X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=setup%2Fclass_setupStep_Migrate.inc;h=6e4d85f7ea6cc4c9f863bfd78c6efa872d269169;hb=a26e30f68ebeebd69d33547806568a2efb38b84b;hp=c6f4cc8f2f72b7fe2a3146b2d1c895a5589740f7;hpb=4af8eca6e1b99d9f7eb446b3cab5ef5f865fc1b9;p=gosa.git
diff --git a/setup/class_setupStep_Migrate.inc b/setup/class_setupStep_Migrate.inc
index c6f4cc8f2..6e4d85f7e 100644
--- a/setup/class_setupStep_Migrate.inc
+++ b/setup/class_setupStep_Migrate.inc
@@ -59,6 +59,7 @@ class Step_Migrate extends setup_step
/* Department migration attributes */
var $dep_migration_dialog = FALSE;
var $deps_to_migrate = array();
+ var $show_details = FALSE;
/* Department migration attributes */
var $users_migration_dialog= FALSE;
@@ -66,7 +67,6 @@ class Step_Migrate extends setup_step
/* Create Acl attributes */
var $acl_create_dialog = FALSE;
- var $acl_create_type = "group";
var $acl_create_selected= ""; // Currently selected element, that should receive admin rights
var $acl_create_changes = ""; // Contains ldif information about changes
var $acl_create_confirmed= FALSE;
@@ -116,7 +116,7 @@ class Step_Migrate extends setup_step
$this->checks['root']['ERROR_MSG'] = "";
$this->checkBase();
- $this->checks['permissions']['TITLE'] = _("Checking permissions on ldap database");
+ $this->checks['permissions']['TITLE'] = _("Checking permissions on LDAP database");
$this->checks['permissions']['STATUS'] = FALSE;
$this->checks['permissions']['STATUS_MSG']= "";
$this->checks['permissions']['ERROR_MSG'] = "";
@@ -128,49 +128,52 @@ class Step_Migrate extends setup_step
$this->checks['deps_visible']['ERROR_MSG'] = "";
$this->check_organizationalUnits();
- $this->checks['users_visible']['TITLE'] = _("Checking for invisible user");
+ $this->checks['users_visible']['TITLE'] = _("Checking for invisible users");
$this->checks['users_visible']['STATUS'] = FALSE;
$this->checks['users_visible']['STATUS_MSG']= "";
$this->checks['users_visible']['ERROR_MSG'] = "";
$this->check_gosaAccounts();
- $this->checks['acls']['TITLE'] = _("Checking for administrational account");
+ $this->checks['acls']['TITLE'] = _("Checking for super administrator");
$this->checks['acls']['STATUS'] = FALSE;
$this->checks['acls']['STATUS_MSG']= "";
$this->checks['acls']['ERROR_MSG'] = "";
$this->check_administrativeAccount();
- $this->checks['outside_users']['TITLE'] = _("Checking for users outside the people department.");
+ $this->checks['outside_users']['TITLE'] = _("Checking for users outside the people tree");
$this->checks['outside_users']['STATUS'] = FALSE;
$this->checks['outside_users']['STATUS_MSG']= "";
$this->checks['outside_users']['ERROR_MSG'] = "";
$this->search_outside_users();
- $this->checks['outside_groups']['TITLE'] = _("Checking for groups outside the groups department.");
+ $this->checks['outside_groups']['TITLE'] = _("Checking for groups outside the groups tree");
$this->checks['outside_groups']['STATUS'] = FALSE;
$this->checks['outside_groups']['STATUS_MSG']= "";
$this->checks['outside_groups']['ERROR_MSG'] = "";
$this->search_outside_groups();
- $this->checks['outside_winstations']['TITLE'] = _("Checking for windows workstations outside the winstation department.");
+ $this->checks['outside_winstations']['TITLE'] = _("Checking for windows workstations outside the winstation tree");
$this->checks['outside_winstations']['STATUS'] = FALSE;
$this->checks['outside_winstations']['STATUS_MSG']= "";
$this->checks['outside_winstations']['ERROR_MSG'] = "";
$this->search_outside_winstations();
- $this->checks['uidNumber_usage']['TITLE'] = _("Checking for multiple use of same uidNumber value.");
+ $this->checks['uidNumber_usage']['TITLE'] = _("Checking for duplicate uid numbers");
$this->checks['uidNumber_usage']['STATUS'] = FALSE;
$this->checks['uidNumber_usage']['STATUS_MSG']= "";
$this->checks['uidNumber_usage']['ERROR_MSG'] = "";
$this->check_uidNumber();
- $this->checks['gidNumber_usage']['TITLE'] = _("Checking for multiple use of same gidNumber value.");
+ $this->checks['gidNumber_usage']['TITLE'] = _("Checking for duplicate gid numbers");
$this->checks['gidNumber_usage']['STATUS'] = FALSE;
$this->checks['gidNumber_usage']['STATUS_MSG']= "";
$this->checks['gidNumber_usage']['ERROR_MSG'] = "";
$this->check_gidNumber();
}
+
+ /* Check if there are uidNumbers which are used more than once.
+ */
function check_uidNumber()
{
$cv = $this->parent->captured_values;
@@ -184,12 +187,13 @@ class Step_Migrate extends setup_step
$res = $ldap->search("uidNumber=*",array("dn","uidNumber"));
if(!$res){
$this->checks['uidNumber_usage']['STATUS'] = FALSE;
- $this->checks['uidNumber_usage']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['uidNumber_usage']['STATUS_MSG']= _("LDAP query failed");
$this->checks['uidNumber_usage']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
return(false);
}
$this->check_uidNumbers= array();
+ $tmp = array();
while($attrs = $ldap->fetch()){
$tmp[$attrs['uidNumber'][0]][] = $attrs;
}
@@ -204,9 +208,9 @@ class Step_Migrate extends setup_step
if($this->check_uidNumbers){
$this->checks['uidNumber_usage']['STATUS'] = FALSE;
- $this->checks['uidNumber_usage']['STATUS_MSG']= _("Failed");
+ $this->checks['uidNumber_usage']['STATUS_MSG']= ""._("Warning")."";
$this->checks['uidNumber_usage']['ERROR_MSG'] =
- sprintf(_("Found %s duplicated uidNumber values."),count($this->check_uidNumbers));
+ sprintf(_("Found %s duplicate values for attribute 'uidNumber'."),count($this->check_uidNumbers));
return(false);
}else{
$this->checks['uidNumber_usage']['STATUS'] = TRUE;
@@ -216,6 +220,9 @@ class Step_Migrate extends setup_step
}
}
+
+ /* Check if there are duplicated gidNumbers present in ldap
+ */
function check_gidNumber()
{
$cv = $this->parent->captured_values;
@@ -226,15 +233,16 @@ class Step_Migrate extends setup_step
$cv['tls']);
$ldap->cd($cv['base']);
- $res = $ldap->search("gidNumber=*",array("dn","gidNumber"));
+ $res = $ldap->search("(&(objectClass=posixGroup)(gidNumber=*))",array("dn","gidNumber"));
if(!$res){
$this->checks['gidNumber_usage']['STATUS'] = FALSE;
- $this->checks['gidNumber_usage']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['gidNumber_usage']['STATUS_MSG']= _("LDAP query failed");
$this->checks['gidNumber_usage']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
return(false);
}
$this->check_gidNumbers= array();
+ $tmp = array();
while($attrs = $ldap->fetch()){
$tmp[$attrs['gidNumber'][0]][] = $attrs;
}
@@ -249,9 +257,9 @@ class Step_Migrate extends setup_step
if($this->check_gidNumbers){
$this->checks['gidNumber_usage']['STATUS'] = FALSE;
- $this->checks['gidNumber_usage']['STATUS_MSG']= _("Failed");
+ $this->checks['gidNumber_usage']['STATUS_MSG']= ""._("Warning")."";
$this->checks['gidNumber_usage']['ERROR_MSG'] =
- sprintf(_("Found %s duplicated gidNumber values."),count($this->check_gidNumbers));
+ sprintf(_("Found %s duplicate values for attribute 'gidNumber'."),count($this->check_gidNumbers));
return(false);
}else{
$this->checks['gidNumber_usage']['STATUS'] = TRUE;
@@ -262,7 +270,8 @@ class Step_Migrate extends setup_step
}
- /* Search for winstations outside the winstation ou */
+ /* Search for winstations outside the winstation ou
+ */
function search_outside_winstations()
{
$cv = $this->parent->captured_values;
@@ -278,19 +287,27 @@ class Step_Migrate extends setup_step
}else{
$winstation_ou = "ou=winstations";
}
+
+ if($cv['samba_version'] == 3){
+ $oc = "sambaSamAccount";
+ }else{
+ $oc = "sambaAccount";
+ }
$ldap->cd($cv['base']);
- $res = $ldap->search("(&(objectClass=posixGroup)(sambaGroupType=2)(sambaSID=*))",array("dn","sambaSID"));
+ $res = $ldap->search("(&(objectClass=".$oc.")(uid=*$))",array("dn","sambaSID"));
if(!$res){
$this->checks['outside_winstations']['STATUS'] = FALSE;
- $this->checks['outside_winstations']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['outside_winstations']['STATUS_MSG']= _("LDAP query failed");
$this->checks['outside_winstations']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
return(false);
}
$this->outside_winstations = array();
while($attrs = $ldap->fetch()){
- if(preg_match("/-516$/","",$attrs['sambaSID'][0]) && !preg_match("/^[^,]+,".normalizePreg($winstation_ou)."/",$attrs['dn'])){
+ if((!preg_match("/^[^,]+,".normalizePreg($winstation_ou)."/",$attrs['dn'])) && !preg_match("/,dc=addressbook,/",$attrs['dn'])){
+ $attrs['selected'] = FALSE;
+ $attrs['ldif'] = "";
$this->outside_winstations[base64_encode($attrs['dn'])] = $attrs;
}
}
@@ -300,6 +317,7 @@ class Step_Migrate extends setup_step
$this->checks['outside_winstations']['STATUS_MSG']= _("Failed");
$this->checks['outside_winstations']['ERROR_MSG'] =
sprintf(_("Found %s winstations outside the predefined winstation department ou '%s'."),count($this->outside_winstations),$winstation_ou);
+ $this->checks['outside_winstations']['ERROR_MSG'].= "";
return(false);
}else{
$this->checks['outside_winstations']['STATUS'] = TRUE;
@@ -310,7 +328,8 @@ class Step_Migrate extends setup_step
}
- /* Search for groups outside the group ou */
+ /* Search for groups outside the group ou
+ */
function search_outside_groups()
{
$cv = $this->parent->captured_values;
@@ -322,27 +341,51 @@ class Step_Migrate extends setup_step
$group_ou = $cv['groupou'];
$ldap->cd($cv['base']);
+
+ /***********
+ * Get all gosaDepartments to be able to
+ * validate correct ldap tree position of every single user
+ ***********/
+ $valid_deps = array();
+ $valid_deps['/'] = $cv['base'];
+ $ldap->search("(&(objectClass=gosaDepartment)(ou=*))",array("dn","ou"));
+ while($attrs = $ldap->fetch()){
+ $valid_deps[$attrs['ou'][0]] = $attrs['dn'];
+ }
+
+ /***********
+ * Get all groups
+ ***********/
$res = $ldap->search("(objectClass=posixGroup)",array("dn"));
if(!$res){
$this->checks['outside_groups']['STATUS'] = FALSE;
- $this->checks['outside_groups']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['outside_groups']['STATUS_MSG']= _("LDAP query failed");
$this->checks['outside_groups']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
return(false);
}
-
$this->outside_groups = array();
while($attrs = $ldap->fetch()){
- if(!preg_match("/^[^,]+,".normalizePreg($group_ou)."/",$attrs['dn'])){
+ $group_db_base = preg_replace("/^[^,]+,".normalizePreg($group_ou)."+,/i","",$attrs['dn']);
+
+ /* Check if entry is not an addressbook only user
+ * and verify that he is in a valid department
+ */
+ if( !preg_match("/".normalizePreg("dc=addressbook,")."/",$group_db_base) &&
+ !in_array($group_db_base,$valid_deps)
+ ){
+ $attrs['selected'] = FALSE;
+ $attrs['ldif'] = "";
$this->outside_groups[base64_encode($attrs['dn'])] = $attrs;
}
}
if(count($this->outside_groups)){
$this->checks['outside_groups']['STATUS'] = FALSE;
- $this->checks['outside_groups']['STATUS_MSG']= _("Failed");
- $this->checks['outside_groups']['ERROR_MSG'] =
- sprintf(_("Found %s groups outside the selected group ou '%s'."),count($this->outside_groups),$group_ou);
+ $this->checks['outside_groups']['STATUS_MSG']= ""._("Warning")."";
+ $this->checks['outside_groups']['ERROR_MSG'] =
+ sprintf(_("Found %s groups outside the configured tree '%s'."),count($this->outside_groups),$group_ou);
+ $this->checks['outside_groups']['ERROR_MSG'].= " ";
return(false);
}else{
$this->checks['outside_groups']['STATUS'] = TRUE;
@@ -352,7 +395,8 @@ class Step_Migrate extends setup_step
}
}
- /* Search for users outside the people ou */
+ /* Search for users outside the people ou
+ */
function search_outside_users()
{
$cv = $this->parent->captured_values;
@@ -361,29 +405,62 @@ class Step_Migrate extends setup_step
$cv['connection'],
FALSE,
$cv['tls']);
- $people_ou = $cv['peopleou'];
+
$ldap->cd($cv['base']);
- $res = $ldap->search("(objectClass=gosaAccount)",array("dn"));
+
+
+ /***********
+ * Get all gosaDepartments to be able to
+ * validate correct ldap tree position of every single user
+ ***********/
+ $valid_deps = array();
+ $valid_deps['/'] = $cv['base'];
+ $ldap->search("(&(objectClass=gosaDepartment)(ou=*))",array("dn","ou"));
+ while($attrs = $ldap->fetch()){
+ $valid_deps[$attrs['ou'][0]] = $attrs['dn'];
+ }
+
+ /***********
+ * Search for all users
+ ***********/
+ $res = $ldap->search("(&(objectClass=gosaAccount)(!(uid=*$)))",array("dn"));
if(!$res){
$this->checks['outside_users']['STATUS'] = FALSE;
- $this->checks['outside_users']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['outside_users']['STATUS_MSG']= _("LDAP query failed");
$this->checks['outside_users']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
return(false);
}
-
+ /***********
+ * Check if returned users are within a valid GOsa deparmtment. (peopleou,gosaDepartment,base)
+ ***********/
$this->outside_users = array();
+ $people_ou = trim($cv['peopleou']);
+ if(!empty($people_ou)){
+ $people_ou = $people_ou.",";
+ }
+
while($attrs = $ldap->fetch()){
- if(!preg_match("/^[^,]+,".normalizePreg($people_ou)."/",$attrs['dn'])){
+ $people_db_base = preg_replace("/^[^,]+,".normalizePreg($people_ou)."/i","",$attrs['dn']);
+
+ /* Check if entry is not an addressbook only user
+ * and verify that he is in a valid department
+ */
+ if( !preg_match("/".normalizePreg("dc=addressbook,")."/",$people_db_base) &&
+ !in_array($people_db_base,$valid_deps)
+ ){
+ $attrs['selected'] = FALSE;
+ $attrs['ldif'] = "";
$this->outside_users[base64_encode($attrs['dn'])] = $attrs;
}
}
if(count($this->outside_users)){
$this->checks['outside_users']['STATUS'] = FALSE;
- $this->checks['outside_users']['STATUS_MSG']= _("Failed");
- $this->checks['outside_users']['ERROR_MSG'] =
- sprintf(_("Found %s users outside the selected user ou '%s'."),count($this->outside_users),$people_ou);
+ $this->checks['outside_users']['STATUS_MSG']= ""._("Warning")."";
+ $this->checks['outside_users']['ERROR_MSG'] =
+ sprintf(_("Found %s user(s) outside the configured tree '%s'."),count($this->outside_users),$people_ou);
+ $this->checks['outside_users']['ERROR_MSG'].= "";
return(false);
}else{
$this->checks['outside_users']['STATUS'] = TRUE;
@@ -423,7 +500,7 @@ class Step_Migrate extends setup_step
$res = $ldap->cat($cv['base']);
if(!$res){
$this->checks['permissions']['STATUS'] = FALSE;
- $this->checks['permissions']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['permissions']['STATUS_MSG']= _("LDAP query failed");
$this->checks['permissions']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
return(false);
}
@@ -433,8 +510,10 @@ class Step_Migrate extends setup_step
$ldap->cd ($dn);
$ldap->create_missing_trees($dn);
$res = $ldap->add($testEntry);
- if(!$res){
- gosa_log($ldap->get_error());
+ $ldap->cat($dn);
+ if(!$ldap->count()){
+ new log("view","setup/".get_class($this),$dn,array(),$ldap->get_error());
+
$this->checks['permissions']['STATUS'] = FALSE;
$this->checks['permissions']['STATUS_MSG']= _("Failed");
$this->checks['permissions']['ERROR_MSG'] =
@@ -445,8 +524,9 @@ class Step_Migrate extends setup_step
/* Try to remove created entry
*/
$res = $ldap->rmDir($dn);
- if(!$res){
- gosa_log($ldap->get_error());
+ $ldap->cat($dn);
+ if($ldap->count()){
+ new log("view","setup/".get_class($this),$dn,array(),$ldap->get_error());
$this->checks['permissions']['STATUS'] = FALSE;
$this->checks['permissions']['STATUS_MSG']= _("Failed");
$this->checks['permissions']['ERROR_MSG'] =
@@ -487,7 +567,7 @@ class Step_Migrate extends setup_step
/* Get all invisible users
*/
$ldap->cd($cv['base']);
- $res =$ldap->search("(&(|(objectClass=posixAccount)(objectClass=inetOrgPerson)(objectClass=organizationalPerson))(!(objectClass=gosaAccount)))",array("sn","givenName","cn","uid"));
+ $res =$ldap->search("(&(|(objectClass=posixAccount)(&(objectClass=inetOrgPerson)(objectClass=organizationalPerson)))(!(objectClass=gosaAccount))(uid=*))",array("sn","givenName","cn","uid"));
while($attrs = $ldap->fetch()){
if(!preg_match("/,dc=addressbook,/",$attrs['dn'])){
$attrs['checked'] = FALSE;
@@ -505,7 +585,7 @@ class Step_Migrate extends setup_step
/* No invisible */
if(!$res){
$this->checks['users_visible']['STATUS'] = FALSE;
- $this->checks['users_visible']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['users_visible']['STATUS_MSG']= _("LDAP query failed");
$this->checks['users_visible']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
}elseif(count($this->users_to_migrate) == 0){
$this->checks['users_visible']['STATUS'] = TRUE;
@@ -513,10 +593,10 @@ class Step_Migrate extends setup_step
$this->checks['users_visible']['ERROR_MSG'] = "";
}else{
$this->checks['users_visible']['STATUS'] = FALSE;
- $this->checks['users_visible']['STATUS_MSG']= "";
- $this->checks['users_visible']['ERROR_MSG'] = sprintf(_("Found %s users that will not be visible in GOsa."),
+ $this->checks['users_visible']['STATUS_MSG']= ""._("Warning")."";
+ $this->checks['users_visible']['ERROR_MSG'] = sprintf(_("Found %s user(s) that will not be visible in GOsa."),
count($this->users_to_migrate));
- $this->checks['users_visible']['ERROR_MSG'] .= "";
+ $this->checks['users_visible']['ERROR_MSG'] .= "";
}
}
@@ -525,6 +605,8 @@ class Step_Migrate extends setup_step
*/
function migrate_gosaAccounts($only_ldif = FALSE)
{
+ $this->show_details= $only_ldif;
+
/* Get collected configuration settings */
$cv = $this->parent->captured_values;
@@ -591,12 +673,12 @@ class Step_Migrate extends setup_step
$cv['tls']);
/* Skip GOsa internal departments */
- $skip_dns = array("/^ou=people,/","/^ou=groups,/","/(,|)ou=configs,/","/(,|)ou=systems,/",
- "/^ou=apps,/","/^ou=mime,/","/^ou=aclroles,/","/^ou=incoming,/",
+ $skip_dns = array("/".$cv['peopleou']."/","/".$cv['groupou']."/","/^ou=people,/","/^ou=groups,/",
+ "/(,|)ou=configs,/","/(,|)ou=systems,/",
+ "/(,|)ou=apps,/","/(,|)ou=mime,/","/^ou=aclroles,/","/^ou=incoming,/",
"/ou=snapshots,/","/(,|)dc=addressbook,/","/^(,|)ou=machineaccounts,/",
"/(,|)ou=winstations,/");
-
/* Get all invisible departments */
$ldap->cd($cv['base']);
$res = $ldap->search("(&(objectClass=organizationalUnit)(!(objectClass=gosaDepartment)))",array("ou","description","dn"));
@@ -633,17 +715,17 @@ class Step_Migrate extends setup_step
*/
if(!$res){
$this->checks['deps_visible']['STATUS'] = FALSE;
- $this->checks['deps_visible']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['deps_visible']['STATUS_MSG']= _("LDAP query failed");
$this->checks['deps_visible']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
}elseif(count($this->deps_to_migrate) == 0 ){
$this->checks['deps_visible']['STATUS'] = TRUE;
$this->checks['deps_visible']['STATUS_MSG']= _("Ok");
$this->checks['deps_visible']['ERROR_MSG'] = "";
}else{
- $this->checks['deps_visible']['STATUS'] = FALSE;
- $this->checks['deps_visible']['STATUS_MSG']= "";//sprintf(_("%s entries found"),count($this->deps_to_migrate));
- $this->checks['deps_visible']['ERROR_MSG'] = sprintf(_("Found %s departments that will not be visible in GOsa."),count($this->deps_to_migrate));
- $this->checks['deps_visible']['ERROR_MSG'] .= "";
+ $this->checks['deps_visible']['STATUS'] = TRUE;
+ $this->checks['deps_visible']['STATUS_MSG']= ''._("Warning").'';
+ $this->checks['deps_visible']['ERROR_MSG'] = sprintf(_("Found %s department(s) that will not be visible in GOsa."),count($this->deps_to_migrate));
+ $this->checks['deps_visible']['ERROR_MSG'] .= " ";
}
}
@@ -652,6 +734,8 @@ class Step_Migrate extends setup_step
/* Start deparmtment migration */
function migrate_organizationalUnits($only_ldif = FALSE)
{
+ $this->show_details= $only_ldif;
+
/* Get collected configuration settings */
$cv = $this->parent->captured_values;
@@ -716,68 +800,90 @@ class Step_Migrate extends setup_step
/* Search for gosaAcls */
$ldap->cd($cv['base']);
- $res = $ldap->search("(&(objectClass=gosaAccount)(|(objectClass=posixAccount)".
- "(objectClass=inetOrgPerson)(objectClass=organizationalPerson)))");
+ $res = $ldap->cat($cv['base']);
+
if(!$res){
$this->checks['acls']['STATUS'] = FALSE;
- $this->checks['acls']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['acls']['STATUS_MSG']= _("LDAP query failed");
$this->checks['acls']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
- }elseif($ldap->count()){
- $this->checks['acls']['STATUS'] = TRUE;
- $this->checks['acls']['STATUS_MSG']= _("Ok");
}else{
- $this->checks['acls']['STATUS'] = FALSE;
- $this->checks['acls']['STATUS_MSG']= _("Failed");
- $this->checks['acls']['ERROR_MSG'].= "";
- }
- return($ldap->count()>=1);
- }
+ $found = false;
+ $username = "";
+ $attrs = $ldap->fetch();
+ if(isset($attrs['gosaAclEntry'])){
+ $acls = $attrs['gosaAclEntry'];
+ for($i = 0 ; $i < $acls['count'] ; $i++){
+ $acl = $acls[$i];
+ $tmp = split(":",$acl);
+ if($tmp[1] == "psub"){
+ $members = split(",",$tmp[2]);
+ foreach($members as $member){
+ $member = base64_decode($member);
+
+ /* Check if acl owner is a valid GOsa user account */
+ $ldap->cat($member,array("objectClass","uid","cn"));
+ $ret = $ldap->fetch();
+
+ if(isset($ret['objectClass']) && in_array("posixGroup",$ret['objectClass'])){
+ $found = TRUE;
+ $username .= "ACL-Group: ".$ret['cn'][0]."
";
+ }elseif(isset($ret['objectClass']) && in_array("gosaAccount",$ret['objectClass']) &&
+ in_array("organizationalPerson",$ret['objectClass']) &&
+ in_array("inetOrgPerson",$ret['objectClass'])){
+ $found = TRUE;
+ $username .= "ACL: ".$ret['uid'][0]."
";
+ }
+ }
+ }elseif($tmp[1] == "role"){
+ /* Check if acl owner is a valid GOsa user account */
+ $ldap->cat(base64_decode($tmp[2]),array("gosaAclTemplate"));
+ $ret = $ldap->fetch();
- function get_user_list()
- {
- /* Get collected configuration settings */
- $cv = $this->parent->captured_values;
+ if(isset($ret['gosaAclTemplate'])){
+ $cnt = $ret['gosaAclTemplate']['count'];
+ for($e = 0 ; $e < $cnt ; $e++){
- /* Establish ldap connection */
- $ldap = new LDAP($cv['admin'],
- $cv['password'],
- $cv['connection'],
- FALSE,
- $cv['tls']);
-
- $ldap->cd($cv['base']);
- $ldap->search("(objectClass=gosaAccount)",array("dn"));
-
- $tmp = array();
- while($attrs = $ldap->fetch()){
- $tmp[base64_encode($attrs['dn'])] = @LDAP::fix($attrs['dn']);
- }
-
- return($tmp);
- }
+ $a_str = $ret['gosaAclTemplate'][$e];
+ if(preg_match("/^[0-9]*:psub:/",$a_str) && preg_match("/:all;cmdrw$/",$a_str)){
- function get_group_list()
- {
- /* Get collected configuration settings */
- $cv = $this->parent->captured_values;
+ $members = split(",",$tmp[3]);
+ foreach($members as $member){
+ $member = base64_decode($member);
- /* Establish ldap connection */
- $ldap = new LDAP($cv['admin'],
- $cv['password'],
- $cv['connection'],
- FALSE,
- $cv['tls']);
-
- $ldap->cd($cv['base']);
- $ldap->search("(objectClass=posixGroup)",array("dn"));
+ /* Check if acl owner is a valid GOsa user account */
+ $ldap->cat($member,array("objectClass","uid"));
+ $ret = $ldap->fetch();
- $tmp = array();
- while($attrs = $ldap->fetch()){
- $tmp[base64_encode($attrs['dn'])] = @LDAP::fix($attrs['dn']);
- }
+ if(isset($ret['objectClass']) && in_array("gosaAccount",$ret['objectClass']) &&
+ in_array("organizationalPerson",$ret['objectClass']) &&
+ in_array("inetOrgPerson",$ret['objectClass'])){
+ $found = TRUE;
+ $username .= "ACL Role: ".$ret['uid'][0]."
";
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
- return($tmp);
+ # For debugging
+ #echo $username;
+
+ if($found){
+ $this->checks['acls']['STATUS'] = TRUE;
+ $this->checks['acls']['STATUS_MSG']= _("Ok");
+ $this->checks['acls']['ERROR_MSG'] = "";
+ }else{
+ $this->checks['acls']['STATUS'] = FALSE;
+ $this->checks['acls']['STATUS_MSG']= _("Failed");
+ $this->checks['acls']['ERROR_MSG']= _("There is no GOsa administrator account inside your LDAP.")." ";
+ $this->checks['acls']['ERROR_MSG'].= "";
+ }
+ }
+ return($ldap->count()>=1);
}
@@ -814,7 +920,7 @@ class Step_Migrate extends setup_step
}
}
- $acl = "0:sub:".base64_encode($dn).":all;cmdrw";
+ $acl = "0:psub:".base64_encode($dn).":all;cmdrw";
$attrs_new['gosaAclEntry'][] = $acl;
if(isset($attrs['gosaAclEntry'])){
for($i = 0 ; $i < $attrs['gosaAclEntry']['count']; $i ++){
@@ -837,6 +943,9 @@ class Step_Migrate extends setup_step
$ldap->cd($cv['base']);
if(!$ldap->modify($attrs_new)){
print_red(sprintf(_("Adding acls for user '%s' failed, ldap says '%s'."),$dn,$ldap->get_error()));
+ return(FALSE);
+ }else{
+ return(TRUE);
}
}
}
@@ -844,13 +953,30 @@ class Step_Migrate extends setup_step
function create_admin_user()
{
- if(isset($_POST['new_user_password']) && !empty($_POST['new_user_password'])){
- $pwd = $_POST['new_user_password'];
- }else{
- print_red(_("Please specify a valid password for the new GOsa admin user."));
- return(FALSE);
+ $pw1 = $pw2 = "";
+ $uid = "";
+
+ if(isset($_POST['new_user_uid'])){
+ $uid = $_POST['new_user_uid'];
+ }
+ if(isset($_POST['new_user_password'])){
+ $pw1 = $_POST['new_user_password'];
+ }
+ if(isset($_POST['new_user_password2'])){
+ $pw2 = $_POST['new_user_password2'];
+ }
+
+ if(empty($pw1) || empty($pw2) | ($pw1 != $pw2)){
+ print_red(_("Specified passwords are empty or not equal."));
+ return false;
+ }
+
+ if(!is_uid($uid) || empty($uid)){
+ print_red(_("Please specify a valid uid."));
+ return false;
}
+
/* Establish ldap connection */
$cv = $this->parent->captured_values;
$ldap = new LDAP($cv['admin'],
@@ -862,26 +988,38 @@ class Step_Migrate extends setup_step
/* Get current base attributes */
$ldap->cd($cv['base']);
+ $people_ou = trim($cv['peopleou']);
+ if(!empty($people_ou)){
+ $people_ou = trim($people_ou).",";
+ }
+
if($cv['peopledn'] == "cn"){
- $dn = "cn=System Administrator,".$cv['peopleou'].",".$cv['base'];
+ $dn = "cn=System Administrator,".$people_ou.$cv['base'];
}else{
- $dn = "uid=admin,".$cv['peopleou'].",".$cv['base'];
+ $dn = "uid=".$uid.",".$people_ou.$cv['base'];
}
- $methods = @passwordMethod::get_available_methods_if_not_loaded();
+ $methods = @passwordMethod::get_available_methods();
$p_m = $methods[$cv['encryption']];
$p_c = new $p_m(array());
- $hash = $p_c->generate_hash($pwd);
+ $hash = $p_c->generate_hash($pw2);
$new_user=array();
$new_user['objectClass']= array("top","person","gosaAccount","organizationalPerson","inetOrgPerson");
$new_user['givenName'] = "System";
$new_user['sn'] = "Administrator";
$new_user['cn'] = "System Administrator";
- $new_user['uid'] = "admin";
+ $new_user['uid'] = $uid;
$new_user['userPassword'] = $hash;
-
+
$ldap->cd($cv['base']);
+
+ $ldap->cat($dn,array("dn"));
+ if($ldap->count()){
+ print_red(sprintf(_("Could not add administrative user, there is already an object with the same dn '%s' in your ldap database."),$dn));
+ return(FALSE);
+ }
+
$ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$dn));
$ldap->cd($dn);
$res = $ldap->add($new_user);
@@ -890,13 +1028,158 @@ class Step_Migrate extends setup_step
if(!$res){
print_red($ldap->get_error());
+ return(FALSE);
}
$this->acl_create_dialog=FALSE;
$this->check_administrativeAccount();
+ return(TRUE);
}
+ function migrate_outside_winstations($perform = FALSE)
+ {
+ /* Establish ldap connection */
+ $cv = $this->parent->captured_values;
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ $ldap->cd($cv['base']);
+
+ /* Check if there was a destination department posted */
+ if(isset($_POST['move_winstation_to'])){
+ $destination_dep = $_POST['move_winstation_to'];
+ }else{
+ print_red(_("Couldn't move users to specified department."));
+ return(false);
+ }
+
+ foreach($this->outside_winstations as $b_dn => $data){
+ $this->outside_winstations[$b_dn]['ldif'] ="";
+ if($data['selected']){
+ $dn = base64_decode($b_dn);
+ $d_dn = preg_replace("/,.*$/",",".base64_decode($destination_dep),$dn);
+ if(!$perform){
+ $this->outside_winstations[$b_dn]['ldif'] = _("Winstation will be moved from").":
\t".$dn."
"._("to").":
\t".$d_dn;
+
+
+ /* Check if there are references to this object */
+ $ldap->search("(&(member=".$dn.")(|(objectClass=gosaGroupOfNames)(objectClass=groupOfNames)))",array('dn'));
+ $refs = "";
+ while($attrs = $ldap->fetch()){
+ $ref_dn = $attrs['dn'];
+ $refs .= "
\t".$ref_dn;
+ }
+ if(!empty($refs)){
+ $this->outside_winstations[$b_dn]['ldif'] .= "
"._("Updating following references too").":".$refs;
+ }
+
+ }else{
+ $this->move($dn,$d_dn);
+ }
+ }
+ }
+ }
+
+
+ function migrate_outside_groups($perform = FALSE)
+ {
+ /* Establish ldap connection */
+ $cv = $this->parent->captured_values;
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ $ldap->cd($cv['base']);
+
+ /* Check if there was a destination department posted */
+ if(isset($_POST['move_group_to'])){
+ $destination_dep = $_POST['move_group_to'];
+ }else{
+ print_red(_("Couldn't move users to specified department."));
+ return(false);
+ }
+
+ foreach($this->outside_groups as $b_dn => $data){
+ $this->outside_groups[$b_dn]['ldif'] ="";
+ if($data['selected']){
+ $dn = base64_decode($b_dn);
+ $d_dn = preg_replace("/,.*$/",",".base64_decode($destination_dep),$dn);
+ if(!$perform){
+ $this->outside_groups[$b_dn]['ldif'] = _("Group will be moved from").":
\t".$dn."
"._("to").":
\t".$d_dn;
+
+
+ /* Check if there are references to this object */
+ $ldap->search("(&(member=".$dn.")(|(objectClass=gosaGroupOfNames)(objectClass=groupOfNames)))",array('dn'));
+ $refs = "";
+ while($attrs = $ldap->fetch()){
+ $ref_dn = $attrs['dn'];
+ $refs .= "
\t".$ref_dn;
+ }
+ if(!empty($refs)){
+ $this->outside_groups[$b_dn]['ldif'] .= "
"._("Updating following references too").":".$refs;
+ }
+
+ }else{
+ $this->move($dn,$d_dn);
+ }
+ }
+ }
+ }
+
+
+ function migrate_outside_users($perform = FALSE)
+ {
+ /* Establish ldap connection */
+ $cv = $this->parent->captured_values;
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ $ldap->cd($cv['base']);
+
+ /* Check if there was a destination department posted */
+ if(isset($_POST['move_user_to'])){
+ $destination_dep = $_POST['move_user_to'];
+ }else{
+ print_red(_("Couldn't move users to specified department."));
+ return(false);
+ }
+
+ foreach($this->outside_users as $b_dn => $data){
+ $this->outside_users[$b_dn]['ldif'] ="";
+ if($data['selected']){
+ $dn = base64_decode($b_dn);
+ $d_dn = preg_replace("/,.*$/",",".base64_decode($destination_dep),$dn);
+ if(!$perform){
+ $this->outside_users[$b_dn]['ldif'] = _("User will be moved from").":
\t".$dn."
"._("to").":
\t".$d_dn;
+
+ /* Check if there are references to this object */
+ $ldap->search("(&(member=".$dn.")(|(objectClass=gosaGroupOfNames)(objectClass=groupOfNames)))",array('dn'));
+ $refs = "";
+ while($attrs = $ldap->fetch()){
+ $ref_dn = $attrs['dn'];
+ $refs .= "
\t".$ref_dn;
+ }
+ if(!empty($refs)){
+ $this->outside_users[$b_dn]['ldif'] .= "
"._("The following references will be updated").":".$refs;
+ }
+
+ }else{
+ $this->move($dn,$d_dn);
+ }
+ }
+ }
+ }
+
+
function execute()
{
/* Initialise checks if this is the first call */
@@ -904,13 +1187,134 @@ class Step_Migrate extends setup_step
$this->initialize_checks();
$this->checks_initialised = TRUE;
}
+
+ /*************
+ * Winstations outside the group ou
+ *************/
+
+ if(isset($_POST['outside_winstations_dialog_cancel'])){
+ $this->outside_winstations_dialog = FALSE;
+ $this->dialog = FALSE;
+ $this->show_details = FALSE;
+ }
+
+ if(isset($_POST['outside_winstations_dialog_whats_done'])){
+ $this->migrate_outside_winstations(FALSE);
+ }
+
+ if(isset($_POST['outside_winstations_dialog_perform'])){
+ $this->migrate_outside_winstations(TRUE);
+ $this->search_outside_winstations();
+ $this->dialog = FALSE;
+ $this->show_details = FALSE;
+ $this->outside_winstations_dialog = FALSE;
+ }
+
+ if(isset($_POST['outside_winstations_dialog'])){
+ $this->outside_winstations_dialog = TRUE;
+ $this->dialog = TRUE;
+ }
+
+ if($this->outside_winstations_dialog){
+ $smarty = get_smarty();
+ $smarty->assign("ous",$this->get_all_winstation_ous());
+ $smarty->assign("method","outside_winstations");
+ $smarty->assign("outside_winstations",$this->outside_winstations);
+ return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
+ }
+ /*************
+ * Groups outside the group ou
+ *************/
+
+ if(isset($_POST['outside_groups_dialog_cancel'])){
+ $this->outside_groups_dialog = FALSE;
+ $this->show_details = FALSE;
+ $this->dialog = FALSE;
+ }
+
+ if(isset($_POST['outside_groups_dialog_whats_done'])){
+ $this->show_details= TRUE;
+ $this->migrate_outside_groups(FALSE);
+ }
+
+ if(isset($_POST['outside_groups_dialog_refresh'])){
+ $this->show_details= FALSE;
+ }
+
+ if(isset($_POST['outside_groups_dialog_perform'])){
+ $this->migrate_outside_groups(TRUE);
+ $this->dialog = FALSE;
+ $this->show_details = FALSE;
+ $this->outside_groups_dialog = FALSE;
+ $this->initialize_checks();
+ }
+
+ if(isset($_POST['outside_groups_dialog'])){
+ $this->outside_groups_dialog = TRUE;
+ $this->dialog = TRUE;
+ }
+
+ if($this->outside_groups_dialog){
+ $smarty = get_smarty();
+ $smarty->assign("ous",$this->get_all_group_ous());
+ $smarty->assign("method","outside_groups");
+ $smarty->assign("outside_groups",$this->outside_groups);
+ $smarty->assign("group_details", $this->show_details);
+ return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
+ }
+
+ /*************
+ * User outside the people ou
+ *************/
+
+ if(isset($_POST['outside_users_dialog_cancel'])){
+ $this->outside_users_dialog = FALSE;
+ $this->dialog = FALSE;
+ $this->show_details = FALSE;
+ }
+
+ if(isset($_POST['outside_users_dialog_whats_done'])){
+ $this->show_details= TRUE;
+ $this->migrate_outside_users(FALSE);
+ }
+
+ if(isset($_POST['outside_users_dialog_perform'])){
+ $this->migrate_outside_users(TRUE);
+ $this->initialize_checks();
+ $this->dialog = FALSE;
+ $this->show_details = FALSE;
+ $this->outside_users_dialog = FALSE;
+ }
+
+ if (isset($_POST['outside_users_dialog_refresh'])){
+ $this->show_details= FALSE;
+ }
+
+ if(isset($_POST['outside_users_dialog'])){
+ $this->outside_users_dialog = TRUE;
+ $this->dialog = TRUE;
+ }
+
+ if($this->outside_users_dialog){
+ $smarty = get_smarty();
+ $smarty->assign("ous",$this->get_all_people_ous());
+ $smarty->assign("method","outside_users");
+ $smarty->assign("outside_users",$this->outside_users);
+ $smarty->assign("user_details", $this->show_details);
+ return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
+ }
/*************
* Root object check
*************/
if(isset($_POST['retry_root_create'])){
+
+ $state = $this->checks['root']['STATUS'];
$this->checkBase(FALSE);
+ if($state != $this->checks['root']['STATUS']){
+ $this->initialize_checks();
+ }
}
/*************
@@ -929,28 +1333,40 @@ class Step_Migrate extends setup_step
if(isset($_POST['create_acls_cancel'])){
$this->acl_create_dialog = FALSE;
$this->dialog = FALSE;
+ $this->show_details = FALSE;
}
- if(isset($_POST['create_acls_create_confirmed'])){
- $this->create_admin();
- }
+# if(isset($_POST['create_acls_create_confirmed'])){
+# if($this->create_admin()){
+# $this->acl_create_dialog = FALSE;
+# $this->dialog = FALSE;
+# $this->show_details = FALSE;
+# $this->initialize_checks();
+# }
+# }
if(isset($_POST['create_acls_create'])){
$this->create_admin(TRUE);
}
if(isset($_POST['create_admin_user'])){
- $this->create_admin_user();
+ if($this->create_admin_user()){
+ $this->dialog = FALSE;
+ $this->show_details = FALSE;
+ }
}
if($this->acl_create_dialog){
$smarty = get_smarty();
+
+ $uid = "admin";
+ if(isset($_POST['new_user_uid'])){
+ $uid = $_POST['new_user_uid'];
+ }
+
+ $smarty->assign("new_user_uid",$uid);
$smarty->assign("new_user_password",@$_POST['new_user_password']);
- $smarty->assign("users" ,$this->get_user_list());
- $smarty->assign("users_cnt" ,count($this->get_user_list()));
- $smarty->assign("groups",$this->get_group_list());
- $smarty->assign("groups_cnt",count($this->get_group_list()));
- $smarty->assign("type" ,$this->acl_create_type);
+ $smarty->assign("new_user_password2",@$_POST['new_user_password2']);
$smarty->assign("method","create_acls");
$smarty->assign("acl_create_selected",$this->acl_create_selected);
$smarty->assign("what_will_be_done_now",$this->acl_create_changes);
@@ -968,6 +1384,7 @@ class Step_Migrate extends setup_step
/* Open migration dialog */
if(isset($_POST['users_visible_migrate'])){
+ $this->show_details= FALSE;
$this->users_migration_dialog = TRUE;
$this->dialog =TRUE;
}
@@ -976,12 +1393,16 @@ class Step_Migrate extends setup_step
if(isset($_POST['users_visible_migrate_close'])){
$this->users_migration_dialog = FALSE;
$this->dialog =FALSE;
+ $this->show_details = FALSE;
}
/* Start migration */
if(isset($_POST['users_visible_migrate_migrate'])){
if($this->migrate_gosaAccounts()){
- $this->check_gosaAccounts();
+ $this->initialize_checks();
+ $this->dialog = FALSE;
+ $this->show_details = FALSE;
+ $this->users_migration_dialog = FALSE;
}
}
@@ -995,6 +1416,7 @@ class Step_Migrate extends setup_step
$smarty = get_smarty();
$smarty->assign("users_to_migrate",$this->users_to_migrate);
$smarty->assign("method","migrate_users");
+ $smarty->assign("user_details", $this->show_details);
return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
}
@@ -1006,6 +1428,7 @@ class Step_Migrate extends setup_step
/* Refresh list of deparments */
if(isset($_POST['deps_visible_migrate_refresh'])){
$this->check_organizationalUnits();
+ $this->show_details= FALSE;
}
/* Open migration dialog */
@@ -1018,12 +1441,16 @@ class Step_Migrate extends setup_step
if(isset($_POST['deps_visible_migrate_close'])){
$this->dep_migration_dialog = FALSE;
$this->dialog =FALSE;
+ $this->show_details = FALSE;
}
/* Start migration */
if(isset($_POST['deps_visible_migrate_migrate'])){
if($this->migrate_organizationalUnits()){
+ $this->show_details= FALSE;
$this->check_organizationalUnits();
+ $this->dialog = FALSE;
+ $this->dep_migration_dialog = FALSE;
}
}
@@ -1037,6 +1464,7 @@ class Step_Migrate extends setup_step
$smarty = get_smarty();
$smarty->assign("deps_to_migrate",$this->deps_to_migrate);
$smarty->assign("method","migrate_deps");
+ $smarty->assign("deps_details", $this->show_details);
return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
}
@@ -1049,22 +1477,46 @@ class Step_Migrate extends setup_step
function save_object()
{
- /* Get "create acl" dialog posts */
- if($this->acl_create_dialog){
- if(isset($_POST['create_acls_create'])){
- if(isset($_POST['create_acls_selected'])){
- $this->acl_create_selected = base64_decode($_POST['create_acls_selected']);
+ $this->is_completed= TRUE;
+
+ /* Capture all selected winstations from outside_winstations_dialog */
+ if($this->outside_winstations_dialog){
+ foreach($this->outside_winstations as $dn => $data){
+ if(isset($_POST['select_winstation_'.$dn])){
+ $this->outside_winstations[$dn]['selected'] = TRUE;
}else{
- $this->acl_create_selected = "";
+ $this->outside_winstations[$dn]['selected'] = FALSE;
}
}
+ }
- if(isset($_POST['create_acls_create_abort'])){
- $this->acl_create_selected = "";
+ /* Capture all selected groups from outside_groups_dialog */
+ if($this->outside_groups_dialog){
+ foreach($this->outside_groups as $dn => $data){
+ if(isset($_POST['select_group_'.$dn])){
+ $this->outside_groups[$dn]['selected'] = TRUE;
+ }else{
+ $this->outside_groups[$dn]['selected'] = FALSE;
+ }
}
+ }
- if(isset($_POST['acl_create_type'])){
- $this->acl_create_type = $_POST['acl_create_type'];
+ /* Capture all selected users from outside_users_dialog */
+ if($this->outside_users_dialog){
+ foreach($this->outside_users as $dn => $data){
+ if(isset($_POST['select_user_'.$dn])){
+ $this->outside_users[$dn]['selected'] = TRUE;
+ }else{
+ $this->outside_users[$dn]['selected'] = FALSE;
+ }
+ }
+ }
+
+ /* Get "create acl" dialog posts */
+ if($this->acl_create_dialog){
+
+ if(isset($_POST['create_acls_create_abort'])){
+ $this->acl_create_selected = "";
}
}
@@ -1092,7 +1544,11 @@ class Step_Migrate extends setup_step
}
- // checks for valid base entry
+ /* Check if the root object exists.
+ * If the parameter just_check is true, then just check if the
+ * root object is missing and update the info messages.
+ * If the Parameter is false, try to create a new root object.
+ */
function checkBase($just_check = TRUE)
{
/* Get collected setup informations */
@@ -1119,47 +1575,21 @@ class Step_Migrate extends setup_step
if($just_check){
$this->checks['root']['STATUS'] = FALSE;
$this->checks['root']['STATUS_MSG']= _("Failed");
+ $this->checks['root']['ERROR_MSG'] = _("The LDAP root object is missing. It is required to use your LDAP service.").' ';
$this->checks['root']['ERROR_MSG'].= "";
return(FALSE);
}else{
- /* Try to find out which values are necessary */
- $tmp = $ldap->get_objectclasses();
- $oc = $tmp['organization'];
-
- $must_attrs = $oc['MUST'];
- if(!is_array($must_attrs)){
- $must_attrs = array($must_attrs);
- }
-
- /* Root object does not exists try to create it */
- $ldapadd["objectclass"][0]="top";
- $ldapadd["objectclass"][1]="organization";
-
- /* Try to fill all collected must attributes */
- $base_parts = preg_split("/,/",$cv['base']);
- foreach($must_attrs as $attr){
- foreach($base_parts as $part){
- if(preg_match("/^".$attr."=/",$part) && !isset($ldapadd[$attr])){
- $ldapadd[$attr]= preg_replace("/^[^=]*+=/","",$part);
- }
- }
- }
-
/* Add root object */
$ldap->cd($cv['base']);
- $res = $ldap->add($ldapadd);
+ $res = $ldap->create_missing_trees($cv['base']);
- /* Add root object */
- # $ldap->cd($cv['base']);
-# $res = $ldap->create_missing_trees($cv['base']);
-
/* If adding failed, tell the user */
if(!$res){
$this->checks['root']['STATUS'] = FALSE;
$this->checks['root']['STATUS_MSG']= _("Failed");
$this->checks['root']['ERROR_MSG'] = _("Root object couldn't be created, you should try it on your own.");
- $this->checks['root']['ERROR_MSG'].= "";
+ $this->checks['root']['ERROR_MSG'].= " ";
return($res);;
}
}
@@ -1194,6 +1624,287 @@ class Step_Migrate extends setup_step
}
return(preg_replace("/\n$/","",$ret));
}
+
+
+ function get_user_list()
+ {
+ /* Get collected configuration settings */
+ $cv = $this->parent->captured_values;
+
+ /* Establish ldap connection */
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ $ldap->cd($cv['base']);
+ $ldap->search("(objectClass=gosaAccount)",array("dn"));
+
+ $tmp = array();
+ while($attrs = $ldap->fetch()){
+ $tmp[base64_encode($attrs['dn'])] = @LDAP::fix($attrs['dn']);
+ }
+ return($tmp);
+ }
+
+
+ function get_all_people_ous()
+ {
+ /* Get collected configuration settings */
+ $cv = $this->parent->captured_values;
+ $people_ou = trim($cv['peopleou']);
+
+ /* Establish ldap connection */
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+
+ /*****************
+ * If people ou is NOT empty
+ * search for for all objects matching the given container
+ *****************/
+ if(!empty($people_ou)){
+ $ldap->search("(".$people_ou.")",array("dn"));
+
+ /* Create people ou if there is currently none */
+ if($ldap->count() == 0 ){
+ $add_dn = $cv['peopleou'].",".$cv['base'];
+ $naming_attr = preg_replace("/=.*$/","",$add_dn);
+ $naming_value = preg_replace("/^[^=]*+=([^,]*).*$/","\\1",$add_dn);
+ $add = array();
+ $add['objectClass'] = array("organizationalUnit");
+ $add[$naming_attr] = $naming_value;
+ $ldap->cd($cv['base']);
+ $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$add_dn));
+ $ldap->cd($add_dn);
+ $ldap->add($add);
+ }
+
+ /* Create result */
+ $ldap->search("(".$cv['peopleou'].")",array("dn"));
+ $tmp = array();
+ while($attrs= $ldap->fetch()){
+ if(!preg_match("/ou=snapshots,/",$attrs['dn'])){
+ $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);
+ }
+ }
+ } else{
+
+ /************
+ * If people ou is empty
+ * Get all valid gosaDepartments
+ ************/
+ $ldap->cd($cv['base']);
+ $tmp = array();
+ $ldap->search("(&(objectClass=gosaDepartment)(ou=*))",array("dn"));
+ $tmp[base64_encode($cv['base'])] = $ldap->fix($cv['base']);
+ while($attrs = $ldap->fetch()){
+ $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);;
+ }
+ }
+ return($tmp);
+ }
+
+
+ function get_all_winstation_ous()
+ {
+ /* Get collected configuration settings */
+ $cv = $this->parent->captured_values;
+
+ /* Establish ldap connection */
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ /* Get winstation ou */
+ if($cv['generic_settings']['wws_ou_active']) {
+ $winstation_ou = $cv['generic_settings']['ws_ou'];
+ }else{
+ $winstation_ou = "ou=winstations";
+ }
+
+ $ldap->cd($cv['base']);
+ $ldap->search("(".$winstation_ou.")",array("dn"));
+
+ if($ldap->count() == 0 ){
+ $add_dn = $winstation_ou.",ou=systems,".$cv['base'];
+ $naming_attr = preg_replace("/=.*$/","",$add_dn);
+ $naming_value = preg_replace("/^[^=]*+=([^,]*).*$/","\\1",$add_dn);
+ $add = array();
+ $add['objectClass'] = array("organizationalUnit");
+ $add[$naming_attr] = $naming_value;
+
+ $ldap->cd($cv['base']);
+ $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$add_dn));
+ $ldap->cd($add_dn);
+ $ldap->add($add);
+ }
+
+ $ldap->search("(".$winstation_ou.")",array("dn"));
+ $tmp = array();
+ while($attrs= $ldap->fetch()){
+ if(!preg_match("/ou=snapshots,/",$attrs['dn'])){
+ $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);
+ }
+ }
+ return($tmp);
+ }
+
+
+ function get_all_group_ous()
+ {
+ /* Get collected configuration settings */
+ $cv = $this->parent->captured_values;
+
+ /* Establish ldap connection */
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ $group_ou = trim($cv['groupou']);
+ if(!empty($group_ou)){
+ $group_ou = trim($group_ou);
+ }
+
+ /************
+ * If group ou is NOT empty
+ * Get all valid group ous, create one if necessary
+ ************/
+ $ldap->cd($cv['base']);
+ if(!empty($group_ou)){
+ $ldap->search("(".$group_ou.")",array("dn"));
+ if($ldap->count() == 0 ){
+ $add_dn = $group_ou.$cv['base'];
+ $naming_attr = preg_replace("/=.*$/","",$add_dn);
+ $naming_value = preg_replace("/^[^=]*+=([^,]*).*$/","\\1",$add_dn);
+ $add = array();
+ $add['objectClass'] = array("organizationalUnit");
+ $add[$naming_attr] = $naming_value;
+
+ $ldap->cd($cv['base']);
+ $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$add_dn));
+ $ldap->cd($add_dn);
+ $ldap->add($add);
+ }
+ $ldap->search("(".$group_ou.")",array("dn"));
+ $tmp = array();
+ while($attrs= $ldap->fetch()){
+ if(!preg_match("/ou=snapshots,/",$attrs['dn'])){
+ $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);
+ }
+ }
+ }else{
+ /************
+ * If group ou is empty
+ * Get all valid gosaDepartments
+ ************/
+ $ldap->cd($cv['base']);
+ $tmp = array();
+ $ldap->search("(&(objectClass=gosaDepartment)(ou=*))",array("dn"));
+ $tmp[base64_encode($cv['base'])] = $ldap->fix($cv['base']);
+ while($attrs = $ldap->fetch()){
+ $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);;
+ }
+ }
+ return($tmp);
+ }
+
+
+ function get_group_list()
+ {
+ /* Get collected configuration settings */
+ $cv = $this->parent->captured_values;
+
+ /* Establish ldap connection */
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ $ldap->cd($cv['base']);
+ $ldap->search("(objectClass=posixGroup)",array("dn"));
+
+ $tmp = array();
+ while($attrs = $ldap->fetch()){
+ $tmp[base64_encode($attrs['dn'])] = @LDAP::fix($attrs['dn']);
+ }
+ return($tmp);
+ }
+
+
+ function move($source,$destination)
+ {
+ /* Get collected configuration settings */
+ $cv = $this->parent->captured_values;
+
+ /* Establish ldap connection */
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ /* Update object references in gosaGroupOfNames */
+ $ogs_to_fix = array();
+ $ldap->cd($cv['base']);
+ $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::fix($source).'))', array('cn','member'));
+ while ($attrs= $ldap->fetch()){
+ $dn = $attrs['dn'];
+ $attrs = $this->cleanup_array($attrs);
+ $member_new = array($destination);
+ foreach($attrs['member'] as $member){
+ if($member != $source){
+ $member_new[] = $member;
+ }
+ }
+ $attrs['member'] = $member_new;
+ $ogs_to_fix[$dn] = $attrs;
+ }
+
+ /* Copy source to destination dn */
+ $ldap->cat($source);
+ $new_data = $this->cleanup_array($ldap->fetch());
+ $ldap->cd($destination);
+ $res = $ldap->add($new_data);
+
+ /* Display warning if copy failed */
+ if(!$res){
+ print_red(_("Failed to copy '%s' to '%s'. LDAP says '%s'."),$source,$destination,$ldap->get_error());
+ }else{
+ $res = $ldap->rmDir($source);
+ show_ldap_error($ldap->get_error(),_("Something went wrong while copying dns."));
+
+ /* Object is copied, so update its references */
+ foreach($ogs_to_fix as $dn => $data){
+ $ldap->cd($dn);
+ $ldap->modify($data);
+ }
+ }
+ }
+
+
+ /* Cleanup ldap result to be able to write it be to ldap */
+ function cleanup_array($attrs)
+ {
+ foreach($attrs as $key => $value) {
+ if(is_numeric($key) || in_array($key,array("count","dn"))){
+ unset($attrs[$key]);
+ }
+ if(is_array($value) && isset($value['count'])){
+ unset($attrs[$key]['count']);
+ }
+ }
+ return($attrs);
+ }
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: