From a4183a88fcb3ca84c6a6360c303f9d972b65137a Mon Sep 17 00:00:00 2001 From: Benjamin Renard Date: Wed, 9 Sep 2020 19:00:55 +0200 Subject: [PATCH] Improve Samba support using LSaddon::samba --- src/conf/LSaddons/config.LSaddons.samba.php | 39 +- .../LSobjects/config.LSobjects.LSpeople.php | 124 +++- src/includes/addons/LSaddons.samba.php | 688 +++++++++++------- src/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.po | 23 +- src/lang/fr_FR.UTF8/lang.php | 27 + src/lang/ldapsaisie.pot | 14 +- 6 files changed, 597 insertions(+), 318 deletions(-) diff --git a/src/conf/LSaddons/config.LSaddons.samba.php b/src/conf/LSaddons/config.LSaddons.samba.php index a0a49b56..5baa065a 100644 --- a/src/conf/LSaddons/config.LSaddons.samba.php +++ b/src/conf/LSaddons/config.LSaddons.samba.php @@ -22,41 +22,44 @@ /* ************************************************** - * Données de configuration pour le support SAMBA * + * SAMBA support configuration * ************************************************** */ -// SID du domaine Samba géré -define('LS_SAMBA_DOMAIN_SID','S-1-5-21-2421470416-3566881284-3047381809'); +// SID of the samba managed domain +define('LS_SAMBA_DOMAIN_SID', 'S-1-5-21-2421470416-3566881284-3047381809'); -// Nom du domaine Samba géré (sambaDomainName) -define('LS_SAMBA_DOMAIN_NAME','LS'); +// Name of the samba managed domain (sambaDomainName) +define('LS_SAMBA_DOMAIN_NAME', 'LS'); -// Le DN de l'objet sambaDomain du domaine -define('LS_SAMBA_DOMAIN_OBJECT_DN','sambaDomainName=LS,o=ls'); +// DN of the sambaDomain object of the domain +define('LS_SAMBA_DOMAIN_OBJECT_DN', 'sambaDomainName=LS,o=ls'); -// Nombre de base pour le calcul des sambaSID Utilisateur -define('LS_SAMBA_SID_BASE_USER',1000); +// DN of the sambaUnixIdPool object (optional, default: LS_SAMBA_DOMAIN_OBJECT_DN) +//define('LS_SAMBA_UNIX_ID_POOL_DN', null); -// Nombre de base pour le calcul des sambaSID Groupe -define('LS_SAMBA_SID_BASE_GROUP',1001); +// Base number to calculate user sambaSID +define('LS_SAMBA_SID_BASE_USER', 1000); + +// Base number to calculate group sambaSID +define('LS_SAMBA_SID_BASE_GROUP', 1001); /** - * NB : C'est deux nombres doivent être pour l'un paire et pour l'autre impaire - * pour conserver l'unicité des SID + * NB : This two numbers must be for one even and for the other odd to maintain the + * uniqueness of the SIDs. **/ -// Nom de l'attribut LDAP uidNumber +// LDAP attribute uidNumber name define('LS_SAMBA_UIDNUMBER_ATTR','uidNumber'); -// Nom de l'attribut LDAP gidNumber +// LDAP attribute gidNumber name define('LS_SAMBA_GIDNUMBER_ATTR','gidNumber'); -// Nom de l'attribut LDAP userPassword +// LDAP attribute userPassword name define('LS_SAMBA_USERPASSWORD_ATTR','userPassword'); -// Format du chemin du home +// Format of the users's home directory value define('LS_SAMBA_HOME_PATH_FORMAT','\\SERVER\%{uid}'); -// Format du chemin du profile +// Format of the users's samba profile path value define('LS_SAMBA_PROFILE_PATH_FORMAT','\\SERVER\profiles\%{uid}'); diff --git a/src/conf/LSobjects/config.LSobjects.LSpeople.php b/src/conf/LSobjects/config.LSobjects.LSpeople.php index 1015a158..22c91e0f 100644 --- a/src/conf/LSobjects/config.LSobjects.LSpeople.php +++ b/src/conf/LSobjects/config.LSobjects.LSpeople.php @@ -144,12 +144,18 @@ $GLOBALS['LSobjects']['LSpeople'] = array ( 'label' => 'Samba', 'args' => array ( 'sambaSID', + 'sambaPrimaryGroupSID', 'sambaAcctFlags', + 'sambaHomeDrive', + 'sambaHomePath', + 'sambaProfilePath', + 'sambaLogonScript', 'sambaLogonTime', 'sambaLogoffTime', 'sambaKickoffTime', 'sambaLMPassword', 'sambaNTPassword', + 'sambaPwdLastSet', 'sambaPwdMustChange', 'sambaPwdCanChange', ) @@ -255,7 +261,9 @@ $GLOBALS['LSobjects']['LSpeople'] = array ( 'create' => 1 ), 'dependAttrs' => array( - 'homeDirectory' + 'homeDirectory', + 'sambaHomePath', + 'sambaProfilePath', ) ), /* ----------- end -----------*/ @@ -266,7 +274,7 @@ $GLOBALS['LSobjects']['LSpeople'] = array ( 'ldap_type' => 'numeric', 'html_type' => 'text', 'required' => 1, - 'generate_function' => 'generate_uidNumber_withSambaDomainObject', + 'generate_function' => 'generate_samba_uidNumber', 'check_data' => array ( 'numeric' => array( 'msg' => "The numeric identifier must be an integer." @@ -412,6 +420,9 @@ $GLOBALS['LSobjects']['LSpeople'] = array ( 'form' => array ( 'modify' => 1, 'create' => 1 + ), + 'dependAttrs' => array( + 'sambaPrimaryGroupSID', ) ), /* ----------- end -----------*/ @@ -702,6 +713,23 @@ $GLOBALS['LSobjects']['LSpeople'] = array ( ), /* ----------- end -----------*/ + /* ----------- start -----------*/ + 'sambaPrimaryGroupSID' => array ( + 'label' => 'Samba primary group identifier', + 'ldap_type' => 'ascii', + 'html_type' => 'text', + 'required' => 1, + 'generate_function' => 'generate_sambaPrimaryGroupSID', + 'rights' => array( + 'admin' => 'r' + ), + 'view' => 1, + 'form' => array ( + 'modify' => 0 + ) + ), + /* ----------- end -----------*/ + /* ----------- start -----------*/ 'sambaAcctFlags' => array ( 'label' => 'Samba account flags', @@ -720,6 +748,74 @@ $GLOBALS['LSobjects']['LSpeople'] = array ( ), /* ----------- end -----------*/ + /* ----------- start -----------*/ + 'sambaHomeDrive' => array ( + 'label' => 'Samba network drive of the home directory', + 'ldap_type' => 'ascii', + 'html_type' => 'text', + 'required' => 1, + 'default_value' => 'Z:', + 'rights' => array( + 'admin' => 'w' + ), + 'view' => 1, + 'form' => array ( + 'modify' => 1 + ) + ), + /* ----------- end -----------*/ + + /* ----------- start -----------*/ + 'sambaHomePath' => array ( + 'label' => 'Samba network path of the home directory', + 'ldap_type' => 'ascii', + 'html_type' => 'text', + 'required' => 1, + 'generate_function' => 'generate_sambaHomePath', + 'rights' => array( + 'admin' => 'w' + ), + 'view' => 1, + 'form' => array ( + 'modify' => 0 + ) + ), + /* ----------- end -----------*/ + + /* ----------- start -----------*/ + 'sambaProfilePath' => array ( + 'label' => 'Samba network path of the profile', + 'ldap_type' => 'ascii', + 'html_type' => 'text', + 'required' => 1, + 'generate_function' => 'generate_sambaProfilePath', + 'rights' => array( + 'admin' => 'w' + ), + 'view' => 1, + 'form' => array ( + 'modify' => 0 + ) + ), + /* ----------- end -----------*/ + + /* ----------- start -----------*/ + 'sambaLogonScript' => array ( + 'label' => 'Samba logon script', + 'ldap_type' => 'ascii', + 'html_type' => 'text', + 'required' => 1, + 'default_value' => 'logon.bat', + 'rights' => array( + 'admin' => 'w' + ), + 'view' => 1, + 'form' => array ( + 'modify' => 0 + ) + ), + /* ----------- end -----------*/ + /* ----------- start -----------*/ 'sambaLogonTime' => array ( 'label' => 'Samba last logon time', @@ -823,6 +919,30 @@ $GLOBALS['LSobjects']['LSpeople'] = array ( ), /* ----------- end -----------*/ + /* ----------- start -----------*/ + 'sambaPwdLastSet' => array ( + 'label' => 'Samba password last change time', + 'ldap_type' => 'date', + 'ldap_options' => array( + 'timestamp' => True, + ), + 'html_type' => 'date', + 'html_options' => array( + 'time' => True, + 'showTodayButton' => False, + ), + 'generate_function' => 'generate_sambaPwdLastSet', + 'no_value_label' => 'Never', + 'rights' => array( + 'admin' => 'w' + ), + 'view' => 1, + 'form' => array ( + 'modify' => 0 + ) + ), + /* ----------- end -----------*/ + /* ----------- start -----------*/ 'sambaPwdMustChange' => array ( 'label' => 'Samba password must change', diff --git a/src/includes/addons/LSaddons.samba.php b/src/includes/addons/LSaddons.samba.php index 93856488..bb4d4951 100644 --- a/src/includes/addons/LSaddons.samba.php +++ b/src/includes/addons/LSaddons.samba.php @@ -24,28 +24,28 @@ // Support LSerror :: defineError('SAMBA_SUPPORT_01', - ___("SAMBA Support : Unable to load smbHash class.") + ___("SAMBA Support: Unable to load smbHash class.") ); LSerror :: defineError('SAMBA_SUPPORT_02', - ___("SAMBA Support : The constant %{const} is not defined.") + ___("SAMBA Support: The constant %{const} is not defined.") ); LSerror :: defineError('SAMBA_SUPPORT_03', - ___("SAMBA Support : The constants LS_SAMBA_SID_BASE_USER and LS_SAMBA_SID_BASE_GROUP must'nt have the same parity to keep SambaSID's unicity.") + ___("SAMBA Support: The constants LS_SAMBA_SID_BASE_USER and LS_SAMBA_SID_BASE_GROUP must'nt have the same parity to keep SambaSID's unicity.") ); // Autres erreurs LSerror :: defineError('SAMBA_01', - ___("SAMBA Support : The attribute %{dependency} is missing. Unable to forge the attribute %{attr}.") + ___("SAMBA Support: The attribute %{dependency} is missing. Unable to forge the attribute %{attr}.") ); LSerror :: defineError('SAMBA_02', - ___("SAMBA Support : Can't get the sambaDomain object.") + ___("SAMBA Support: Can't get the sambaUnixIdPool object.") ); LSerror :: defineError('SAMBA_03', - ___("SAMBA Support : Error modifying the sambaDomain object.") + ___("SAMBA Support: Error modifying the sambaUnixIdPool object.") ); LSerror :: defineError('SAMBA_04', - ___("SAMBA Support : The %{attr} of the sambaDomain object is incorrect.") + ___("SAMBA Support: The %{attr} of the sambaUnixIdPool object is incorrect.") ); // CONSTANTES @@ -53,140 +53,188 @@ LSerror :: defineError('SAMBA_04', // Le temps infini au sens NT define('LS_SAMBA_INFINITY_TIME',2147483647); - /** - * Verification du support Samba par ldapSaisie - * - * @author Benjamin Renard - * - * @retval boolean true si Samba est pleinement supporté, false sinon - */ - function LSaddon_samba_support() { +/** + * Check LdapSaisie Samba support + * + * @author Benjamin Renard + * + * @retval boolean True if Samba is fully supported, false otherwise + */ +function LSaddon_samba_support() { - $retval=true; + $retval=true; - // Dependance de librairie - if ( !class_exists('smbHash') ) { - if ( !LSsession::includeFile(LS_LIB_DIR . 'class.smbHash.php') ) { - LSerror :: addErrorCode('SAMBA_SUPPORT_01'); - $retval=false; - } + // Dependance de librairie + if ( !class_exists('smbHash') ) { + if ( !LSsession::includeFile(LS_LIB_DIR . 'class.smbHash.php') ) { + LSerror :: addErrorCode('SAMBA_SUPPORT_01'); + $retval=false; } - - - $MUST_DEFINE_CONST= array( - 'LS_SAMBA_DOMAIN_SID', - 'LS_SAMBA_DOMAIN_NAME', - 'LS_SAMBA_HOME_PATH_FORMAT', - 'LS_SAMBA_PROFILE_PATH_FORMAT', - 'LS_SAMBA_DOMAIN_OBJECT_DN', - 'LS_SAMBA_SID_BASE_USER', - 'LS_SAMBA_SID_BASE_GROUP', - 'LS_SAMBA_UIDNUMBER_ATTR', - 'LS_SAMBA_GIDNUMBER_ATTR', - 'LS_SAMBA_USERPASSWORD_ATTR' - ); - - foreach($MUST_DEFINE_CONST as $const) { - if ( (!defined($const)) || (constant($const) == "")) { - LSerror :: addErrorCode('SAMBA_SUPPORT_02',$const); - $retval=false; - } - } - - // Pour l'intégrité des SID - if ( (LS_SAMBA_SID_BASE_USER % 2) == (LS_SAMBA_SID_BASE_GROUP % 2) ) { - LSerror :: addErrorCode('SAMBA_SUPPORT_03'); - $retval=false; - } - - return $retval; } + + $MUST_DEFINE_CONST= array( + 'LS_SAMBA_DOMAIN_SID', + 'LS_SAMBA_DOMAIN_NAME', + 'LS_SAMBA_HOME_PATH_FORMAT', + 'LS_SAMBA_PROFILE_PATH_FORMAT', + 'LS_SAMBA_DOMAIN_OBJECT_DN', + 'LS_SAMBA_SID_BASE_USER', + 'LS_SAMBA_SID_BASE_GROUP', + 'LS_SAMBA_UIDNUMBER_ATTR', + 'LS_SAMBA_GIDNUMBER_ATTR', + 'LS_SAMBA_USERPASSWORD_ATTR' + ); + + foreach($MUST_DEFINE_CONST as $const) { + if ( (!defined($const)) || (constant($const) == "")) { + LSerror :: addErrorCode('SAMBA_SUPPORT_02',$const); + $retval=false; + } + } + + // Check LS_SAMBA_SID_BASE_USER & LS_SAMBA_SID_BASE_GROUP values for SID integrity + if ( (LS_SAMBA_SID_BASE_USER % 2) == (LS_SAMBA_SID_BASE_GROUP % 2) ) { + LSerror :: addErrorCode('SAMBA_SUPPORT_03'); + $retval=false; + } + + return $retval; +} + +/** + * Generate sambaSID value + * + * Generation rule: + * Number = [UNIX attribute ($unix_attr) value] * 2 + $base_number + * sambaSID = LS_SAMBA_DOMAIN_SID-Number + * + * @author Benjamin Renard + * @param[in] $ldapObject LSldapObjet The LSldapObjet object + * @param[in] $unix_attr string The UNIX attribute name + * @param[in] $base_number integer The base number value + * + * @retval string SambaSID ou false si il y a un problème durant la génération + */ +function generate_sambaSID($ldapObject, $unix_attr, $base_number) { + if ( get_class($ldapObject -> attrs[ $unix_attr ]) != 'LSattribute' ) { + LSerror :: addErrorCode( + 'SAMBA_01', + array( + 'dependency' => $unix_attr, + 'attr' => 'sambaSID' + ) + ); + return; + } + + $unix_id_attr_val = $ldapObject -> getValue($unix_attr, true, null); + $object_sid = $unix_id_attr_val * 2 + $base_number; + return LS_SAMBA_DOMAIN_SID . '-' . $object_sid; +} + +/** + * Generate user sambaSID + * + * Number = LS_SAMBA_UIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_USER + * sambaSID = LS_SAMBA_DOMAIN_SID-Number + * + * @param[in] $ldapObject LSldapObjet The user LSldapObjet object + * @author Benjamin Renard + * + * @retval string User SambaSID value on success, false otherwise + */ +function generate_user_sambaSID($ldapObject) { + return generate_sambaSID($ldapObject, LS_SAMBA_UIDNUMBER_ATTR, LS_SAMBA_SID_BASE_USER); +} + /** - * Generation de sambaSID d'un utilisateur + * Generate user sambaSID * - * @author Benjamin Renard + * Note: old-name of the function keep for retro-compatibility * * Number = LS_SAMBA_UIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_USER * sambaSID = LS_SAMBA_DOMAIN_SID-Number * - * @param[in] $ldapObject L'objet ldap - * - * @retval string SambaSID ou false si il y a un problème durant la génération - */ - function generate_sambaUserSID($ldapObject) { - if ( get_class($ldapObject -> attrs[ LS_SAMBA_UIDNUMBER_ATTR ]) != 'LSattribute' ) { - LSerror :: addErrorCode('SAMBA_01',array('dependency' => LS_SAMBA_UIDNUMBER_ATTR, 'attr' => 'sambaSID')); - return; - } - - $uidnumber_attr_val = $ldapObject -> attrs[ LS_SAMBA_UIDNUMBER_ATTR ] -> getValue(); - $uidnumber_attr_val = $uidnumber_attr_val[0]; - $uidNumber = $uidnumber_attr_val * 2 + LS_SAMBA_SID_BASE_USER; - $sambaSID = LS_SAMBA_DOMAIN_SID . '-' . $uidNumber; - - return ($sambaSID); - } - - /** - * Generation de sambaSID d'un groupe - * + * @param[in] $ldapObject LSldapObjet The user LSldapObjet object * @author Benjamin Renard * - * Number = LS_SAMBA_GIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_GROUP - * sambaSID = LS_SAMBA_DOMAIN_SID-Number - * - * @param[in] $ldapObject L'objet ldap - * - * @retval string SambaSID ou false si il y a un problème durant la génération + * @retval string User SambaSID value on success, false otherwise */ - function generate_sambaGroupSID($ldapObject) { - if ( get_class($ldapObject -> attrs[ LS_SAMBA_GIDNUMBER_ATTR ]) != 'LSattribute' ) { - LSerror :: addErrorCode('SAMBA_01',array('dependency' => LS_SAMBA_GIDNUMBER_ATTR, 'attr' => 'sambaSID')); - return; - } +function generate_sambaUserSID($ldapObject) { + LSerror :: addErrorCode( + 'LSsession_27', + array( + 'old' => 'generate_sambaUserSID()', + 'new' => 'generate_user_sambaSID()', + 'context' => LSlog :: get_debug_backtrace_context(), + ) + ); + return generate_user_sambaSID($ldapObject); +} - $gidnumber_attr_val = $ldapObject -> attrs[ LS_SAMBA_GIDNUMBER_ATTR ] -> getValue(); - $gidnumber_attr_val = $gidnumber_attr_val[0]; - $gidNumber = $gidnumber_attr_val * 2 + LS_SAMBA_SID_BASE_GROUP; - $sambaSID = LS_SAMBA_DOMAIN_SID . '-' . $gidNumber; - - return ($sambaSID); - } +/** + * Generate group sambaSID + * + * Number = LS_SAMBA_GIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_GROUP + * sambaSID = LS_SAMBA_DOMAIN_SID-Number + * + * @param[in] $ldapObject LSldapObjet The group LSldapObjet object + * @author Benjamin Renard + * + * @retval string Group SambaSID value on success, false otherwise + */ +function generate_group_sambaSID($ldapObject) { + return generate_sambaSID($ldapObject, LS_SAMBA_GIDNUMBER_ATTR, LS_SAMBA_SID_BASE_GROUP); +} /** - * Generation de sambaPrimaryGroupSID + * Generate group sambaSID * + * Note: old-name of the function keep for retro-compatibility. An error + * message is raised when this function is used. + * + * @param[in] $ldapObject LSldapObjet The group LSldapObjet object * @author Benjamin Renard * - * Number = LS_SAMBA_GIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_GROUP - * sambaSID = LS_SAMBA_DOMAIN_SID-Number - * - * @param[in] $ldapObject L'objet ldap - * - * @retval string sambaPrimaryGroupSID ou false si il y a un problème durant la génération + * @retval string Group SambaSID value on success, false otherwise */ - function generate_sambaPrimaryGroupSID($ldapObject) { - if ( get_class($ldapObject -> attrs[ LS_SAMBA_GIDNUMBER_ATTR ]) != 'LSattribute' ) { - LSerror :: addErrorCode('SAMBA_01',array('dependency' => LS_SAMBA_GIDNUMBER_ATTR, 'attr' => 'sambaPrimaryGroupSID')); - return; - } +function generate_sambaGroupSID($ldapObject) { + LSerror :: addErrorCode( + 'LSsession_27', + array( + 'old' => 'generate_sambaGroupSID()', + 'new' => 'generate_group_sambaSID()', + 'context' => LSlog :: get_debug_backtrace_context(), + ) + ); + return generate_group_sambaSID($ldapObject); +} - $gidNumber = $ldapObject -> attrs[ LS_SAMBA_GIDNUMBER_ATTR ] -> getValue(); - $gidNumber = $gidNumber[0] * 2 + LS_SAMBA_SID_BASE_GROUP; - $sambaPrimaryGroupSID = LS_SAMBA_DOMAIN_SID . '-' . $gidNumber; +/** + * Generate sambaPrimaryGroupSID + * + * Number = LS_SAMBA_GIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_GROUP + * sambaSID = LS_SAMBA_DOMAIN_SID-Number + * + * @param[in] $ldapObject LSldapObjet The LSldapObjet object + * @author Benjamin Renard + * + * @retval string The sambaPrimaryGroupSID value on success, false otherwise + */ +function generate_sambaPrimaryGroupSID($ldapObject) { + return generate_sambaSID($ldapObject, LS_SAMBA_GIDNUMBER_ATTR, LS_SAMBA_SID_BASE_GROUP); +} - return ($sambaPrimaryGroupSID); - } /** * Generation de sambaNTPassword * * @author Benjamin Renard * - * @param[in] $ldapObject L'objet ldap + * @param[in] $ldapObject LSldapObjet The user LSldapObjet object * - * @retval string sambaNTPassword ou false si il y a un problème durant la génération + * @retval string|false sambaNTPassword value on success, false otherwise */ function generate_sambaNTPassword($ldapObject) { if ( get_class($ldapObject -> attrs[ LS_SAMBA_USERPASSWORD_ATTR ]) != 'LSattribute' ) { @@ -209,9 +257,9 @@ define('LS_SAMBA_INFINITY_TIME',2147483647); * * @author Benjamin Renard * - * @param[in] $ldapObject L'objet ldap + * @param[in] $ldapObject LSldapObjet The user LSldapObjet object * - * @retval string sambaLMPassword ou false si il y a un problème durant la génération + * @retval string|false sambaLMPassword value on success, false otherwise */ function generate_sambaLMPassword($ldapObject) { if ( get_class($ldapObject -> attrs[ LS_SAMBA_USERPASSWORD_ATTR ]) != 'LSattribute' ) { @@ -230,183 +278,263 @@ define('LS_SAMBA_INFINITY_TIME',2147483647); } /** - * Generation de uidNumber en utilisant l'objet sambaDomain - * - * @author Benjamin Renard - * - * @param[in] $ldapObject L'objet ldap - * - * @retval integer uidNumber ou false si il y a un problème durant la génération - */ - function generate_uidNumber_withSambaDomainObject($ldapObject) { - $sambaDomain = LSldap :: getLdapEntry ( LS_SAMBA_DOMAIN_OBJECT_DN ); - if ($sambaDomain === false) { - LSerror :: addErrorCode('SAMBA_02'); - return; - } - - $uidNumber = $sambaDomain->getValue('uidNumber','single'); - if (Net_LDAP2::isError($uidNumber) || $uidNumber==0) { - LSerror :: addErrorCode('SAMBA_04','uidNumber'); - return; - } - - $sambaDomain->replace(array('uidNumber' => ($uidNumber+1))); - $res = $sambaDomain->update(); - if(!Net_LDAP2::isError($res)) { - return $uidNumber; - } - else { - LSerror :: addErrorCode('SAMBA_03'); - return; - } + * Generate UNIX ID value from sambaUnixIdPool object + * + * @author Benjamin Renard + * + * @param[in] $attr string The sambaUnixIdPool attribute name that contain next ID value + * + * @retval integer UNIX ID value on succes, false otherwise + */ +function get_samba_unix_pool_next_id($attr) { + $unix_id_pool_dn = (constant('LS_SAMBA_UNIX_ID_POOL_DN')?LS_SAMBA_UNIX_ID_POOL_DN:LS_SAMBA_DOMAIN_OBJECT_DN); + $unix_id_pool = LSldap :: getLdapEntry ($unix_id_pool_dn); + if ($unix_id_pool === false) { + LSerror :: addErrorCode('SAMBA_02'); + return; } - /** - * Generation de gidNumber en utilisant l'objet sambaDomain - * - * @author Benjamin Renard - * - * @param[in] $ldapObject L'objet ldap - * - * @retval integer gidNumber ou false si il y a un problème durant la génération - */ - function generate_gidNumber_withSambaDomainObject($ldapObject) { - $sambaDomain = LSldap :: getLdapEntry ( LS_SAMBA_DOMAIN_OBJECT_DN ); - if ($sambaDomain === false) { - LSerror :: addErrorCode('SAMBA_02'); - return; - } - - $gidNumber = $sambaDomain->getValue('gidNumber','single'); - if (Net_LDAP2::isError($gidNumber) || $gidNumber==0) { - LSerror :: addErrorCode('SAMBA_04','gidNumber'); - return; - } - - $sambaDomain->replace(array('gidNumber' => ($gidNumber+1))); - $res = $sambaDomain->update(); - if(!Net_LDAP2::isError($res)) { - return $gidNumber; - } - else { - LSerror :: addErrorCode('SAMBA_03'); - return; - } + $next_id = $unix_id_pool->getValue($attr, 'single'); + if (Net_LDAP2::isError($next_id) || $next_id == 0) { + LSerror :: addErrorCode('SAMBA_04', $attr); + return; } - /** - * Retourne le temps infini au sens NT - * - * @author Benjamin Renard - * - * @param[in] $ldapObject L'objet ldap - * - * @retval integer le temps infinie au sens NT - */ - function return_sambaInfinityTime($ldapObject) { - return LS_SAMBA_INFINITY_TIME; + $unix_id_pool->replace(array($attr => ($next_id+1))); + $res = $unix_id_pool->update(); + if(!Net_LDAP2::isError($res)) { + return $next_id; } + else { + LSerror :: addErrorCode('SAMBA_03'); + return; + } +} - /** - * Generation de l'attribut sambaPwdLastSet - * - * @author Benjamin Renard - * - * @param[in] $ldapObject L'objet ldap - * - * @retval string sambaPwdLastSet - */ - function generate_sambaPwdLastSet($ldapObject) { - return time(); - } +/** + * Generate uidNumber using sambaUnixIdPool object + * + * @author Benjamin Renard + * + * @param[in] $ldapObject LSldapObjet The user LSldapObjet object + * + * @retval integer|false uidNumber value on success, false otherwise + */ +function generate_samba_uidNumber($ldapObject) { + return get_samba_unix_pool_next_id('uidNumber'); +} - /** - * Generation du sambaDomainName - * - * @author Benjamin Renard - * - * @retval string Le sambaDomainName - */ - function generate_sambaDomainName($ldapObject) { - return LS_SAMBA_DOMAIN_NAME; - } +/** + * Generate uidNumber using sambaUnixIdPool object + * + * Note: old-name of the function keep for retro-compatibility. An error + * message is raised when this function is used. + * + * @author Benjamin Renard + * + * @param[in] $ldapObject LSldapObjet The user LSldapObjet object + * + * @retval integer|false uidNumber value on success, false otherwise + */ +function generate_uidNumber_withSambaDomainObject($ldapObject) { + LSerror :: addErrorCode( + 'LSsession_27', + array( + 'old' => 'generate_uidNumber_withSambaDomainObject()', + 'new' => 'generate_samba_uidNumber()', + 'context' => LSlog :: get_debug_backtrace_context(), + ) + ); + return generate_samba_uidNumber($ldapObject); +} - /** - * Generation du sambaHomePath - * - * @author Benjamin Renard - * - * @retval string Le sambaHomePath - */ - function generate_sambaHomePath($ldapObject) { - return $ldapObject -> getFData(LS_SAMBA_HOME_PATH_FORMAT); - } +/** + * Generate gidNumber using sambaUnixIdPool object + * + * @author Benjamin Renard + * + * @param[in] $ldapObject LSldapObjet The user LSldapObjet object + * + * @retval integer|false gidNumber value on success, false otherwise + */ +function generate_samba_gidNumber($ldapObject) { + return get_samba_unix_pool_next_id('gidNumber'); +} - /** - * Generation du sambaProfilePath - * - * @author Benjamin Renard - * - * @retval string Le sambaProfilePath - */ - function generate_sambaProfilePath($ldapObject) { - return $ldapObject -> getFData(LS_SAMBA_PROFILE_PATH_FORMAT); - } +/** + * Generate gidNumber using sambaUnixIdPool object + * + * Note: old-name of the function keep for retro-compatibility. An error + * message is raised when this function is used. + * + * @author Benjamin Renard + * + * @param[in] $ldapObject LSldapObjet The user LSldapObjet object + * + * @retval integer|false gidNumber value on success, false otherwise + */ +function generate_gidNumber_withSambaDomainObject($ldapObject) { + LSerror :: addErrorCode( + 'LSsession_27', + array( + 'old' => 'generate_gidNumber_withSambaDomainObject()', + 'new' => 'generate_samba_gidNumber()', + 'context' => LSlog :: get_debug_backtrace_context(), + ) + ); + return generate_samba_gidNumber($ldapObject); +} - /** - * Generation de l'attribut shadowExpire à partir de - * l'attribut sambaPwdMustChange - * - * @author Benjamin Renard - * - * @retval string La valeur de shadowExpire - */ - function generate_shadowExpire_from_sambaPwdMustChange($ldapObject) { - $time=$ldapObject -> getValue('sambaPwdMustChange'); - if (!empty($time)) { - $time=(int)$time[0]; - return (string)round($time/86400); - } - return ''; - } +/** + * Return NT infinity time + * + * @author Benjamin Renard + * + * @param[in] $anything anything + * + * @retval integer NT infinity time + */ +function get_samba_infinity_time($anything=null) { + return LS_SAMBA_INFINITY_TIME; +} - /** - * Generation d'un timestamp a partir de l'attribut shadowExpire - * - * @author Benjamin Renard - * - * @retval string Timestamp correspant à shadowExpire - */ - function generate_timestamp_from_shadowExpire($ldapObject) { - $days=$ldapObject -> getValue('shadowExpire'); - if (!empty($days)) { - $days=(int)$days[0]; - return (string)($days*86400); - } - return ''; - } +/** + * Return NT infinity time + * + * Note: old-name of the function keep for retro-compatibility. An error + * message is raised when this function is used. + * + * @author Benjamin Renard + * + * @param[in] $anything anything + * + * @retval integer NT infinity time + */ +function return_sambaInfinityTime($anything=null) { + LSerror :: addErrorCode( + 'LSsession_27', + array( + 'old' => 'return_sambaInfinityTime()', + 'new' => 'get_samba_infinity_time()', + 'context' => LSlog :: get_debug_backtrace_context(), + ) + ); + return get_samba_infinity_time($anything); +} - /** - * Generation de l'attribut sambaPwdMustChange a partir de - * l'attribut shadowExpire - * - * @author Benjamin Renard - * - * @retval string La valeur de sambaPwdMustChange - */ - function generate_sambaPwdMustChange_from_shadowExpire($ldapObject) { - return generate_timestamp_from_shadowExpire($ldapObject); - } +/** + * Generate sambaPwdLastSet attribute value + * + * Just return current timestamp. + * + * @author Benjamin Renard + * + * @param[in] $anything anything + * + * @retval integer The sambaPwdLastSet attribute value (=current timestamp) + */ +function generate_sambaPwdLastSet($anything) { + return time(); +} - /** - * Generation de l'attribut sambaKickoffTime a partir de - * l'attribut shadowExpire - * - * @author Benjamin Renard - * - * @retval string La valeur de sambaKickoffTime - */ - function generate_sambaKickoffTime_from_shadowExpire($ldapObject) { - return generate_timestamp_from_shadowExpire($ldapObject); - } +/** + * Generate sambaDomainName attribute value + * + * Just return samba domain name. + * + * @author Benjamin Renard + * + * @param[in] $anything anything + * + * @retval string The sambaDomainName attribute value + */ +function generate_sambaDomainName($anything) { + return LS_SAMBA_DOMAIN_NAME; +} + +/** + * Generate sambaHomePath attribute value + * + * @author Benjamin Renard + * + * @param[in] $ldapObject LSldapObjet The user LSldapObjet object + * + * @retval string The sambaHomePath attribute value + */ +function generate_sambaHomePath($ldapObject) { + return $ldapObject -> getFData(LS_SAMBA_HOME_PATH_FORMAT); +} + +/** + * Generate sambaProfilePath attribute value + * + * @author Benjamin Renard + * + * @param[in] $ldapObject LSldapObjet The user LSldapObjet object + * + * @retval string The sambaProfilePath attribute value + */ +function generate_sambaProfilePath($ldapObject) { + return $ldapObject -> getFData(LS_SAMBA_PROFILE_PATH_FORMAT); +} + +/** + * Generate shadowExpire attribute value from sambaPwdMustChange + * attribute. + * + * @author Benjamin Renard + * + * @param[in] $ldapObject LSldapObjet The user LSldapObjet object + * + * @retval string The shadowExpire attribute value + */ +function generate_shadowExpire_from_sambaPwdMustChange($ldapObject) { + $time = $ldapObject -> getValue('sambaPwdMustChange', true, null); + if ($time) + return str_val(round(int_val($time)/86400)); + return ''; +} + +/** + * Generate timestamp from shadowExpire attribute value + * + * @author Benjamin Renard + * + * @param[in] $ldapObject LSldapObjet The user LSldapObjet object + * + * @retval string Timestamp corresponding to shadowExpire + */ +function generate_timestamp_from_shadowExpire($ldapObject) { + $days = $ldapObject -> getValue('shadowExpire', true, null); + if ($days) + return str_val(int_val($days) * 86400); + return ''; +} + +/** + * Generate sambaPwdMustChange attribute value from shadowExpire + * attribute. + * + * @author Benjamin Renard + * + * @param[in] $ldapObject LSldapObjet The user LSldapObjet object + * + * @retval string The sambaPwdMustChange attribute value + */ +function generate_sambaPwdMustChange_from_shadowExpire($ldapObject) { + return generate_timestamp_from_shadowExpire($ldapObject); +} + +/** + * Generate sambaKickoffTime attribute value from shadowExpire + * attribute. + * + * @author Benjamin Renard + * + * @param[in] $ldapObject LSldapObjet The user LSldapObjet object + * + * @retval string The sambaKickoffTime attribute value + */ +function generate_sambaKickoffTime_from_shadowExpire($ldapObject) { + return generate_timestamp_from_shadowExpire($ldapObject); +} diff --git a/src/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.po b/src/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.po index e2123985..a7a879b3 100644 --- a/src/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.po +++ b/src/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.po @@ -8,7 +8,7 @@ msgstr "" "Project-Id-Version: LdapSaisie\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: \n" -"PO-Revision-Date: 2020-09-03 18:31+0200\n" +"PO-Revision-Date: 2020-09-07 16:22+0200\n" "Last-Translator: Benjamin Renard \n" "Language-Team: LdapSaisie \n" @@ -21,16 +21,16 @@ msgstr "" "X-Generator: Poedit 2.2.1\n" #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:27 -msgid "SAMBA Support : Unable to load smbHash class." +msgid "SAMBA Support: Unable to load smbHash class." msgstr "Support SAMBA : Impossible de charger la classe smbHash." #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:30 -msgid "SAMBA Support : The constant %{const} is not defined." +msgid "SAMBA Support: The constant %{const} is not defined." msgstr "Support SAMBA : La constante %{const} n'est pas définie." #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:34 msgid "" -"SAMBA Support : The constants LS_SAMBA_SID_BASE_USER and " +"SAMBA Support: The constants LS_SAMBA_SID_BASE_USER and " "LS_SAMBA_SID_BASE_GROUP must'nt have the same parity to keep SambaSID's " "unicity." msgstr "" @@ -40,24 +40,25 @@ msgstr "" #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:39 msgid "" -"SAMBA Support : The attribute %{dependency} is missing. Unable to forge the " +"SAMBA Support: The attribute %{dependency} is missing. Unable to forge the " "attribute %{attr}." msgstr "" "Support SAMBA : L'attribut %{dependency} est manquant. Impossible de générer " "l'attribut %{attr}." #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:42 -msgid "SAMBA Support : Can't get the sambaDomain object." -msgstr "SAMBA Support : Impossible de récupérer l'objet sambaDomain." +msgid "SAMBA Support: Can't get the sambaUnixIdPool object." +msgstr "SAMBA Support : Impossible de récupérer l'objet sambaUnixIdPool." #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:45 -msgid "SAMBA Support : Error modifying the sambaDomain object." -msgstr "SAMBA Support : Erreur durant la modification de l'objet sambaDomain." +msgid "SAMBA Support: Error modifying the sambaUnixIdPool object." +msgstr "" +"SAMBA Support : Erreur durant la modification de l'objet sambaUnixIdPool." #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:48 -msgid "SAMBA Support : The %{attr} of the sambaDomain object is incorrect." +msgid "SAMBA Support: The %{attr} of the sambaUnixIdPool object is incorrect." msgstr "" -"SAMBA Support : L'attribut %{attr} de l'objet sambaDomain est incorrect." +"SAMBA Support : L'attribut %{attr} de l'objet sambaUnixIdPool est incorrect." #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.ssh.php:31 msgid "SSH Support : PhpSecLib is missing." diff --git a/src/lang/fr_FR.UTF8/lang.php b/src/lang/fr_FR.UTF8/lang.php index e648b3db..d09928fe 100644 --- a/src/lang/fr_FR.UTF8/lang.php +++ b/src/lang/fr_FR.UTF8/lang.php @@ -187,6 +187,7 @@ $GLOBALS['LSlang'] = array ( # LSobjects.LSpeople.attrs.sambaLogoffTime.html_options.special_values.0 # LSobjects.LSpeople.attrs.sambaKickoffTime.no_value_label # LSobjects.LSpeople.attrs.sambaKickoffTime.html_options.special_values.2147483647 +# LSobjects.LSpeople.attrs.sambaPwdLastSet.no_value_label # LSobjects.LSpeople.attrs.sambaPwdMustChange.no_value_label # LSobjects.LSpeople.attrs.sambaPwdMustChange.html_options.special_values.2147483647 # LSobjects.LSpeople.attrs.sambaPwdCanChange.html_options.special_values.2147483647 @@ -253,13 +254,39 @@ $GLOBALS['LSlang'] = array ( # LSobjects.LSpeople.attrs.sambaLogonTime.label "Samba last logon time" => "Date de dernière connexion Samba", + +# LSobjects.LSpeople.attrs.sambaLogonScript.label +"Samba logon script" => + "Script de login Samba", + +# LSobjects.LSpeople.attrs.sambaHomeDrive.label +"Samba network drive of the home directory" => + "Lecteur réseau du dossier personnel Samba", + +# LSobjects.LSpeople.attrs.sambaHomePath.label +"Samba network path of the home directory" => + "Chemin réseau du dossier personnel Samba", + +# LSobjects.LSpeople.attrs.sambaProfilePath.label +"Samba network path of the profile" => + "Chemin réseau du profil Samba", + # LSobjects.LSpeople.attrs.sambaPwdCanChange.label "Samba password can change" => "Date de prochaine modification possible du mot de passe Samba", + +# LSobjects.LSpeople.attrs.sambaPwdLastSet.label +"Samba password last change time" => + "Date de dernière modification du mot de passe Samba", + # LSobjects.LSpeople.attrs.sambaPwdMustChange.label "Samba password must change" => "Date de prochaine modification obligatoire du mot de passe Samba", +# LSobjects.LSpeople.attrs.sambaPrimaryGroupSID.label +"Samba primary group identifier" => + "Identifiant du groupe primaire Samba", + # LSobjects.LSpeople.LSform.dataEntryForm.simple.label "Simple" => "Simple", diff --git a/src/lang/ldapsaisie.pot b/src/lang/ldapsaisie.pot index b2c259b5..dac28d12 100644 --- a/src/lang/ldapsaisie.pot +++ b/src/lang/ldapsaisie.pot @@ -1,34 +1,34 @@ #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:27 -msgid "SAMBA Support : Unable to load smbHash class." +msgid "SAMBA Support: Unable to load smbHash class." msgstr "" #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:30 -msgid "SAMBA Support : The constant %{const} is not defined." +msgid "SAMBA Support: The constant %{const} is not defined." msgstr "" #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:34 msgid "" -"SAMBA Support : The constants LS_SAMBA_SID_BASE_USER and " +"SAMBA Support: The constants LS_SAMBA_SID_BASE_USER and " "LS_SAMBA_SID_BASE_GROUP must'nt have the same parity to keep SambaSID's " "unicity." msgstr "" #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:39 msgid "" -"SAMBA Support : The attribute %{dependency} is missing. Unable to forge the " +"SAMBA Support: The attribute %{dependency} is missing. Unable to forge the " "attribute %{attr}." msgstr "" #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:42 -msgid "SAMBA Support : Can't get the sambaDomain object." +msgid "SAMBA Support: Can't get the sambaUnixIdPool object." msgstr "" #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:45 -msgid "SAMBA Support : Error modifying the sambaDomain object." +msgid "SAMBA Support: Error modifying the sambaUnixIdPool object." msgstr "" #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:48 -msgid "SAMBA Support : The %{attr} of the sambaDomain object is incorrect." +msgid "SAMBA Support: The %{attr} of the sambaUnixIdPool object is incorrect." msgstr "" #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.ssh.php:31