diff options
Diffstat (limited to 'ldap_wizard/ldap.pm')
| -rw-r--r-- | ldap_wizard/ldap.pm | 399 |
1 files changed, 223 insertions, 176 deletions
diff --git a/ldap_wizard/ldap.pm b/ldap_wizard/ldap.pm index 4f11dd8d..0daa584e 100644 --- a/ldap_wizard/ldap.pm +++ b/ldap_wizard/ldap.pm @@ -3,11 +3,11 @@ # GPL like # aginies@mandrakesoft.com -package MDK::Wizard::ldap; +package MDK::Wizard::Ldap; use lib qw(/usr/lib/libDrakX); use ugtk2; use strict; -use fcldap; +use ldapdef; use common; use standalone; use MDK::Wizard::Varspaceval; @@ -19,155 +19,172 @@ require Net::LDAP; # die "You are not root Exiting\n"; #} -my $DC = get_dc(); -my $wiz = new MDK::Wizard::Wizcommon; -my $LDAPCONF = "/etc/openldap/slapd.conf"; -my $HOME = "/home/"; -my $IP = "192.168.100.169"; my $o = { - name => 'LDAP Configuration Wizard', +name => 'Add POSIX account', var => { - defou => 'People', - dom => 'toto.com', - rootdse => 'toto.com', - rootdn => 'manager', - rootpass => 'secret', - cn => '', - sn=> '', - uid => '', - uidpass => '', - lshell => '/bin/bash', - home => '/home/', - uidnb => '', - guinb => '', - container => '', - objectclass => 'top,account,posixaccount', - shadowmax => '99999', - shadowmin => '-1', - shadowina => '-1', - shadowina => '-1', + defou => 'ou=Users', + srv => '', + dom => 'mandrakesoft.com', + suffix => '', + rootdn => '', + rootpass => '', + rootpass2 => '', + cn => '', + sn => '', + uid => '', + uidpass => '', + lshell => '/bin/bash', + home => '/home/', + uidnb => '1004', + gidnb => '1004', + container => 'container', + objectclass => 'top,account,posixaccount', + shadowmax => '99999', + shadowmin => '-1', + plop => '', + tmp => '', + nom => '', + prenom => '', }, - needed_rpm => [ 'openldap-servers', 'openldap-clients' ], - defaultimage => "/usr/share/wizards/dns_wizard/images/DNS.png" - }; -use Data::Dumper; print Dumper($o->{var}); + needed_rpm => [ 'squid' ], + defaultimage => "/usr/share/wizards/proxy_wizard/images/proxy.png" +}; + + + +my $ldap_suffix=join(',dc=',split(/\./,`hostname -f`)); +$ldap_suffix=~ s/[^,]*,//; +my $conf_file = "/etc/sysconfig/ldapconf"; +my $LDAPCONF = "/etc/openldap/slapd.conf"; + +##### Read conf file is exist + +my $hostname = `hostname`; +$o->{var}{srv} = $hostname; + + if (-f $conf_file) { + + my %conf = getVarsFromSh($conf_file); + $o->{var}{suffix}= "$conf{suffix}"; + $o->{var}{rootdn}= "$conf{rootdn}"; + $o->{var}{rootpass}= "$conf{rootpass}"; + $o->{var}{srv}= "$conf{srv}"; + $o->{var}{defou}= "$conf{users}"; + +} else { + + my $hostname = `hostname`; + $o->{var}{srv} = $hostname; + $o->{var}{suffix} = $ldap_suffix; + +} my %level = ( 1 => N("Server - Set configuration of LDAP server"), - 2 => N("Add - add entry in LDAP server"), + 2 => N("Add - Add user in LDAP server"), ); my $cn; $o->{pages} = { - welcome => { - name => N("LDAP configuration wizard") . "\n\n" . N("Setup a ldap server."), - no_back => 1, - pre => sub { - $o->{var}{wiz_level} ||= 1; - }, - post => sub { - if ($o->{var}{wiz_level} == 2) { - return 'add_userposix'; - } - }, - data => [ - { - label => N("which operation on LDAP:"), val => \$o->{var}{wiz_level}, list => [ keys %level ], format => sub { $level{$_[0]} } }, - ], - next => 'setldap', - }, + welcome => { + name => N("LDAP configuration wizard") . "\n\n" . N("Setup a ldap server."), + no_back => 1, + pre => sub { + $o->{var}{wiz_level} ||= 1; + }, + post => sub { + if ($o->{var}{wiz_level} == 2) { + return 'add_userposix'; + } + }, + data => [ + { + label => N("Votre choix "). "\n\n" , val => \$o->{var}{wiz_level}, type => 'list', list => [ keys %level ], format => sub { $level{$_[0]} } }, + ], + next => 'set_srv', + }, add_userposix => { - name => N("Add data in LDAP") . "\n\n" . N("uid, gid, home directory, "), - data => [ - { label => N("First Name:"), val => \$o->{var}{cn} }, - { label => N("Last Name:"), val => \$o->{var}{sn} }, - { label => N("User Name:"), val => \$o->{var}{uid} }, - { label => N("Password:"), val => \$o->{var}{uidpass} }, - { label => N("Home Directory:"), val => \$o->{var}{home} }, - { label => N("Login shell:"), val => \$o->{var}{lshell} }, - { label => N("uid number:"), val => \$o->{var}{uidnb} }, - { label => N("Group ID:"), val => \$o->{var}{guidnb} }, - ], - post => \&test_add, - next => 'summaryadd', - }, - setldap => { - name => N("LDAP RootDSE - -example: -obelx.nux.com - -will be in ldap config: - -dc=obelx,dc=nux,dc=com - -RootDN is the manager of your ldap server."), - data => [ - { - label => N("RootDSE"), val => \$o->{var}{rootdse} }, - { - label => N("RootDN"), val => \$o->{var}{rootdn} }, - { - label => N("Password"), val => \$o->{var}{rootpass} }, - { - label => N("Default OU"), val => \$o->{var}{defou} }, - ], - post => \&test_set, - next => 'summaryset', - }, - summaryadd => { - name => N("Ok Now add entry in LDAP"), - data => [ - { label => N("First Name:"), fixed_val => \$o->{var}{cn2} }, - { label => N("Last Name:"), fixed_val => \$o->{var}{sn2} }, - { label => N("User Name:"), fixed_val => \$o->{var}{uid2} }, - { label => N("Password:"), fixed_val => \$o->{var}{uidpass} }, - { label => N("Home directory:"), fixed_val => \$o->{var}{home} }, - { label => N("Login shell:"), fixed_val => \$o->{var}{lshell} }, - { label => N("uid number:"), fixed_val => \$o->{var}{uidnb} }, - { label => N("Group ID:"), fixed_val => \$o->{var}{guidnb} }, - { label => N("Container:"), fixed_val => \$o->{var}{container} }, - { label => N("shadowMax:"), fixed_val => \$o->{var}{shadowmax} }, - { label => N("shadowMin:"), fixed_val => \$o->{var}{shadowmin} }, - { label => N("shadowWarning:"), fixed_val => \$o->{var}{shadowina} }, - { label => N("shadowInactive:"), fixed_val => \$o->{var}{shadowina} }, - { label => N("shadowExpire:"), fixed_val => \$o->{var}{shadowexpire} }, - { label => N("objectClass:"), fixed_val => \$o->{var}{objectclass} }, - ], - post => \&do_it_add, - next => 'endadd', - }, - summaryset => { - name => N("Ok Now building your LDAP configuration") . "\n\n" . N("with this configuration:"), - data => [ - { - label => N("RootDSE"), fixed_val => \$o->{var}{rootdse} }, - { - label => N("RootDN"), fixed_val => \$o->{var}{rootdn} }, - ], - post => \&do_it_setldap, - next => 'end' - }, - error_homedir => { - name => N("Error in Home directory"), - next => 'add_userposix', - }, - error_pass => { - name => N("Error, pass could not be empty"), - next => 'setldap', + name => N("Ldap User Add") . "\n\n" . N("Bla Bla Bla ") . "\n\n" . N("User Create in : ") . $o->{var}{defou} . "," . $o->{var}{suffix} . "\n\n", + data => [ + { label => N("Nom :"), val => \$o->{var}{sn} }, + { label => N("Prenom :"), val => \$o->{var}{cn} }, + { label => N("Nom de Login:"), val => \$o->{var}{uid} }, + ], + next => 'password' + }, + password => { + name => N("Ldap User Password") . "\n\n" . N("Bla Bla Bla ") . "\n\n" . N("Password for Users : ") . $o->{var}{cn} . $o->{var}{defou} . "," . $o->{var}{suffix} . "\n\n", + data => [ + { label => N("Mot de pass):"), val => \$o->{var}{uidpass}, hidden => 1 }, + { label => N("Confirmer le mot de pass:"), val => \$o->{var}{uidpass2}, hidden => 1 }, + ], + complete => sub { + if (not ($o->{var}{uidpass})) + { + $::in->ask_warn("Erreur", "Il faut entrer un mot de passe pour Ldap."); + return 1; + } + if (not ($o->{var}{uidpass} eq $o->{var}{uidpass2})) + { + $::in->ask_warn("Erreur", "Les mots de passe ne correspondent pas."); + return 1; + } + }, + + next => 'summary_add_user' + }, + + set_srv => { + name => "Configuration de Ldap\n\n", + data => [ + { label => "Suffixe LDAP", val => \$o->{var}{suffix} }, + { label => "Administrateur Ldap", val => \$o->{var}{rootdn} }, + { label => "Mot de passe LDAP", hidden => 1, val => \$o->{var}{rootpass} }, + { label => "Vérification du mot de passe LDAP", hidden => 1, val => \$o->{var}{rootpass2} }, + ], + complete => sub { + if (not ($o->{var}{suffix})) + { + $::in->ask_warn("Erreur", "Il faut indiquer un suffixe Ldap."); + return 1; + } + if (not ($o->{var}{rootpass})) + { + $::in->ask_warn("Erreur", "Il faut entrer un mot de passe pour Ldap."); + return 1; + } + if (not ($o->{var}{rootpass} eq $o->{var}{rootpass2})) + { + $::in->ask_warn("Erreur", "Les mots de passe ne correspondent pas."); + return 1; + } + }, + next => 'summary_set_srv', + + }, + summary_add_user => { + name => N("Confirmation de l'utilisateur a creer ") . "\n\n", + data => [ + { label => N("Nom : "), type => 'field', fixed_val => \$o->{var}{sn} }, + { label => N("Prenom : "), type => 'field', fixed_val => \$o->{var}{cn} }, + { label => N("Nom de login: "), type => 'field', fixed_val => \$o->{var}{uid} }, + { label => N("Utilisteur : "), type => 'field', fixed_val => $o->{var}{cn} }, + ], + post => \&do_it_user_add, + next => 'endadd' }, - error_shell => { - name => N("Error in Login shell") . "\n\n" . N("Please choose a correct one"), - next => 'add_userposix', - }, - error_nb => { - name => N("Error") . "\n\n" . N("Please Should be a number"), - next => 'add_userposix', - }, + summary_set_srv => { + name => N("Confirmation de l'utilisateur a creer ") . "\n\n", + data => [ + { label => N("Suffixe LDAP : "), type => 'field', val => $o->{var}{suffix} }, + ], + post => \&do_it_setldap, + next => 'end' + }, end => { name => N("Congratulations"), data => [ { label => N("The wizard successfully configured the LDAP.") } ], @@ -176,92 +193,122 @@ RootDN is the manager of your ldap server."), next => 0 }, endadd => { - name => N("Successfully added data"), - data => [ { label => N("The wizard successfully added an entry in ldap") } ], + name => N("Successfully added User"), + data => [ { label => N("The wizard successfully added an user in ldap") } ], no_back => 1, end => 1, next => 0, }, }; -sub rootdse_to_dc { - my ($data) = @_; - my @t = split(/\./, $data); - $o->{var}{dom} = $t[0]; - my $dcall = join( ',dc=', split(/\./, $data)); - return $dcall; -} - - -sub test_set { - $o->{var}{rootpass} or return 'error_pass'; - } - -sub get_dc { - my $DC = "dc=test,dc=com"; - return $DC; -} - sub do_it_setldap { if (!-f $LDAPCONF) { die "no $LDAPCONF found"}; cp_af($LDAPCONF, $LDAPCONF . '.save'); if (!-f "$LDAPCONF.example") { cp_af($LDAPCONF, $LDAPCONF . '.example') }; cp_af($LDAPCONF . '.example', $LDAPCONF); - my $dcall = rootdse_to_dc($o->{var}{rootdse}); - print "$dcall\n"; + print "$o->{var}{suffix}\n"; # set suffix if (any { /^suffix/ } cat_($LDAPCONF)) { substInFile { - s/suffix.*/suffix\t\"dc=$dcall\"/; + s/suffix.*/suffix\t\"$o->{var}{suffix}\"/; } $LDAPCONF; } else { - append_to_file($LDAPCONF, "suffix\t\"dc=$dcall\""); + append_to_file($LDAPCONF, "suffix\t\"$o->{var}{suffix}\""); } # s/example/$dcall substInFile { - s/example/dc=$dcall/g; + s/example/$o->{var}{suffix}/g; } $LDAPCONF; # set rootdn if (any { /^rootdn/ } cat_($LDAPCONF)) { substInFile { - s/rootdn.*/rootdn\t\"cn=$o->{var}{rootdn},dc=$dcall\"/; + s/rootdn.*/rootdn\t\"cn=$o->{var}{rootdn},$o->{var}{suffix}\"/; } $LDAPCONF; } else { - append_to_file($LDAPCONF, "rootdn\t\"$o->{var}{rootdn},dc=$dcall\""); + append_to_file($LDAPCONF, "rootdn\t\"$o->{var}{rootdn},$o->{var}{suffix}\""); } # set rootpass my $cryptpass = crypt($o->{var}{rootpass}, "crypt"); if (any { /^rootpw/ } cat_($LDAPCONF)) { substInFile { - s/rootpw.*/rootpw $cryptpass/; + #s/rootpw.*/rootpw $cryptpass/; + s/rootpw.*/rootpw $o->{var}{rootpass}/; } $LDAPCONF; }else { - append_to_file($LDAPCONF, "rootpw {CRYPT}$cryptpass"); + #append_to_file($LDAPCONF, "rootpw {CRYPT}$cryptpass"); + append_to_file($LDAPCONF, "rootpw $o->{var}{rootpass}"); } + +# create config file in /etc/sysconfig/ldapconf + +output($conf_file, <<EOF); +server=$o->{var}{srv} +suffix=$o->{var}{suffix} +rootdn=$o->{var}{rootdn} +rootpass=$o->{var}{rootpass} +rootpass=$o->{var}{rootpass} +users=$o->{var}{defou} +EOF + # reset premisions system("chown -R root.ldap /etc/openldap"); system("service ldap restart"); - $o->{var}{rootdse} = "dc=$dcall"; - create_rootdse($o); + init_ldap(); } -sub test_add { -# -d $o->{var}{HOME} . "/" . $o->{var}{uid} or return 'error_homedir'; - $o->{var}{uidnb} =~ /\d*/ or return 'error_nb'; - $o->{var}{Guidnb} =~ /\d*/ or return 'error_nb'; - -f $o->{var}{lshell} or return 'error_shell'; + +sub init_ldap { +my $root_cn=(split(/\=/,(split(/,/,$o->{var}{rootdn}))[0]))[1]; +my $ldap_dc=(split(/\=/,(split(/,/,$o->{var}{suffix}))[0]))[1]; + +open(LDAP,"| ldapadd -x -D 'cn=$o->{var}{rootdn},$o->{var}{suffix}' -w $o->{var}{rootpass}"); + +print LDAP << "RootLdif"; +dn: $o->{var}{suffix} +dc: $ldap_dc +objectClass: dcObject +objectClass: organization +o: Company + +dn: cn=$o->{var}{rootdn},$o->{var}{suffix} +objectClass: organizationalRole +cn: $o->{var}{rootdn} + +dn: ou=Hosts,$o->{var}{suffix} +ou: Hosts +description: OU Hosts +objectClass: top +objectClass: organizationalUnit + +dn: ou=People,$o->{var}{suffix} +ou: People +description: OU People +objectClass: top +objectClass: organizationalUnit + +dn: ou=Group,$o->{var}{suffix} +ou: Group +description: OU Group +objectClass: top +objectClass: organizationalUnit + + +RootLdif + +close(LDAP) } -sub do_it_add { + + + +sub do_it_user_add { return if $::testing; - my $dcall = rootdse_to_dc($o->{var}{rootdse}); - $o->{var}{rootdse} = "dc=$dcall"; - $o->{var}{rootpass} = "secret"; - add_user_posix($o); + my $ldap = ldap_connect($o); + add_user($o); } sub new { |