);
+ }else{
+ $this->checks['gidNumber_usage']['STATUS'] = TRUE;
+ $this->checks['gidNumber_usage']['STATUS_MSG']= _("Ok");
+ $this->checks['gidNumber_usage']['ERROR_MSG'] = "";
+ return(TRUE);
+ }
+ }
+
+
+ /* Search for winstations outside the winstation ou */
+ function search_outside_winstations()
+ {
+ $cv = $this->parent->captured_values;
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ /* Get winstation ou */
+ if($cv['generic_settings']['wws_ou_active']) {
+ $winstation_ou = $cv['generic_settings']['ws_ou'];
+ }else{
+ $winstation_ou = "ou=winstations";
+ }
+
+ $ldap->cd($cv['base']);
+ $res = $ldap->search("(&(objectClass=posixGroup)(sambaGroupType=2)(sambaSID=*))",array("dn","sambaSID"));
+ if(!$res){
+ $this->checks['outside_winstations']['STATUS'] = FALSE;
+ $this->checks['outside_winstations']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['outside_winstations']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
+ return(false);
+ }
+
+ $this->outside_winstations = array();
+ while($attrs = $ldap->fetch()){
+ if(preg_match("/-516$/","",$attrs['sambaSID'][0]) && !preg_match("/^[^,]+,".normalizePreg($winstation_ou)."/",$attrs['dn'])){
+ $this->outside_winstations[base64_encode($attrs['dn'])] = $attrs;
+ }
+ }
+
+ if(count($this->outside_winstations)){
+ $this->checks['outside_winstations']['STATUS'] = FALSE;
+ $this->checks['outside_winstations']['STATUS_MSG']= _("Failed");
+ $this->checks['outside_winstations']['ERROR_MSG'] =
+ sprintf(_("Found %s winstations outside the predefined winstation department ou '%s'."),count($this->outside_winstations),$winstation_ou);
+ return(false);
+ }else{
+ $this->checks['outside_winstations']['STATUS'] = TRUE;
+ $this->checks['outside_winstations']['STATUS_MSG']= _("Ok");
+ $this->checks['outside_winstations']['ERROR_MSG'] = "";
+ return(TRUE);
+ }
+ }
+
+
+ /* Search for groups outside the group ou */
+ function search_outside_groups()
+ {
+ $cv = $this->parent->captured_values;
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ $group_ou = $cv['groupou'];
+ $ldap->cd($cv['base']);
+ $res = $ldap->search("(objectClass=posixGroup)",array("dn"));
+ if(!$res){
+ $this->checks['outside_groups']['STATUS'] = FALSE;
+ $this->checks['outside_groups']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['outside_groups']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
+ return(false);
+ }
+
+
+ $this->outside_groups = array();
+ while($attrs = $ldap->fetch()){
+ if(!preg_match("/^[^,]+,".normalizePreg($group_ou)."/",$attrs['dn'])){
+ $this->outside_groups[base64_encode($attrs['dn'])] = $attrs;
+ }
+ }
+
+ if(count($this->outside_groups)){
+ $this->checks['outside_groups']['STATUS'] = FALSE;
+ $this->checks['outside_groups']['STATUS_MSG']= _("Failed");
+ $this->checks['outside_groups']['ERROR_MSG'] =
+ sprintf(_("Found %s groups outside the selected group ou '%s'."),count($this->outside_groups),$group_ou);
+ return(false);
+ }else{
+ $this->checks['outside_groups']['STATUS'] = TRUE;
+ $this->checks['outside_groups']['STATUS_MSG']= _("Ok");
+ $this->checks['outside_groups']['ERROR_MSG'] = "";
+ return(TRUE);
+ }
+ }
+
+ /* Search for users outside the people ou */
+ function search_outside_users()
+ {
+ $cv = $this->parent->captured_values;
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+ $people_ou = $cv['peopleou'];
+ $ldap->cd($cv['base']);
+ $res = $ldap->search("(objectClass=gosaAccount)",array("dn"));
+ if(!$res){
+ $this->checks['outside_users']['STATUS'] = FALSE;
+ $this->checks['outside_users']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['outside_users']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
+ return(false);
+ }
+
+
+ $this->outside_users = array();
+ while($attrs = $ldap->fetch()){
+ if(!preg_match("/^[^,]+,".normalizePreg($people_ou)."/",$attrs['dn'])){
+ $attrs['selected'] = FALSE;
+ $attrs['ldif'] = "";
+ $this->outside_users[base64_encode($attrs['dn'])] = $attrs;
+ }
+ }
+
+ if(count($this->outside_users)){
+ $this->checks['outside_users']['STATUS'] = FALSE;
+ $this->checks['outside_users']['STATUS_MSG']= _("Failed");
+ $this->checks['outside_users']['ERROR_MSG'] =
+ sprintf(_("Found %s users outside the selected user ou '%s'."),count($this->outside_users),$people_ou);
+ $this->checks['outside_users']['ERROR_MSG'].= "<input type='submit' name='outside_users_dialog' value='"._("Migrate")."'>";
+ return(false);
+ }else{
+ $this->checks['outside_users']['STATUS'] = TRUE;
+ $this->checks['outside_users']['STATUS_MSG']= _("Ok");
+ $this->checks['outside_users']['ERROR_MSG'] = "";
+ return(TRUE);
+ }
}
}
{
$cv = $this->parent->captured_values;
$ldap = new LDAP($cv['admin'],
{
$cv = $this->parent->captured_values;
$ldap = new LDAP($cv['admin'],
- $cv['password'],
- $cv['connection'],
- FALSE,
- $cv['tls']);
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ /* Create dummy entry
+ */
$name = "GOsa_setup_text_entry_".session_id().rand(0,999999);
$dn = "ou=".$name.",".$cv['base'];
$testEntry= array();
$name = "GOsa_setup_text_entry_".session_id().rand(0,999999);
$dn = "ou=".$name.",".$cv['base'];
$testEntry= array();
$testEntry['objectClass'][]= "gosaDepartment";
$testEntry['description']= "Created by GOsa setup, this object can be removed.";
$testEntry['ou'] = $name;
$testEntry['objectClass'][]= "gosaDepartment";
$testEntry['description']= "Created by GOsa setup, this object can be removed.";
$testEntry['ou'] = $name;
-
+
+ /* check if simple ldap cat will be successful
+ */
+ $res = $ldap->cat($cv['base']);
+ if(!$res){
+ $this->checks['permissions']['STATUS'] = FALSE;
+ $this->checks['permissions']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['permissions']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
+ return(false);
+ }
+
+ /* Try to create dummy object
+ */
$ldap->cd ($dn);
$ldap->cd ($dn);
+ $ldap->create_missing_trees($dn);
$res = $ldap->add($testEntry);
if(!$res){
$res = $ldap->add($testEntry);
if(!$res){
+ gosa_log($ldap->get_error());
$this->checks['permissions']['STATUS'] = FALSE;
$this->checks['permissions']['STATUS_MSG']= _("Failed");
$this->checks['permissions']['ERROR_MSG'] =
sprintf(_("The specified user '%s' does not have full access to your ldap database."),$cv['admin']);
$this->checks['permissions']['STATUS'] = FALSE;
$this->checks['permissions']['STATUS_MSG']= _("Failed");
$this->checks['permissions']['ERROR_MSG'] =
sprintf(_("The specified user '%s' does not have full access to your ldap database."),$cv['admin']);
- $this->checks['permissions']['ERROR_MSG'].=
- "<input type='submit' name='retry_permissions' value='"._("Retry")."'>";
return(false);
}
return(false);
}
+ /* Try to remove created entry
+ */
$res = $ldap->rmDir($dn);
if(!$res){
$res = $ldap->rmDir($dn);
if(!$res){
+ gosa_log($ldap->get_error());
$this->checks['permissions']['STATUS'] = FALSE;
$this->checks['permissions']['STATUS_MSG']= _("Failed");
$this->checks['permissions']['ERROR_MSG'] =
sprintf(_("The specified user '%s' does not have full access to your ldap database."),$cv['admin']);
$this->checks['permissions']['STATUS'] = FALSE;
$this->checks['permissions']['STATUS_MSG']= _("Failed");
$this->checks['permissions']['ERROR_MSG'] =
sprintf(_("The specified user '%s' does not have full access to your ldap database."),$cv['admin']);
- $this->checks['permissions']['ERROR_MSG'].=
- "<input type='submit' name='retry_permissions' value='"._("Retry")."'>";
return(false);
}
return(false);
}
+ /* Create & remove of dummy object was successful */
$this->checks['permissions']['STATUS'] = TRUE;
$this->checks['permissions']['STATUS_MSG']= _("Ok");
$this->checks['permissions']['STATUS'] = TRUE;
$this->checks['permissions']['STATUS_MSG']= _("Ok");
- $this->checks['permissions']['ERROR_MSG'] = "<input type='submit' name='retry_permissions' value='"._("Retry")."'>";
+ $this->checks['permissions']['ERROR_MSG'] = "";
return(true);
}
return(true);
}
-
- function check_visible_gosaAccounts()
+ /* Check if there are users which will
+ * be invisible for GOsa
+ */
+ function check_gosaAccounts()
{
{
- $old = $this->users_to_migrate;
- $this->users_to_migrate = array();
+ /* Remember old list of ivisible users, to be able to set
+ * the 'html checked' status for the checkboxes again
+ */
$cnt_ok = 0;
$cnt_ok = 0;
+ $old = $this->users_to_migrate;
+ $this->users_to_migrate = array();
/* Get collected configuration settings */
$cv = $this->parent->captured_values;
/* Establish ldap connection */
$ldap = new LDAP($cv['admin'],
/* Get collected configuration settings */
$cv = $this->parent->captured_values;
/* Establish ldap connection */
$ldap = new LDAP($cv['admin'],
- $cv['password'],
- $cv['connection'],
- FALSE,
- $cv['tls']);
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
- /* Get all invisible departments */
+ /* Get all invisible users
+ */
$ldap->cd($cv['base']);
$ldap->cd($cv['base']);
- $ldap->search("(&(|(objectClass=posixAccount)(objectClass=inetOrgPerson)(objectClass=organizationalPerson))(!(objectClass=gosaAccount)))",array("sn","givenName","cn","uid"));
+ $res =$ldap->search("(&(|(objectClass=posixAccount)(objectClass=inetOrgPerson)(objectClass=organizationalPerson))(!(objectClass=gosaAccount)))",array("sn","givenName","cn","uid"));
while($attrs = $ldap->fetch()){
while($attrs = $ldap->fetch()){
-
if(!preg_match("/,dc=addressbook,/",$attrs['dn'])){
if(!preg_match("/,dc=addressbook,/",$attrs['dn'])){
-
$attrs['checked'] = FALSE;
$attrs['before'] = "";
$attrs['after'] = "";
$attrs['checked'] = FALSE;
$attrs['before'] = "";
$attrs['after'] = "";
}
}
}
}
- /* No invisible */
- if(count($this->users_to_migrate) == 0){
+ /* No invisible */
+ if(!$res){
+ $this->checks['users_visible']['STATUS'] = FALSE;
+ $this->checks['users_visible']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['users_visible']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
+ }elseif(count($this->users_to_migrate) == 0){
$this->checks['users_visible']['STATUS'] = TRUE;
$this->checks['users_visible']['STATUS_MSG']= _("Ok");
$this->checks['users_visible']['ERROR_MSG'] = "";
$this->checks['users_visible']['STATUS'] = TRUE;
$this->checks['users_visible']['STATUS_MSG']= _("Ok");
$this->checks['users_visible']['ERROR_MSG'] = "";
- $this->checks['users_visible']['ERROR_MSG'] .= "<input type='submit' name='users_visible_migrate_refresh' value='"._("Retry")."'>";
}else{
$this->checks['users_visible']['STATUS'] = FALSE;
$this->checks['users_visible']['STATUS_MSG']= "";
$this->checks['users_visible']['ERROR_MSG'] = sprintf(_("Found %s users that will not be visible in GOsa."),
}else{
$this->checks['users_visible']['STATUS'] = FALSE;
$this->checks['users_visible']['STATUS_MSG']= "";
$this->checks['users_visible']['ERROR_MSG'] = sprintf(_("Found %s users that will not be visible in GOsa."),
- count($this->users_to_migrate));
+ count($this->users_to_migrate));
$this->checks['users_visible']['ERROR_MSG'] .= "<input type='submit' name='users_visible_migrate' value='"._("Migrate")."'>";
$this->checks['users_visible']['ERROR_MSG'] .= "<input type='submit' name='users_visible_migrate' value='"._("Migrate")."'>";
- $this->checks['users_visible']['ERROR_MSG'] .= "<input type='submit' name='users_visible_migrate_refresh' value='"._("Reload list"). "'>";
}
}
-
}
}
- /* Start deparmtment migration */
+
+ /* Start user account migration
+ */
function migrate_gosaAccounts($only_ldif = FALSE)
{
/* Get collected configuration settings */
function migrate_gosaAccounts($only_ldif = FALSE)
{
/* Get collected configuration settings */
/* Establish ldap connection */
$ldap = new LDAP($cv['admin'],
/* Establish ldap connection */
$ldap = new LDAP($cv['admin'],
- $cv['password'],
- $cv['connection'],
- FALSE,
- $cv['tls']);
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+ /* Add gosaAccount objectClass to the selected users
+ */
foreach($this->users_to_migrate as $key => $dep){
if($dep['checked']){
foreach($this->users_to_migrate as $key => $dep){
if($dep['checked']){
+ /* Get old objectClasses */
$ldap->cat($dep['dn'],array("objectClass"));
$attrs = $ldap->fetch();
$ldap->cat($dep['dn'],array("objectClass"));
$attrs = $ldap->fetch();
- $new_attrs = array();
+ /* Create new objectClass array */
+ $new_attrs = array();
+ $new_attrs['objectClass']= array("gosaAccount","inetOrgPerson","organizationalPerson");
for($i = 0 ; $i < $attrs['objectClass']['count']; $i ++ ){
for($i = 0 ; $i < $attrs['objectClass']['count']; $i ++ ){
- $new_attrs['objectClass'][] = $attrs['objectClass'][$i];
+ if(!in_array_ics($attrs['objectClass'][$i], $new_attrs['objectClass'])){
+ $new_attrs['objectClass'][] = $attrs['objectClass'][$i];
+ }
}
}
- $new_attrs['objectClass'][] = "gosaAccount";
-
+
+ /* Set info attributes for current object,
+ * or write changes to the ldap database
+ */
if($only_ldif){
$this->users_to_migrate[$key]['before'] = $this->array_to_ldif($attrs);
$this->users_to_migrate[$key]['after'] = $this->array_to_ldif($new_attrs);
if($only_ldif){
$this->users_to_migrate[$key]['before'] = $this->array_to_ldif($attrs);
$this->users_to_migrate[$key]['after'] = $this->array_to_ldif($new_attrs);
}
}
- function check_visible_organizationalUnits()
+ /* Check if there are invisible organizational Units
+ */
+ function check_organizationalUnits()
{
{
+ $cnt_ok = 0;
$old = $this->deps_to_migrate;
$this->deps_to_migrate = array();
$old = $this->deps_to_migrate;
$this->deps_to_migrate = array();
- $cnt_ok = 0;
/* Get collected configuration settings */
$cv = $this->parent->captured_values;
/* Establish ldap connection */
$ldap = new LDAP($cv['admin'],
/* Get collected configuration settings */
$cv = $this->parent->captured_values;
/* Establish ldap connection */
$ldap = new LDAP($cv['admin'],
- $cv['password'],
- $cv['connection'],
- FALSE,
- $cv['tls']);
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
/* Skip GOsa internal departments */
$skip_dns = array("/^ou=people,/","/^ou=groups,/","/(,|)ou=configs,/","/(,|)ou=systems,/",
/* Skip GOsa internal departments */
$skip_dns = array("/^ou=people,/","/^ou=groups,/","/(,|)ou=configs,/","/(,|)ou=systems,/",
- "/^ou=apps,/","/^ou=mime,/","/^ou=aclroles,/","/^ou=incoming,/",
- "/ou=snapshots,/","/(,|)dc=addressbook,/","/^(,|)ou=machineaccounts,/",
- "/(,|)ou=winstations,/");
+ "/^ou=apps,/","/^ou=mime,/","/^ou=aclroles,/","/^ou=incoming,/",
+ "/ou=snapshots,/","/(,|)dc=addressbook,/","/^(,|)ou=machineaccounts,/",
+ "/(,|)ou=winstations,/");
/* Get all invisible departments */
$ldap->cd($cv['base']);
/* Get all invisible departments */
$ldap->cd($cv['base']);
- $ldap->search("(&(objectClass=organizationalUnit)(!(objectClass=gosaDepartment)))",array("ou","description","dn"));
+ $res = $ldap->search("(&(objectClass=organizationalUnit)(!(objectClass=gosaDepartment)))",array("ou","description","dn"));
while($attrs = $ldap->fetch()){
$attrs['checked'] = FALSE;
$attrs['before'] = "";
while($attrs = $ldap->fetch()){
$attrs['checked'] = FALSE;
$attrs['before'] = "";
}
$this->deps_to_migrate[base64_encode($attrs['dn'])] = $attrs;
}
}
$this->deps_to_migrate[base64_encode($attrs['dn'])] = $attrs;
}
-
- /* Filter returned list of departments */
+
+ /* Filter returned list of departments and ensure that
+ * GOsa internal departments will not be listed
+ */
foreach($this->deps_to_migrate as $key => $attrs){
$dn = $attrs['dn'];
$skip = false;
foreach($this->deps_to_migrate as $key => $attrs){
$dn = $attrs['dn'];
$skip = false;
unset($this->deps_to_migrate[$key]);
}
}
unset($this->deps_to_migrate[$key]);
}
}
-
- /* No invisible */
- if(count($this->deps_to_migrate) == 0){
+
+ /* If we have no invisible departments found
+ * tell the user that everything is ok
+ */
+ if(!$res){
+ $this->checks['deps_visible']['STATUS'] = FALSE;
+ $this->checks['deps_visible']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['deps_visible']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
+ }elseif(count($this->deps_to_migrate) == 0 ){
$this->checks['deps_visible']['STATUS'] = TRUE;
$this->checks['deps_visible']['STATUS_MSG']= _("Ok");
$this->checks['deps_visible']['ERROR_MSG'] = "";
$this->checks['deps_visible']['STATUS'] = TRUE;
$this->checks['deps_visible']['STATUS_MSG']= _("Ok");
$this->checks['deps_visible']['ERROR_MSG'] = "";
- $this->checks['deps_visible']['ERROR_MSG'] .= "<input type='submit' name='deps_visible_migrate_refresh' value='"._("Retry")."'>";
}else{
$this->checks['deps_visible']['STATUS'] = FALSE;
$this->checks['deps_visible']['STATUS_MSG']= "";//sprintf(_("%s entries found"),count($this->deps_to_migrate));
$this->checks['deps_visible']['ERROR_MSG'] = sprintf(_("Found %s departments that will not be visible in GOsa."),count($this->deps_to_migrate));
$this->checks['deps_visible']['ERROR_MSG'] .= "<input type='submit' name='deps_visible_migrate' value='"._("Migrate")."'>";
}else{
$this->checks['deps_visible']['STATUS'] = FALSE;
$this->checks['deps_visible']['STATUS_MSG']= "";//sprintf(_("%s entries found"),count($this->deps_to_migrate));
$this->checks['deps_visible']['ERROR_MSG'] = sprintf(_("Found %s departments that will not be visible in GOsa."),count($this->deps_to_migrate));
$this->checks['deps_visible']['ERROR_MSG'] .= "<input type='submit' name='deps_visible_migrate' value='"._("Migrate")."'>";
- $this->checks['deps_visible']['ERROR_MSG'] .= "<input type='submit' name='deps_visible_migrate_refresh' value='"._("Reload list")."'>";
}
}
-
}
}
-
+
/* Start deparmtment migration */
function migrate_organizationalUnits($only_ldif = FALSE)
{
/* Start deparmtment migration */
function migrate_organizationalUnits($only_ldif = FALSE)
{
/* Establish ldap connection */
$ldap = new LDAP($cv['admin'],
/* Establish ldap connection */
$ldap = new LDAP($cv['admin'],
- $cv['password'],
- $cv['connection'],
- FALSE,
- $cv['tls']);
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+ /* Add gosaDepartment objectClass to each selected entry
+ */
foreach($this->deps_to_migrate as $key => $dep){
if($dep['checked']){
foreach($this->deps_to_migrate as $key => $dep){
if($dep['checked']){
+ /* Get current objectClasses */
$ldap->cat($dep['dn'],array("objectClass","description"));
$attrs = $ldap->fetch();
$ldap->cat($dep['dn'],array("objectClass","description"));
$attrs = $ldap->fetch();
- $new_attrs = array();
+ /* Create new objectClass attribute including gosaDepartment*/
+ $new_attrs = array();
for($i = 0 ; $i < $attrs['objectClass']['count']; $i ++ ){
$new_attrs['objectClass'][] = $attrs['objectClass'][$i];
}
$new_attrs['objectClass'][] = "gosaDepartment";
for($i = 0 ; $i < $attrs['objectClass']['count']; $i ++ ){
$new_attrs['objectClass'][] = $attrs['objectClass'][$i];
}
$new_attrs['objectClass'][] = "gosaDepartment";
-
+
+ /* Append description it is missing */
if(!isset($attrs['description'])){
$new_attrs['description'][] = "GOsa department";
}
if(!isset($attrs['description'])){
$new_attrs['description'][] = "GOsa department";
}
-
-
-
+
+ /* Depending on the parameter >only_diff< we save the changes as ldif
+ * or we write our changes directly to the ldap database
+ */
if($only_ldif){
$this->deps_to_migrate[$key]['before'] = $this->array_to_ldif($attrs);
$this->deps_to_migrate[$key]['after'] = $this->array_to_ldif($new_attrs);
if($only_ldif){
$this->deps_to_migrate[$key]['before'] = $this->array_to_ldif($attrs);
$this->deps_to_migrate[$key]['after'] = $this->array_to_ldif($new_attrs);
}
}
+ /* Check Acls if there is at least one object with acls defined
+ */
+ function check_administrativeAccount()
+ {
+ /* Establish ldap connection */
+ $cv = $this->parent->captured_values;
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ /* Search for gosaAcls */
+ $ldap->cd($cv['base']);
+ $res = $ldap->search("(&(objectClass=gosaAccount)(|(objectClass=posixAccount)".
+ "(objectClass=inetOrgPerson)(objectClass=organizationalPerson)))");
+ if(!$res){
+ $this->checks['acls']['STATUS'] = FALSE;
+ $this->checks['acls']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['acls']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
+ }elseif($ldap->count()){
+ $this->checks['acls']['STATUS'] = TRUE;
+ $this->checks['acls']['STATUS_MSG']= _("Ok");
+ }else{
+ $this->checks['acls']['STATUS'] = FALSE;
+ $this->checks['acls']['STATUS_MSG']= _("Failed");
+ $this->checks['acls']['ERROR_MSG'].= "<input type='submit' name='create_acls' value='"._("Create adminitrational account")."'>";
+ }
+ return($ldap->count()>=1);
+ }
+
+
+
+ function create_admin($only_ldif = FALSE)
+ {
+ /* Reset '' */
+ $this->acl_create_changes="";
+
+ /* Object that should receive admin acls */
+ $dn = $this->acl_create_selected;
+
+ /* Get collected configuration settings */
+ $cv = $this->parent->captured_values;
+
+ /* Establish ldap connection */
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ /* Get current base attributes */
+ $ldap->cd($cv['base']);
+ $ldap->cat($cv['base'],array("dn","objectClass","gosaAclEntry"));
+ $attrs = $ldap->fetch();
+
+ /* Add acls for the selcted user to the base */
+ $attrs_new['objectClass'] = array("gosaACL");
+
+ for($i = 0; $i < $attrs['objectClass']['count']; $i ++){
+ if(!in_array_ics($attrs['objectClass'][$i],$attrs_new['objectClass'])){
+ $attrs_new['objectClass'][] = $attrs['objectClass'][$i];
+ }
+ }
+
+ $acl = "0:sub:".base64_encode($dn).":all;cmdrw";
+ $attrs_new['gosaAclEntry'][] = $acl;
+ if(isset($attrs['gosaAclEntry'])){
+ for($i = 0 ; $i < $attrs['gosaAclEntry']['count']; $i ++){
+
+ $prio = preg_replace("/[:].*$/","",$attrs['gosaAclEntry'][$i]);
+ $rest = preg_replace("/^[^:]/","",$attrs['gosaAclEntry'][$i]);
+
+ $data = ($prio+1).$rest;
+ $attrs_new['gosaAclEntry'][] = $data;
+ }
+ }
+
+ if($only_ldif){
+ $this->acl_create_changes ="\n".$cv['base']."\n";
+ $this->acl_create_changes.=$this->array_to_ldif($attrs)."\n";
+ $this->acl_create_changes.="\n".$cv['base']."\n";
+ $this->acl_create_changes.=$this->array_to_ldif($attrs_new);
+ }else{
+
+ $ldap->cd($cv['base']);
+ if(!$ldap->modify($attrs_new)){
+ print_red(sprintf(_("Adding acls for user '%s' failed, ldap says '%s'."),$dn,$ldap->get_error()));
+ }
+ }
+ }
+
+
+ function create_admin_user()
+ {
+ if(isset($_POST['new_user_password']) && !empty($_POST['new_user_password'])){
+ $pwd = $_POST['new_user_password'];
+ }else{
+ print_red(_("Please specify a valid password for the new GOsa admin user."));
+ return(FALSE);
+ }
+
+ /* Establish ldap connection */
+ $cv = $this->parent->captured_values;
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ /* Get current base attributes */
+ $ldap->cd($cv['base']);
+
+ if($cv['peopledn'] == "cn"){
+ $dn = "cn=System Administrator,".$cv['peopleou'].",".$cv['base'];
+ }else{
+ $dn = "uid=admin,".$cv['peopleou'].",".$cv['base'];
+ }
+
+ $methods = @passwordMethod::get_available_methods_if_not_loaded();
+ $p_m = $methods[$cv['encryption']];
+ $p_c = new $p_m(array());
+ $hash = $p_c->generate_hash($pwd);
+
+ $new_user=array();
+ $new_user['objectClass']= array("top","person","gosaAccount","organizationalPerson","inetOrgPerson");
+ $new_user['givenName'] = "System";
+ $new_user['sn'] = "Administrator";
+ $new_user['cn'] = "System Administrator";
+ $new_user['uid'] = "admin";
+ $new_user['userPassword'] = $hash;
+
+ $ldap->cd($cv['base']);
+ $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$dn));
+ $ldap->cd($dn);
+ $res = $ldap->add($new_user);
+ $this->acl_create_selected = $dn;
+ $this->create_admin();
+
+ if(!$res){
+ print_red($ldap->get_error());
+ }
+
+ $this->acl_create_dialog=FALSE;
+ $this->check_administrativeAccount();
+ }
+
+
+ function migrate_outside_users($perform = FALSE)
+ {
+ /* Check if there was a destination department posted */
+ if(isset($_POST['move_user_to'])){
+ $destination_dep = $_POST['move_user_to'];
+ }else{
+ print_red(_("Couldn't move users to specified department."));
+ return(false);
+ }
+
+ foreach($this->outside_users as $b_dn => $data){
+ $this->outside_users[$b_dn]['ldif'] ="";
+ if($data['selected']){
+ $dn = base64_decode($b_dn);
+ $d_dn = preg_replace("/,.*$/",",".base64_decode($destination_dep),$dn);
+ if(!$perform){
+ $this->outside_users[$b_dn]['ldif'] = $dn."<br>".$d_dn;
+ }else{
+ $this->move($dn,$d_dn);
+ }
+ }
+ }
+ }
+
function execute()
{
function execute()
{
- /* Permission check */
- $this->check_ldap_permissions();
+ /* Initialise checks if this is the first call */
+ if(!$this->checks_initialised || isset($_POST['reload'])){
+ $this->initialize_checks();
+ $this->checks_initialised = TRUE;
+ }
- /* User Migration
- */
+ /*************
+ * User outside the people ou
+ *************/
+
+ if(isset($_POST['outside_users_dialog_cancel'])){
+ $this->outside_users_dialog = FALSE;
+ $this->dialog = FALSE;
+ }
+
+ if(isset($_POST['outside_users_dialog_whats_done'])){
+ $this->migrate_outside_users(FALSE);
+ }
+
+ if(isset($_POST['outside_users_dialog_perform'])){
+ $this->migrate_outside_users(TRUE);
+ $this->search_outside_users();
+ }
+
+ if(isset($_POST['outside_users_dialog'])){
+ $this->outside_users_dialog = TRUE;
+ $this->dialog = TRUE;
+ }
+
+ if($this->outside_users_dialog){
+ $smarty = get_smarty();
+ $smarty->assign("ous",$this->get_all_people_ous());
+ $smarty->assign("method","outside_users");
+ $smarty->assign("outside_users",$this->outside_users);
+ return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
+ }
+
+ /*************
+ * Root object check
+ *************/
+
+ if(isset($_POST['retry_root_create'])){
+
+ $state = $this->checks['root']['STATUS'];
+ $this->checkBase(FALSE);
+ if($state != $this->checks['root']['STATUS']){
+ $this->initialize_checks();
+ }
+ }
+
+ /*************
+ * User Migration handling
+ *************/
+
+ if(isset($_POST['retry_acls'])){
+ $this->check_administrativeAccount();
+ }
+
+ if(isset($_POST['create_acls'])){
+ $this->acl_create_dialog = TRUE;
+ $this->dialog = TRUE;
+ }
+
+ if(isset($_POST['create_acls_cancel'])){
+ $this->acl_create_dialog = FALSE;
+ $this->dialog = FALSE;
+ }
+
+ if(isset($_POST['create_acls_create_confirmed'])){
+ $this->create_admin();
+ }
+
+ if(isset($_POST['create_acls_create'])){
+ $this->create_admin(TRUE);
+ }
+
+ if(isset($_POST['create_admin_user'])){
+ $this->create_admin_user();
+ }
+
+ if($this->acl_create_dialog){
+ $smarty = get_smarty();
+ $smarty->assign("new_user_password",@$_POST['new_user_password']);
+ $smarty->assign("users" ,$this->get_user_list());
+ $smarty->assign("users_cnt" ,count($this->get_user_list()));
+ $smarty->assign("groups",$this->get_group_list());
+ $smarty->assign("groups_cnt",count($this->get_group_list()));
+ $smarty->assign("type" ,$this->acl_create_type);
+ $smarty->assign("method","create_acls");
+ $smarty->assign("acl_create_selected",$this->acl_create_selected);
+ $smarty->assign("what_will_be_done_now",$this->acl_create_changes);
+ return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
+ }
+
+ /*************
+ * User Migration handling
+ *************/
/* Refresh list of deparments */
if(isset($_POST['users_visible_migrate_refresh'])){
/* Refresh list of deparments */
if(isset($_POST['users_visible_migrate_refresh'])){
- $this->check_visible_gosaAccounts();
+ $this->check_gosaAccounts();
}
/* Open migration dialog */
}
/* Open migration dialog */
/* Start migration */
if(isset($_POST['users_visible_migrate_migrate'])){
if($this->migrate_gosaAccounts()){
/* Start migration */
if(isset($_POST['users_visible_migrate_migrate'])){
if($this->migrate_gosaAccounts()){
- $this->check_visible_gosaAccounts();
+ $this->check_gosaAccounts();
}
}
}
}
}
}
- /* Department migration options
- */
+ /*************
+ * Department Migration handling
+ *************/
/* Refresh list of deparments */
if(isset($_POST['deps_visible_migrate_refresh'])){
/* Refresh list of deparments */
if(isset($_POST['deps_visible_migrate_refresh'])){
- $this->check_visible_organizationalUnits();
+ $this->check_organizationalUnits();
}
/* Open migration dialog */
}
/* Open migration dialog */
/* Start migration */
if(isset($_POST['deps_visible_migrate_migrate'])){
if($this->migrate_organizationalUnits()){
/* Start migration */
if(isset($_POST['deps_visible_migrate_migrate'])){
if($this->migrate_organizationalUnits()){
- $this->check_visible_organizationalUnits();
+ $this->check_organizationalUnits();
}
}
}
}
return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
}
return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
}
+
function save_object()
{
function save_object()
{
+ /* Capture all selected users from outside_users_dialog */
+ if($this->outside_users_dialog){
+ foreach($this->outside_users as $dn => $data){
+ if(isset($_POST['select_user_'.$dn])){
+ $this->outside_users[$dn]['selected'] = TRUE;
+ }else{
+ $this->outside_users[$dn]['selected'] = FALSE;
+ }
+ }
+ }
+
+ /* Get "create acl" dialog posts */
+ if($this->acl_create_dialog){
+ if(isset($_POST['create_acls_create'])){
+ if(isset($_POST['create_acls_selected'])){
+ $this->acl_create_selected = base64_decode($_POST['create_acls_selected']);
+ }else{
+ $this->acl_create_selected = "";
+ }
+ }
+
+ if(isset($_POST['create_acls_create_abort'])){
+ $this->acl_create_selected = "";
+ }
+
+ if(isset($_POST['acl_create_type'])){
+ $this->acl_create_type = $_POST['acl_create_type'];
+ }
+ }
+
+ /* Get selected departments */
if($this->dep_migration_dialog){
foreach($this->deps_to_migrate as $id => $data){
if(isset($_POST['migrate_'.$id])){
if($this->dep_migration_dialog){
foreach($this->deps_to_migrate as $id => $data){
if(isset($_POST['migrate_'.$id])){
}
}
}
}
}
}
+
+ /* Get selected users */
if($this->users_migration_dialog){
foreach($this->users_to_migrate as $id => $data){
if(isset($_POST['migrate_'.$id])){
if($this->users_migration_dialog){
foreach($this->users_to_migrate as $id => $data){
if(isset($_POST['migrate_'.$id])){
}
}
}
}
}
}
+ }
+
+
+ /* Check if the root object exists.
+ * If the parameter just_check is true, then just check if the
+ * root object is missing and update the info messages.
+ * If the Parameter is false, try to create a new root object.
+ */
+ function checkBase($just_check = TRUE)
+ {
+ /* Get collected setup informations */
+ $cv = $this->parent->captured_values;
+
+ /* Establish ldap connection */
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ /* Check if root object exists */
+ $ldap->cd($cv['base']);
+ $res = $ldap->search("(objectClass=*)");
+ $err = ldap_errno($ldap->cid);
+
+ if( !$res ||
+ $err == 0x20 || # LDAP_NO_SUCH_OBJECT
+ $err == 0x40) { # LDAP_NAMING_VIOLATION
+
+ /* Root object doesn't exists
+ */
+ if($just_check){
+ $this->checks['root']['STATUS'] = FALSE;
+ $this->checks['root']['STATUS_MSG']= _("Failed");
+ $this->checks['root']['ERROR_MSG'].= "<input type='submit' name='retry_root_create' value='"._("Try to create root object")."'>";
+ return(FALSE);
+ }else{
+
+ echo "REMOVE this : Autocreation of the root object will be done by create_missing_tree later. !!!!!!!";
+
+ /* Try to find out which values are necessary */
+ $tmp = $ldap->get_objectclasses();
+ $oc = $tmp['organization'];
+
+ $must_attrs = $oc['MUST'];
+ if(!is_array($must_attrs)){
+ $must_attrs = array($must_attrs);
+ }
+
+ /* Root object does not exists try to create it */
+ $ldapadd["objectclass"][0]="top";
+ $ldapadd["objectclass"][1]="organization";
+
+ /* Try to fill all collected must attributes */
+ $base_parts = preg_split("/,/",$cv['base']);
+ foreach($must_attrs as $attr){
+ foreach($base_parts as $part){
+ if(preg_match("/^".$attr."=/",$part) && !isset($ldapadd[$attr])){
+ $ldapadd[$attr]= preg_replace("/^[^=]*+=/","",$part);
+ }
+ }
+ }
+
+ /* Add root object */
+ $ldap->cd($cv['base']);
+ $res = $ldap->add($ldapadd);
+
+ /* Add root object */
+ $ldap->cd($cv['base']);
+ # $res = $ldap->create_missing_trees($cv['base']);
+
+ /* If adding failed, tell the user */
+ if(!$res){
+ $this->checks['root']['STATUS'] = FALSE;
+ $this->checks['root']['STATUS_MSG']= _("Failed");
+ $this->checks['root']['ERROR_MSG'] = _("Root object couldn't be created, you should try it on your own.");
+ $this->checks['root']['ERROR_MSG'].= "<input type='submit' name='retry_root_create' value='"._("Try to create root object")."'>";
+ return($res);;
+ }
+ }
+ }
+ /* Create & remove of dummy object was successful */
+ $this->checks['root']['STATUS'] = TRUE;
+ $this->checks['root']['STATUS_MSG']= _("Ok");
}
}
+
+ /* Return ldif information for a
+ * given attribute array
+ */
function array_to_ldif($atts)
{
$ret = "";
unset($atts['count']);
unset($atts['dn']);
foreach($atts as $name => $value){
function array_to_ldif($atts)
{
$ret = "";
unset($atts['count']);
unset($atts['dn']);
foreach($atts as $name => $value){
-
if(is_numeric($name)) {
continue;
}
if(is_numeric($name)) {
continue;
}
-
if(is_array($value)){
unset($value['count']);
foreach($value as $a_val){
if(is_array($value)){
unset($value['count']);
foreach($value as $a_val){
- if(!preg_match('/^[a-z0-9+@#.=, \/ -]+$/i', $a_val)){
- $ret .= $name.":: ". base64_encode($a_val)."\n";
- }else{
- $ret .= $name.": ". $a_val."\n";
- }
+ $ret .= $name.": ". $a_val."\n";
}
}else{
}
}else{
- if(!preg_match('/^[a-z0-9+@#.=, \/ -]+$/i', $value)){
- $ret .= $name.": ". base64_encode($value)."\n";
- }else{
- $ret .= $name.": ". $value."\n";
- }
+ $ret .= $name.": ". $value."\n";
}
}
return(preg_replace("/\n$/","",$ret));
}
}
}
return(preg_replace("/\n$/","",$ret));
}
+
+ function get_user_list()
+ {
+ /* Get collected configuration settings */
+ $cv = $this->parent->captured_values;
+
+ /* Establish ldap connection */
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ $ldap->cd($cv['base']);
+ $ldap->search("(objectClass=gosaAccount)",array("dn"));
+
+ $tmp = array();
+ while($attrs = $ldap->fetch()){
+ $tmp[base64_encode($attrs['dn'])] = @LDAP::fix($attrs['dn']);
+ }
+ return($tmp);
+ }
+
+
+ function get_all_people_ous()
+ {
+ /* Get collected configuration settings */
+ $cv = $this->parent->captured_values;
+
+ /* Establish ldap connection */
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ $ldap->cd($cv['base']);
+ $ldap->search("(".$cv['peopleou'].")",array("dn"));
+
+ if($ldap->count() == 0 ){
+ $add_dn = $cv['peopleou'].",".$cv['base'];
+ $naming_attr = preg_replace("/=.*$/","",$add_dn);
+ $naming_value = preg_replace("/^[^=]*+=([^,]*).*$/","\\1",$add_dn);
+ $add = array();
+ $add['objectClass'] = array("organizationalUnit");
+ $add[$naming_attr] = $naming_value;
+
+ $ldap->cd($cv['base']);
+ $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$add_dn));
+ $ldap->cd($add_dn);
+ $ldap->add($add);
+ }
+
+ $ldap->search("(".$cv['peopleou'].")",array("dn"));
+ $tmp = array();
+ while($attrs= $ldap->fetch()){
+ if(!preg_match("/ou=snapshots,/",$attrs['dn'])){
+ $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);
+ }
+ }
+ return($tmp);
+ }
+
+
+ function get_group_list()
+ {
+ /* Get collected configuration settings */
+ $cv = $this->parent->captured_values;
+
+ /* Establish ldap connection */
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ $ldap->cd($cv['base']);
+ $ldap->search("(objectClass=posixGroup)",array("dn"));
+
+ $tmp = array();
+ while($attrs = $ldap->fetch()){
+ $tmp[base64_encode($attrs['dn'])] = @LDAP::fix($attrs['dn']);
+ }
+ return($tmp);
+ }
+
+
+ function move($source,$destination)
+ {
+ /* Get collected configuration settings */
+ $cv = $this->parent->captured_values;
+
+ /* Establish ldap connection */
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ /* Rename dn in possible object groups */
+# $ldap->cd($cv['base']);
+# $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::fix($source).'))',
+# array('cn'));
+ # while ($attrs= $ldap->fetch()){
+ # $og= new ogroup($this->config, $ldap->getDN());
+ # unset($og->member[$src_dn]);
+ # $og->member[$dst_dn]= $dst_dn;
+ # $og->save ();
+ # }
+
+ $ldap->cat($source);
+ $new_data = $this->cleanup_array($ldap->fetch());
+ $ldap->cd($destination);
+ $res = $ldap->add($new_data);
+
+ if(!$res){
+ print_red(_("Failed to copy '%s' to '%s'. Ldap says '%s'."),$source,$destination,$ldap->get_error());
+ }else{
+ $ldap->rmDir($source);
+ show_ldap_error($ldap->get_error(),_("Something went wrong while copying dns."));
+ }
+ }
+
+
+ /* Cleanup ldap result to be able to write it be to ldap */
+ function cleanup_array($attrs)
+ {
+ foreach($attrs as $key => $value) {
+ if(is_numeric($key) || in_array($key,array("count","dn"))){
+ unset($attrs[$key]);
+ }
+ if(is_array($value) && isset($value['count'])){
+ unset($attrs[$key]['count']);
+ }
+ }
+ return($attrs);
+ }
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: