mirror of
https://github.com/webmin/webmin.git
synced 2025-08-15 21:20:10 +00:00
Add to person object class by default
This commit is contained in:
Jamie Cameron
@ -55,3 +55,5 @@ All Samba attributes are removed when Samba access is disabled for a user.
|
||||
Added access control options to prevent use of the same UID or GID.
|
||||
---- Changes since 1.390 ----
|
||||
Added locking to prevent concurrent writes to the LDAP database, to prevent UID collisions.
|
||||
---- Changes since 1.400 ----
|
||||
By default, all new Unix users are given the person object class too, as this seems to be needed in most new LDAP schemas.
|
||||
|
||||
@ -16,3 +16,4 @@ imap_folderalt=1
|
||||
samba_gclass=sambaGroup
|
||||
alias_same=0
|
||||
given_class=inetOrgPerson
|
||||
person=1
|
||||
|
||||
@ -16,3 +16,4 @@ imap_folderalt=1
|
||||
samba_gclass=sambaGroup
|
||||
alias_same=0
|
||||
given_class=inetOrgPerson
|
||||
person=1
|
||||
|
||||
@ -15,3 +15,4 @@ secmode=0
|
||||
samba_gclass=sambaGroup
|
||||
alias_same=0
|
||||
given_class=inetOrgPerson
|
||||
person=1
|
||||
|
||||
@ -15,3 +15,4 @@ secmode=0
|
||||
samba_gclass=sambaGroup
|
||||
alias_same=0
|
||||
given_class=inetOrgPerson
|
||||
person=1
|
||||
|
||||
@ -15,3 +15,4 @@ secmode=0
|
||||
samba_gclass=sambaGroup
|
||||
alias_same=0
|
||||
given_class=inetOrgPerson
|
||||
person=1
|
||||
|
||||
@ -15,3 +15,4 @@ secmode=0
|
||||
samba_gclass=sambaGroup
|
||||
alias_same=0
|
||||
other_class=inetOrgPerson
|
||||
person=1
|
||||
|
||||
@ -21,3 +21,4 @@ secmode=0
|
||||
samba_gclass=sambaGroup
|
||||
alias_same=0
|
||||
given_class=inetOrgPerson
|
||||
person=1
|
||||
|
||||
@ -16,3 +16,4 @@ secmode=0
|
||||
samba_gclass=sambaGroup
|
||||
alias_same=0
|
||||
given_class=inetOrgPerson
|
||||
person=1
|
||||
|
||||
@ -15,3 +15,4 @@ secmode=0
|
||||
samba_gclass=sambaGroup
|
||||
alias_same=0
|
||||
given_class=inetOrgPerson
|
||||
person=1
|
||||
|
||||
@ -15,3 +15,4 @@ secmode=0
|
||||
samba_gclass=sambaGroup
|
||||
alias_same=0
|
||||
given_class=inetOrgPerson
|
||||
person=1
|
||||
|
||||
@ -15,3 +15,4 @@ secmode=0
|
||||
samba_gclass=sambaGroup
|
||||
alias_same=0
|
||||
given_class=inetOrgPerson
|
||||
person=1
|
||||
|
||||
@ -15,3 +15,4 @@ secmode=0
|
||||
samba_gclass=sambaGroup
|
||||
alias_same=0
|
||||
given_class=inetOrgPerson
|
||||
person=1
|
||||
|
||||
@ -15,3 +15,4 @@ secmode=0
|
||||
samba_gclass=sambaGroup
|
||||
alias_same=0
|
||||
given_class=inetOrgPerson
|
||||
person=1
|
||||
|
||||
@ -15,3 +15,4 @@ secmode=0
|
||||
samba_gclass=sambaGroup
|
||||
alias_same=0
|
||||
given_class=inetOrgPerson
|
||||
person=1
|
||||
|
||||
@ -22,6 +22,7 @@ group_mod_props=LDAP properties for modified groups<br>(In <i>fieldname</i>: <i>
|
||||
group_fields=Extra LDAP group properties to allow editing of<br>(In <i>fieldname</i> <i>description</i> format),9,40,3,\t
|
||||
multi_fields=Allow multiple values for extra properties?,1,1-Yes,0-No
|
||||
noclash=Attributes for which duplicates are disallowed,0
|
||||
person=Give all Unix users the <tt>person</tt> object class?,1,1-Yes,0-No
|
||||
|
||||
line5=Home directory options,11
|
||||
homedir_perms=Permissions on new home directories,3,From Users and Groups module
|
||||
|
||||
@ -245,11 +245,18 @@ $_[0]->{'dn'} = "uid=$_[0]->{'user'},$base";
|
||||
local @classes = ( "posixAccount", "shadowAccount",
|
||||
split(/\s+/, $config{'other_class'}),
|
||||
@{$_[0]->{'ldap_class'}} );
|
||||
if ($schema->objectclass("person") && $config{'person'}) {
|
||||
push(@classes, "person");
|
||||
}
|
||||
@classes = &unique(@classes);
|
||||
local @attrs = &user_to_dn($_[0]);
|
||||
push(@attrs, &split_props($config{'props'}, $_[0]));
|
||||
push(@attrs, @{$_[0]->{'ldap_attrs'}});
|
||||
push(@attrs, "objectClass" => \@classes);
|
||||
if (&indexoflc("person", @classes) >= 0 && !&in_props(\@attrs, "sn")) {
|
||||
# Person needs 'sn'
|
||||
push(@attrs, "sn", &in_props(\@attrs, "cn"));
|
||||
}
|
||||
local $rv = $ldap->add($_[0]->{'dn'}, attr => \@attrs);
|
||||
if ($rv->code) {
|
||||
&error(&text('usave_eadd', $rv->error));
|
||||
@ -1205,5 +1212,18 @@ $string =~ s/
|
||||
return $string;
|
||||
}
|
||||
|
||||
# in_props(&props, name)
|
||||
# Looks up the value of a named property in a list
|
||||
sub in_props
|
||||
{
|
||||
local ($props, $name) = @_;
|
||||
for(my $i=0; $i<@$props; $i++) {
|
||||
if (lc($props->[$i]) eq lc($name)) {
|
||||
return $props->[$i+1];
|
||||
}
|
||||
}
|
||||
return undef;
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
|
||||
@ -345,6 +345,9 @@ else {
|
||||
|
||||
# Add to the ldap database
|
||||
@classes = ( "posixAccount", "shadowAccount" );
|
||||
if ($schema->objectclass("person") && $config{'person'}) {
|
||||
push(@classes, "person");
|
||||
}
|
||||
|
||||
push(@classes, split(/\s+/, $config{'other_class'}));
|
||||
push(@classes, $samba_class) if ($in{'samba'});
|
||||
@ -353,8 +356,7 @@ else {
|
||||
@classes = &unique(@classes);
|
||||
$base = &get_user_base();
|
||||
$newdn = "uid=$user,$base";
|
||||
$rv = $ldap->add($newdn, attr =>
|
||||
[ "cn" => $real,
|
||||
@allprops = ( "cn" => $real,
|
||||
"uid" => \@users,
|
||||
"uidNumber" => $uid,
|
||||
"loginShell" => $shell,
|
||||
@ -362,7 +364,13 @@ else {
|
||||
"gidNumber" => $gid,
|
||||
"userPassword" => $pass,
|
||||
"objectClass" => \@classes,
|
||||
@props ]);
|
||||
@props );
|
||||
if (&indexoflc("person", @classes) >= 0 &&
|
||||
!&in_props(\@allprops, "sn")) {
|
||||
# Person needs an 'sn' too
|
||||
push(@allprops, "sn", $real);
|
||||
}
|
||||
$rv = $ldap->add($newdn, attr => \@allprops);
|
||||
if ($rv->code) {
|
||||
&error(&text('usave_eadd', $rv->error));
|
||||
}
|
||||
@ -511,25 +519,30 @@ else {
|
||||
else {
|
||||
@cyrus_class_4 = split(' ',$cyrus_class);
|
||||
foreach $one_cyrus_class (@cyrus_class_4) {
|
||||
@classes = grep { $_ ne $one_cyrus_class } @classes;
|
||||
@classes = grep { $_ ne $one_cyrus_class }
|
||||
@classes;
|
||||
}
|
||||
|
||||
}
|
||||
push(@classes, "shadowAccount") if ($shadow);
|
||||
&name_fields();
|
||||
@classes = &unique(@classes);
|
||||
@rprops = grep { defined($uinfo->get_value($_)) } @rprops;
|
||||
$newdn = $in{'dn'};
|
||||
$rv = $ldap->modify($in{'dn'}, replace =>
|
||||
{ "cn" => $real,
|
||||
%allprops = ( "cn" => $real,
|
||||
"uid" => \@users,
|
||||
"uidNumber" => $uid,
|
||||
"loginShell" => $shell,
|
||||
"homeDirectory" => $home,
|
||||
"gidNumber" => $gid,
|
||||
"userPassword" => $pass,
|
||||
"objectClass" => [ &unique(@classes) ],
|
||||
@props },
|
||||
"objectClass" => \@classes,
|
||||
@props );
|
||||
if (&indexoflc("person", @classes) >= 0 &&
|
||||
!$allprops{'sn'}) {
|
||||
# Person needs 'sn'
|
||||
$allprops{'sn'} = $real;
|
||||
}
|
||||
$rv = $ldap->modify($in{'dn'}, 'replace' => \%allprops,
|
||||
'delete' => \@rprops);
|
||||
if ($rv->code) {
|
||||
&error(&text('usave_emod', $rv->error));
|
||||
|
||||
Reference in New Issue
Block a user