, BzzWare AS, Norway This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ /********************************************************************** * Functions: userErrorHandler($errno, $errmsg, $filename, $linenum, $vars) autoMount ($viewbase) { automountdetail ($dn) { showHost ($ldap, $cn) { showHostGroups ($ldap, $cn) { userDelGroup ($ldap, $uid, $gid) { hostAddGroup ($ldap, $cn, $group) { hostDelGroup ($ldap, $cn, $group) { changeGroup ($ldap, $gid, $cn, $description, $auth) { changeHost ($ldap, $cn, $domain, $ipaddress, $macaddress, $sambaHost = false) { addHost ($ldap, $cn, $domain, $ipaddress, $macaddress) { addGroup ($ldap, $cn, $description) { addUser ($ldap, $cn, $template, $username,$profile,$sn) createUsers ($ldap, $gid, $gname, $template, $prefix, $number, $passrandom,$formatpwd,$pwdgen,$profile,$sn) { changeUser ($ldap, $uid, $cn,$profile) { showGroup ($ldap, $gid) { showUser ($ldap, $uid) { showUserGroups ($ldap, $uid) { showResult ($ldap, $type, $text, $searchDisabled) { userAddForm () { importLwat () { importGescen(){ //LLX Added in another happy day llx_host_add(){ llx_host_del(){ * **********************************************************************/ error_reporting(0) ; require_once ("functions.php"); loadConfig () ; session_start () ; require('/usr/share/php/smarty/Smarty.class.php') ; require_once("llx_log.php"); loadLocale () ; ob_start () ; $smarty = new Smarty(); $smarty->template_dir = $smarty_templ ; $smarty->compile_dir = $smarty_compile ; // user defined error handling function function userErrorHandler($errno, $errmsg, $filename, $linenum, $vars) { global $ldap, $error_log_file, $error_mail_to, $error_show, $ldap_err, $ldap_msg ; // timestamp for the error entry $dt = date("Y-m-d H:i:s (T)"); // define an assoc array of error string // in reality the only entries we should // consider are E_WARNING, E_NOTICE, E_USER_ERROR, // E_USER_WARNING and E_USER_NOTICE $errortype = array ( E_ERROR => 'Error', E_WARNING => 'Warning', E_PARSE => 'Parsing Error', E_NOTICE => 'Notice', E_CORE_ERROR => 'Core Error', E_CORE_WARNING => 'Core Warning', E_COMPILE_ERROR => 'Compile Error', E_COMPILE_WARNING => 'Compile Warning', E_USER_ERROR => 'User Error', E_USER_WARNING => 'User Warning', E_USER_NOTICE => 'User Notice', E_STRICT => 'Runtime Notice', E_RECOVERABLE_ERRROR => 'Catchable Fatal Error' ); // set of errors for which a var trace will be saved $user_errors = array(E_USER_ERROR, E_USER_WARNING, E_USER_NOTICE); $err = "\n"; $err .= "\t" . $dt . "\n"; $err .= "\t" . $errno . "\n"; $err .= "\t" . $errortype[$errno] . "\n"; $err .= "\t" . $errmsg . "\n"; $err .= "\t" . $filename . "\n"; $err .= "\t" . $linenum . "\n"; if (in_array($errno, $user_errors)) { $err .= "\t" . wddx_serialize_value($vars, "Variables") . "\n"; } $err .= "\n\n"; if (strpos($errmsg, "ldap_") === 0) { $ldap_err = ldap_errno ($ldap) ; switch ($ldap_err) { case 50: $ldap_msg = "I'm sorry, but you dont have the propper access to do this" ; break ; default: echo "

\n" ; 
		echo "ldap_err: " . $ldap_err . "\n" ;  
		echo "err_msg: " . ldap_err2str ($ldap_err) . "\n" ; 
                echo "

\n" ; break ; } } if ($error_show) echo "

\n" . $err . "

\n" ; // save to the error log, and e-mail me if there is a critical user error if (!empty($error_log_file)) error_log($err, 3, "/tmp/lliurex-lwat.err"); if ($errno == E_USER_ERROR && !empty($error_mail_to)) { mail($error_mail_to, "Critical User Error", $err); } } //Para habilitar control de errores //$old_error_handler = set_error_handler("userErrorHandler"); function autoMount ($viewbase) { global $smarty, $ldap, $automountbase ; $filter = "(ou=auto.master)" ; $want = array ("dn") ; $result = ldap_search ($ldap, $automountbase, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $display=array() ; $viewdn= $viewbase ; if (empty ($viewbase)) $viewbase = $entries[0]["dn"] ; foreach ($entries as $key => $value) if (is_array ($value)) $display[] = array ('level' => 0, 'base' => htmlspecialchars($value["dn"])) ; for ($i = 0 ; $i < count($display) ; $i++) { $level = $display[$i]["level"] ; $searchbase = $display[$i]["base"] ; if (isset ($searchbase)) { $filter = "objectClass=automount" ; $want = array ("cn", "automountInformation") ; $result = @ldap_search ($ldap, $searchbase, $filter, $want) ; if ($result) { $entries = ldap_get_entries ($ldap, $result); $add = $i ; foreach ($entries as $key => $value) if (is_array ($value)) { $dn = ldap_explode_dn ($value["dn"],0) ; array_splice($dn, 0,2) ; unset ($new) ; $dn = implode (",", $dn) ; if ($dn == $searchbase) { $automountinformation = explode (" ", $value["automountinformation"][0]) ; if (substr ($automountinformation[0],0,5) == "ldap:") $new = array ('level' => $level + 1, 'base' => substr($automountinformation[0],5), 'dn' => $value["dn"], 'cn' => $value["cn"][0]) ; elseif ($automountinformation[0] == "-fstype=autofs") $new = array ('level' => $level + 1, 'base' => substr($automountinformation[1],5), 'dn' => $value["dn"], 'cn' => $value["cn"][0]) ; else $new = array ('level' => $level + 1, 'dn' => $value["dn"], 'cn' => $value["cn"][0]) ; if ($level == 0 || (is_array ($new) && (strpos($viewbase, $dn) !== false))) { $add++ ; array_splice($display, $add, 0, array ($new)) ; } } } } } } if (!empty($viewdn)) { $viewarray = ldap_explode_dn (substr($viewdn,0,strpos($viewdn, $automountbase) - 1), 1) ; $title = _("Automount point ") ; for ($i = $viewarray[count] ; $i-- > 0 ; ) $title = sprintf ("%s/%s", $title, $viewarray[$i]) ; } else unset ($title) ; $smarty->assign ('display', $display) ; $smarty->assign ('viewbase', $viewbase) ; $smarty->assign ('dn', $viewdn) ; $smarty->assign ('title', $title) ; $smarty->display ('admin_automount_browse.tpl') ; } function automountdetail ($dn) { global $smarty, $ldap, $automountbase ; $want = array ("cn", "description", "automountinformation") ; $filter = "objectClass=*" ; $result = ldap_search ($ldap, $dn, $filter, $want); $entries = ldap_get_entries ($ldap, $result) ; $display = ldap_explode_dn (substr($dn,0,strpos($dn, $automountbase) - 1), 1) ; $displaystr = "" ; for ($i = $display[count] ; $i-- > 0 ; ) $displaystr = sprintf ("%s/%s", $displaystr, $display[$i]) ; $automountinformation = explode (" ", substr($entries[0]["automountinformation"][0], 1)) ; $smarty->assign ('title', sprintf (_("Automount share %s"), $displaystr)); $smarty->assign ('suggest', $entries[0]["cn"][0]); $smarty->assign ('options', $automountinformation[0]); $smarty->assign ('export', $automountinformation[1]); $smarty->assign ('dn', $dn); $smarty->display ('admin_automount_edit.tpl') ; } function showHost ($ldap, $cn) { global $smarty, $hostbase, $base ; $filter="cn=" . $cn ; $want = array ("cn", "associatedDomain", "ipHostNumber", "macAddress", "sambaAcctFlags") ; $searchbase=$hostbase ; $result = ldap_search($ldap, $searchbase, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $count=$entries["count"] ; if ($count) { $cn=htmlspecialchars($entries[0]["cn"][0]); $domain=htmlspecialchars($entries[0]["associateddomain"][0]); $ipAddress=htmlspecialchars($entries[0]["iphostnumber"][0]); $macAddress=htmlspecialchars($entries[0]["macaddress"][0]); if (strpos($entries[0]["sambaacctflags"][0], 'W') === false ) $sambaHost = "" ; else $sambaHost = "checked" ; $smarty->assign ('cn', $cn) ; $smarty->assign ('domain', $domain) ; $smarty->assign ('ipAddress', $ipAddress) ; $smarty->assign ('macAddress', $macAddress) ; $smarty->assign ('sambaHost', $sambaHost) ; $smarty->assign ('memberOf', $memberOf) ; $smarty->assign ('notMemberOf', $notMemberOf) ; showHostGroups ($ldap, $cn) ; $smarty->display('admin_host_show.tpl') ; } else { printf (_("No matching objects") ."
") ; } } function showHostGroups ($ldap, $cn) { global $smarty, $netgroupbase ; $filter="(&(objectClass=nisNetGroup))" ; $want = array ("cn", "nisNetGroupTriple") ; $searchbase=$netgroupbase ; $result = ldap_search($ldap, $searchbase, $filter, $want); if ($result) { $entries = ldap_get_entries ($ldap, $result); for ($i = 0 ; $i < $entries["count"] ; $i++) { if (@in_array ('(' . $cn . ',-,-)', $entries[$i]["nisnetgrouptriple"])) $memberOf[] = htmlspecialchars($entries[$i]['cn'][0]) ; else $notMemberOf[] = htmlspecialchars($entries[$i]['cn'][0]) ; } } $groupTarget='\'sub\'' ; $delAction ='\'hostDelGroup&cn=' . $cn ; $delAction .= '&group=\' + member.value' ; $addAction ='\'hostAddGroup&cn=' . $cn ; $addAction .= '&group=\' + nonmember.value'; $smarty->assign('memberOf', $memberOf) ; $smarty->assign('notMemberOf', $notMemberOf) ; $smarty->assign('groupTarget', $groupTarget) ; $smarty->assign('addAction', $addAction) ; $smarty->assign('delAction', $delAction) ; } function userDelGroup ($ldap, $uid, $gid) { global $groupbase, $base ; $want= array ('dn'); $filter="(&(objectClass=posixAccount)(uid=" . $uid ."))"; $result = ldap_search($ldap, $base, $filter, $want); $entries = ldap_get_entries ($ldap, $result) ; $llxUserDN = $entries[0]['dn'] ; $filter="(&(objectClass=posixGroup)(gidNumber=" . $gid . "))"; $want = array ('cn'); $searchbase=$groupbase ; $result = ldap_search($ldap, $searchbase, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $groupdn=htmlspecialchars($entries[0]["dn"]) ; $cn=htmlspecialchars($entries[0]["cn"][0]) ; $change = array (); $change["memberUid"][] = $uid ; @ldap_mod_del($ldap, $groupdn, $change) ; llxUserSync("delgroup", $llxUserDN ,$groupdn); $want = array ('member'); $filter="(&(member=*)(cn=" . $cn . "))"; $result = ldap_search($ldap, $base, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $groupdn=htmlspecialchars($entries[0]["dn"]) ; $change = array (); if ($entries[0]["member"][count]) { $want = array (); $filter="(&(objectClass=posixAccount)(uid=" . $uid ."))"; $result = ldap_search($ldap, $base, $filter, $want); $entries = ldap_get_entries ($ldap, $result) ; $change["member"][] = htmlspecialchars($entries[0]["dn"]) ; ldap_mod_del($ldap, $groupdn, $change) ; llxUserSync("delgroup", $llxUserDN ,$groupdn); } } function hostAddGroup ($ldap, $cn, $group) { global $netgroupbase ; $filter="(&(objectClass=nisNetGroup)(cn=" . $group . "))"; $want = array ('nisNetgroupTriple'); $searchbase=$netgroupbase ; $result = ldap_search($ldap, $searchbase, $filter, $want); $entries = ldap_get_entries ($ldap, $result); if (@in_array ('(' . $cn . ',-,-)', $entries[$i]["nisnetgrouptriple"]) === false ) { $groupdn=htmlspecialchars($entries[0]["dn"]) ; $change = array () ; for ($i = 0 ; $i < $entries[0]["nisnetgrouptriple"][count] ; $i++) { $change[] = htmlspecialchars($entries[0]["nisnetgrouptriple"][$i]) ; } $change[] = "(" . $cn . ",-,-)" ; @ldap_modify($ldap, $groupdn, array ("nisNetGroupTriple" => $change)) ; } } function hostDelGroup ($ldap, $cn, $group) { global $netgroupbase ; $filter="(&(objectClass=nisNetGroup)(cn=" . $group . "))"; $want = array ('nisNetgroupTriple'); $searchbase=$netgroupbase ; $result = ldap_search($ldap, $searchbase, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $groupdn=htmlspecialchars($entries[0]["dn"]) ; $change = array () ; for ($i = 0 ; $i < $entries[0]["nisnetgrouptriple"][count] ; $i++) { if ($entries[0]["nisnetgrouptriple"][$i] <> '(' . $cn . ',-,-)') $change[] = htmlspecialchars($entries[0]["nisnetgrouptriple"][$i]) ; } @ldap_modify($ldap, $groupdn, array ("nisNetGroupTriple" => $change)) ; } function changeGroup ($ldap, $gid, $cn, $description, $auth) { global $base, $useLisGroup, $groupbase, $authbase ; $filter="(&(objectClass=posixGroup)(gidNumber=" . $gid . "))"; $want = array ('objectClass', 'description', 'memberUid', 'cn'); $searchbase=$groupbase ; $result = ldap_search($ldap, $searchbase, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $groupdn = htmlspecialchars($entries[0]["dn"]) ; $cn=htmlspecialchars($entries[0]["cn"][0]) ; $change = array (); if ($description <> $entries[0]["description"][0]) { $change["description"][] = $description ; } if (count ($change)) @ldap_modify($ldap, $groupdn, $change) ; $change = array (); if (!$useLisGroup) { $filter="(&(member=*)(cn=" . $cn . "))"; $want = array ('objectClass', 'member'); $result = ldap_search($ldap, $base, $filter, $want); $count = ldap_count_entries ($ldap, $result) ; if ($auth) { if ($count == 0) { $change["objectClass"] = array('top', 'groupOfNames') ; $change["cn"] = $cn ; $want = array ('dn') ; for ($i = 0 ; $i < $entries[0]["memberuid"][count] ; $i++) { $filter = '(&(objectClass=posixAccount)(uid=' .$entries[0]["memberuid"][$i] . '))' ; $result = ldap_search($ldap, $base, $filter, $want); if (ldap_count_entries ($ldap, $result) == 1) { $member = ldap_get_entries ($ldap, $result) ; $change["member"][] = $member[0]["dn"] ; } } if (count($change["member"]) > 0) @ldap_add ($ldap, "cn=" . $cn . "," . $authbase, $change) ; } } else { if ($count > 0) { $entries = ldap_get_entries ($ldap, $result) ; ldap_delete ($ldap, $entries[0]["dn"]) ; } } } showGroup ($ldap, $gid); } function changeHost ($ldap, $cn, $domain, $ipaddress, $macaddress, $sambaHost = false) { global $hostbase ; $filter="cn=" . $cn ; $want = array ("cn", "objectClass", "associatedDomain","ipHostNumber", "macAddress", "sambaAcctFlags", "uid","uidNumber", "gidNumber", "homeDirectory", "sambaSID") ; $searchbase=$hostbase ; $result = ldap_search($ldap, $searchbase, $filter, $want); $entries = ldap_get_entries ($ldap, $result); if ($entries["count"] <= 0) { printf (_("Sorry, cant find a host with the name %s") . "
", $cn ); } else { $change = array (); if ($domain <> $entries[0]["associateddomain"][0]) { if (in_array ('domainRelatedObject', $entries[0]["objectclass"]) === false) $change["objectClass"][] = "domainRelatedObject" ; $change["associatedDomain"] = $domain ; } if ($ipaddress <> $entries[0]["iphostnumber"][0]) { if (in_array ('ipHost', $entries[0]["objectclass"]) === false) $change["objectClass"][] = "ipHost" ; $change["ipHostNumber"] = $ipaddress ; } if ($macaddress <> $entries[0]["macaddress"][0]) { if (in_array ('ieee802Device', $entries[0]["objectclass"]) === false) $change["objectClass"][] = "ieee802Device" ; $change["macAddress"] = $macaddress ; } if ($sambaHost) { if (in_array ('posixAccount', $entries[0]["objectclass"]) === false) $change["objectClass"][] = "posixAccount" ; if (in_array ('sambaSamAccount', $entries[0]["objectclass"]) === false) $change["objectClass"][] = "sambaSamAccount" ; if (!array_key_exists ('uid', $entries[0])) $change["uid"] = sprintf ("%s$", $cn) ; if (!array_key_exists ('uidnumber', $entries[0])) $change["uidNumber"] = getNextID ($ldap) ; if (!array_key_exists ('gidnumber', $entries[0])) $change["gidNumber"] = "107" ; if (!array_key_exists ('homedirectory', $entries[0])) $change["homeDirectory"] = "/dev/null" ; if (!array_key_exists ('sambasid', $entries[0])) $change["sambaSID"] = get_sambasid ($ldap, $change["uidNumber"]) ; $change["sambaAcctFlags"] = "[W ]" ; } if (!empty ($change)) { if (!empty ($change["objectClass"])) for ($i = 0 ; $i < $entries[0]["objectclass"][count]; $i++) $change["objectClass"][] = $entries[0]["objectclass"][$i] ; if (!@ldap_modify($ldap, "cn=" . $cn . "," . $hostbase, $change)) debug (array('entries' => $entries, 'change' => $change)) ; } } showHost ($ldap, true, $cn); } function addHost ($ldap, $cn, $domain, $ipaddress, $macaddress) { global $hostbase ; $filter="cn=" . $cn ; $want = array ("cn"); $searchbase=$hostbase ; $result = ldap_search($ldap, $searchbase, $filter, $want); $entries = ldap_get_entries ($ldap, $result); if ($entries["count"] > 0) { printf (_("Sorry, there is already a host with the name %s") . "
", $cn ); } else { $add = array (); $add["objectClass"] = array ("top", "organizationalRole") ; $add["cn"] = $cn ; if (!empty($domain)) { $add["objectClass"][] = "domainRelatedObject" ; $add["associatedDomain"] = $domain ; } if (!empty ($ipaddress)) { $add["objectClass"][] = "ipHost" ; $add["ipHostNumber"] = $ipaddress ; } if (!empty ($macaddress)) { $add["objectClass"][] = "ieee802Device" ; $add["macAddress"] = $macaddress ; } @ldap_add($ldap, "cn=" . $cn . "," . $hostbase, $add) ; } showHost ($ldap, true, $cn); } function addGroup ($ldap, $cn, $description) { global $useLisGroup, $groupbase, $base, $llxCreateGroup; $filter="(|(uid=" . $cn . ")(cn=" . $cn . "))"; $want = array ("cn","uid"); $searchbase=$base ; $result = ldap_search($ldap, $searchbase, $filter, $want); $entries = ldap_get_entries ($ldap, $result); if ($entries["count"] > 0) { printf (_("Sorry, there is already a group/user with the name %s") . "
", $cn ); $gidNumber = htmlspecialchars($entries[0]["gidNumber"][0]) ; } else { $gidNumber = getnextid ($ldap,"") ; $add = array (); if ($useLisGroup) { $add["objectClass"] = array ("top", "posixGroup", "lisGroup") ; $add["groupType"] = "school_class" ; } else $add["objectClass"] = array ("top", "posixGroup") ; $add["cn"] = $cn ; $add["gidNumber"] = $gidNumber ; $add["description"] = $description ; if (isset($llxCreateGroup)) { @ldap_add($ldap, "cn=" . $cn . "," . $llxCreateGroup, $add) ; } else { @ldap_add($ldap, "cn=" . $cn . "," . $groupbase, $add) ; } } showGroup ($ldap, $gidNumber); } function addUser ($ldap, $cn, $template, $username,$profile,$sn) { $userpw = pwgen () ; if (ldapAddUser ($ldap, $cn." ".$sn, $template, $username, $userpw, $groups,$profile,$cn,$sn)) { printf(_("Added user: %s") . '
', $cn) ; printf(_("username: ") . '%s
', $username, $username) ; printf (_("password: %s"), $userpw); printf ("

\n") ; } userAddForm (true) ; } function createUsers ($ldap, $gid, $gname, $template, $prefix, $number, $passrandom,$formatpwd,$pwdgen,$profile,$agroups) { global $base; //Searching the number of generic users $want = array ('cn','sn') ; $basedn="ou=People,".$base; $filter="(&(objectClass=posixAccount)(cn=" . $gname . "*))"; $result = ldap_search ($ldap, $basedn, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $count=$entries["count"] ; for($i = $count+1; $i <= $count+$number; $i += 1){ if ($i<10) $num='0'."$i"; else $num="$i"; $username=strtolower($gname.$num); $cn=$username; $groups = array(); $groups[]=$agroups; //Generate password switch ($formatpwd) { case 0: //Pasword generada automaticamente $userpw = pwgen () ; break; case 1: //Password como el usuario $userpw = $username ; break; case 2: //Password dada para todos los usuarios $userpw = $pwdgen ; break; default: //Pasword generada automaticamente (por defecto) $userpw = pwgen () ; } ldapAddUser ($ldap, $cn." ".$cn, $template, $username, $userpw, $groups,$profile,$cn, $cn); } } function changeUser ($ldap, $uid, $cn,$profile, $sn) { global $base ; $filter="(&(objectClass=posixAccount)(uid=" . $uid . "))"; $want = array (); $result = ldap_search($ldap, $base, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $change = array (); $change["cn"][] = $cn ; $change["sn"][] = $sn ; $change["sabayonProfileName"][] = $profile ; @ldap_modify($ldap, $entries[0]["dn"], $change) ; showUser ($ldap,$uid); } function showGroup ($ldap, $gid) { global $useLisGroup, $smarty, $base, $authbase, $groupbase ; $filter="(&(objectClass=posixGroup)(gidNumber=" . $gid . "))"; $want = array ("memberUid", "member", "description", "cn", "objectClass") ; $searchbase=$groupbase ; $result = ldap_search($ldap, $searchbase, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $authentication= ( $entries[0]["member"]["count"] > 0 ); $smarty->assign('description', $entries[0]["description"][0]); $smarty->assign('cn', $entries[0]["cn"][0]); $smarty->assign('gid', $gid) ; if ($useLisGroup) { if (in_array ('lisAclGroup', $entries[0]["objectclass"])) $smarty->assign ('authentication', 'checked disabled'); else $smarty->assign ('authentication', 'disabled'); } else { $result = ldap_search ($ldap, $authbase, 'cn=' . $entries[0]["cn"][0]); if (ldap_count_entries ($ldap, $result)) $smarty->assign ('authentication', 'checked'); } $memberUid=$entries[0]["memberuid"]; $filter="" ; for ($i=0 ; $i < $memberUid["count"] ; $i++) { $filter .= "(uid=" . htmlspecialchars($memberUid[$i]) . ")" ; } $filter="(&(objectClass=posixAccount)(|" . $filter . "))" ; $want = array ("uid", "cn") ; $searchbase=$base ; $result = ldap_search($ldap, $searchbase, $filter, $want); ldap_sort($ldap,$result,"cn"); $entries = ldap_get_entries ($ldap, $result); $username = array () ; $display = array () ; for ($i=0 ; $i < $entries["count"] ; $i++) { $username[] = htmlspecialchars($entries[$i]["uid"][0]) ; $profile=get_profile($ldap,$entries[$i]['uid'][0]); $display[] = sprintf ("%s (%s)", htmlspecialchars($entries[$i]['cn'][0]) , htmlspecialchars($profile)) ; //$display[] = htmlspecialchars($entries[$i]["cn"][0]." KK") ; } $smarty->assign('username', $username) ; $smarty->assign('display', $display) ; $smarty->assign('servermode',$GLOBALS['servermode']); $smarty->display('admin_group_show.tpl') ; } function showUser ($ldap, $uid) { global $smarty, $base, $groupbase ; $filter ="(&(objectClass=posixAccount)(uid=" . $uid . "))"; $want = array ("uidNumber", "uid", "cn", "sn", "gidNumber", "sabayonProfileName") ; $searchbase = $base ; $result = ldap_search($ldap, $searchbase, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $count=$entries["count"] ; if ($count) { $cn = htmlspecialchars($entries[0]["cn"][0]); $sn = htmlspecialchars($entries[0]["sn"][0]); $uidNumber = htmlspecialchars($entries[0]["uidnumber"][0]); $gidNumber = htmlspecialchars($entries[0]["gidnumber"][0]); $sabayonProfileName=$entries[0]["sabayonprofilename"][0]; $filter = "(&(objectClass=posixGroup)(gidNumber=" . $gidNumber . ")(!(cn=nextID))(!(cn=lastID)))"; $want = array ("cn", "gidNumber","sn") ; $searchbase=$base ; $result = ldap_search($ldap, $searchbase, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $userGroup = htmlspecialchars($entries[0]["cn"][0]); $smarty->assign('uid', $uid) ; $smarty->assign('uidNumber', $uidNumber) ; $smarty->assign('cn', $cn) ; $smarty->assign('sn', $sn) ; $smarty->assign('userGroup', $userGroup) ; $smarty->assign('sabayonProfileName',$sabayonProfileName) ; $smarty->assign ('profiles',get_sabayon_list($ldap)) ; showUserGroups($ldap, $uid) ; $smarty->display ('admin_user_show.tpl') ; } else { printf (_("No matching objects") ."
") ; } } function showUserGroups ($ldap, $uid) { global $smarty, $useLisGroup, $groupbase, $base, $llxCreateGroup ; $filter="(&(objectClass=posixGroup)(memberUid=" . $uid . "))"; $want = array ("cn", "gidNumber") ; //$searchbase=$groupbase ; $searchbase=$llxCreateGroup; $result = ldap_search($ldap, $searchbase, $filter, $want); ldap_sort($ldap,$result,"cn"); $entries = ldap_get_entries ($ldap, $result); for ($i=0 ; $i < $entries["count"] ; $i++) { $memberValues[] = htmlspecialchars($entries[$i]["gidnumber"][0]) ; $memberDisplays[] = htmlspecialchars($entries[$i]["cn"][0]) ; } $filter="(&(objectClass=posixGroup)(!(memberUid=" . $uid . ")))"; $want = array ("cn", "gidNumber") ; $searchbase=$llxCreateGroup; $result = ldap_search($ldap, $searchbase, $filter, $want); ldap_sort($ldap,$result,"cn"); $entries = ldap_get_entries ($ldap, $result); for ($i=0 ; $i < $entries["count"] ; $i++) { if (!$useLisGroup && empty($entries[$i]['memberUid'])) { $filter = "(&(objectClass=posixAccount)(gidNumber=" . $entries[$i]["gidnumber"][0] . "))" ; $result = ldap_search ($ldap, $base, $filter, array ('dn')) ; if (ldap_count_entries ($ldap, $result) > 0) continue ; } $nonMemberValues[] = htmlspecialchars($entries[$i]["gidnumber"][0]) ; $nonMemberDisplays[] = htmlspecialchars($entries[$i]["cn"][0]) ; } $groupTarget='\'sub\'' ; $delAction ='\'userDelGroup&uid=' . $uid ; $delAction .= '&gid=\' + member.value' ; $addAction ='\'userAddGroup&uid=' . $uid ; $addAction .= '&gid=\' + nonmember.value'; $smarty->assign('memberValues', $memberValues) ; $smarty->assign('memberDisplays', $memberDisplays) ; $smarty->assign('nonMemberValues', $nonMemberValues) ; $smarty->assign('nonMemberDisplays', $nonMemberDisplays) ; $smarty->assign('groupTarget', $groupTarget) ; $smarty->assign('addAction', $addAction) ; $smarty->assign('delAction', $delAction) ; } function showResult ($ldap, $type, $text, $searchDisabled) { global $smarty, $useLisGroup, $base, $groupbase, $hostbase, $llxCreateGroup ; if ($text == "*") $text="" ; $replace = array ("(", ")", "\\", "\0") ; $with = array ("0x28", "0x29", "0x5c", "0x00") ; $text = str_replace ($replace, $with, $text) ; switch ($type) { case "User": if ($searchDisabled == 'true') $filter="(&(objectClass=posixAccount)(shadowFlag=1)" . "(|(cn=" . $text . "*)(uid=" . $text . "*)(sn=" . $text . "*)))"; else $filter="(&(objectClass=posixAccount)" . "(|(cn=" . $text . "*)(uid=" . $text . "*)(sn=" . $text . "*)))"; $want = array ("uidNumber", "uid", "cn", "sn") ; $searchbase=$base ; $action="showUser" ; $show="uid" ; break ; case "Group": if ($useLisGroup) $filter="(&(objectClass=posixGroup)(!(groupType=private))(cn=" . $text . "*))" ; else $filter="(&(objectClass=posixGroup)(cn=" . $text . "*))" ; $want = array ("gidNumber", "cn", "memberUid") ; //$searchbase=$groupbase ; $searchbase=$llxCreateGroup; $action="showGroup" ; $show="gidnumber" ; break ; case "Hosts": $filter="cn=" . $text . "*" ; $want = array ("cn") ; $searchbase=$hostbase ; $action="showHost" ; $show="cn" ; break ; default: return ; } $result = ldap_search($ldap, $searchbase, $filter, $want); ldap_sort($ldap,$result,"cn"); $entries = ldap_get_entries ($ldap, $result); $count=$entries["count"] ; if ($count > 50) printf (_("Too many entries, please narrow your search") . "
\n") ; elseif ($count) { for ($i=0 ; $i <= $count && $type == "Group" ; $i++) { if (empty($entries[$i]['memberuid'])) { $filter="(&(objectClass=posixAccount)(gidNumber=" . $entries[$i]['gidnumber'][0] . "))" ; $result = ldap_search ($ldap, $base, $filter, array ('dn')) ; if (ldap_count_entries ($ldap, $result) > 0) { array_splice($entries, $i + 1, 1) ; $i-- ; $count-- ; } } } for ($i=0 ; $i < $count ; $i++) { $value[]=htmlspecialchars($entries[$i][$show][0]) ; if ($type == "User") { $profile=get_profile($ldap,$entries[$i]['uid'][0]); $display[] = sprintf ("%s %s (%s)", //htmlspecialchars($entries[$i]['uid'][0]), htmlspecialchars($entries[$i]['cn'][0]) , htmlspecialchars($entries[$i]['sn'][0]) , htmlspecialchars($profile)) ; } else $display[] = htmlspecialchars($entries[$i]['cn'][0]) ; $dn[] = htmlspecialchars($entries[$i]['dn']) ; } $smarty->assign('searchDisabled', $searchDisabled) ; $smarty->assign('action', $action) ; $smarty->assign('value', $value) ; $smarty->assign('dn', $dn) ; $smarty->assign('display', $display) ; $smarty->assign('servermode',$GLOBALS['servermode']); $smarty->display('admin_result.tpl') ; } else { printf (_("No matching objects") . "
") ; } } function userAddForm () { global $smarty ; $admindn =$_SESSION['usuario']; $ldap=lwat_ldap(); $type=get_profile($ldap,$admindn); if ($type=='Admin'){ $templates = parse_ini_file ("/etc/lliurex-lwat/admin.ini", true); foreach ($templates as $name => $fields) $templname[] = $name ; $smarty->assign ('templates',$templname) ; $smarty->assign ('profiles',get_sabayon_list($ldap)) ; $target = '\'main\'' ; $action = '\'addUser&cn=\' + cn.value '; $action .= ' + \'&username=\' + username.value' ; $action .= ' + \'&template=\' + template.value' ; $action .= ' + \'&profile=\' + profile.value' ; $action .= ' + \'&sn=\' + sn.value' ; $smarty->assign ('target', $target) ; $smarty->assign ('action', $action) ; $smarty->display ('admin_user_add.tpl') ; }else{ printf (_("Sorry, you are not authorized") . "
") ; } } function importLwat () { global $smarty ; $admindn =$_SESSION['usuario']; $ldap=lwat_ldap(); $type=get_profile($ldap,$admindn); if ($type=='Admin'){ $templates = parse_ini_file ("/etc/lliurex-lwat/admin.ini", true); foreach ($templates as $name => $fields) $templname[] = $name ; $smarty->assign ('templates',$templname) ; $smarty->assign ('profiles',get_sabayon_list($ldap)) ; $target = '\'main\'' ; $action = '\'addUser&cn=\' + cn.value '; $action .= ' + \'&username=\' + username.value' ; $action .= ' + \'&template=\' + template.value' ; $action .= ' + \'&profile=\' + profile.value' ; $action = '\'&sn=\' + sn.value'; $smarty->assign ('target', $target) ; $smarty->assign ('action', $action) ; $smarty->display ('import_lwat.tpl') ; }else{ printf (_("Sorry, you are not authorized") . "
") ; } } function importGescen(){ //LLX Added in another happy day global $smarty ; $admindn =$_SESSION['usuario']; $ldap=lwat_ldap(); $type=get_profile($ldap,$admindn); if ($type=='Admin') { $templates = parse_ini_file ("/etc/lliurex-lwat/admin.ini", true); foreach ($templates as $name => $fields) $templname[] = $name ; $smarty->assign ('templates',$templname) ; $smarty->assign ('profiles',get_sabayon_list($ldap)) ; $target = '\'main\'' ; $action = '\'addUser&cn=\' + cn.value '; $action .= ' + \'&username=\' + username.value' ; $action .= ' + \'&template=\' + template.value' ; $action .= ' + \'&profile=\' + profile.value' ; $action .= ' + \'&sn=\' + sn.value' ; $smarty->assign ('target', $target) ; $smarty->assign ('action', $action) ; $smarty->display ('import_gescen.tpl') ; } else { printf (_("Sorry, you are not authorized") . "
") ; } } function delallusers() { global $smarty ; $admindn =$_SESSION['usuario']; $ldap=lwat_ldap(); $type=get_profile($ldap,$admindn); if ($type=='Admin') { $templates = parse_ini_file ("/etc/lliurex-lwat/admin.ini", true); foreach ($templates as $name => $fields) $templname[] = $name ; $smarty->assign ('templates',$templname) ; $smarty->assign ('profiles',get_sabayon_list($ldap)) ; $target = '\'main\'' ; $action = '\'addUser&cn=\' + cn.value '; $action .= ' + \'&username=\' + username.value' ; $action .= ' + \'&template=\' + template.value' ; $action .= ' + \'&profile=\' + profile.value' ; $action .= ' + \'&sn=\' + sn.value' ; $smarty->assign ('target', $target) ; $smarty->assign ('action', $action) ; $smarty->display ('llx_delete_users.tpl') ; } else { printf (_("Sorry, you are not authorized") . "
") ; } } function llx_host_add(){ global $smarty ; $admindn =$_SESSION['usuario']; $ldap=lwat_ldap(); $type=get_profile($ldap,$admindn); if ($type=='Admin'){ $templates = parse_ini_file ("/etc/lliurex-lwat/admin.ini", true); foreach ($templates as $name => $fields) $templname[] = $name ; $smarty->assign ('templates',$templname) ; $smarty->assign ('profiles',get_sabayon_list($ldap)) ; $target = '\'main\'' ; $action = '\'addUser&cn=\' + cn.value '; $action .= ' + \'&username=\' + username.value' ; $action .= ' + \'&template=\' + template.value' ; $action .= ' + \'&profile=\' + profile.value' ; $smarty->assign ('target', $target) ; $smarty->assign ('action', $action) ; $smarty->display ('llx_host_add.tpl') ; }else{ printf (_("Sorry, you are not authorized") . "
") ; } } function llx_host_del(){ global $smarty ; $admindn =$_SESSION['usuario']; $ldap=lwat_ldap(); $type=get_profile($ldap,$admindn); if ($type=='Admin'){ $templates = parse_ini_file ("/etc/lliurex-lwat/admin.ini", true); foreach ($templates as $name => $fields) $templname[] = $name ; $smarty->assign ('templates',$templname) ; $smarty->assign ('profiles',get_sabayon_list($ldap)) ; $target = '\'main\'' ; $action = '\'addUser&cn=\' + cn.value '; $action .= ' + \'&username=\' + username.value' ; $action .= ' + \'&template=\' + template.value' ; $action .= ' + \'&profile=\' + profile.value' ; $smarty->assign ('target', $target) ; $smarty->assign ('action', $action) ; $smarty->display ('llx_host_del.tpl') ; }else{ printf (_("Sorry, you are not authorized") . "
") ; } } function masiveChgPass($idgroup, $passwd, $ldap) { global $groupbase ; $filter="(&(objectClass=posixGroup)(gidNumber=" . $idgroup . "))"; $want = array ("memberUid", "member", "objectClass") ; $searchbase=$groupbase ; $result = ldap_search($ldap, $searchbase, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $authentication= ( $entries[0]["member"]["count"] > 0 ); $memberUid=$entries[0]["memberuid"]; $filter="" ; for ($i=0 ; $i < $memberUid["count"] ; $i++) { $filter .= "(uid=" . htmlspecialchars($memberUid[$i]) . ")" ; } $filter="(&(objectClass=posixAccount)(|" . $filter . "))" ; $want = array ("uid") ; $searchbase=$base ; $result = ldap_search($ldap, $searchbase, $filter, $want); ldap_sort($ldap,$result,"cn"); $entries = ldap_get_entries ($ldap, $result); $username = array () ; $display = array () ; for ($i=0 ; $i < $entries["count"] ; $i++) { $profile=get_profile($ldap,$entries[$i]['uid'][0]); changePass($entries[$i]['uid'][0],$passwd,$ldap,$profile); } } ## ## $group is student, teacher, other, ... ## function changePass($uid,$pass,$ldap,$group) { global $base; $filter="(&(objectClass=posixAccount)(uid=" . $uid . "))"; $want = array ('objectClass', 'uid', 'cn') ; $result= ldap_search ($ldap, $base, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $newpw = $pass ; $userGroup = $group; $cryptpw = cryptgen ($newpw); $sambahash = new smbHash () ; $info = array (); $info["userPassword"][] = $cryptpw ; if (in_array("sambaSamAccount", $entries[0]["objectclass"]) !== false) { $info["sambaLMPassword"][] = $sambahash->lmhash($newpw) ; $info["sambaNTPassword"][] = $sambahash->nthash($newpw); } $result = @ldap_modify ($ldap,$entries[0]["dn"],$info) ; if ($result) { printf('

'._("Changed password for %s ( %s ) to %s .").'

',$entries[0]['uid'][0],$entries[0]['cn'][0], $newpw ); llxUserSync("passwd", $entries[0]['dn'],$newpw,$userGroup); } else { $ldaperr = ldap_errno ($ldap) ; switch ($ldaperr) { case 50: printf ('

'._("Sorry, you are not allowed to change password for %s (%s)".'

'),$entries[0]['uid'][0], $entries[0]['cn'][0]) ; break ; default: reportLdapError ($ldaperr, "Changing password") ; } } } $key = lwat_key () ; $ldap=lwat_ldap (); if (lwat_login ($ldap, '', '', $key)) $action = readkey ('action') ; else $action = 'logout'; switch ($action) { case "userGenericGroup": global $llxCreateGroup; $type='Otro'; $admindn =$_SESSION['usuario']; $type=get_profile ($ldap,$admindn); $want = array ('cn','gidnumber') ; $filter = "(&(objectClass=posixGroup)(!(groupType=private)))" ; $base=$llxCreateGroup; $result = ldap_search ($ldap, $base, $filter, $want); ldap_sort($ldap,$result,"cn"); //ordenamos los resultados $entries = ldap_get_entries ($ldap, $result); $users = array () ; $groupsid = array () ; $users=$entries; for($i=0;$iassign ('type',$type) ; $smarty->assign ('groups',$groups) ; $smarty->assign ('groupsid',$groupsid) ; $smarty->display ('llx_generic_groups.tpl') ; break ; case "changePasswdGrp": $group= readKey('gid'); $passwd= readKey('pass'); masiveChgPass($group,$passwd,$ldap); break; case "userChangePasswd": $smarty->assign ('userdn',$_COOKIE['admindn']) ; $smarty->assign ('username',$_SESSION['usuario']) ; $smarty->display ('llx_chguserpw.tpl') ; break ; case "setpw": $newpw = readKey('userpw') ; $oldpw = readKey('oldpw') ; $chkpw = readKey('chkpw') ; if (strlen ($newpw) < $minPwLength ) printf (_("Sorry. The password is too short") . "
" ); elseif ($newpw <> $chkpw) printf (_("Sorry. The passwords must be the same") . "
" ); else { $userdn = readKey('userdn') ; $cryptpw = cryptgen ($newpw); $sambahash = new smbHash ; $info = array (); $info["userPassword"][] = $cryptpw ; if (readkey("sambaAccount") == 1) { $info["sambaLMPassword"][] = $sambahash->lmhash($newpw) ; $info["sambaNTPassword"][] = $sambahash->nthash($newpw); } if ($bind = ldap_bind ($ldap)) { $result= ldap_search ($ldap, $base, $filter, $want); $entries = ldap_get_entries ($ldap, $result); if ($entries[count] == 1) { $entry = $entries[0]; $admindn = $entry["dn"]; } $bind = ldap_bind ($ldap,$userdn,$oldpw) ; } if (! $bind) printf (_("Sorry. I'm not able to connect as %s.") . "
" , $userdn ); else { $result = ldap_modify ($ldap,$userdn,$info) ; if ($result) { print_r($userdn); printf (_("Changed password for %s") . "
" , getUser($userdn)); llxUserSync("passwd", $userdn,$newpw); } else printf (_("Failed to change password for %s.") . "
" , getUser($userdn)); } } break ; case "userReportsGroup": global $llxCreateGroup; $type='Otro'; $admindn =$_SESSION['usuario']; $type=get_profile ($ldap,$admindn); $want = array ('cn') ; $filter = "(&(objectClass=posixGroup)(!(groupType=private)))" ; $base=$llxCreateGroup; $result = ldap_search ($ldap, $base, $filter, $want); ldap_sort($ldap,$result,"cn"); //ordenamos los resultados $entries = ldap_get_entries ($ldap, $result); $users = array () ; $users=$entries; for($i=0;$iassign ('type',$type) ; $smarty->assign ('groups',$groups) ; $smarty->display ('llx_reports_groups.tpl') ; break ; case "userDoPromote": $userToPromote = array () ; foreach ($_POST as $key => $value) { if (strpos($key, 'checked_') === 0 ) { $userToPromote[] = $value ; } } if (empty ($userToPromote)) { printf (_("No users to promote")) ; break ; } foreach ($userToPromote as $value ) { $dn = ldap_explode_dn ($value, 0) ; $want = array ('uid') ; $filter = $dn[0] ; $result = ldap_search ($ldap, $base, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $uid=$entries[0]['uid'][0]; $want = array ('uidNumber','uid') ; $filter = $dn[0] ; $result = ldap_search ($ldap, $base, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $uidnumber=$entries[0]['uidnumber'][0]; $profile=get_profile($ldap,$entries[0]['uid'][0]); if($profile=="Profesor") { $want = array ('gidnumber') ; $filter = "(&(objectClass=posixGroup)(cn=admins))" ; $result = ldap_search ($ldap, $base, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $gidnumber=$entries[0]['gidnumber'][0]; $want = array ('memberUid') ; $filter = "(&(objectClass=posixGroup)(gidNumber=" .$gidnumber . "))" ; $result = ldap_search ($ldap, $base, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $administradores = array () ; $administradores=$entries[0]['memberuid']; $existe=false; foreach ($administradores as $key => $value) { if (strcmp($value,$uid)==0 ) { $existe = true ; } } if (!$existe && userAddGroup($ldap, $uid, $gidnumber)) printf(_("The user ".$uid." has been promoted")."
"); else printf(_("The user ".$uid." hasn't been promoted")."
"); } else printf (_("Only teachers can be promoted")."
"); } break ; case "userDoRemovePrivileges": $privilegesToDelete = array () ; foreach ($_POST as $key => $value) if (strpos($key, 'checked_') === 0 ) { $privilegesToDelete[] = $value ; } if (empty ($privilegesToDelete)) { printf (_("No users selected")) ; break ; } foreach ($privilegesToDelete as $value ) { $dn = ldap_explode_dn ($value, 0) ; $want = array ('uid') ; $filter = $dn[0] ; $result = ldap_search ($ldap, $base, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $uid=$entries[0]['uid'][0]; $want = array ('uidNumber','uid') ; $filter = $dn[0] ; $result = ldap_search ($ldap, $base, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $uidnumber=$entries[0]['uidnumber'][0]; $uid=$entries[0]['uid'][0]; $profile=get_profile($ldap,$uid); if($profile=="Admin") { //searching for the admins gidnumber $want = array ('gidnumber') ; $filter = "(&(objectClass=posixGroup)(cn=admins))" ; $result = ldap_search ($ldap, $base, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $gidnumber=$entries[0]['gidnumber'][0]; //getting the members of admins group $want = array ('memberUid') ; $filter = "(&(objectClass=posixGroup)(gidNumber=" .$gidnumber . "))" ; $result = ldap_search ($ldap, $base, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $administradores = array () ; $administradores=$entries[0]['memberuid']; //testing that the selected user is an Admin $existe=false; foreach ($administradores as $key => $value) { if (strcmp($value,$uid)==0 ) { $existe = true ; } } $adminsgroup="cn=admins,ou=Profiles,".$groupbase; $attrib['member']="uid=".$uid.",ou=Teachers,ou=People,".$base; $attrib['memberUid']=$uid; if ($existe && ldap_mod_del($ldap, $adminsgroup, $attrib)) printf(_("The user privileges have been removed (".$uid.")")."
"); else printf(_("The user privileges haven't been removed (".$uid.")")."
"); } else printf(_("The user selected is not a member of Admin group (".$uid.")")."
"); } break ; case "userPromote": $userToPromote = array () ; $memberUid = '' ; foreach ($_POST as $key => $value) if (strpos($key, 'checked_') === 0 ) { $want = array ('memberUid') ; $filter= '(&(objectClass=posixGroup))' ; $result = ldap_search ($ldap, $value, $filter, $want) ; $entries = ldap_get_entries ($ldap, $result) ; if ($entries[count]) for ($group = 0 ; $group < $entries[count] ; $group++) { $members = $entries[$group]['memberuid'] ; for ($member = 0 ; $member < $members[count] ; $member++) { $memberUid .= '(uid=' . htmlspecialchars($members[$member]) . ')' ; } } else { $userToPromote[] = $value ; } } if (! empty ($memberUid)) { $want = array () ; $filter = '(&(objectClass=posixAccount)(|' . $memberUid . '))' ; $result = ldap_search ($ldap, $base, $filter, $want) ; $entries = ldap_get_entries ($ldap, $result) ; for ($dn = 0 ; $dn < $entries[count] ; $dn++) $userToPromote[] =htmlspecialchars($entries[$dn]['dn']) ; } if (empty ($userToPromote)) { printf (_("No users to promote")) ; break ; } $smarty->assign ('userToPromote', $userToPromote) ; $smarty->display ('admin_user_promote.tpl') ; break ; case "userRemovePrivileges": $privilegesToRemove = array () ; $memberUid = '' ; foreach ($_POST as $key => $value) if (strpos($key, 'checked_') === 0 ) { $want = array ('memberUid') ; $filter= '(&(objectClass=posixGroup))' ; $result = ldap_search ($ldap, $value, $filter, $want) ; $entries = ldap_get_entries ($ldap, $result) ; if ($entries["count"]) for ($group = 0 ; $group < $entries[count] ; $group++) { $members = $entries[$group]['memberuid'] ; for ($member = 0 ; $member < $members[count] ; $member++) { $memberUid .= '(uid=' . htmlspecialchars($members[$member]) . ')' ; } } else { $privilegesToRemove[] = $value ; } } if (! empty ($memberUid)) { $want = array () ; $filter = '(&(objectClass=posixAccount)(|' . $memberUid . '))' ; $result = ldap_search ($ldap, $base, $filter, $want) ; $entries = ldap_get_entries ($ldap, $result) ; for ($dn = 0 ; $dn < $entries[count] ; $dn++) $privilegesToRemove[] =htmlspecialchars($entries[$dn]['dn']) ; } if (empty ($privilegesToRemove)) { printf (_("No users selected")) ; break ; } $smarty->assign ('privilegesToRemove', $privilegesToRemove) ; $smarty->display ('admin_user_remove_privileges.tpl') ; break ; case "userReports": $type='Otro'; $admindn =$_SESSION['usuario']; $type=get_profile ($ldap,$admindn); $smarty->assign ('type',$type) ; $templates = parse_ini_file ("/etc/lliurex-lwat/admin.ini", true); foreach ($templates as $name => $fields) $templname[] = $name ; $smarty->assign ('templates',$templname) ; $smarty->assign('urls', array("llx_users.php?rep=s","llx_users.php?rep=t","llx_users.php?rep=o")); $smarty->display ('llx_reports.tpl') ; break ; case "addGenericUsers": $admindn =$_SESSION['usuario']; $type=get_profile ($ldap,$admindn); if ($type=='Admin') { $templates = parse_ini_file ("/etc/lliurex-lwat/admin.ini", true); foreach ($templates as $name => $fields) $templname[] = $name ; $smarty->assign ('templates',$templname) ; $smarty->assign ('profiles',get_sabayon_list($ldap)) ; $smarty->assign ('gid', readkey ('gid')) ; $smarty->assign ('cn', readkey ('cn')) ; $smarty->assign ('sn', readkey ('sn')) ; $smarty->display ('llx_admin_group_add_users.tpl') ; } else { printf (_("Sorry, you are not authorized") . "
") ; } break ; case "createGenericUsers": $gid = readKey('gid') ; $gname = readKey('cn') ; $gsurname = readKey('sn'); $template = readKey('template') ; $profile = readKey('profile') ; $prefix = readKey('prefix') ; $number = readKey('number') ; $formatpwd = readKey('formatpwd') ; $pwdgen = readKey('pwdgen') ; $groups = readKey('groups') ; $passrandom=true; $prefix=substr($template,0,2); createUsers ($ldap, $gid, $gname, $template, $prefix, $number,$passrandom,$formatpwd,$pwdgen,$profile,$groups,$gsurname); showGroup ($ldap, $gid); break ; case "logout": session_destroy(); $smarty->display ('admin_relogin.tpl') ; break ; case "userAddForm": userAddForm () ; break ; /**************************** * * LLiureX Added * ****************************/ case "importLwat": importLwat(); break; case "importGescen": importGescen(); break; case "delallusers": delallusers(); break; case "llx_host_add"; llx_host_add(); break; case "llx_host_del"; llx_host_del(); break; /**************************** * * LLiureX Added End * ****************************/ case "groupAddForm": $admindn =$_SESSION['usuario']; $type=get_profile ($ldap,$admindn); if ($type=='Admin'){ $action ='\'addGroup&cn=\' + cn.value '; $action .= ' + \'&description=\' + description.value' ; $target = '\'main\'' ; $smarty->assign ('action', $action) ; $smarty->assign ('target', $target) ; $smarty->display ('admin_group_add.tpl') ; }else{ printf (_("Sorry, you are not authorized") . "
") ; } break ; case "machineAddForm": $action ='\'addHost&cn=\' + cn.value '; $action .= ' + \'&domain=\' + domain.value' ; $action .= ' + \'&ipaddress=\' + ipaddress.value' ; $action .= ' + \'&macaddress=\' + macaddress.value' ; $target = '\'main\'' ; $smarty->assign ('action', $action) ; $smarty->assign ('target', $target) ; $smarty->display ('admin_host_add.tpl') ; break ; case "groupSearch": $searchFor=readKey('Name') ; if ($searchFor <> "") showResult ($ldap, 'Group', $searchFor, ''); break ; case "groupSearchForm": $admindn =$_SESSION['usuario']; $type=get_profile ($ldap,$admindn); if ($type=='Profesor' || $type=='Admin'){ $smarty->display('admin_group_search.tpl') ; }else{ printf (_("Sorry, you are not authorized") . "
") ; } break ; case "userSearch": $searchFor=readKey('Name') ; if ($searchFor <> "") showResult ($ldap, 'User', $searchFor, readKey('searchDisabled')) ; break ; case "userSearchForm": $result=ldap_search ($ldap, $base, "(&(objectClass=posixAccount)(shadowFlag=1))",array () ) ; $smarty->assign ('searchDisabled', ldap_count_entries ($ldap, $result)) ; $smarty->display('admin_user_search.tpl') ; break ; case "showUser": showUser ($ldap, readKey('text')); break ; case "userDelGroup": $uid = readKey('uid') ; userDelGroup ($ldap, $uid, readKey('gid')); showUserGroups ($ldap, $uid); $smarty->display('admin_user_show_group.tpl') ; break ; case "hostDelGroup": $cn = readKey('cn') ; hostDelGroup ($ldap, $cn, readKey('group')); showHostGroups ($ldap, $cn); $smarty->display('admin_host_show_group.tpl') ; break ; case "hostAddGroup": $cn = readKey('cn') ; hostAddGroup ($ldap, $cn, readKey('group')); showHostGroups ($ldap, $cn); $smarty->display('admin_host_show_group.tpl') ; break ; case "userAddGroup": $uid = readKey('uid') ; userAddGroup ($ldap, $uid, readKey('gid')); showUserGroups ($ldap, $uid); $smarty->display('admin_user_show_group.tpl') ; break ; case "changeUser": changeUser ($ldap, readKey('uid'), readKey('cn'),readKey('profile'), readKey('sn')); break ; case "changeGroup": changeGroup ($ldap, readKey('gid'), readKey('cn'), readKey('description'), (readKey('auth') == 'true')); break ; case "showGroup": showGroup ($ldap,readKey('text')); break ; case "addUser": $cn = readKey('cn') ; $template = readKey('template') ; $username = readKey ('username'); $profile = readKey ('profile'); $sn = readKey('sn') ; addUser ($ldap, $cn, $template, $username,$profile,$sn); break ; case "groupDelete": $groupToDelete = array () ; foreach ($_POST as $key => $value) if (strpos($key, 'checked_') === 0 ) { $entry = ldap_explode_dn ($value, 1); $groupToDelete[] = $entry[0] ; } if (empty ($groupToDelete)) { printf (_("No groups to delete")) ; break ; } $smarty->assign ('groupToDelete', $groupToDelete) ; $smarty->display ('admin_group_delete.tpl') ; break ; case "groupDoDelete": $groupToDelete = array () ; foreach ($_POST as $key => $value) if (strpos($key, 'checked_') === 0 ) $groupToDelete[] = $value ; if (empty ($groupToDelete)) { printf (_("No groups to delete")) ; break ; } foreach ($groupToDelete as $cn ) { $want = array ('cn') ; $filter = '(&(|(objectClass=posixGroup)(member=*))(cn=' . $cn . '))' ; ; $result = ldap_search ($ldap, $base, $filter, $want); $entries = ldap_get_entries ($ldap, $result); for ($i = 0 ; $i < $entries[count] ; $i++) { if (ldap_delete ($ldap, $entries[$i]["dn"])) printf(_("Group %s deleted") . "
", $entries[$i]["dn"]) ; } } break ; case "userEnable": $userToEnable = array () ; $memberUid = '' ; foreach ($_POST as $key => $value) if (strpos($key, 'checked_') === 0 ) { $want = array ('memberUid') ; $filter= '(&(objectClass=posixGroup))' ; $result = ldap_search ($ldap, $value, $filter, $want) ; $entries = ldap_get_entries ($ldap, $result) ; if ($entries[count]) for ($group = 0 ; $group < $entries[count] ; $group++) { $members = htmlspecialchars($entries[$group]['memberuid']) ; for ($member = 0 ; $member < $members[count] ; $member++) { $memberUid .= '(uid=' . $members[$member] . ')' ; } } else { $userToEnable[] = $value ; } } if (!empty ($memberUid)) { $want = array () ; $filter = '(&(objectClass=posixAccount)(|' . $memberUid . '))' ; $result = ldap_search ($ldap, $base, $filter, $want) ; $entries = ldap_get_entries ($ldap, $result) ; for ($dn = 0 ; $dn < $entries[count] ; $dn++) $userToEnable[] =htmlspecialchars($entries[$dn]['dn']) ; } if (empty ($userToEnable)) { printf (_("No users to enable")) ; break ; } $smarty->assign ('userToEnable', $userToEnable) ; $smarty->display ('admin_user_enable.tpl') ; break ; case "userDoEnable": $userToEnable = array () ; foreach ($_POST as $key => $value) if (strpos($key, 'checked_') === 0 ) { $userToEnable[] = $value ; } if (empty ($userToEnable)) { printf (_("No users to enable")) ; break ; } $want = array ('cn') ; foreach ($userToEnable as $value ) { $enable['shadowFlag'] = '0' ; $enable['loginShell'] = '/bin/bash' ; $enable['sambaAcctFlags'] = '[U ]' ; @ldap_modify ($ldap, $value, $enable); } break ; case "userDisable": $userToDisable = array () ; $memberUid = '' ; foreach ($_POST as $key => $value) if (strpos($key, 'checked_') === 0 ) { $want = array ('memberUid') ; $filter= '(&(objectClass=posixGroup))' ; $result = ldap_search ($ldap, $value, $filter, $want) ; $entries = ldap_get_entries ($ldap, $result) ; if ($entries[count]) for ($group = 0 ; $group < $entries[count] ; $group++) { $members = htmlspecialchars($entries[$group]['memberuid']) ; for ($member = 0 ; $member < $members[count] ; $member++) { $memberUid .= '(uid=' . $members[$member] . ')' ; } } else { $userToDisable[] = $value ; } } if (! empty ($memberUid)) { $want = array () ; $filter = '(&(objectClass=posixAccount)(|' . $memberUid . '))' ; $result = ldap_search ($ldap, $base, $filter, $want) ; $entries = ldap_get_entries ($ldap, $result) ; for ($dn = 0 ; $dn < $entries[count] ; $dn++) $userToDisable[] =htmlspecialchars($entries[$dn]['dn']) ; } if (empty ($userToDisable)) { printf (_("No users to disable")) ; break ; } $smarty->assign ('userToDisable', $userToDisable) ; $smarty->display ('admin_user_disable.tpl') ; break ; case "userDoDisable": $userToDisable = array () ; foreach ($_POST as $key => $value) if (strpos($key, 'checked_') === 0 ) { $userToDisable[] = $value ; } if (empty ($userToDisable)) { printf (_("No users to disable")) ; break ; } $want = array ('cn') ; foreach ($userToDisable as $value ) { $disable['shadowFlag'] = '1' ; $disable['loginShell'] = 'DISABLED!/bin/bash' ; $disable['sambaAcctFlags'] = '[DU ]' ; @ldap_modify ($ldap, $value, $disable); } break ; case "userDelete": $userToDelete = array () ; $memberUid = '' ; foreach ($_POST as $key => $value) if (strpos($key, 'checked_') === 0 ) { $want = array ('memberUid') ; $filter= '(&(objectClass=posixGroup))' ; $result = ldap_search ($ldap, $value, $filter, $want) ; $entries = ldap_get_entries ($ldap, $result) ; if ($entries[count]) for ($group = 0 ; $group < $entries[count] ; $group++) { $members = $entries[$group]['memberuid'] ; for ($member = 0 ; $member < $members[count] ; $member++) { $memberUid .= '(uid=' . htmlspecialchars($members[$member]) . ')' ; } } else { $userToDelete[] = $value ; } } if (! empty ($memberUid)) { $want = array () ; $filter = '(&(objectClass=posixAccount)(|' . $memberUid . '))' ; $result = ldap_search ($ldap, $base, $filter, $want) ; $entries = ldap_get_entries ($ldap, $result) ; for ($dn = 0 ; $dn < $entries[count] ; $dn++) $userToDelete[] =htmlspecialchars($entries[$dn]['dn']) ; } if (empty ($userToDelete)) { printf (_("No users to delete")) ; break ; } $smarty->assign ('userToDelete', $userToDelete) ; $smarty->display ('admin_user_delete.tpl') ; break ; case "userDoDelete": $userToDelete = array () ; foreach ($_POST as $key => $value) { if (strpos($key, 'checked_') == 0 )$userToDelete[] = $value ; } if (empty ($userToDelete)) { printf (_("No users to delete")) ; break ; } $userToDelete = array_splice($userToDelete,1); ldapDelUser($userToDelete,$ldap,$base); foreach($userToDelete as $deluser) { // Clean uid for print $deluser = split('=',$deluser); $deluser = split(',',$deluser[1]); printf (_("User ".$deluser[0]." has been deleted
")); } break ; case "addGroup": addGroup ($ldap, readKey('cn'), readKey('description')); break ; case "changeHost": changeHost ($ldap, readKey('cn'), readKey('domain'), readKey('ipaddress'), readKey('macaddress'), readKey ('sambaHost') == 'true'); break ; case "addHost": addHost ($ldap, readKey('cn'), readKey('domain'), readKey('ipaddress'), readKey('macaddress')); break ; case "getexport": $name=readKey('name'); $root=readKey('parent'); if ($name == "") $export= "" ; else { $display = ldap_explode_dn (substr($root,0,strpos($root, $automountbase) - 1), 1) ; $displaystr = sprintf ("%s:", $display[$display[count] - 2 ]) ; for ($i = $display[count] ; $i-- > 0 ; ) $displaystr = sprintf ("%s/%s", $displaystr, $display[$i]) ; $export = sprintf ("%s/%s", $displaystr, $name) ; } printf ('', $export) ; break ; case "getUsername": $cn=readKey('cn'); $sn=readKey('sn'); if ($cn == "") { $username= "" ; } else $username = get_username ($ldap, $cn." ".$sn) ; printf ('', $username) ; break ; case "getdomainandip": $cn=readKey('cn'); $domain=readKey('domain'); if ($cn == "") $hostIP= "" ; else { if ($domain == "") $hostIP = gethostbyname ($cn) ; else $hostIP = gethostbyname ($cn . "." . $domain . ".") ; } if ($domain == "") { $fullname = @strtolower(gethostbyaddr ($hostIP)) ; $pos = strpos ($fullname, $cn) ; if ($pos === false) $domain = "" ; else $domain = substr ($fullname, strlen($cn) + 1) ; } if ($hostIP == $cn) $hostIP = "" ; printf ('', $domain) ; printf ('

'); printf ('

', $hostIP) ; printf ('

'); break ; case "newPassSet": $filter="(&(objectClass=posixAccount)(uid=" . readKey('uid') . "))"; $want = array ('objectClass', 'uid', 'cn') ; $result= ldap_search ($ldap, $base, $filter, $want); $entries = ldap_get_entries ($ldap, $result); $newpw = readkey('newpw') ; $userGroup = readKey('userGroup'); $cryptpw = cryptgen ($newpw); $sambahash = new smbHash () ; $info = array (); $info["userPassword"][] = $cryptpw ; if (in_array("sambaSamAccount", $entries[0]["objectclass"]) !== false) { $info["sambaLMPassword"][] = $sambahash->lmhash($newpw) ; $info["sambaNTPassword"][] = $sambahash->nthash($newpw); } $result = @ldap_modify ($ldap,$entries[0]["dn"],$info) ; if ($result) { printf('

'._("Changed password for %s ( %s ) to %s .").'

',$entries[0]['uid'][0],$entries[0]['cn'][0], $newpw ); llxUserSync("passwd", $entries[0]['dn'],$newpw,$userGroup); } else { $ldaperr = ldap_errno ($ldap) ; switch ($ldaperr) { case 50: printf ('

'._("Sorry, you are not allowed to change password for %s (%s)".'

'),$entries[0]['uid'][0], $entries[0]['cn'][0]) ; break ; default: reportLdapError ($ldaperr, "Changing password") ; } } showUser ($ldap, $entries[0]['uid'][0]); break ; case "newPassAsk": $uid=readKey('uid') ; $userGroup=readKey('userGroup'); // printf ('
') ; printf ('') ; break ; case "machineSearchForm": $smarty->display('admin_machine_search.tpl') ; break ; case "machineSearch": $searchFor=readKey('Name') ; if ($searchFor <> "") showResult ($ldap, 'Hosts', $searchFor, ''); break ; case "showHost": showHost ($ldap, readKey('text')); break ; case "hostsDelete": $hostToDelete = array () ; foreach ($_POST as $key => $value) { if (strpos($key, 'checked_') === 0 ) { $hostToDelete[] = $value ; } } if (empty ($hostToDelete)) { printf (_("No hosts to delete")) ; break ; } $smarty->assign ('hostToDelete', $hostToDelete) ; $smarty->display ('admin_host_delete.tpl') ; break ; case "automountdetail": autoMountDetail (readKey ("dn")) ; break ; case "automount": autoMount (readKey ("ou")) ; break ; case "hostsDoDelete": $hostToDelete = array () ; foreach ($_POST as $key => $value) if (strpos($key, 'checked_') === 0 ) { $hostToDelete[] = $value ; } if (empty ($hostToDelete)) { printf (_("No hosts to delete")) ; break ; } $want = array ('nisNetGroupTriple', 'cn') ; foreach ($hostToDelete as $value ) { $dn = ldap_explode_dn ($value, 1) ; $filter = "nisNetGroupTriple=*" ; $result = ldap_search ($ldap, $netgroupbase, $filter, $want); $entries = ldap_get_entries ($ldap, $result); for ($i = 0 ; $i < $entries[count] ; $i++) { if (in_array ('(' . $dn[0] . ',-,-)', $entries[$i]["nisnetgrouptriple"])) hostDelGroup ($ldap, $dn[0], $entries[$i]["cn"][0]) ; } ldap_delete ($ldap, $value) ; } break ; case "amountdel": $dn=readkey("dn") ; $dnarray = ldap_explode_dn (substr($dn,0,strpos($dn, $automountbase) - 1), 1) ; $dnstr = "" ; for ($i = $dnarray[count] ; $i-- > 0 ; ) $dnstr = sprintf ("%s/%s", $dnstr, $dnarray[$i]) ; $filter = "objectCLass=*" ; $want = array ("dn", "objectClass") ; $result = ldap_search ($ldap, $dn, $filter, $want); $entries = ldap_get_entries ($ldap, $result); if ($entries[count] > 1) printf (_("Sorry, you need to delete all child mountpoints and shares before deleting the mountpoint %s"), $dnstr); elseif (readkey('Confirm') == "yes") { ldap_delete ($ldap, $dn) ; $cn = "cn=" . substr ($dn, 3) ; @ldap_delete ($ldap, $cn) ; $viewdn=substr ($dn, strpos($cn, ',ou=') +1) ; if ($viewdn == $automountbase) { $cn=sprintf ("cn=/%s,ou=auto.master,%s", substr ($dn, 3, strpos($cn, ',ou=') - 3), $viewdn) ; @ldap_delete ($ldap, $cn) ; $viewdn = "" ; } automount ($viewdn) ; } else { $smarty->assign ('deldn', $dn) ; $smarty->assign ('delstr', $dnstr) ; $smarty->display ('admin_automount_delete.tpl') ; } break ; case "amountpoint": $root=readkey("root") ; $displaystr = "" ; $display = ldap_explode_dn (substr($root,0,strpos($root, $automountbase) - 1), 1) ; for ($i = $display[count] ; $i-- > 0 ; ) $displaystr = sprintf ("%s/%s", $displaystr, $display[$i]) ; $smarty->assign ('title', sprintf (_("Sharename under %s/"), $displaystr )) ; $smarty->assign ('parent' , $root) ; $smarty->assign ('options', 'rw,rsize=8192,wsize=8192,intr') ; $smarty->display ('admin_automount_edit.tpl'); break ; case "amountadd": $root=readkey("root") ; $add=readkey("name") ; $export=readkey("export") ; $options = readkey ('options') ; if (!empty($add)) { if (empty($root)) { $add = sprintf ("/%s", $add) ; $info["objectClass"] = Array("top","Automount"); $info["cn"] = $add ; $info["Description"] = sprintf ("%s mount point", $add) ; $addou=explode("/", $add) ; $newbase = $automountbase ; for ($i = 0 ; $i < count ($addou); $i++) if (!empty($addou[$i])) { $newbase = sprintf ("ou=%s,%s", $addou[$i],$newbase) ; $lastou = $addou[$i] ; } $info["automountInformation"] = sprintf ("ldap:%s", $newbase) ; $dn = sprintf("cn=%s,ou=auto.master,%s", $add, $automountbase) ; @ldap_add ($ldap, $dn, $info) ; unset ($info) ; $info["objectClass"] = array ("top", "organizationalUnit") ; $info["ou"] = $lastou ; $info["description"] = sprintf ("holder for %s mount point", $add) ; @ldap_add ($ldap, $newbase, $info) ; $dn = sprintf ("ou=%s,%s", substr($add,1), $automountbase) ; } elseif (empty($export) && empty ($options)) { $info["objectClass"] = Array("top","Automount"); $info["cn"] = $add ; $info["automountInformation"] = sprintf ("-fstype=autofs ldap:ou=%s,%s", $add,$root) ; $display = "" ; $dn = sprintf("cn=%s,%s", $add, $root) ; $display = ldap_explode_dn (substr($dn,0,strpos($dn, $automountbase) - 1), 1) ; for ($i = $display[count] ; $i-- > 0 ; ) $displaystr = sprintf ("%s/%s", $displaystr, $display[$i]) ; $info["Description"] = sprintf ("%s submount point", $displaystr) ; @ldap_add ($ldap, $dn, $info) ; unset ($info) ; $info["objectClass"] = Array("top","organizationalUnit"); $info["ou"] = $add ; $info["Description"] = sprintf ("holder for %s submount point", $displaystr) ; $dn = sprintf("ou=%s,%s", $add, $root) ; @ldap_add ($ldap, $dn, $info) ; } elseif (empty($export) || empty($options)) printf (_("Sorry, you need to enter both an exportpath and options to define a automount share")) ; else { $dn = sprintf("cn=%s,%s", $add, $root) ; $info["objectClass"] = Array("top","Automount"); $info["cn"] = $add ; $info["automountInformation"] = sprintf ("-%s %s", $options, $export) ; $display = ldap_explode_dn (substr($dn,0,strpos($dn, $automountbase) - 1), 1) ; for ($i = $display[count] ; $i-- > 0 ; ) $displaystr = sprintf ("%s/%s", $displaystr, $display[$i]) ; $info["Description"] = sprintf ("%s mount point", $displaystr) ; @ldap_add ($ldap, $dn, $info) ; } autoMount ($dn) ; } else { if (empty($root)) { $suggest = explode (".", $domain) ; $count = count($suggest) ; if ($count > 1) $smarty->assign ('suggest', sprintf ("%s", $suggest[$count - 2])) ; else $smarty->assign ('suggest', $suggest=sprintf ("%s", $suggest[0])) ; $smarty->assign ('title', _("New automount root")) ; } else { $displaystr = "" ; $display = ldap_explode_dn (substr($root,0,strpos($root, $automountbase) - 1), 1) ; for ($i = $display[count] ; $i-- > 0 ; ) $displaystr = sprintf ("%s/%s", $displaystr, $display[$i]) ; $smarty->assign ('title', sprintf (_("New automount submount point under %s/"), $displaystr)) ; } $smarty->assign ('parent' , $root) ; $smarty->display ('admin_automount_edit.tpl'); } break ; default: echo "Function not implemented (yet). This is som debug info:" ; debug ($_POST); break ; } ldap_close ($ldap); ?>

') ; printf (_("Are you sure you want to set a new password?") . ' ') ; printf ('
') ; printf (_("Suggested password: ")) ; printf (' ', pwgen(), ($allowPwSet ? "" : "readonly") ) ; printf ('
') ; printf (' ') ; printf ('', $uid,$userGroup) ; printf ('', $uid) ; printf ('