Improve Samba support using LSaddon::samba

src/conf/LSaddons/config.LSaddons.samba.php

@@ -22,41 +22,44 @@
 
 /*
  **************************************************
- * Données de configuration pour le support SAMBA *
+ * SAMBA support configuration                    *
  **************************************************
  */
 
-// SID du domaine Samba géré
+// SID of the samba managed domain
 define('LS_SAMBA_DOMAIN_SID', 'S-1-5-21-2421470416-3566881284-3047381809');
 
-// Nom du domaine Samba géré (sambaDomainName)
+// Name of the samba managed domain (sambaDomainName)
 define('LS_SAMBA_DOMAIN_NAME', 'LS');
 
-// Le DN de l'objet sambaDomain du domaine
+// DN of the sambaDomain object of the domain
 define('LS_SAMBA_DOMAIN_OBJECT_DN', 'sambaDomainName=LS,o=ls');
 
-// Nombre de base pour le calcul des sambaSID Utilisateur
+// DN of the sambaUnixIdPool object (optional, default: LS_SAMBA_DOMAIN_OBJECT_DN)
+//define('LS_SAMBA_UNIX_ID_POOL_DN', null);
+
+// Base number to calculate user sambaSID
 define('LS_SAMBA_SID_BASE_USER', 1000);
 
-// Nombre de base pour le calcul des sambaSID Groupe
+// Base number to calculate group sambaSID
 define('LS_SAMBA_SID_BASE_GROUP', 1001);
 
 /**
- * NB : C'est deux nombres doivent être pour l'un paire et pour l'autre impaire
+ * NB : This two numbers must be for one even and for the other odd to maintain the
- * pour conserver l'unicité des SID
+ * uniqueness of the SIDs.
  **/
 
-// Nom de l'attribut LDAP uidNumber
+// LDAP attribute uidNumber name
 define('LS_SAMBA_UIDNUMBER_ATTR','uidNumber');
 
-// Nom de l'attribut LDAP gidNumber
+// LDAP attribute gidNumber name
 define('LS_SAMBA_GIDNUMBER_ATTR','gidNumber');
 
-// Nom de l'attribut LDAP userPassword
+// LDAP attribute userPassword name
 define('LS_SAMBA_USERPASSWORD_ATTR','userPassword');
 
-// Format du chemin du home
+// Format of the users's home directory value
 define('LS_SAMBA_HOME_PATH_FORMAT','\\SERVER\%{uid}');
 
-// Format du chemin du profile
+// Format of the users's samba profile path value
 define('LS_SAMBA_PROFILE_PATH_FORMAT','\\SERVER\profiles\%{uid}');

src/conf/LSobjects/config.LSobjects.LSpeople.php

@@ -144,12 +144,18 @@ $GLOBALS['LSobjects']['LSpeople'] = array (
         'label' => 'Samba',
         'args' => array (
           'sambaSID',
+          'sambaPrimaryGroupSID',
           'sambaAcctFlags',
+          'sambaHomeDrive',
+          'sambaHomePath',
+          'sambaProfilePath',
+          'sambaLogonScript',
           'sambaLogonTime',
           'sambaLogoffTime',
           'sambaKickoffTime',
           'sambaLMPassword',
           'sambaNTPassword',
+          'sambaPwdLastSet',
           'sambaPwdMustChange',
           'sambaPwdCanChange',
         )
@@ -255,7 +261,9 @@ $GLOBALS['LSobjects']['LSpeople'] = array (
         'create' => 1
       ),
       'dependAttrs' => array(
-        'homeDirectory'
+        'homeDirectory',
+        'sambaHomePath',
+        'sambaProfilePath',
       )
     ),
     /* ----------- end -----------*/
@@ -266,7 +274,7 @@ $GLOBALS['LSobjects']['LSpeople'] = array (
       'ldap_type' => 'numeric',
       'html_type' => 'text',
       'required' => 1,
-      'generate_function' => 'generate_uidNumber_withSambaDomainObject',
+      'generate_function' => 'generate_samba_uidNumber',
       'check_data' => array (
         'numeric' => array(
           'msg' => "The numeric identifier must be an integer."
@@ -412,6 +420,9 @@ $GLOBALS['LSobjects']['LSpeople'] = array (
       'form' => array (
         'modify' => 1,
         'create' => 1
+      ),
+      'dependAttrs' => array(
+        'sambaPrimaryGroupSID',
       )
     ),
     /* ----------- end -----------*/
@@ -702,6 +713,23 @@ $GLOBALS['LSobjects']['LSpeople'] = array (
     ),
     /* ----------- end -----------*/
 
+    /* ----------- start -----------*/
+    'sambaPrimaryGroupSID' => array (
+      'label' => 'Samba primary group identifier',
+      'ldap_type' => 'ascii',
+      'html_type' => 'text',
+      'required' => 1,
+      'generate_function' => 'generate_sambaPrimaryGroupSID',
+      'rights' => array(
+        'admin' => 'r'
+      ),
+      'view' => 1,
+      'form' => array (
+        'modify' => 0
+      )
+    ),
+    /* ----------- end -----------*/
+
     /* ----------- start -----------*/
     'sambaAcctFlags' => array (
       'label' => 'Samba account flags',
@@ -720,6 +748,74 @@ $GLOBALS['LSobjects']['LSpeople'] = array (
     ),
     /* ----------- end -----------*/
 
+    /* ----------- start -----------*/
+    'sambaHomeDrive' => array (
+      'label' => 'Samba network drive of the home directory',
+      'ldap_type' => 'ascii',
+      'html_type' => 'text',
+      'required' => 1,
+      'default_value' => 'Z:',
+      'rights' => array(
+        'admin' => 'w'
+      ),
+      'view' => 1,
+      'form' => array (
+        'modify' => 1
+      )
+    ),
+    /* ----------- end -----------*/
+
+    /* ----------- start -----------*/
+    'sambaHomePath' => array (
+      'label' => 'Samba network path of the home directory',
+      'ldap_type' => 'ascii',
+      'html_type' => 'text',
+      'required' => 1,
+      'generate_function' => 'generate_sambaHomePath',
+      'rights' => array(
+        'admin' => 'w'
+      ),
+      'view' => 1,
+      'form' => array (
+        'modify' => 0
+      )
+    ),
+    /* ----------- end -----------*/
+
+    /* ----------- start -----------*/
+    'sambaProfilePath' => array (
+      'label' => 'Samba network path of the profile',
+      'ldap_type' => 'ascii',
+      'html_type' => 'text',
+      'required' => 1,
+      'generate_function' => 'generate_sambaProfilePath',
+      'rights' => array(
+        'admin' => 'w'
+      ),
+      'view' => 1,
+      'form' => array (
+        'modify' => 0
+      )
+    ),
+    /* ----------- end -----------*/
+
+    /* ----------- start -----------*/
+    'sambaLogonScript' => array (
+      'label' => 'Samba logon script',
+      'ldap_type' => 'ascii',
+      'html_type' => 'text',
+      'required' => 1,
+      'default_value' => 'logon.bat',
+      'rights' => array(
+        'admin' => 'w'
+      ),
+      'view' => 1,
+      'form' => array (
+        'modify' => 0
+      )
+    ),
+    /* ----------- end -----------*/
+
     /* ----------- start -----------*/
     'sambaLogonTime' => array (
       'label' => 'Samba last logon time',
@@ -823,6 +919,30 @@ $GLOBALS['LSobjects']['LSpeople'] = array (
     ),
     /* ----------- end -----------*/
 
+    /* ----------- start -----------*/
+    'sambaPwdLastSet' => array (
+      'label' => 'Samba password last change time',
+      'ldap_type' => 'date',
+      'ldap_options' => array(
+        'timestamp' => True,
+      ),
+      'html_type' => 'date',
+      'html_options' => array(
+        'time' => True,
+        'showTodayButton' => False,
+      ),
+      'generate_function' => 'generate_sambaPwdLastSet',
+      'no_value_label' => 'Never',
+      'rights' => array(
+        'admin' => 'w'
+      ),
+      'view' => 1,
+      'form' => array (
+        'modify' => 0
+      )
+    ),
+    /* ----------- end -----------*/
+
     /* ----------- start -----------*/
     'sambaPwdMustChange' => array (
       'label' => 'Samba password must change',

src/includes/addons/LSaddons.samba.php

@@ -39,13 +39,13 @@ LSerror :: defineError('SAMBA_01',
   ___("SAMBA Support: The attribute %{dependency} is missing. Unable to forge the attribute %{attr}.")
 );
 LSerror :: defineError('SAMBA_02',
-  ___("SAMBA Support : Can't get the sambaDomain object.")
+  ___("SAMBA Support: Can't get the sambaUnixIdPool object.")
 );
 LSerror :: defineError('SAMBA_03',
-  ___("SAMBA Support : Error modifying the sambaDomain object.")
+  ___("SAMBA Support: Error modifying the sambaUnixIdPool object.")
 );
 LSerror :: defineError('SAMBA_04',
-  ___("SAMBA Support : The %{attr} of the sambaDomain object is incorrect.")
+  ___("SAMBA Support: The %{attr} of the sambaUnixIdPool object is incorrect.")
 );
 
 // CONSTANTES
@@ -54,11 +54,11 @@ LSerror :: defineError('SAMBA_04',
 define('LS_SAMBA_INFINITY_TIME',2147483647);
 
 /**
-  * Verification du support Samba par ldapSaisie
+ * Check LdapSaisie Samba support
  *
  * @author Benjamin Renard <brenard@easter-eggs.com>
  *
-  * @retval boolean true si Samba est pleinement supporté, false sinon
+ * @retval boolean True if Samba is fully supported, false otherwise
  */
 function LSaddon_samba_support() {
 
@@ -93,7 +93,7 @@ define('LS_SAMBA_INFINITY_TIME',2147483647);
     }
   }
 
-    // Pour l'intégrité des SID
+  // Check LS_SAMBA_SID_BASE_USER & LS_SAMBA_SID_BASE_GROUP values for SID integrity
   if ( (LS_SAMBA_SID_BASE_USER % 2) == (LS_SAMBA_SID_BASE_GROUP % 2) ) {
     LSerror :: addErrorCode('SAMBA_SUPPORT_03');
     $retval=false;
@@ -103,90 +103,138 @@ define('LS_SAMBA_INFINITY_TIME',2147483647);
 }
 
 /**
-  * Generation de sambaSID d'un utilisateur
+ * Generate sambaSID value
+ *
+ * Generation rule:
+ *   Number   = [UNIX attribute ($unix_attr) value] * 2 + $base_number
+ *   sambaSID = LS_SAMBA_DOMAIN_SID-Number
  *
  * @author Benjamin Renard <brenard@easter-eggs.com>
+ * @param[in] $ldapObject LSldapObjet The LSldapObjet object
+ * @param[in] $unix_attr string The UNIX attribute name
+ * @param[in] $base_number integer The base number value
+ *
+ * @retval string SambaSID ou false si il y a un problème durant la génération
+ */
+function generate_sambaSID($ldapObject, $unix_attr, $base_number) {
+  if ( get_class($ldapObject -> attrs[ $unix_attr ]) != 'LSattribute' ) {
+    LSerror :: addErrorCode(
+      'SAMBA_01',
+      array(
+        'dependency' => $unix_attr,
+        'attr' => 'sambaSID'
+      )
+    );
+    return;
+  }
+
+  $unix_id_attr_val = $ldapObject -> getValue($unix_attr, true, null);
+  $object_sid = $unix_id_attr_val * 2 + $base_number;
+  return LS_SAMBA_DOMAIN_SID . '-' . $object_sid;
+}
+
+/**
+ * Generate user sambaSID
  *
  *   Number   = LS_SAMBA_UIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_USER
  *   sambaSID = LS_SAMBA_DOMAIN_SID-Number
  *
-  * @param[in] $ldapObject L'objet ldap
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ * @author Benjamin Renard <brenard@easter-eggs.com>
  *
-  * @retval string SambaSID ou false si il y a un problème durant la génération
+ * @retval string User SambaSID value on success, false otherwise
+ */
+function generate_user_sambaSID($ldapObject) {
+  return generate_sambaSID($ldapObject, LS_SAMBA_UIDNUMBER_ATTR, LS_SAMBA_SID_BASE_USER);
+}
+
+ /**
+  * Generate user sambaSID
+  *
+  * Note: old-name of the function keep for retro-compatibility
+  *
+  *   Number   = LS_SAMBA_UIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_USER
+  *   sambaSID = LS_SAMBA_DOMAIN_SID-Number
+  *
+  * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+  * @author Benjamin Renard <brenard@easter-eggs.com>
+  *
+  * @retval string User SambaSID value on success, false otherwise
   */
 function generate_sambaUserSID($ldapObject) {
-    if ( get_class($ldapObject -> attrs[ LS_SAMBA_UIDNUMBER_ATTR ]) != 'LSattribute' ) {
+  LSerror :: addErrorCode(
-      LSerror :: addErrorCode('SAMBA_01',array('dependency' => LS_SAMBA_UIDNUMBER_ATTR, 'attr' => 'sambaSID'));
+    'LSsession_27',
-      return;
+    array(
-    }
+      'old' => 'generate_sambaUserSID()',
-
+      'new' => 'generate_user_sambaSID()',
-    $uidnumber_attr_val = $ldapObject -> attrs[ LS_SAMBA_UIDNUMBER_ATTR ] -> getValue();
+      'context' => LSlog :: get_debug_backtrace_context(),
-    $uidnumber_attr_val = $uidnumber_attr_val[0];
+    )
-    $uidNumber = $uidnumber_attr_val * 2 + LS_SAMBA_SID_BASE_USER;
+  );
-    $sambaSID = LS_SAMBA_DOMAIN_SID . '-' . $uidNumber;
+  return generate_user_sambaSID($ldapObject);
-
-    return ($sambaSID);
 }
 
 /**
-  * Generation de sambaSID d'un groupe
+ * Generate group sambaSID
-  *
-  * @author Benjamin Renard <brenard@easter-eggs.com>
  *
  *   Number   = LS_SAMBA_GIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_GROUP
  *   sambaSID = LS_SAMBA_DOMAIN_SID-Number
  *
-  * @param[in] $ldapObject L'objet ldap
+ * @param[in] $ldapObject LSldapObjet The group LSldapObjet object
+ * @author Benjamin Renard <brenard@easter-eggs.com>
  *
-  * @retval string SambaSID ou false si il y a un problème durant la génération
+ * @retval string Group SambaSID value on success, false otherwise
+ */
+function generate_group_sambaSID($ldapObject) {
+  return generate_sambaSID($ldapObject, LS_SAMBA_GIDNUMBER_ATTR, LS_SAMBA_SID_BASE_GROUP);
+}
+
+ /**
+  * Generate group sambaSID
+  *
+  * Note: old-name of the function keep for retro-compatibility. An error
+  * message is raised when this function is used.
+  *
+  * @param[in] $ldapObject LSldapObjet The group LSldapObjet object
+  * @author Benjamin Renard <brenard@easter-eggs.com>
+  *
+  * @retval string Group SambaSID value on success, false otherwise
   */
 function generate_sambaGroupSID($ldapObject) {
-    if ( get_class($ldapObject -> attrs[ LS_SAMBA_GIDNUMBER_ATTR ]) != 'LSattribute' ) {
+  LSerror :: addErrorCode(
-      LSerror :: addErrorCode('SAMBA_01',array('dependency' => LS_SAMBA_GIDNUMBER_ATTR, 'attr' => 'sambaSID'));
+    'LSsession_27',
-      return;
+    array(
-    }
+      'old' => 'generate_sambaGroupSID()',
-
+      'new' => 'generate_group_sambaSID()',
-    $gidnumber_attr_val = $ldapObject -> attrs[ LS_SAMBA_GIDNUMBER_ATTR ] -> getValue();
+      'context' => LSlog :: get_debug_backtrace_context(),
-    $gidnumber_attr_val = $gidnumber_attr_val[0];
+    )
-    $gidNumber = $gidnumber_attr_val * 2 + LS_SAMBA_SID_BASE_GROUP;
+  );
-    $sambaSID = LS_SAMBA_DOMAIN_SID . '-' . $gidNumber;
+  return generate_group_sambaSID($ldapObject);
-
-    return ($sambaSID);
 }
 
 /**
-  * Generation de sambaPrimaryGroupSID
+ * Generate sambaPrimaryGroupSID
-  *
-  * @author Benjamin Renard <brenard@easter-eggs.com>
  *
  *   Number   = LS_SAMBA_GIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_GROUP
  *   sambaSID = LS_SAMBA_DOMAIN_SID-Number
  *
-  * @param[in] $ldapObject L'objet ldap
+ * @param[in] $ldapObject LSldapObjet The LSldapObjet object
+ * @author Benjamin Renard <brenard@easter-eggs.com>
  *
-  * @retval string sambaPrimaryGroupSID ou false si il y a un problème durant la génération
+ * @retval string The sambaPrimaryGroupSID value on success, false otherwise
  */
 function generate_sambaPrimaryGroupSID($ldapObject) {
-    if ( get_class($ldapObject -> attrs[ LS_SAMBA_GIDNUMBER_ATTR ]) != 'LSattribute' ) {
+  return generate_sambaSID($ldapObject, LS_SAMBA_GIDNUMBER_ATTR, LS_SAMBA_SID_BASE_GROUP);
-      LSerror :: addErrorCode('SAMBA_01',array('dependency' => LS_SAMBA_GIDNUMBER_ATTR, 'attr' => 'sambaPrimaryGroupSID'));
-      return;
 }
 
-    $gidNumber = $ldapObject -> attrs[ LS_SAMBA_GIDNUMBER_ATTR ] -> getValue();
-    $gidNumber = $gidNumber[0] * 2 + LS_SAMBA_SID_BASE_GROUP;
-    $sambaPrimaryGroupSID = LS_SAMBA_DOMAIN_SID . '-' . $gidNumber;
-
-    return ($sambaPrimaryGroupSID);
-  }
 
  /**
   * Generation de sambaNTPassword
   *
   * @author Benjamin Renard <brenard@easter-eggs.com>
   *
-  * @param[in] $ldapObject L'objet ldap
+  * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
   *
-  * @retval string sambaNTPassword ou false si il y a un problème durant la génération
+  * @retval string|false sambaNTPassword value on success, false otherwise
   */
   function generate_sambaNTPassword($ldapObject) {
     if ( get_class($ldapObject -> attrs[ LS_SAMBA_USERPASSWORD_ATTR ]) != 'LSattribute' ) {
@@ -209,9 +257,9 @@ define('LS_SAMBA_INFINITY_TIME',2147483647);
   *
   * @author Benjamin Renard <brenard@easter-eggs.com>
   *
-  * @param[in] $ldapObject L'objet ldap
+  * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
   *
-  * @retval string sambaLMPassword ou false si il y a un problème durant la génération
+  * @retval string|false sambaLMPassword value on success, false otherwise
   */
   function generate_sambaLMPassword($ldapObject) {
     if ( get_class($ldapObject -> attrs[ LS_SAMBA_USERPASSWORD_ATTR ]) != 'LSattribute' ) {
@@ -230,182 +278,262 @@ define('LS_SAMBA_INFINITY_TIME',2147483647);
   }
 
 /**
-  * Generation de uidNumber en utilisant l'objet sambaDomain
+ * Generate UNIX ID value from sambaUnixIdPool object
  *
  * @author Benjamin Renard <brenard@easter-eggs.com>
  *
-  * @param[in] $ldapObject L'objet ldap
+ * @param[in] $attr string The sambaUnixIdPool attribute name that contain next ID value
  *
-  * @retval integer uidNumber ou false si il y a un problème durant la génération
+ * @retval integer UNIX ID value on succes, false otherwise
+ */
+function get_samba_unix_pool_next_id($attr) {
+  $unix_id_pool_dn = (constant('LS_SAMBA_UNIX_ID_POOL_DN')?LS_SAMBA_UNIX_ID_POOL_DN:LS_SAMBA_DOMAIN_OBJECT_DN);
+  $unix_id_pool = LSldap :: getLdapEntry ($unix_id_pool_dn);
+  if ($unix_id_pool === false) {
+    LSerror :: addErrorCode('SAMBA_02');
+    return;
+  }
+
+  $next_id = $unix_id_pool->getValue($attr, 'single');
+  if (Net_LDAP2::isError($next_id) || $next_id == 0) {
+    LSerror :: addErrorCode('SAMBA_04', $attr);
+    return;
+  }
+
+  $unix_id_pool->replace(array($attr => ($next_id+1)));
+  $res = $unix_id_pool->update();
+  if(!Net_LDAP2::isError($res)) {
+    return $next_id;
+  }
+  else {
+    LSerror :: addErrorCode('SAMBA_03');
+    return;
+  }
+}
+
+/**
+ * Generate uidNumber using sambaUnixIdPool object
+ *
+ * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ *
+ * @retval integer|false uidNumber value on success, false otherwise
+ */
+function generate_samba_uidNumber($ldapObject) {
+  return get_samba_unix_pool_next_id('uidNumber');
+}
+
+/**
+ * Generate uidNumber using sambaUnixIdPool object
+ *
+ * Note: old-name of the function keep for retro-compatibility. An error
+ * message is raised when this function is used.
+ *
+ * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ *
+ * @retval integer|false uidNumber value on success, false otherwise
  */
 function generate_uidNumber_withSambaDomainObject($ldapObject) {
-    $sambaDomain = LSldap :: getLdapEntry ( LS_SAMBA_DOMAIN_OBJECT_DN );
+  LSerror :: addErrorCode(
-    if ($sambaDomain === false) {
+    'LSsession_27',
-      LSerror :: addErrorCode('SAMBA_02');
+    array(
-      return;
+      'old' => 'generate_uidNumber_withSambaDomainObject()',
-    }
+      'new' => 'generate_samba_uidNumber()',
-
+      'context' => LSlog :: get_debug_backtrace_context(),
-    $uidNumber = $sambaDomain->getValue('uidNumber','single');
+    )
-    if (Net_LDAP2::isError($uidNumber) || $uidNumber==0) {
+  );
-      LSerror :: addErrorCode('SAMBA_04','uidNumber');
+  return generate_samba_uidNumber($ldapObject);
-      return;
-    }
-
-    $sambaDomain->replace(array('uidNumber' => ($uidNumber+1)));
-    $res = $sambaDomain->update();
-    if(!Net_LDAP2::isError($res)) {
-      return $uidNumber;
-    }
-    else {
-      LSerror :: addErrorCode('SAMBA_03');
-      return;
-    }
 }
 
 /**
-  * Generation de gidNumber en utilisant l'objet sambaDomain
+ * Generate gidNumber using sambaUnixIdPool object
  *
  * @author Benjamin Renard <brenard@easter-eggs.com>
  *
-  * @param[in] $ldapObject L'objet ldap
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
  *
-  * @retval integer gidNumber ou false si il y a un problème durant la génération
+ * @retval integer|false gidNumber value on success, false otherwise
+ */
+function generate_samba_gidNumber($ldapObject) {
+  return get_samba_unix_pool_next_id('gidNumber');
+}
+
+/**
+ * Generate gidNumber using sambaUnixIdPool object
+ *
+ * Note: old-name of the function keep for retro-compatibility. An error
+ * message is raised when this function is used.
+ *
+ * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ *
+ * @retval integer|false gidNumber value on success, false otherwise
  */
 function generate_gidNumber_withSambaDomainObject($ldapObject) {
-    $sambaDomain = LSldap :: getLdapEntry ( LS_SAMBA_DOMAIN_OBJECT_DN );
+  LSerror :: addErrorCode(
-    if ($sambaDomain === false) {
+    'LSsession_27',
-      LSerror :: addErrorCode('SAMBA_02');
+    array(
-      return;
+      'old' => 'generate_gidNumber_withSambaDomainObject()',
-    }
+      'new' => 'generate_samba_gidNumber()',
-
+      'context' => LSlog :: get_debug_backtrace_context(),
-    $gidNumber = $sambaDomain->getValue('gidNumber','single');
+    )
-    if (Net_LDAP2::isError($gidNumber) || $gidNumber==0) {
+  );
-      LSerror :: addErrorCode('SAMBA_04','gidNumber');
+  return generate_samba_gidNumber($ldapObject);
-      return;
-    }
-
-    $sambaDomain->replace(array('gidNumber' => ($gidNumber+1)));
-    $res = $sambaDomain->update();
-    if(!Net_LDAP2::isError($res)) {
-      return $gidNumber;
-    }
-    else {
-      LSerror :: addErrorCode('SAMBA_03');
-      return;
-    }
 }
 
 /**
-  * Retourne le temps infini au sens NT
+ * Return NT infinity time
  *
  * @author Benjamin Renard <brenard@easter-eggs.com>
  *
-  * @param[in] $ldapObject L'objet ldap
+ * @param[in] $anything anything
  *
-  * @retval integer le temps infinie au sens NT
+ * @retval integer NT infinity time
  */
-  function return_sambaInfinityTime($ldapObject) {
+function get_samba_infinity_time($anything=null) {
   return LS_SAMBA_INFINITY_TIME;
 }
 
 /**
-  * Generation de l'attribut sambaPwdLastSet
+ * Return NT infinity time
+ *
+ * Note: old-name of the function keep for retro-compatibility. An error
+ * message is raised when this function is used.
  *
  * @author Benjamin Renard <brenard@easter-eggs.com>
  *
-  * @param[in] $ldapObject L'objet ldap
+ * @param[in] $anything anything
  *
-  * @retval string sambaPwdLastSet
+ * @retval integer NT infinity time
  */
-  function generate_sambaPwdLastSet($ldapObject) {
+function return_sambaInfinityTime($anything=null) {
+  LSerror :: addErrorCode(
+    'LSsession_27',
+    array(
+      'old' => 'return_sambaInfinityTime()',
+      'new' => 'get_samba_infinity_time()',
+      'context' => LSlog :: get_debug_backtrace_context(),
+    )
+  );
+  return get_samba_infinity_time($anything);
+}
+
+/**
+ * Generate sambaPwdLastSet attribute value
+ *
+ * Just return current timestamp.
+ *
+ * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
+ * @param[in] $anything anything
+ *
+ * @retval integer The sambaPwdLastSet attribute value (=current timestamp)
+ */
+function generate_sambaPwdLastSet($anything) {
   return time();
 }
 
 /**
-  * Generation du sambaDomainName
+ * Generate sambaDomainName attribute value
+ *
+ * Just return samba domain name.
  *
  * @author Benjamin Renard <brenard@easter-eggs.com>
  *
-  * @retval string Le sambaDomainName
+ * @param[in] $anything anything
+ *
+ * @retval string The sambaDomainName attribute value
  */
-  function generate_sambaDomainName($ldapObject) {
+function generate_sambaDomainName($anything) {
   return LS_SAMBA_DOMAIN_NAME;
 }
 
 /**
-  * Generation du sambaHomePath
+ * Generate sambaHomePath attribute value
  *
  * @author Benjamin Renard <brenard@easter-eggs.com>
  *
-  * @retval string Le sambaHomePath
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ *
+ * @retval string The sambaHomePath attribute value
  */
 function generate_sambaHomePath($ldapObject) {
   return $ldapObject -> getFData(LS_SAMBA_HOME_PATH_FORMAT);
 }
 
 /**
-  * Generation du sambaProfilePath
+ * Generate sambaProfilePath attribute value
  *
  * @author Benjamin Renard <brenard@easter-eggs.com>
  *
-  * @retval string Le sambaProfilePath
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ *
+ * @retval string The sambaProfilePath attribute value
  */
 function generate_sambaProfilePath($ldapObject) {
   return $ldapObject -> getFData(LS_SAMBA_PROFILE_PATH_FORMAT);
 }
 
 /**
-  * Generation de l'attribut shadowExpire à partir de
+ * Generate shadowExpire attribute value from sambaPwdMustChange
-  * l'attribut sambaPwdMustChange
+ * attribute.
  *
  * @author Benjamin Renard <brenard@easter-eggs.com>
  *
-  * @retval string La valeur de shadowExpire
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ *
+ * @retval string The shadowExpire attribute value
  */
 function generate_shadowExpire_from_sambaPwdMustChange($ldapObject) {
-    $time=$ldapObject -> getValue('sambaPwdMustChange');
+  $time = $ldapObject -> getValue('sambaPwdMustChange', true, null);
-    if (!empty($time)) {
+  if ($time)
-      $time=(int)$time[0];
+    return str_val(round(int_val($time)/86400));
-      return (string)round($time/86400);
-    }
   return '';
 }
 
 /**
-  * Generation d'un timestamp a partir de l'attribut shadowExpire
+ * Generate timestamp from shadowExpire attribute value
  *
  * @author Benjamin Renard <brenard@easter-eggs.com>
  *
-  * @retval string Timestamp correspant à shadowExpire
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ *
+ * @retval string Timestamp corresponding to shadowExpire
  */
 function generate_timestamp_from_shadowExpire($ldapObject) {
-    $days=$ldapObject -> getValue('shadowExpire');
+  $days = $ldapObject -> getValue('shadowExpire', true, null);
-    if (!empty($days)) {
+  if ($days)
-      $days=(int)$days[0];
+    return str_val(int_val($days) * 86400);
-      return (string)($days*86400);
-    }
   return '';
 }
 
 /**
-  * Generation de l'attribut sambaPwdMustChange a partir de
+ * Generate sambaPwdMustChange attribute value from shadowExpire
-  * l'attribut shadowExpire
+ * attribute.
  *
  * @author Benjamin Renard <brenard@easter-eggs.com>
  *
-  * @retval string La valeur de sambaPwdMustChange
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ *
+ * @retval string The sambaPwdMustChange attribute value
  */
 function generate_sambaPwdMustChange_from_shadowExpire($ldapObject) {
   return generate_timestamp_from_shadowExpire($ldapObject);
 }
 
 /**
-  * Generation de l'attribut sambaKickoffTime a partir de
+ * Generate sambaKickoffTime attribute value from shadowExpire
-  * l'attribut shadowExpire
+ * attribute.
  *
  * @author Benjamin Renard <brenard@easter-eggs.com>
  *
-  * @retval string La valeur de sambaKickoffTime
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ *
+ * @retval string The sambaKickoffTime attribute value
  */
 function generate_sambaKickoffTime_from_shadowExpire($ldapObject) {
   return generate_timestamp_from_shadowExpire($ldapObject);

src/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.po

@@ -8,7 +8,7 @@ msgstr ""
 "Project-Id-Version: LdapSaisie\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: \n"
-"PO-Revision-Date: 2020-09-03 18:31+0200\n"
+"PO-Revision-Date: 2020-09-07 16:22+0200\n"
 "Last-Translator: Benjamin Renard <brenard@zionetrix.net>\n"
 "Language-Team: LdapSaisie <ldapsaisie-users@lists.labs.libre-entreprise."
 "org>\n"
@@ -47,17 +47,18 @@ msgstr ""
 "l'attribut %{attr}."
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:42
-msgid "SAMBA Support : Can't get the sambaDomain object."
+msgid "SAMBA Support: Can't get the sambaUnixIdPool object."
-msgstr "SAMBA Support : Impossible de récupérer l'objet sambaDomain."
+msgstr "SAMBA Support : Impossible de récupérer l'objet sambaUnixIdPool."
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:45
-msgid "SAMBA Support : Error modifying the sambaDomain object."
+msgid "SAMBA Support: Error modifying the sambaUnixIdPool object."
-msgstr "SAMBA Support : Erreur durant la modification de l'objet sambaDomain."
+msgstr ""
+"SAMBA Support : Erreur durant la modification de l'objet sambaUnixIdPool."
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:48
-msgid "SAMBA Support : The %{attr} of the sambaDomain object is incorrect."
+msgid "SAMBA Support: The %{attr} of the sambaUnixIdPool object is incorrect."
 msgstr ""
-"SAMBA Support : L'attribut %{attr} de l'objet sambaDomain est incorrect."
+"SAMBA Support : L'attribut %{attr} de l'objet sambaUnixIdPool est incorrect."
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.ssh.php:31
 msgid "SSH Support : PhpSecLib is missing."

src/lang/fr_FR.UTF8/lang.php

@@ -187,6 +187,7 @@ $GLOBALS['LSlang'] = array (
 # LSobjects.LSpeople.attrs.sambaLogoffTime.html_options.special_values.0
 # LSobjects.LSpeople.attrs.sambaKickoffTime.no_value_label
 # LSobjects.LSpeople.attrs.sambaKickoffTime.html_options.special_values.2147483647
+# LSobjects.LSpeople.attrs.sambaPwdLastSet.no_value_label
 # LSobjects.LSpeople.attrs.sambaPwdMustChange.no_value_label
 # LSobjects.LSpeople.attrs.sambaPwdMustChange.html_options.special_values.2147483647
 # LSobjects.LSpeople.attrs.sambaPwdCanChange.html_options.special_values.2147483647
@@ -253,13 +254,39 @@ $GLOBALS['LSlang'] = array (
 # LSobjects.LSpeople.attrs.sambaLogonTime.label
 "Samba last logon time" =>
   "Date de dernière connexion Samba",
+
+# LSobjects.LSpeople.attrs.sambaLogonScript.label
+"Samba logon script" =>
+  "Script de login Samba",
+
+# LSobjects.LSpeople.attrs.sambaHomeDrive.label
+"Samba network drive of the home directory" =>
+  "Lecteur réseau du dossier personnel Samba",
+
+# LSobjects.LSpeople.attrs.sambaHomePath.label
+"Samba network path of the home directory" =>
+  "Chemin réseau du dossier personnel Samba",
+
+# LSobjects.LSpeople.attrs.sambaProfilePath.label
+"Samba network path of the profile" =>
+  "Chemin réseau du profil Samba",
+
 # LSobjects.LSpeople.attrs.sambaPwdCanChange.label
 "Samba password can change" =>
   "Date de prochaine modification possible du mot de passe Samba",
+
+# LSobjects.LSpeople.attrs.sambaPwdLastSet.label
+"Samba password last change time" =>
+  "Date de dernière modification du mot de passe Samba",
+
 # LSobjects.LSpeople.attrs.sambaPwdMustChange.label
 "Samba password must change" =>
   "Date de prochaine modification obligatoire du mot de passe Samba",
 
+# LSobjects.LSpeople.attrs.sambaPrimaryGroupSID.label
+"Samba primary group identifier" =>
+  "Identifiant du groupe primaire Samba",
+
 # LSobjects.LSpeople.LSform.dataEntryForm.simple.label
 "Simple" =>
   "Simple",

src/lang/ldapsaisie.pot

@@ -20,15 +20,15 @@ msgid ""
 msgstr ""
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:42
-msgid "SAMBA Support : Can't get the sambaDomain object."
+msgid "SAMBA Support: Can't get the sambaUnixIdPool object."
 msgstr ""
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:45
-msgid "SAMBA Support : Error modifying the sambaDomain object."
+msgid "SAMBA Support: Error modifying the sambaUnixIdPool object."
 msgstr ""
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:48
-msgid "SAMBA Support : The %{attr} of the sambaDomain object is incorrect."
+msgid "SAMBA Support: The %{attr} of the sambaUnixIdPool object is incorrect."
 msgstr ""
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.ssh.php:31