Improve Samba support using LSaddon::samba

src/conf/LSaddons/config.LSaddons.samba.php

@@ -22,41 +22,44 @@
 
 /*
  **************************************************
- * Données de configuration pour le support SAMBA *
+ * SAMBA support configuration                    *
  **************************************************
  */
 
-// SID du domaine Samba géré
+// SID of the samba managed domain
-define('LS_SAMBA_DOMAIN_SID','S-1-5-21-2421470416-3566881284-3047381809');
+define('LS_SAMBA_DOMAIN_SID', 'S-1-5-21-2421470416-3566881284-3047381809');
 
-// Nom du domaine Samba géré (sambaDomainName)
+// Name of the samba managed domain (sambaDomainName)
-define('LS_SAMBA_DOMAIN_NAME','LS');
+define('LS_SAMBA_DOMAIN_NAME', 'LS');
 
-// Le DN de l'objet sambaDomain du domaine
+// DN of the sambaDomain object of the domain
-define('LS_SAMBA_DOMAIN_OBJECT_DN','sambaDomainName=LS,o=ls');
+define('LS_SAMBA_DOMAIN_OBJECT_DN', 'sambaDomainName=LS,o=ls');
 
-// Nombre de base pour le calcul des sambaSID Utilisateur
+// DN of the sambaUnixIdPool object (optional, default: LS_SAMBA_DOMAIN_OBJECT_DN)
-define('LS_SAMBA_SID_BASE_USER',1000);
+//define('LS_SAMBA_UNIX_ID_POOL_DN', null);
 
-// Nombre de base pour le calcul des sambaSID Groupe
+// Base number to calculate user sambaSID
-define('LS_SAMBA_SID_BASE_GROUP',1001);
+define('LS_SAMBA_SID_BASE_USER', 1000);
+
+// Base number to calculate group sambaSID
+define('LS_SAMBA_SID_BASE_GROUP', 1001);
 
 /**
- * NB : C'est deux nombres doivent être pour l'un paire et pour l'autre impaire
+ * NB : This two numbers must be for one even and for the other odd to maintain the
- * pour conserver l'unicité des SID
+ * uniqueness of the SIDs.
  **/
 
-// Nom de l'attribut LDAP uidNumber
+// LDAP attribute uidNumber name
 define('LS_SAMBA_UIDNUMBER_ATTR','uidNumber');
 
-// Nom de l'attribut LDAP gidNumber
+// LDAP attribute gidNumber name
 define('LS_SAMBA_GIDNUMBER_ATTR','gidNumber');
 
-// Nom de l'attribut LDAP userPassword
+// LDAP attribute userPassword name
 define('LS_SAMBA_USERPASSWORD_ATTR','userPassword');
 
-// Format du chemin du home
+// Format of the users's home directory value
 define('LS_SAMBA_HOME_PATH_FORMAT','\\SERVER\%{uid}');
 
-// Format du chemin du profile
+// Format of the users's samba profile path value
 define('LS_SAMBA_PROFILE_PATH_FORMAT','\\SERVER\profiles\%{uid}');

src/conf/LSobjects/config.LSobjects.LSpeople.php

@@ -144,12 +144,18 @@ $GLOBALS['LSobjects']['LSpeople'] = array (
         'label' => 'Samba',
         'args' => array (
           'sambaSID',
+          'sambaPrimaryGroupSID',
           'sambaAcctFlags',
+          'sambaHomeDrive',
+          'sambaHomePath',
+          'sambaProfilePath',
+          'sambaLogonScript',
           'sambaLogonTime',
           'sambaLogoffTime',
           'sambaKickoffTime',
           'sambaLMPassword',
           'sambaNTPassword',
+          'sambaPwdLastSet',
           'sambaPwdMustChange',
           'sambaPwdCanChange',
         )
@@ -255,7 +261,9 @@ $GLOBALS['LSobjects']['LSpeople'] = array (
         'create' => 1
       ),
       'dependAttrs' => array(
-        'homeDirectory'
+        'homeDirectory',
+        'sambaHomePath',
+        'sambaProfilePath',
       )
     ),
     /* ----------- end -----------*/
@@ -266,7 +274,7 @@ $GLOBALS['LSobjects']['LSpeople'] = array (
       'ldap_type' => 'numeric',
       'html_type' => 'text',
       'required' => 1,
-      'generate_function' => 'generate_uidNumber_withSambaDomainObject',
+      'generate_function' => 'generate_samba_uidNumber',
       'check_data' => array (
         'numeric' => array(
           'msg' => "The numeric identifier must be an integer."
@@ -412,6 +420,9 @@ $GLOBALS['LSobjects']['LSpeople'] = array (
       'form' => array (
         'modify' => 1,
         'create' => 1
+      ),
+      'dependAttrs' => array(
+        'sambaPrimaryGroupSID',
       )
     ),
     /* ----------- end -----------*/
@@ -702,6 +713,23 @@ $GLOBALS['LSobjects']['LSpeople'] = array (
     ),
     /* ----------- end -----------*/
 
+    /* ----------- start -----------*/
+    'sambaPrimaryGroupSID' => array (
+      'label' => 'Samba primary group identifier',
+      'ldap_type' => 'ascii',
+      'html_type' => 'text',
+      'required' => 1,
+      'generate_function' => 'generate_sambaPrimaryGroupSID',
+      'rights' => array(
+        'admin' => 'r'
+      ),
+      'view' => 1,
+      'form' => array (
+        'modify' => 0
+      )
+    ),
+    /* ----------- end -----------*/
+
     /* ----------- start -----------*/
     'sambaAcctFlags' => array (
       'label' => 'Samba account flags',
@@ -720,6 +748,74 @@ $GLOBALS['LSobjects']['LSpeople'] = array (
     ),
     /* ----------- end -----------*/
 
+    /* ----------- start -----------*/
+    'sambaHomeDrive' => array (
+      'label' => 'Samba network drive of the home directory',
+      'ldap_type' => 'ascii',
+      'html_type' => 'text',
+      'required' => 1,
+      'default_value' => 'Z:',
+      'rights' => array(
+        'admin' => 'w'
+      ),
+      'view' => 1,
+      'form' => array (
+        'modify' => 1
+      )
+    ),
+    /* ----------- end -----------*/
+
+    /* ----------- start -----------*/
+    'sambaHomePath' => array (
+      'label' => 'Samba network path of the home directory',
+      'ldap_type' => 'ascii',
+      'html_type' => 'text',
+      'required' => 1,
+      'generate_function' => 'generate_sambaHomePath',
+      'rights' => array(
+        'admin' => 'w'
+      ),
+      'view' => 1,
+      'form' => array (
+        'modify' => 0
+      )
+    ),
+    /* ----------- end -----------*/
+
+    /* ----------- start -----------*/
+    'sambaProfilePath' => array (
+      'label' => 'Samba network path of the profile',
+      'ldap_type' => 'ascii',
+      'html_type' => 'text',
+      'required' => 1,
+      'generate_function' => 'generate_sambaProfilePath',
+      'rights' => array(
+        'admin' => 'w'
+      ),
+      'view' => 1,
+      'form' => array (
+        'modify' => 0
+      )
+    ),
+    /* ----------- end -----------*/
+
+    /* ----------- start -----------*/
+    'sambaLogonScript' => array (
+      'label' => 'Samba logon script',
+      'ldap_type' => 'ascii',
+      'html_type' => 'text',
+      'required' => 1,
+      'default_value' => 'logon.bat',
+      'rights' => array(
+        'admin' => 'w'
+      ),
+      'view' => 1,
+      'form' => array (
+        'modify' => 0
+      )
+    ),
+    /* ----------- end -----------*/
+
     /* ----------- start -----------*/
     'sambaLogonTime' => array (
       'label' => 'Samba last logon time',
@@ -823,6 +919,30 @@ $GLOBALS['LSobjects']['LSpeople'] = array (
     ),
     /* ----------- end -----------*/
 
+    /* ----------- start -----------*/
+    'sambaPwdLastSet' => array (
+      'label' => 'Samba password last change time',
+      'ldap_type' => 'date',
+      'ldap_options' => array(
+        'timestamp' => True,
+      ),
+      'html_type' => 'date',
+      'html_options' => array(
+        'time' => True,
+        'showTodayButton' => False,
+      ),
+      'generate_function' => 'generate_sambaPwdLastSet',
+      'no_value_label' => 'Never',
+      'rights' => array(
+        'admin' => 'w'
+      ),
+      'view' => 1,
+      'form' => array (
+        'modify' => 0
+      )
+    ),
+    /* ----------- end -----------*/
+
     /* ----------- start -----------*/
     'sambaPwdMustChange' => array (
       'label' => 'Samba password must change',

src/includes/addons/LSaddons.samba.php

@@ -24,28 +24,28 @@
 
 // Support
 LSerror :: defineError('SAMBA_SUPPORT_01',
-  ___("SAMBA Support : Unable to load smbHash class.")
+  ___("SAMBA Support: Unable to load smbHash class.")
 );
 LSerror :: defineError('SAMBA_SUPPORT_02',
-  ___("SAMBA Support : The constant %{const} is not defined.")
+  ___("SAMBA Support: The constant %{const} is not defined.")
 );
 
 LSerror :: defineError('SAMBA_SUPPORT_03',
-  ___("SAMBA Support : The constants LS_SAMBA_SID_BASE_USER and LS_SAMBA_SID_BASE_GROUP must'nt have the same parity to keep SambaSID's unicity.")
+  ___("SAMBA Support: The constants LS_SAMBA_SID_BASE_USER and LS_SAMBA_SID_BASE_GROUP must'nt have the same parity to keep SambaSID's unicity.")
 );
 
 // Autres erreurs
 LSerror :: defineError('SAMBA_01',
-  ___("SAMBA Support : The attribute %{dependency} is missing. Unable to forge the attribute %{attr}.")
+  ___("SAMBA Support: The attribute %{dependency} is missing. Unable to forge the attribute %{attr}.")
 );
 LSerror :: defineError('SAMBA_02',
-  ___("SAMBA Support : Can't get the sambaDomain object.")
+  ___("SAMBA Support: Can't get the sambaUnixIdPool object.")
 );
 LSerror :: defineError('SAMBA_03',
-  ___("SAMBA Support : Error modifying the sambaDomain object.")
+  ___("SAMBA Support: Error modifying the sambaUnixIdPool object.")
 );
 LSerror :: defineError('SAMBA_04',
-  ___("SAMBA Support : The %{attr} of the sambaDomain object is incorrect.")
+  ___("SAMBA Support: The %{attr} of the sambaUnixIdPool object is incorrect.")
 );
 
 // CONSTANTES
@@ -53,140 +53,188 @@ LSerror :: defineError('SAMBA_04',
 // Le temps infini au sens NT
 define('LS_SAMBA_INFINITY_TIME',2147483647);
 
- /**
+/**
-  * Verification du support Samba par ldapSaisie
+ * Check LdapSaisie Samba support
-  *
+ *
-  * @author Benjamin Renard <brenard@easter-eggs.com>
+ * @author Benjamin Renard <brenard@easter-eggs.com>
-  *
+ *
-  * @retval boolean true si Samba est pleinement supporté, false sinon
+ * @retval boolean True if Samba is fully supported, false otherwise
-  */
+ */
-  function LSaddon_samba_support() {
+function LSaddon_samba_support() {
 
-    $retval=true;
+  $retval=true;
 
-    // Dependance de librairie
+  // Dependance de librairie
-    if ( !class_exists('smbHash') ) {
+  if ( !class_exists('smbHash') ) {
-      if ( !LSsession::includeFile(LS_LIB_DIR . 'class.smbHash.php') ) {
+    if ( !LSsession::includeFile(LS_LIB_DIR . 'class.smbHash.php') ) {
-        LSerror :: addErrorCode('SAMBA_SUPPORT_01');
+      LSerror :: addErrorCode('SAMBA_SUPPORT_01');
-        $retval=false;
+      $retval=false;
-      }
     }
-
-
-    $MUST_DEFINE_CONST= array(
-      'LS_SAMBA_DOMAIN_SID',
-      'LS_SAMBA_DOMAIN_NAME',
-      'LS_SAMBA_HOME_PATH_FORMAT',
-      'LS_SAMBA_PROFILE_PATH_FORMAT',
-      'LS_SAMBA_DOMAIN_OBJECT_DN',
-      'LS_SAMBA_SID_BASE_USER',
-      'LS_SAMBA_SID_BASE_GROUP',
-      'LS_SAMBA_UIDNUMBER_ATTR',
-      'LS_SAMBA_GIDNUMBER_ATTR',
-      'LS_SAMBA_USERPASSWORD_ATTR'
-    );
-
-    foreach($MUST_DEFINE_CONST as $const) {
-      if ( (!defined($const)) || (constant($const) == "")) {
-        LSerror :: addErrorCode('SAMBA_SUPPORT_02',$const);
-        $retval=false;
-      }
-    }
-
-    // Pour l'intégrité des SID
-    if ( (LS_SAMBA_SID_BASE_USER % 2) == (LS_SAMBA_SID_BASE_GROUP % 2) ) {
-        LSerror :: addErrorCode('SAMBA_SUPPORT_03');
-        $retval=false;
-    }
-
-    return $retval;
   }
 
+
+  $MUST_DEFINE_CONST= array(
+    'LS_SAMBA_DOMAIN_SID',
+    'LS_SAMBA_DOMAIN_NAME',
+    'LS_SAMBA_HOME_PATH_FORMAT',
+    'LS_SAMBA_PROFILE_PATH_FORMAT',
+    'LS_SAMBA_DOMAIN_OBJECT_DN',
+    'LS_SAMBA_SID_BASE_USER',
+    'LS_SAMBA_SID_BASE_GROUP',
+    'LS_SAMBA_UIDNUMBER_ATTR',
+    'LS_SAMBA_GIDNUMBER_ATTR',
+    'LS_SAMBA_USERPASSWORD_ATTR'
+  );
+
+  foreach($MUST_DEFINE_CONST as $const) {
+    if ( (!defined($const)) || (constant($const) == "")) {
+      LSerror :: addErrorCode('SAMBA_SUPPORT_02',$const);
+      $retval=false;
+    }
+  }
+
+  // Check LS_SAMBA_SID_BASE_USER & LS_SAMBA_SID_BASE_GROUP values for SID integrity
+  if ( (LS_SAMBA_SID_BASE_USER % 2) == (LS_SAMBA_SID_BASE_GROUP % 2) ) {
+    LSerror :: addErrorCode('SAMBA_SUPPORT_03');
+    $retval=false;
+  }
+
+  return $retval;
+}
+
+/**
+ * Generate sambaSID value
+ *
+ * Generation rule:
+ *   Number   = [UNIX attribute ($unix_attr) value] * 2 + $base_number
+ *   sambaSID = LS_SAMBA_DOMAIN_SID-Number
+ *
+ * @author Benjamin Renard <brenard@easter-eggs.com>
+ * @param[in] $ldapObject LSldapObjet The LSldapObjet object
+ * @param[in] $unix_attr string The UNIX attribute name
+ * @param[in] $base_number integer The base number value
+ *
+ * @retval string SambaSID ou false si il y a un problème durant la génération
+ */
+function generate_sambaSID($ldapObject, $unix_attr, $base_number) {
+  if ( get_class($ldapObject -> attrs[ $unix_attr ]) != 'LSattribute' ) {
+    LSerror :: addErrorCode(
+      'SAMBA_01',
+      array(
+        'dependency' => $unix_attr,
+        'attr' => 'sambaSID'
+      )
+    );
+    return;
+  }
+
+  $unix_id_attr_val = $ldapObject -> getValue($unix_attr, true, null);
+  $object_sid = $unix_id_attr_val * 2 + $base_number;
+  return LS_SAMBA_DOMAIN_SID . '-' . $object_sid;
+}
+
+/**
+ * Generate user sambaSID
+ *
+ *   Number   = LS_SAMBA_UIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_USER
+ *   sambaSID = LS_SAMBA_DOMAIN_SID-Number
+ *
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
+ * @retval string User SambaSID value on success, false otherwise
+ */
+function generate_user_sambaSID($ldapObject) {
+  return generate_sambaSID($ldapObject, LS_SAMBA_UIDNUMBER_ATTR, LS_SAMBA_SID_BASE_USER);
+}
+
  /**
-  * Generation de sambaSID d'un utilisateur
+  * Generate user sambaSID
   *
-  * @author Benjamin Renard <brenard@easter-eggs.com>
+  * Note: old-name of the function keep for retro-compatibility
   *
   *   Number   = LS_SAMBA_UIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_USER
   *   sambaSID = LS_SAMBA_DOMAIN_SID-Number
   *
-  * @param[in] $ldapObject L'objet ldap
+  * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
-  *
-  * @retval string SambaSID ou false si il y a un problème durant la génération
-  */
-  function generate_sambaUserSID($ldapObject) {
-    if ( get_class($ldapObject -> attrs[ LS_SAMBA_UIDNUMBER_ATTR ]) != 'LSattribute' ) {
-      LSerror :: addErrorCode('SAMBA_01',array('dependency' => LS_SAMBA_UIDNUMBER_ATTR, 'attr' => 'sambaSID'));
-      return;
-    }
-
-    $uidnumber_attr_val = $ldapObject -> attrs[ LS_SAMBA_UIDNUMBER_ATTR ] -> getValue();
-    $uidnumber_attr_val = $uidnumber_attr_val[0];
-    $uidNumber = $uidnumber_attr_val * 2 + LS_SAMBA_SID_BASE_USER;
-    $sambaSID = LS_SAMBA_DOMAIN_SID . '-' . $uidNumber;
-
-    return ($sambaSID);
-  }
-
- /**
-  * Generation de sambaSID d'un groupe
-  *
   * @author Benjamin Renard <brenard@easter-eggs.com>
   *
-  *   Number   = LS_SAMBA_GIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_GROUP
+  * @retval string User SambaSID value on success, false otherwise
-  *   sambaSID = LS_SAMBA_DOMAIN_SID-Number
-  *
-  * @param[in] $ldapObject L'objet ldap
-  *
-  * @retval string SambaSID ou false si il y a un problème durant la génération
   */
-  function generate_sambaGroupSID($ldapObject) {
+function generate_sambaUserSID($ldapObject) {
-    if ( get_class($ldapObject -> attrs[ LS_SAMBA_GIDNUMBER_ATTR ]) != 'LSattribute' ) {
+  LSerror :: addErrorCode(
-      LSerror :: addErrorCode('SAMBA_01',array('dependency' => LS_SAMBA_GIDNUMBER_ATTR, 'attr' => 'sambaSID'));
+    'LSsession_27',
-      return;
+    array(
-    }
+      'old' => 'generate_sambaUserSID()',
+      'new' => 'generate_user_sambaSID()',
+      'context' => LSlog :: get_debug_backtrace_context(),
+    )
+  );
+  return generate_user_sambaSID($ldapObject);
+}
 
-    $gidnumber_attr_val = $ldapObject -> attrs[ LS_SAMBA_GIDNUMBER_ATTR ] -> getValue();
+/**
-    $gidnumber_attr_val = $gidnumber_attr_val[0];
+ * Generate group sambaSID
-    $gidNumber = $gidnumber_attr_val * 2 + LS_SAMBA_SID_BASE_GROUP;
+ *
-    $sambaSID = LS_SAMBA_DOMAIN_SID . '-' . $gidNumber;
+ *   Number   = LS_SAMBA_GIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_GROUP
-
+ *   sambaSID = LS_SAMBA_DOMAIN_SID-Number
-    return ($sambaSID);
+ *
-  }
+ * @param[in] $ldapObject LSldapObjet The group LSldapObjet object
+ * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
+ * @retval string Group SambaSID value on success, false otherwise
+ */
+function generate_group_sambaSID($ldapObject) {
+  return generate_sambaSID($ldapObject, LS_SAMBA_GIDNUMBER_ATTR, LS_SAMBA_SID_BASE_GROUP);
+}
 
  /**
-  * Generation de sambaPrimaryGroupSID
+  * Generate group sambaSID
   *
+  * Note: old-name of the function keep for retro-compatibility. An error
+  * message is raised when this function is used.
+  *
+  * @param[in] $ldapObject LSldapObjet The group LSldapObjet object
   * @author Benjamin Renard <brenard@easter-eggs.com>
   *
-  *   Number   = LS_SAMBA_GIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_GROUP
+  * @retval string Group SambaSID value on success, false otherwise
-  *   sambaSID = LS_SAMBA_DOMAIN_SID-Number
-  *
-  * @param[in] $ldapObject L'objet ldap
-  *
-  * @retval string sambaPrimaryGroupSID ou false si il y a un problème durant la génération
   */
-  function generate_sambaPrimaryGroupSID($ldapObject) {
+function generate_sambaGroupSID($ldapObject) {
-    if ( get_class($ldapObject -> attrs[ LS_SAMBA_GIDNUMBER_ATTR ]) != 'LSattribute' ) {
+  LSerror :: addErrorCode(
-      LSerror :: addErrorCode('SAMBA_01',array('dependency' => LS_SAMBA_GIDNUMBER_ATTR, 'attr' => 'sambaPrimaryGroupSID'));
+    'LSsession_27',
-      return;
+    array(
-    }
+      'old' => 'generate_sambaGroupSID()',
+      'new' => 'generate_group_sambaSID()',
+      'context' => LSlog :: get_debug_backtrace_context(),
+    )
+  );
+  return generate_group_sambaSID($ldapObject);
+}
 
-    $gidNumber = $ldapObject -> attrs[ LS_SAMBA_GIDNUMBER_ATTR ] -> getValue();
+/**
-    $gidNumber = $gidNumber[0] * 2 + LS_SAMBA_SID_BASE_GROUP;
+ * Generate sambaPrimaryGroupSID
-    $sambaPrimaryGroupSID = LS_SAMBA_DOMAIN_SID . '-' . $gidNumber;
+ *
+ *   Number   = LS_SAMBA_GIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_GROUP
+ *   sambaSID = LS_SAMBA_DOMAIN_SID-Number
+ *
+ * @param[in] $ldapObject LSldapObjet The LSldapObjet object
+ * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
+ * @retval string The sambaPrimaryGroupSID value on success, false otherwise
+ */
+function generate_sambaPrimaryGroupSID($ldapObject) {
+  return generate_sambaSID($ldapObject, LS_SAMBA_GIDNUMBER_ATTR, LS_SAMBA_SID_BASE_GROUP);
+}
 
-    return ($sambaPrimaryGroupSID);
-  }
 
  /**
   * Generation de sambaNTPassword
   *
   * @author Benjamin Renard <brenard@easter-eggs.com>
   *
-  * @param[in] $ldapObject L'objet ldap
+  * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
   *
-  * @retval string sambaNTPassword ou false si il y a un problème durant la génération
+  * @retval string|false sambaNTPassword value on success, false otherwise
   */
   function generate_sambaNTPassword($ldapObject) {
     if ( get_class($ldapObject -> attrs[ LS_SAMBA_USERPASSWORD_ATTR ]) != 'LSattribute' ) {
@@ -209,9 +257,9 @@ define('LS_SAMBA_INFINITY_TIME',2147483647);
   *
   * @author Benjamin Renard <brenard@easter-eggs.com>
   *
-  * @param[in] $ldapObject L'objet ldap
+  * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
   *
-  * @retval string sambaLMPassword ou false si il y a un problème durant la génération
+  * @retval string|false sambaLMPassword value on success, false otherwise
   */
   function generate_sambaLMPassword($ldapObject) {
     if ( get_class($ldapObject -> attrs[ LS_SAMBA_USERPASSWORD_ATTR ]) != 'LSattribute' ) {
@@ -230,183 +278,263 @@ define('LS_SAMBA_INFINITY_TIME',2147483647);
   }
 
 /**
-  * Generation de uidNumber en utilisant l'objet sambaDomain
+ * Generate UNIX ID value from sambaUnixIdPool object
-  *
+ *
-  * @author Benjamin Renard <brenard@easter-eggs.com>
+ * @author Benjamin Renard <brenard@easter-eggs.com>
-  *
+ *
-  * @param[in] $ldapObject L'objet ldap
+ * @param[in] $attr string The sambaUnixIdPool attribute name that contain next ID value
-  *
+ *
-  * @retval integer uidNumber ou false si il y a un problème durant la génération
+ * @retval integer UNIX ID value on succes, false otherwise
-  */
+ */
-  function generate_uidNumber_withSambaDomainObject($ldapObject) {
+function get_samba_unix_pool_next_id($attr) {
-    $sambaDomain = LSldap :: getLdapEntry ( LS_SAMBA_DOMAIN_OBJECT_DN );
+  $unix_id_pool_dn = (constant('LS_SAMBA_UNIX_ID_POOL_DN')?LS_SAMBA_UNIX_ID_POOL_DN:LS_SAMBA_DOMAIN_OBJECT_DN);
-    if ($sambaDomain === false) {
+  $unix_id_pool = LSldap :: getLdapEntry ($unix_id_pool_dn);
-      LSerror :: addErrorCode('SAMBA_02');
+  if ($unix_id_pool === false) {
-      return;
+    LSerror :: addErrorCode('SAMBA_02');
-    }
+    return;
-
-    $uidNumber = $sambaDomain->getValue('uidNumber','single');
-    if (Net_LDAP2::isError($uidNumber) || $uidNumber==0) {
-      LSerror :: addErrorCode('SAMBA_04','uidNumber');
-      return;
-    }
-
-    $sambaDomain->replace(array('uidNumber' => ($uidNumber+1)));
-    $res = $sambaDomain->update();
-    if(!Net_LDAP2::isError($res)) {
-      return $uidNumber;
-    }
-    else {
-      LSerror :: addErrorCode('SAMBA_03');
-      return;
-    }
   }
 
- /**
+  $next_id = $unix_id_pool->getValue($attr, 'single');
-  * Generation de gidNumber en utilisant l'objet sambaDomain
+  if (Net_LDAP2::isError($next_id) || $next_id == 0) {
-  *
+    LSerror :: addErrorCode('SAMBA_04', $attr);
-  * @author Benjamin Renard <brenard@easter-eggs.com>
+    return;
-  *
-  * @param[in] $ldapObject L'objet ldap
-  *
-  * @retval integer gidNumber ou false si il y a un problème durant la génération
-  */
-  function generate_gidNumber_withSambaDomainObject($ldapObject) {
-    $sambaDomain = LSldap :: getLdapEntry ( LS_SAMBA_DOMAIN_OBJECT_DN );
-    if ($sambaDomain === false) {
-      LSerror :: addErrorCode('SAMBA_02');
-      return;
-    }
-
-    $gidNumber = $sambaDomain->getValue('gidNumber','single');
-    if (Net_LDAP2::isError($gidNumber) || $gidNumber==0) {
-      LSerror :: addErrorCode('SAMBA_04','gidNumber');
-      return;
-    }
-
-    $sambaDomain->replace(array('gidNumber' => ($gidNumber+1)));
-    $res = $sambaDomain->update();
-    if(!Net_LDAP2::isError($res)) {
-      return $gidNumber;
-    }
-    else {
-      LSerror :: addErrorCode('SAMBA_03');
-      return;
-    }
   }
 
- /**
+  $unix_id_pool->replace(array($attr => ($next_id+1)));
-  * Retourne le temps infini au sens NT
+  $res = $unix_id_pool->update();
-  *
+  if(!Net_LDAP2::isError($res)) {
-  * @author Benjamin Renard <brenard@easter-eggs.com>
+    return $next_id;
-  *
-  * @param[in] $ldapObject L'objet ldap
-  *
-  * @retval integer le temps infinie au sens NT
-  */
-  function return_sambaInfinityTime($ldapObject) {
-    return LS_SAMBA_INFINITY_TIME;
   }
+  else {
+    LSerror :: addErrorCode('SAMBA_03');
+    return;
+  }
+}
 
- /**
+/**
-  * Generation de l'attribut sambaPwdLastSet
+ * Generate uidNumber using sambaUnixIdPool object
-  *
+ *
-  * @author Benjamin Renard <brenard@easter-eggs.com>
+ * @author Benjamin Renard <brenard@easter-eggs.com>
-  *
+ *
-  * @param[in] $ldapObject L'objet ldap
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
-  *
+ *
-  * @retval string sambaPwdLastSet
+ * @retval integer|false uidNumber value on success, false otherwise
-  */
+ */
-  function generate_sambaPwdLastSet($ldapObject) {
+function generate_samba_uidNumber($ldapObject) {
-    return time();
+  return get_samba_unix_pool_next_id('uidNumber');
-  }
+}
 
- /**
+/**
-  * Generation du sambaDomainName
+ * Generate uidNumber using sambaUnixIdPool object
-  *
+ *
-  * @author Benjamin Renard <brenard@easter-eggs.com>
+ * Note: old-name of the function keep for retro-compatibility. An error
-  *
+ * message is raised when this function is used.
-  * @retval string Le sambaDomainName
+ *
-  */
+ * @author Benjamin Renard <brenard@easter-eggs.com>
-  function generate_sambaDomainName($ldapObject) {
+ *
-    return LS_SAMBA_DOMAIN_NAME;
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
-  }
+ *
+ * @retval integer|false uidNumber value on success, false otherwise
+ */
+function generate_uidNumber_withSambaDomainObject($ldapObject) {
+  LSerror :: addErrorCode(
+    'LSsession_27',
+    array(
+      'old' => 'generate_uidNumber_withSambaDomainObject()',
+      'new' => 'generate_samba_uidNumber()',
+      'context' => LSlog :: get_debug_backtrace_context(),
+    )
+  );
+  return generate_samba_uidNumber($ldapObject);
+}
 
- /**
+/**
-  * Generation du sambaHomePath
+ * Generate gidNumber using sambaUnixIdPool object
-  *
+ *
-  * @author Benjamin Renard <brenard@easter-eggs.com>
+ * @author Benjamin Renard <brenard@easter-eggs.com>
-  *
+ *
-  * @retval string Le sambaHomePath
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
-  */
+ *
-  function generate_sambaHomePath($ldapObject) {
+ * @retval integer|false gidNumber value on success, false otherwise
-    return $ldapObject -> getFData(LS_SAMBA_HOME_PATH_FORMAT);
+ */
-  }
+function generate_samba_gidNumber($ldapObject) {
+  return get_samba_unix_pool_next_id('gidNumber');
+}
 
- /**
+/**
-  * Generation du sambaProfilePath
+ * Generate gidNumber using sambaUnixIdPool object
-  *
+ *
-  * @author Benjamin Renard <brenard@easter-eggs.com>
+ * Note: old-name of the function keep for retro-compatibility. An error
-  *
+ * message is raised when this function is used.
-  * @retval string Le sambaProfilePath
+ *
-  */
+ * @author Benjamin Renard <brenard@easter-eggs.com>
-  function generate_sambaProfilePath($ldapObject) {
+ *
-    return $ldapObject -> getFData(LS_SAMBA_PROFILE_PATH_FORMAT);
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
-  }
+ *
+ * @retval integer|false gidNumber value on success, false otherwise
+ */
+function generate_gidNumber_withSambaDomainObject($ldapObject) {
+  LSerror :: addErrorCode(
+    'LSsession_27',
+    array(
+      'old' => 'generate_gidNumber_withSambaDomainObject()',
+      'new' => 'generate_samba_gidNumber()',
+      'context' => LSlog :: get_debug_backtrace_context(),
+    )
+  );
+  return generate_samba_gidNumber($ldapObject);
+}
 
- /**
+/**
-  * Generation de l'attribut shadowExpire à partir de
+ * Return NT infinity time
-  * l'attribut sambaPwdMustChange
+ *
-  *
+ * @author Benjamin Renard <brenard@easter-eggs.com>
-  * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
-  *
+ * @param[in] $anything anything
-  * @retval string La valeur de shadowExpire
+ *
-  */
+ * @retval integer NT infinity time
-  function generate_shadowExpire_from_sambaPwdMustChange($ldapObject) {
+ */
-    $time=$ldapObject -> getValue('sambaPwdMustChange');
+function get_samba_infinity_time($anything=null) {
-    if (!empty($time)) {
+  return LS_SAMBA_INFINITY_TIME;
-      $time=(int)$time[0];
+}
-      return (string)round($time/86400);
-    }
-    return '';
-  }
 
- /**
+/**
-  * Generation d'un timestamp a partir de l'attribut shadowExpire
+ * Return NT infinity time
-  *
+ *
-  * @author Benjamin Renard <brenard@easter-eggs.com>
+ * Note: old-name of the function keep for retro-compatibility. An error
-  *
+ * message is raised when this function is used.
-  * @retval string Timestamp correspant à shadowExpire
+ *
-  */
+ * @author Benjamin Renard <brenard@easter-eggs.com>
-  function generate_timestamp_from_shadowExpire($ldapObject) {
+ *
-    $days=$ldapObject -> getValue('shadowExpire');
+ * @param[in] $anything anything
-    if (!empty($days)) {
+ *
-      $days=(int)$days[0];
+ * @retval integer NT infinity time
-      return (string)($days*86400);
+ */
-    }
+function return_sambaInfinityTime($anything=null) {
-    return '';
+  LSerror :: addErrorCode(
-  }
+    'LSsession_27',
+    array(
+      'old' => 'return_sambaInfinityTime()',
+      'new' => 'get_samba_infinity_time()',
+      'context' => LSlog :: get_debug_backtrace_context(),
+    )
+  );
+  return get_samba_infinity_time($anything);
+}
 
- /**
+/**
-  * Generation de l'attribut sambaPwdMustChange a partir de
+ * Generate sambaPwdLastSet attribute value
-  * l'attribut shadowExpire
+ *
-  *
+ * Just return current timestamp.
-  * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
-  *
+ * @author Benjamin Renard <brenard@easter-eggs.com>
-  * @retval string La valeur de sambaPwdMustChange
+ *
-  */
+ * @param[in] $anything anything
-  function generate_sambaPwdMustChange_from_shadowExpire($ldapObject) {
+ *
-    return generate_timestamp_from_shadowExpire($ldapObject);
+ * @retval integer The sambaPwdLastSet attribute value (=current timestamp)
-  }
+ */
+function generate_sambaPwdLastSet($anything) {
+  return time();
+}
 
- /**
+/**
-  * Generation de l'attribut sambaKickoffTime a partir de
+ * Generate sambaDomainName attribute value
-  * l'attribut shadowExpire
+ *
-  *
+ * Just return samba domain name.
-  * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
-  *
+ * @author Benjamin Renard <brenard@easter-eggs.com>
-  * @retval string La valeur de sambaKickoffTime
+ *
-  */
+ * @param[in] $anything anything
-  function generate_sambaKickoffTime_from_shadowExpire($ldapObject) {
+ *
-    return generate_timestamp_from_shadowExpire($ldapObject);
+ * @retval string The sambaDomainName attribute value
-  }
+ */
+function generate_sambaDomainName($anything) {
+  return LS_SAMBA_DOMAIN_NAME;
+}
+
+/**
+ * Generate sambaHomePath attribute value
+ *
+ * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ *
+ * @retval string The sambaHomePath attribute value
+ */
+function generate_sambaHomePath($ldapObject) {
+  return $ldapObject -> getFData(LS_SAMBA_HOME_PATH_FORMAT);
+}
+
+/**
+ * Generate sambaProfilePath attribute value
+ *
+ * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ *
+ * @retval string The sambaProfilePath attribute value
+ */
+function generate_sambaProfilePath($ldapObject) {
+  return $ldapObject -> getFData(LS_SAMBA_PROFILE_PATH_FORMAT);
+}
+
+/**
+ * Generate shadowExpire attribute value from sambaPwdMustChange
+ * attribute.
+ *
+ * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ *
+ * @retval string The shadowExpire attribute value
+ */
+function generate_shadowExpire_from_sambaPwdMustChange($ldapObject) {
+  $time = $ldapObject -> getValue('sambaPwdMustChange', true, null);
+  if ($time)
+    return str_val(round(int_val($time)/86400));
+  return '';
+}
+
+/**
+ * Generate timestamp from shadowExpire attribute value
+ *
+ * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ *
+ * @retval string Timestamp corresponding to shadowExpire
+ */
+function generate_timestamp_from_shadowExpire($ldapObject) {
+  $days = $ldapObject -> getValue('shadowExpire', true, null);
+  if ($days)
+    return str_val(int_val($days) * 86400);
+  return '';
+}
+
+/**
+ * Generate sambaPwdMustChange attribute value from shadowExpire
+ * attribute.
+ *
+ * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ *
+ * @retval string The sambaPwdMustChange attribute value
+ */
+function generate_sambaPwdMustChange_from_shadowExpire($ldapObject) {
+  return generate_timestamp_from_shadowExpire($ldapObject);
+}
+
+/**
+ * Generate sambaKickoffTime attribute value from shadowExpire
+ * attribute.
+ *
+ * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
+ * @param[in] $ldapObject LSldapObjet The user LSldapObjet object
+ *
+ * @retval string The sambaKickoffTime attribute value
+ */
+function generate_sambaKickoffTime_from_shadowExpire($ldapObject) {
+  return generate_timestamp_from_shadowExpire($ldapObject);
+}

src/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.po

@@ -8,7 +8,7 @@ msgstr ""
 "Project-Id-Version: LdapSaisie\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: \n"
-"PO-Revision-Date: 2020-09-03 18:31+0200\n"
+"PO-Revision-Date: 2020-09-07 16:22+0200\n"
 "Last-Translator: Benjamin Renard <brenard@zionetrix.net>\n"
 "Language-Team: LdapSaisie <ldapsaisie-users@lists.labs.libre-entreprise."
 "org>\n"
@@ -21,16 +21,16 @@ msgstr ""
 "X-Generator: Poedit 2.2.1\n"
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:27
-msgid "SAMBA Support : Unable to load smbHash class."
+msgid "SAMBA Support: Unable to load smbHash class."
 msgstr "Support SAMBA : Impossible de charger la classe smbHash."
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:30
-msgid "SAMBA Support : The constant %{const} is not defined."
+msgid "SAMBA Support: The constant %{const} is not defined."
 msgstr "Support SAMBA : La constante %{const} n'est pas définie."
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:34
 msgid ""
-"SAMBA Support : The constants LS_SAMBA_SID_BASE_USER and "
+"SAMBA Support: The constants LS_SAMBA_SID_BASE_USER and "
 "LS_SAMBA_SID_BASE_GROUP must'nt have the same parity to keep SambaSID's "
 "unicity."
 msgstr ""
@@ -40,24 +40,25 @@ msgstr ""
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:39
 msgid ""
-"SAMBA Support : The attribute %{dependency} is missing. Unable to forge the "
+"SAMBA Support: The attribute %{dependency} is missing. Unable to forge the "
 "attribute %{attr}."
 msgstr ""
 "Support SAMBA : L'attribut %{dependency} est manquant. Impossible de générer "
 "l'attribut %{attr}."
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:42
-msgid "SAMBA Support : Can't get the sambaDomain object."
+msgid "SAMBA Support: Can't get the sambaUnixIdPool object."
-msgstr "SAMBA Support : Impossible de récupérer l'objet sambaDomain."
+msgstr "SAMBA Support : Impossible de récupérer l'objet sambaUnixIdPool."
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:45
-msgid "SAMBA Support : Error modifying the sambaDomain object."
+msgid "SAMBA Support: Error modifying the sambaUnixIdPool object."
-msgstr "SAMBA Support : Erreur durant la modification de l'objet sambaDomain."
+msgstr ""
+"SAMBA Support : Erreur durant la modification de l'objet sambaUnixIdPool."
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:48
-msgid "SAMBA Support : The %{attr} of the sambaDomain object is incorrect."
+msgid "SAMBA Support: The %{attr} of the sambaUnixIdPool object is incorrect."
 msgstr ""
-"SAMBA Support : L'attribut %{attr} de l'objet sambaDomain est incorrect."
+"SAMBA Support : L'attribut %{attr} de l'objet sambaUnixIdPool est incorrect."
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.ssh.php:31
 msgid "SSH Support : PhpSecLib is missing."

src/lang/fr_FR.UTF8/lang.php

@@ -187,6 +187,7 @@ $GLOBALS['LSlang'] = array (
 # LSobjects.LSpeople.attrs.sambaLogoffTime.html_options.special_values.0
 # LSobjects.LSpeople.attrs.sambaKickoffTime.no_value_label
 # LSobjects.LSpeople.attrs.sambaKickoffTime.html_options.special_values.2147483647
+# LSobjects.LSpeople.attrs.sambaPwdLastSet.no_value_label
 # LSobjects.LSpeople.attrs.sambaPwdMustChange.no_value_label
 # LSobjects.LSpeople.attrs.sambaPwdMustChange.html_options.special_values.2147483647
 # LSobjects.LSpeople.attrs.sambaPwdCanChange.html_options.special_values.2147483647
@@ -253,13 +254,39 @@ $GLOBALS['LSlang'] = array (
 # LSobjects.LSpeople.attrs.sambaLogonTime.label
 "Samba last logon time" =>
   "Date de dernière connexion Samba",
+
+# LSobjects.LSpeople.attrs.sambaLogonScript.label
+"Samba logon script" =>
+  "Script de login Samba",
+
+# LSobjects.LSpeople.attrs.sambaHomeDrive.label
+"Samba network drive of the home directory" =>
+  "Lecteur réseau du dossier personnel Samba",
+
+# LSobjects.LSpeople.attrs.sambaHomePath.label
+"Samba network path of the home directory" =>
+  "Chemin réseau du dossier personnel Samba",
+
+# LSobjects.LSpeople.attrs.sambaProfilePath.label
+"Samba network path of the profile" =>
+  "Chemin réseau du profil Samba",
+
 # LSobjects.LSpeople.attrs.sambaPwdCanChange.label
 "Samba password can change" =>
   "Date de prochaine modification possible du mot de passe Samba",
+
+# LSobjects.LSpeople.attrs.sambaPwdLastSet.label
+"Samba password last change time" =>
+  "Date de dernière modification du mot de passe Samba",
+
 # LSobjects.LSpeople.attrs.sambaPwdMustChange.label
 "Samba password must change" =>
   "Date de prochaine modification obligatoire du mot de passe Samba",
 
+# LSobjects.LSpeople.attrs.sambaPrimaryGroupSID.label
+"Samba primary group identifier" =>
+  "Identifiant du groupe primaire Samba",
+
 # LSobjects.LSpeople.LSform.dataEntryForm.simple.label
 "Simple" =>
   "Simple",

src/lang/ldapsaisie.pot

@@ -1,34 +1,34 @@
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:27
-msgid "SAMBA Support : Unable to load smbHash class."
+msgid "SAMBA Support: Unable to load smbHash class."
 msgstr ""
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:30
-msgid "SAMBA Support : The constant %{const} is not defined."
+msgid "SAMBA Support: The constant %{const} is not defined."
 msgstr ""
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:34
 msgid ""
-"SAMBA Support : The constants LS_SAMBA_SID_BASE_USER and "
+"SAMBA Support: The constants LS_SAMBA_SID_BASE_USER and "
 "LS_SAMBA_SID_BASE_GROUP must'nt have the same parity to keep SambaSID's "
 "unicity."
 msgstr ""
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:39
 msgid ""
-"SAMBA Support : The attribute %{dependency} is missing. Unable to forge the "
+"SAMBA Support: The attribute %{dependency} is missing. Unable to forge the "
 "attribute %{attr}."
 msgstr ""
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:42
-msgid "SAMBA Support : Can't get the sambaDomain object."
+msgid "SAMBA Support: Can't get the sambaUnixIdPool object."
 msgstr ""
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:45
-msgid "SAMBA Support : Error modifying the sambaDomain object."
+msgid "SAMBA Support: Error modifying the sambaUnixIdPool object."
 msgstr ""
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:48
-msgid "SAMBA Support : The %{attr} of the sambaDomain object is incorrect."
+msgid "SAMBA Support: The %{attr} of the sambaUnixIdPool object is incorrect."
 msgstr ""
 
 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.ssh.php:31