X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;ds=sidebyside;f=gosa-plugins%2Fsamba%2Fpersonal%2Fsamba%2Fclass_sambaAccount.inc;h=f4bc82270023471aab8ec8ee9e769d0d7c4bb5d3;hb=5edc1ae1b5b13aae6bb4291fe3c6d4dbf5263ee0;hp=fe3c81d08dcda523402f0772bb8709f6998979c3;hpb=3e0fb1c970823aca126cddf3de10146835319a0f;p=gosa.git diff --git a/gosa-plugins/samba/personal/samba/class_sambaAccount.inc b/gosa-plugins/samba/personal/samba/class_sambaAccount.inc index fe3c81d08..f4bc82270 100644 --- a/gosa-plugins/samba/personal/samba/class_sambaAccount.inc +++ b/gosa-plugins/samba/personal/samba/class_sambaAccount.inc @@ -24,29 +24,13 @@ class sambaAccount extends plugin var $plHeadline= "Samba"; var $plDescription= "This does something"; var $view_logged = FALSE; + var $password_expires= 0; /* Switch for Samba version */ - var $samba3= FALSE; var $uidNumber= 65535; var $gidNumber= 65535; - /* Samba 2 attributes */ - var $pwdLastSet= "0"; - var $logonTime= "0"; - var $logoffTime= "2147483647"; - var $kickoffTime= "2147483647"; - var $pwdCanChange= "0"; - var $pwdMustChange= "0"; - var $password_expires= 0; - var $acctFlags= "[UX ]"; - var $smbHome= ""; - var $homeDrive= ""; - var $scriptPath= ""; - var $profilePath= ""; - var $rid= ""; - var $primaryGroupID= ""; - - /* Samba 3 attributes */ + /* Samba attributes */ var $SID= ""; var $ridBase= 0; var $sambaSID= ""; @@ -73,7 +57,8 @@ class sambaAccount extends plugin var $mungedObject; /* Helper */ - var $show_ws_dialog= FALSE; + var $cache = array(); + var $trustSelect= FALSE; var $logon_time_set= 0; var $logoff_time_set= 0; var $kickoff_time_set= 0; @@ -91,31 +76,23 @@ class sambaAccount extends plugin /* Only used for multiple edit */ var $temporary_disable = FALSE; var $no_password_required = FALSE; + var $no_expiry = FALSE; var $multiple_sambaUserWorkstations = array(); function sambaAccount (&$config, $dn= NULL) { /* Load attributes depending on the samba version */ - $this->samba3= ($config->get_cfg_value("sambaversion") == 3); - - if ($this->samba3){ - $this->attributes= array ("sambaSID", "sambaPwdLastSet", "sambaLogonTime", - "sambaLogoffTime", "sambaKickoffTime", "sambaPwdCanChange", - "sambaPwdMustChange", "sambaAcctFlags", "uid", "sambaMungedDial", - "sambaHomePath", "sambaHomeDrive", "sambaLogonScript", - "sambaProfilePath", "sambaPrimaryGroupSID", "sambaDomainName", - "sambaUserWorkstations", "sambaPasswordHistory", - "sambaLogonHours", "sambaBadPasswordTime", - "sambaBadPasswordCount"); - $this->objectclasses= array ("sambaSamAccount"); - $this->mungedObject= new sambaMungedDial; - $this->ctxattributes= $this->mungedObject->ctxattributes; - } else { - $this->attributes= array ("pwdLastSet", "logonTime", "logoffTime", "kickoffTime", - "pwdCanChange", "pwdMustChange", "acctFlags", "profilePath", "uid", - "smbHome", "homeDrive", "scriptPath", "rid", "primaryGroupID"); - $this->objectclasses= array ("sambaAccount"); - } + $this->attributes= array ("sambaSID", "sambaPwdLastSet", "sambaLogonTime", + "sambaLogoffTime", "sambaKickoffTime", "sambaPwdCanChange", + "sambaPwdMustChange", "sambaAcctFlags", "uid", "sambaMungedDial", + "sambaHomePath", "sambaHomeDrive", "sambaLogonScript", + "sambaProfilePath", "sambaPrimaryGroupSID", "sambaDomainName", + "sambaUserWorkstations", "sambaPasswordHistory", + "sambaLogonHours", "sambaBadPasswordTime", + "sambaBadPasswordCount"); + $this->objectclasses= array ("sambaSamAccount"); + $this->mungedObject= new sambaMungedDial; + $this->ctxattributes= $this->mungedObject->ctxattributes; plugin::plugin ($config, $dn); @@ -125,7 +102,7 @@ class sambaAccount extends plugin } /* Get samba Domain in case of samba 3 */ - if ($this->samba3 && $this->sambaSID != ""){ + if ($this->sambaSID != ""){ $this->SID= preg_replace ("/-[^-]+$/", "", $this->sambaSID); $ldap= $this->config->get_ldap_link(); $ldap->cd($this->config->current['BASE']); @@ -135,7 +112,7 @@ class sambaAccount extends plugin if(isset($attrs['sambaAlgorithmicRidBase'])){ $this->ridBase= $attrs['sambaAlgorithmicRidBase'][0]; } else { - $this->ridBase= $this->config->get_cfg_value("ridbase"); + $this->ridBase= $this->config->get_cfg_value("sambaRidBase"); } if ($this->sambaDomainName == ""){ $this->sambaDomainName= $attrs['sambaDomainName'][0]; @@ -144,8 +121,8 @@ class sambaAccount extends plugin if ($this->sambaDomainName == ""){ $this->sambaDomainName= "DEFAULT"; } - $this->ridBase= $this->config->get_cfg_value("ridbase"); - $this->SID= $this->config->get_cfg_value("sid"); + $this->ridBase= $this->config->get_cfg_value("sambaRidBase"); + $this->SID= $this->config->get_cfg_value("sambaSid"); } /* Save in order to compare later on */ @@ -153,7 +130,7 @@ class sambaAccount extends plugin } /* Fill mungedDial field */ - if ($this->samba3 && isset($this->attrs['sambaMungedDial'])){ + if (isset($this->attrs['sambaMungedDial'])){ $this->mungedObject->load($this->sambaMungedDial); } @@ -194,6 +171,11 @@ class sambaAccount extends plugin /* Save initial account state */ $this->initially_was_account= $this->is_account; + + /* Convert kickoff */ + #TODO: use date format + $this->sambaKickoffTime= $this->sambaKickoffTime == 0?"":date('d.m.Y', $this->sambaKickoffTime); + $this->sambaPwdMustChange= $this->sambaPwdMustChange == 2147483647?"":date('d.m.Y', $this->sambaPwdMustChange); } function execute() @@ -250,7 +232,7 @@ class sambaAccount extends plugin $SkipWrite = (!isset($this->parent) || !$this->parent) && !session::is_set('edit'); /* Open Samaba Logong hours dialog */ - if(isset($_POST['SetSambaLogonHours']) && $this->samba3 && $this->acl_is_readable("sambaLogonHours")){ + if(isset($_POST['SetSambaLogonHours']) && $this->acl_is_readable("sambaLogonHours")){ $this->dialog = new sambaLogonHours($this->config,$this->dn,$this->sambaLogonHours); } @@ -276,22 +258,17 @@ class sambaAccount extends plugin /* Prepare templating */ $smarty= get_smarty(); + $smarty->assign("usePrototype", "true"); $tmp = $this->plInfo(); foreach($tmp['plProvidedAcls'] as $var => $rest){ $smarty->assign($var."ACL",$this->getacl($var,$SkipWrite)); } - if(!session::is_set('edit')){ + if(!session::is_set('edit') && !isset($this->parent)){ $smarty->assign("sambaLogonHoursACL",""); } - if ($this->sambaPwdMustChange=="0"){ - $date= getdate(); - } else { - $date= getdate($this->sambaPwdMustChange); - } - if ($this->sambaLogonTime=="2147483647" || $this->sambaLogonTime=="0"){ $sambaLogonTime_date= getdate(); } else { @@ -304,12 +281,6 @@ class sambaAccount extends plugin $sambaLogoffTime_date= getdate($this->sambaLogoffTime); } - if ($this->sambaKickoffTime=="2147483647" || $this->sambaKickoffTime=="0"){ - $sambaKickoffTime_date= getdate(); - } else { - $sambaKickoffTime_date= getdate($this->sambaKickoffTime); - } - /* Remove user workstations? */ if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){ @@ -336,267 +307,149 @@ class sambaAccount extends plugin /* Add user workstation? */ if (isset($_POST["add_ws"])){ if($this->acl_is_writeable("sambaUserWorkstations",$SkipWrite)){ - $this->show_ws_dialog= TRUE; + $this->trustSelect= new trustSelect($this->config,get_userinfo()); $this->dialog= TRUE; } } /* Add user workstation finished? */ if (isset($_POST["add_ws_cancel"])){ - $this->show_ws_dialog= FALSE; + $this->trustSelect= FALSE; $this->dialog= FALSE; } - /* Add user workstation? */ - if (isset($_POST["add_ws_finish"])){ + // Add selected machines to trusted ones. + if (isset($_POST["add_ws_finish"]) && $this->trustSelect){ + $trusts = $this->trustSelect->detectPostActions(); + if(isset($trusts['targets'])){ - if (isset($_POST['wslist'])){ + $headpage = $this->trustSelect->getHeadpage(); if($this->multiple_support_active){ - foreach($_POST['wslist'] as $ws){ + foreach($trusts['targets'] as $id){ + $attrs = $headpage->getEntry($id); + $we =$attrs['cn'][0]; $this->multiple_sambaUserWorkstations[trim($we)] = array("Name" => trim($ws), "UsedByAllUsers" => TRUE); } }else{ + $tmp= $this->sambaUserWorkstations; - foreach($_POST['wslist'] as $ws){ - $tmp.= ",$ws"; + foreach($trusts['targets'] as $id){ + $attrs = $headpage->getEntry($id); + $we =$attrs['cn'][0]; + $tmp.= ",$we"; } $tmp= preg_replace('/,+/', ',', $tmp); $this->sambaUserWorkstations= trim($tmp, ','); } - $this->is_modified= TRUE; - $this->show_ws_dialog= FALSE; - $this->dialog= FALSE; - } else { - msg_dialog::display(_("Error"), _("Please select an entry!"), ERROR_DIALOG); + $this->is_modified= TRUE; } + $this->trustSelect= NULL; + $this->dialog= FALSE; } /* Show ws dialog */ - if ($this->show_ws_dialog){ + if ($this->trustSelect){ - /* Save data */ - $sambafilter= session::get("sambafilter"); - foreach( array("depselect", "regex") as $type){ - if (isset($_POST[$type])){ - $sambafilter[$type]= $_POST[$type]; - } - } - if (isset($_GET['search'])){ - $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*"; - if ($s == "**"){ - $s= "*"; - } - $sambafilter['regex']= $s; - } - session::set("sambafilter", $sambafilter); - - /* Get workstation list */ - $exclude= ""; - - if($this->multiple_support_active){ - foreach($this->multiple_sambaUserWorkstations as $ws){ - if($ws['UsedByAllUsers']){ - $exclude.= "(cn=".$ws['Name']."$)"; - } - } - }else{ - foreach(split(',', $this->sambaUserWorkstations) as $ws){ - $exclude.= "(cn=$ws$)"; - } - } - if ($exclude != ""){ - $exclude= "(!(|$exclude))"; - } - $regex= $sambafilter['regex']; - $filter= "(&(objectClass=sambaSAMAccount)$exclude(uid=*$)(|(uid=$regex)(cn=$regex)))"; - $res= get_list($filter, "winworkstation", $sambafilter['depselect'], array("uid"), GL_SUBSEARCH | GL_SIZELIMIT); - - $wslist= array(); - foreach ($res as $attrs){ - $wslist[]= preg_replace('/\$/', '', $attrs['uid'][0]); - } - asort($wslist); - - $smarty->assign("search_image", get_template_path('images/lists/search.png')); - $smarty->assign("launchimage", get_template_path('images/lists/action.png')); - $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png')); - $smarty->assign("deplist", $this->config->idepartments); - $smarty->assign("alphabet", generate_alphabet()); - foreach( array("depselect", "regex") as $type){ - $smarty->assign("$type", $sambafilter[$type]); - } - $smarty->assign("hint", print_sizelimit_warning()); - $smarty->assign("wslist", $wslist); - $smarty->assign("apply", apply_filter()); - $display= $smarty->fetch (get_template_path('samba3_workstations.tpl', TRUE, - dirname(__FILE__))); - return ($display); + // Build up blocklist + session::set('filterBlacklist', array('cn' => preg_split('/,/',$this->sambaUserWorkstations))); + return($this->trustSelect->execute()); } - /* Fill calendar */ - $days= array(); - for($d= 1; $d<32; $d++){ - $days[]= $d; - } - $years= array(); - for($y= $date['year']-4; $y<$date['year']+4; $y++){ - $years[]= $y; - } - $months= msgPool::months(); - $smarty->assign("day", $date["mday"]); - $smarty->assign("days", $days); - $smarty->assign("months", $months); - $smarty->assign("month", $date["mon"]-1); - $smarty->assign("years", $years); - $smarty->assign("year", $date["year"]); - - $sambaLogonTime_days= array(); - for($d= 1; $d<32; $d++){ - $sambaLogonTime_days[]= $d; - } - $sambaLogonTime_years= array(); - for($y= $date['year']-4; $y<$date['year']+4; $y++){ - $sambaLogonTime_years[]= $y; - } - $sambaLogonTime_months= msgPool::months(); - $smarty->assign("sambaLogonTime_day", $sambaLogonTime_date["mday"]); - $smarty->assign("sambaLogonTime_days", $sambaLogonTime_days); - $smarty->assign("sambaLogonTime_months", $sambaLogonTime_months); - $smarty->assign("sambaLogonTime_month", $sambaLogonTime_date["mon"]-1); - $smarty->assign("sambaLogonTime_years", $sambaLogonTime_years); - $smarty->assign("sambaLogonTime_year", $sambaLogonTime_date["year"]); - - $sambaLogoffTime_days= array(); - for($d= 1; $d<32; $d++){ - $sambaLogoffTime_days[]= $d; - } - $sambaLogoffTime_years= array(); - for($y= $date['year']-4; $y<$date['year']+4; $y++){ - $sambaLogoffTime_years[]= $y; - } - $sambaLogoffTime_months= msgPool::months(); - $smarty->assign("sambaLogoffTime_day", $sambaLogoffTime_date["mday"]); - $smarty->assign("sambaLogoffTime_days", $sambaLogoffTime_days); - $smarty->assign("sambaLogoffTime_months", $sambaLogoffTime_months); - $smarty->assign("sambaLogoffTime_month", $sambaLogoffTime_date["mon"]-1); - $smarty->assign("sambaLogoffTime_years", $sambaLogoffTime_years); - $smarty->assign("sambaLogoffTime_year", $sambaLogoffTime_date["year"]); - - $sambaKickoffTime_days= array(); - for($d= 1; $d<32; $d++){ - $sambaKickoffTime_days[]= $d; - } - $sambaKickoffTime_years= array(); - for($y= $date['year']-4; $y<$date['year']+4; $y++){ - $sambaKickoffTime_years[]= $y; - } - $sambaKickoffTime_months= msgPool::months(); - //$smarty->assign("sambaKickoffTime_day", $sambaKickoffTime_date["mday"]-1); - $smarty->assign("sambaKickoffTime_day", $sambaKickoffTime_date["mday"]); // hickert - $smarty->assign("sambaKickoffTime_days", $sambaKickoffTime_days); - $smarty->assign("sambaKickoffTime_months", $sambaKickoffTime_months); - $smarty->assign("sambaKickoffTime_month", $sambaKickoffTime_date["mon"]-1); - $smarty->assign("sambaKickoffTime_years", $sambaKickoffTime_years); - $smarty->assign("sambaKickoffTime_year", $sambaKickoffTime_date["year"]); - /* Fill boxes */ - if ($this->samba3){ - $domains= array(); - foreach($this->config->data['SERVERS']['SAMBA'] as $name => $content){ - $domains[]= $name; - } - $smarty->assign("domains", $domains); + $domains= array(); + foreach($this->config->data['SERVERS']['SAMBA'] as $name => $content){ + $domains[]= $name; } - $letters= array(); + $smarty->assign("domains", $domains); + $letters= array(""); for ($i= 68; $i<91; $i++){ $letters[]= chr($i).":"; } $smarty->assign("drives", $letters); /* Fill terminal server settings */ - if ($this->samba3){ - foreach ($this->ctxattributes as $attr){ - /* Fill common attributes */ - if (isset($this->mungedObject->ctx[$attr])){ - $smarty->assign("$attr", $this->mungedObject->ctx[$attr]); - // Set field to blank if value is 0 - if(in_array($attr, array("CtxMaxConnectionTime", "CtxMaxDisconnectionTime", "CtxMaxIdleTime"))) { - if($this->mungedObject->ctx[$attr] == 0) { - $smarty->assign("$attr", ""); - } + foreach ($this->ctxattributes as $attr){ + /* Fill common attributes */ + if (isset($this->mungedObject->ctx[$attr])){ + $smarty->assign("$attr", $this->mungedObject->ctx[$attr]); + // Set field to blank if value is 0 + if(in_array($attr, array("CtxMaxConnectionTime", "CtxMaxDisconnectionTime", "CtxMaxIdleTime"))) { + if($this->mungedObject->ctx[$attr] == 0) { + $smarty->assign("$attr", ""); } - } else { - $smarty->assign("$attr", ""); } + } else { + $smarty->assign("$attr", ""); } + } - /* Assign enum values for preset items */ - $shadowModeVals= array( "0" => _("disabled"), - "1" => _("input on, notify on"), - "2" => _("input on, notify off"), - "3" => _("input off, notify on"), - "4" => _("input off, nofify off")); + /* Assign enum values for preset items */ + $shadowModeVals= array( "0" => _("disabled"), + "1" => _("input on, notify on"), + "2" => _("input on, notify off"), + "3" => _("input off, notify on"), + "4" => _("input off, nofify off")); - $brokenConnModeVals= array( "0" => _("disconnect"), - "1" => _("reset")); + $brokenConnModeVals= array( "0" => _("disconnect"), + "1" => _("reset")); - $reConnModeVals= array( "0" => _("from any client"), - "1" => _("from previous client only")); + $reConnModeVals= array( "0" => _("from any client"), + "1" => _("from previous client only")); - /* Fill preset items */ - $smarty->assign("shadow", $shadowModeVals); - $smarty->assign("brokenconn", $brokenConnModeVals); - $smarty->assign("reconn", $reConnModeVals); + /* Fill preset items */ + $smarty->assign("shadow", $shadowModeVals); + $smarty->assign("brokenconn", $brokenConnModeVals); + $smarty->assign("reconn", $reConnModeVals); - /* Fill preset items with values */ - $smarty->assign("shadowmode", $this->mungedObject->getShadow()); - $smarty->assign("brokenconnmode", $this->mungedObject->getBrokenConn()); - $smarty->assign("reconnmode", $this->mungedObject->getReConn()); + /* Fill preset items with values */ + $smarty->assign("shadowmode", $this->mungedObject->getShadow()); + $smarty->assign("brokenconnmode", $this->mungedObject->getBrokenConn()); + $smarty->assign("reconnmode", $this->mungedObject->getReConn()); - if(session::get('js')){ - /* Set form elements to disabled/enable state */ - $smarty->assign("tsloginstate", $this->mungedObject->getTsLogin()?"":"disabled"); + if(session::get('js')){ + /* Set form elements to disabled/enable state */ + $smarty->assign("tsloginstate", $this->mungedObject->getTsLogin()?"":"disabled"); - $smarty->assign("inheritstate", ""); - if($this->acl_is_writeable("AllowLoginOnTerminalServer",$SkipWrite)){ - $smarty->assign("inheritstate", $this->mungedObject->getInheritMode()?"disabled":""); - } - }else{ - $smarty->assign("tsloginstate", ""); - $smarty->assign("inheritstate", ""); - } - - /* Set checkboxes to checked or unchecked state */ - $smarty->assign("tslogin", $this->mungedObject->getTsLogin()?"checked":""); - $smarty->assign("inherit", $this->mungedObject->getInheritMode()?"checked":""); - $smarty->assign("connectclientdrives", - $this->mungedObject->getConnectClientDrives()?"checked":""); - $smarty->assign("connectclientprinters", - $this->mungedObject->getConnectClientPrinters()?"checked":""); - $smarty->assign("defaultprinter", - $this->mungedObject->getDefaultPrinter()?"checked":""); - $smarty->assign("CtxMaxConnectionTimeF", - $this->mungedObject->getCtxMaxConnectionTimeF()?"checked":""); - $smarty->assign("CtxMaxDisconnectionTimeF", - $this->mungedObject->getCtxMaxDisconnectionTimeF()?"checked":""); - $smarty->assign("CtxMaxIdleTimeF", - $this->mungedObject->getCtxMaxIdleTimeF()?"checked":""); + $smarty->assign("inheritstate", ""); + if($this->acl_is_writeable("AllowLoginOnTerminalServer",$SkipWrite)){ + $smarty->assign("inheritstate", $this->mungedObject->getInheritMode()?"disabled":""); + } + }else{ + $smarty->assign("tsloginstate", ""); + $smarty->assign("inheritstate", ""); + } - - /* Fill sambaUserWorkstations */ - $ws= split(",", $this->sambaUserWorkstations); - sort($ws); - - /* Tidy checks for empty option, and smarty will produce one if array[0]="" */ - if(($ws[0]=="")&&(count($ws)==1)) $ws=array(); + /* Set checkboxes to checked or unchecked state */ + $smarty->assign("tslogin", $this->mungedObject->getTsLogin()?"checked":""); + $smarty->assign("inherit", $this->mungedObject->getInheritMode()?"checked":""); + $smarty->assign("connectclientdrives", + $this->mungedObject->getConnectClientDrives()?"checked":""); + $smarty->assign("connectclientprinters", + $this->mungedObject->getConnectClientPrinters()?"checked":""); + $smarty->assign("defaultprinter", + $this->mungedObject->getDefaultPrinter()?"checked":""); + $smarty->assign("CtxMaxConnectionTimeF", + $this->mungedObject->getCtxMaxConnectionTimeF()?"checked":""); + $smarty->assign("CtxMaxDisconnectionTimeF", + $this->mungedObject->getCtxMaxDisconnectionTimeF()?"checked":""); + $smarty->assign("CtxMaxIdleTimeF", + $this->mungedObject->getCtxMaxIdleTimeF()?"checked":""); + + + /* Fill sambaUserWorkstations */ + $ws= explode(",", $this->sambaUserWorkstations); + sort($ws); + + /* Tidy checks for empty option, and smarty will produce one if array[0]="" */ + if(($ws[0]=="")&&(count($ws)==1)) $ws=array(); - if($this->multiple_support_active){ - $smarty->assign("multiple_workstations",$this->multiple_sambaUserWorkstations); - } + if($this->multiple_support_active){ + $smarty->assign("multiple_workstations",$this->multiple_sambaUserWorkstations); + } - $smarty->assign("workstations", $ws); - } + $smarty->assign("workstations", $ws); + /* Variables */ foreach($this->attributes as $val){ @@ -619,18 +472,17 @@ class sambaAccount extends plugin $smarty->assign("flagsN", ""); } - if($this->samba3){ - if ($this->sambaPwdCanChange=="1"){ - $smarty->assign("flagsP", "checked"); - } else { - $smarty->assign("flagsP", ""); - } - }else{ - if ($this->pwdCanChange=="1"){ - $smarty->assign("flagsP", "checked"); - } else { - $smarty->assign("flagsP", ""); - } + // check if password never expires + if (is_integer(strpos($this->sambaAcctFlags, "X"))) { + $smarty->assign("flagsX", "checked"); + } else { + $smarty->assign("flagsX", ""); + } + + if ($this->sambaPwdCanChange=="1"){ + $smarty->assign("flagsP", "checked"); + } else { + $smarty->assign("flagsP", ""); } if ($this->password_expires=="1"){ @@ -656,10 +508,8 @@ class sambaAccount extends plugin /* In case of javascript, disable some fields on demand */ - if ($this->samba3){ - foreach($this->mungedObject->getOnDemandFlags() as $key => $value) { - $smarty->assign("$key", "$value"); - } + foreach($this->mungedObject->getOnDemandFlags() as $key => $value) { + $smarty->assign("$key", "$value"); } @@ -674,7 +524,7 @@ class sambaAccount extends plugin "inherit","CtxWorkDirectory","CtxInitialProgram","CtxMaxConnectionTimeF","CtxMaxConnectionTime","CtxMaxDisconnectionTimeF", "CtxMaxDisconnectionTime","CtxMaxIdleTimeF","CtxMaxIdleTime","connectclientdrives", "onnectclientprinters","defaultprinter","shadow","brokenconn", - "reconn","allow_pwchange","connectclientprinters","no_password_required","temporary_disable", + "reconn","allow_pwchange","connectclientprinters","no_expiry","no_password_required","temporary_disable", "password_expires","logon_time_set","logoff_time_set","kickoff_time_set","SetSambaLogonHours", "workstation_list") as $attr){ if(in_array($attr,$this->multi_boxes)){ @@ -688,17 +538,324 @@ class sambaAccount extends plugin $smarty->assign("tsloginstate",""); } + /* Create additional info for sambaKickOffTime and sambaPwdMustChange. + e.g. Display effective kickoff time. Domain policy + user settings. + */ + $additional_info_PwdMustChange = ""; + + /* Calculate effective max Password Age + This can only be calculated if sambaPwdLastSet ist set. + */ + if(isset($this->attrs['sambaPwdLastSet'][0])){ + $last = $this->attrs['sambaPwdLastSet'][0]; + + $sid = $this->get_domain_info(); + if(isset($sid['sambaMaxPwdAge'][0])){ + $d = ($last + $sid['sambaMaxPwdAge'][0]) - time(); + + /* A negative value means the password is outdated + */ + if($d < 0){ + $additional_info_PwdMustChange = sprintf(_("The password is outdated since %s, by domain policy."), + date("d.m.Y H:i:s",$last + $sid['sambaMaxPwdAge'][0])); + }else{ + if($this->password_expires && ($last + $sid['sambaMaxPwdAge'][0]) > $this->sambaPwdMustChange){ + $additional_info_PwdMustChange = sprintf(_("The password is valid till %s, by user policy."), + date("d.m.Y H:i:s", $this->sambaPwdMustChange)); + }else{ + $additional_info_PwdMustChange = sprintf(_("The password is valid till %s, by domain policy."), + date("d.m.Y H:i:s", ($last + $sid['sambaMaxPwdAge'][0]))); + } + } + } + } + $smarty->assign("additional_info_PwdMustChange",$additional_info_PwdMustChange); + $smarty->assign("no_expiry",$this->no_expiry); + /* Show main page */ $smarty->assign("multiple_support",$this->multiple_support_active); - if ($this->samba3){ - $display.= $smarty->fetch (get_template_path('samba3.tpl', TRUE, dirname(__FILE__))); + $display.= $smarty->fetch (get_template_path('samba3.tpl', TRUE, dirname(__FILE__))); + + return ($display); + } + + + /*! \brief Returns the samba Domain object, selected in the samba tab. + */ + function get_domain_info() + { + /* Only search once, return last result if available + */ + if(!isset($this->cache['DOMAIN'][$this->sambaDomainName])){ + $this->cache['DOMAIN'][$this->sambaDomainName] = array(); + if(!empty($this->sambaDomainName) && isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName])){ + $cfg = $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]; + $ldap = $this->config->get_ldap_link(); + $ldap->cd($this->config->current['BASE']); + $ldap->search("(&(objectClass=sambaDomain)(sambaSID=".$cfg['SID']."))",array("*")); + if($ldap->count()){ + $this->cache['DOMAIN'][$this->sambaDomainName] = $ldap->fetch(); + } + } + } + return($this->cache['DOMAIN'][$this->sambaDomainName]); + } + + + + function get_samba_information() + { + + /* Defaults + */ + $sambaMinPwdLength = "unset"; + $sambaPwdHistoryLength = "unset"; + $sambaLogonToChgPwd = "unset"; + $sambaMaxPwdAge = "unset"; + $sambaMinPwdAge = "unset"; + $sambaLockoutDuration = "unset"; + $sambaLockoutThreshold = "unset"; + $sambaForceLogoff = "unset"; + $sambaRefuseMachinePwdChange = "unset"; + $sambaPwdLastSet = "unset"; + $sambaLogonTime = "unset"; + $sambaLogoffTime = "unset"; + + $sambaKickoffTime = "unset"; + $sambaPwdCanChange = "unset"; + $sambaPwdMustChange = "unset"; + $sambaBadPasswordCount = "unset"; + $sambaBadPasswordTime = "unset"; + + /* Domain attributes + */ + $domain_attributes = array("sambaMinPwdLength","sambaPwdHistoryLength","sambaMaxPwdAge", + "sambaMinPwdAge","sambaLockoutDuration","sambaRefuseMachinePwdChange", + "sambaLogonToChgPwd","sambaLockoutThreshold","sambaForceLogoff"); + + /* User attributes + */ + $user_attributes = array("sambaBadPasswordTime","sambaPwdLastSet","sambaLogonTime","sambaLogoffTime", + "sambaKickoffTime","sambaPwdCanChange","sambaPwdMustChange","sambaBadPasswordCount", "sambaSID"); + + /* Get samba SID object and parse settings. + */ + $ldap = $this->config->get_ldap_link(); + $ldap->cd($this->config->current['BASE']); + if(!empty($this->sambaDomainName) && isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName])){ + $attrs = $this->get_domain_info(); + foreach($domain_attributes as $attr){ + if(isset($attrs[$attr])){ + $$attr = $attrs[$attr][0]; + } + } + } + + /* Get user infos + */ + foreach($user_attributes as $attr){ + if(isset($this->attrs[$attr])){ + $$attr = $this->attrs[$attr][0]; + } + } + if($this->password_expires){ + $sambaPwdMustChange = $this->sambaPwdMustChange; } else { - $display.= $smarty->fetch (get_template_path('samba2.tpl', TRUE, dirname(__FILE__))); + if (is_numeric($sambaPwdMustChange)) { + $sambaPwdMustChange= date('d.m.Y', $sambaPwdMustChange); + } } + if($this->kickoff_time_set){ + $sambaKickoffTime = $this->sambaKickoffTime; + } else { + if (is_numeric($sambaKickoffTime)) { + $sambaKickoffTime= date('d.m.Y', $sambaKickoffTime); + } + } + $sambaPwdCanChange = $this->sambaPwdCanChange; - return ($display); + + /* DOMAIN Attributes + */ + + /* sambaMinPwdLength: Password length has a default of 5 + */ + if($sambaMinPwdLength == "unset" || $sambaMinPwdLength == 5){ + $sambaMinPwdLength = "5 ("._("default").")"; + } + + /* sambaPwdHistoryLength: Length of Password History Entries (default: 0 => off) + */ + if($sambaPwdHistoryLength == "unset" || $sambaPwdHistoryLength == 0){ + $sambaPwdHistoryLength = _("Off")." ("._("default").")"; + } + + /* sambaLogonToChgPwd: Force Users to logon for password change (default: 0 => off, 2 => on) + */ + if($sambaLogonToChgPwd == "unset" || $sambaLogonToChgPwd == 0){ + $sambaLogonToChgPwd = _("Off")." ("._("default").")"; + }else{ + $sambaLogonToChgPwd = _("On"); + } + + /* sambaMaxPwdAge: Maximum password age, in seconds (default: -1 => never expire passwords)' + */ + if($sambaMaxPwdAge == "unset" || $sambaMaxPwdAge == "-1"){ + $sambaMaxPwdAge = _("disabled")." ("._("default").")"; + }else{ + $sambaMaxPwdAge .= " "._("seconds"); + } + + /* sambaMinPwdAge: Minimum password age, in seconds (default: 0 => allow immediate password change + */ + if($sambaMinPwdAge == "unset" || $sambaMinPwdAge == 0){ + $sambaMinPwdAge = _("disabled")." ("._("default").")"; + }else{ + $sambaMinPwdAge .= " "._("seconds"); + } + + /* sambaLockoutDuration: Lockout duration in minutes (default: 30, -1 => forever) + */ + if($sambaLockoutDuration == "unset" || $sambaLockoutDuration == 30){ + $sambaLockoutDuration = "30 "._("minutes")." ("._("default").")"; + }elseif($sambaLockoutDuration == -1){ + $sambaLockoutDuration = _("forever"); + }else{ + $sambaLockoutDuration .= " "._("minutes"); + } + + /* sambaLockoutThreshold: Lockout users after bad logon attempts (default: 0 => off + */ + if($sambaLockoutThreshold == "unset" || $sambaLockoutThreshold == 0){ + $sambaLockoutThreshold = _("disabled")." ("._("default").")"; + } + + /* sambaForceLogoff: Disconnect Users outside logon hours (default: -1 => off, 0 => on + */ + if($sambaForceLogoff == "unset" || $sambaForceLogoff == -1){ + $sambaForceLogoff = _("off")." ("._("default").")"; + }else{ + $sambaForceLogoff = _("on"); + } + + /* sambaRefuseMachinePwdChange: Allow Machine Password changes (default: 0 => off + */ + if($sambaRefuseMachinePwdChange == "none" || $sambaRefuseMachinePwdChange == 0){ + $sambaRefuseMachinePwdChange = _("off")." ("._("default").")"; + }else{ + $sambaRefuseMachinePwdChange = _("on"); + } + + /* USER Attributes + */ + /* sambaBadPasswordTime: Time of the last bad password attempt + */ + if($sambaBadPasswordTime == "unset" || empty($sambaBadPasswordTime)){ + $sambaBadPasswordTime = "("._("unset").")"; + }else{ + $sambaBadPasswordTime = date("d.m.Y H:i:s",$sambaBadPasswordTime); + } + + /* sambaBadPasswordCount: Bad password attempt count + */ + if($sambaBadPasswordCount == "unset" || empty($sambaBadPasswordCount)){ + $sambaBadPasswordCount = "("._("unset").")"; + }else{ + $sambaBadPasswordCount = date("d.m.Y H:i:s",$sambaBadPasswordCount); + } + + /* sambaPwdLastSet: Timestamp of the last password update + */ + if($sambaPwdLastSet == "unset" || empty($sambaPwdLastSet)){ + $sambaPwdLastSet = "("._("unset").")"; + }else{ + $sambaPwdLastSet = date("d.m.Y H:i:s",$sambaPwdLastSet); + } + + /* sambaLogonTime: Timestamp of last logon + */ + if($sambaLogonTime == "unset" || empty($sambaLogonTime)){ + $sambaLogonTime = "("._("unset").")"; + }else{ + $sambaLogonTime = date("d.m.Y H:i:s",$sambaLogonTime); + } + + /* sambaLogoffTime: Timestamp of last logoff + */ + if($sambaLogoffTime == "unset" || empty($sambaLogoffTime)){ + $sambaLogoffTime = "("._("unset").")"; + }else{ + $sambaLogoffTime = date("d.m.Y H:i:s",$sambaLogoffTime); + } + + /* sambaKickoffTime: Timestamp of when the user will be logged off automatically + */ + if($sambaKickoffTime == "unset" || empty($sambaKickoffTime)){ + $sambaKickoffTime = "("._("unset").")"; + } + + /* sambaPwdMustChange: Timestamp of when the password will expire + */ + if($sambaPwdMustChange == "unset" || empty($sambaPwdMustChange)){ + $sambaPwdMustChange = "("._("unset").")"; + } + + /* sambaPwdCanChange: Timestamp of when the user is allowed to update the password + */ + if($sambaPwdCanChange == "unset" || empty($sambaPwdCanChange)){ + $sambaPwdCanChange = "("._("unset").")"; + }elseif($sambaPwdCanChange != "unset" && time() > $sambaPwdCanChange){ + $sambaPwdCanChange = _("immediately") ; + }else{ + $days = floor((($sambaPwdCanChange - time()) / 60 / 60 / 24)) ; + $hours = floor((($sambaPwdCanChange - time()) / 60 / 60) % 24) ; + $minutes = floor((($sambaPwdCanChange - time()) / 60 ) % 60) ; + + $sambaPwdCanChange = " ".$days." "._("days"); + $sambaPwdCanChange.= " ".$hours." "._("hours"); + $sambaPwdCanChange.= " ".$minutes." "._("minutes"); + } + + $str = + "\n
"._("Domain attributes")." | |
"._("Min password length").": | ".$sambaMinPwdLength." |
"._("Min password length").": | ".$sambaMinPwdLength." |
"._("Password history").": | ".$sambaPwdHistoryLength." |
"._("Force password change").": | ".$sambaLogonToChgPwd." |
"._("Maximum password age").": | ".$sambaMaxPwdAge." |
"._("Minimum password age").": | ".$sambaMinPwdAge." |
"._("Lockout duration").": | ".$sambaLockoutDuration." |
"._("Bad lockout attempt").": | ".$sambaLockoutThreshold." |
"._("Disconnect time").": | ".$sambaForceLogoff." |
"._("Refuse machine password change").": | ".$sambaRefuseMachinePwdChange." |
"._("User attributes")." | |
"._("SID").": | ".$sambaSID." |
"._("Last failed login").": | ".$sambaBadPasswordTime." |
"._("Logon attempts").": | ".$sambaBadPasswordCount." |
"._("Last password update").": | ".$sambaPwdLastSet." |
"._("Last logon").": | ".$sambaLogonTime." |
"._("Last logoff").": | ".$sambaLogoffTime." |
"._("Automatic logoff").": | ".$sambaKickoffTime." |
"._("Password expires").": | "._("No")." |
". + sprintf(_("The password would expire on %s, but the password expiry is disabled."),$sambaPwdMustChange). + " | |
"._("Password expires").": | ".$sambaPwdMustChange." |
"._("Password change available").": | ".$sambaPwdCanChange." |