summaryrefslogtreecommitdiffstats
path: root/ldap_wizard
diff options
context:
space:
mode:
Diffstat (limited to 'ldap_wizard')
-rw-r--r--ldap_wizard/Ldap.pm291
1 files changed, 135 insertions, 156 deletions
diff --git a/ldap_wizard/Ldap.pm b/ldap_wizard/Ldap.pm
index 9b1aec1d..0a0eb762 100644
--- a/ldap_wizard/Ldap.pm
+++ b/ldap_wizard/Ldap.pm
@@ -19,7 +19,6 @@ require Net::LDAP;
use Net::LDAP::Util qw(ldap_error_text);
-
#unless ($> == 0) {
# die "You are not root Exiting\n";
#}
@@ -54,20 +53,13 @@ my $o = {
nom => '',
prenom => '',
},
- needed_rpm => [ 'openldap-servers','openldap-clients','nss_ldap' ],
- defaultimage => "$ENV{__WIZ_HOME__}ldap_wizard/images/ldap.png",
- init => sub {
- if ($wiz_host_name =~ /localhost/) {
- return 0, N("You need to readjust your hostname.")
- }
- if (member($wiz_domain_name, qw(localdomain (none)))) {
- return 0, N("You need to readjust your domainname. For an LDAP server you need a correct domainname, not equal to localdomain or none. Hostname must be a FQDN: Fully Qualified Domain Name. Launch drakconnect to adjust it.")
- }
- 1
- },
+ needed_rpm => [ 'openldap-servers', 'openldap-clients', 'nss_ldap' ],
+ defaultimage => "$ENV{__WIZ_HOME__}ldap_wizard/images/ldap.png",
+ init => sub {
+ test_host_domain($wiz_host_name, $wiz_domain_name);
+ }
};
-
my $wiz = new MDK::Wizard::Wizcommon;
my $wiz_domain_name = $wiz->{net}->network_get("DOMAINNAME");
my $wiz_host_name = $wiz->{net}->network_get("HOSTNAME");
@@ -104,80 +96,72 @@ my %level = (
$o->{pages} = {
welcome => {
name => N("Ldap configuration wizard") . "\n\n" . N("LDAP stands for Lightweight Directory Access Protocol.") . "\n\n" . N("It is a lightweight protocol for accessing directory services, specifically X.500-based directory services."),
- no_back => 1,
- post => sub {
- ! -f $conf_file and 'set_srv';
- },
-
- next => 'ask_menu'
- },
-
- ask_menu => {
- name => N("Ldap configuration wizard"),
- no_back => 1,
-
- pre => sub {
- $o->{var}{wiz_level} ||= 1;
- },
- post => sub {
- if ($o->{var}{wiz_level} == 2) {
- ! -f $conf_file and $::in->ask_warn(N("Error"), N("You must setup an Ldap server first.")) and return 'set_srv';
- return 'add_userposix';
- }
-
-
- if ($o->{var}{wiz_level} == 1) {
- -f $conf_file and return 'resume';
- }
- if ($o->{var}{wiz_level} == 3) {
- ! -f $conf_file and $::in->ask_warn(N("Error"), N("You must setup an Ldap server first.")) and return 'set_srv';
- return 'del_conf';
- }
- },
-
- data => [
- { label => " " },
- { label => N("Your choice:") . "\n\n", val => \$o->{var}{wiz_level}, type => 'list', list => [ keys %level ], format => sub { $level{$_[0]} } },
- ],
- next => 'set_srv',
- },
-
- del_conf => {
- name => N("Delete configuration") . "\n\n" . N("Saving existing base in /root/ldap-sav.ldiff"),
- post => \&sav_conf,
- next => 'welcome'
- },
+ no_back => 1,
+ post => sub {
+ ! -f $conf_file and 'set_srv';
+ },
+ next => 'ask_menu',
+ },
+ ask_menu => {
+ name => N("Ldap configuration wizard"),
+ no_back => 1,
+ pre => sub {
+ $o->{var}{wiz_level} ||= 1;
+ },
+ post => sub {
+ if ($o->{var}{wiz_level} == 2) {
+ ! -f $conf_file and $::in->ask_warn(N("Error"), N("You must setup an Ldap server first.")) and return 'set_srv';
+ return 'add_userposix';
+ }
+ if ($o->{var}{wiz_level} == 1) {
+ -f $conf_file and return 'resume';
+ }
+ if ($o->{var}{wiz_level} == 3) {
+ ! -f $conf_file and $::in->ask_warn(N("Error"), N("You must setup an Ldap server first.")) and return 'set_srv';
+ return 'del_conf';
+ }
+ },
+ data => [
+ { label => " " },
+ { label => N("Your choice:") . "\n\n", val => \$o->{var}{wiz_level}, type => 'list', list => [ keys %level ], format => sub { $level{$_[0]} } },
+ ],
+ next => 'set_srv',
+ },
+ del_conf => {
+ name => N("Delete configuration") . "\n\n" . N("Saving existing base in /root/ldap-sav.ldiff"),
+ post => \&sav_conf,
+ next => 'welcome',
+ },
add_userposix => {
name => N("LDAP Adding User") . "\n\n" ,
data => [
- { label => " " },
- { label => N("User Created in: " . $o->{var}{defou} . ", " . $o->{var}{suffix})},
- { label => " " },
- { label => N("First Name:"), val => \$o->{var}{sn}, help => "aide p" },
- { label => N("Name:"), val => \$o->{var}{cn}, help => "aide p" },
- { label => N("User Login:"), val => \$o->{var}{uid}, help => "aide p" },
+ { label => " " },
+ { label => N("User Created in: %s, %s", $o->{var}{defou}, $o->{var}{suffix}) },
+ { label => " " },
+ { label => N("First Name:"), val => \$o->{var}{sn}, help => "aide p" },
+ { label => N("Name:"), val => \$o->{var}{cn}, help => "aide p" },
+ { label => N("User Login:"), val => \$o->{var}{uid}, help =>"aide p" },
],
complete => sub {
if (!$o->{var}{sn}) {
$::in->ask_warn(N("Error"), N("You must enter a valid First Name."));
return 1;
- }
- if (!$o->{var}{cn}) {
- $::in->ask_warn(N("Error"), N("You must enter a valid Name."));
- return 1;
- }
- if (!$o->{var}{uid}) {
- $::in->ask_warn(N("Error"), N("You must enter a valid User Name."));
- return 1;
- }
+ }
+ if (!$o->{var}{cn}) {
+ $::in->ask_warn(N("Error"), N("You must enter a valid Name."));
+ return 1;
+ }
+ if (!$o->{var}{uid}) {
+ $::in->ask_warn(N("Error"), N("You must enter a valid User Name."));
+ return 1;
+ }
},
-
- next => 'password'
+ next => 'password',
},
password => {
name => N("LDAP User Password"),
data => [
- { label => " " },
+ { label => " " },
{ label => N("Password:"), val => \$o->{var}{uidpass}, hidden => 1, help => N("passwords must match") },
{ label => N("Password (again):"), val => \$o->{var}{uidpass2}, hidden => 1, help => N("passwords must match") },
],
@@ -188,112 +172,108 @@ $o->{pages} = {
}
if ($o->{var}{uidpass} ne $o->{var}{uidpass2}) {
$::in->ask_warn(N("Error"), N("The passwords do not match"));
- return 1;
+ return 1;
}
},
- next => 'summary_add_user'
+ next => 'summary_add_user',
},
set_srv => {
- name => "\n". N("Configuring LDAP Server") ."\n\n" . N("LDAP directory tree") . "\n" . N("The DNS naming is used for LDAP directory tree definition") . "\n" . N("Domain name: ") . $wiz_domain_name . "\n" . ("LDAP Diretory Tree: " . $o->{var}{suffix} ) . "\n\n" . N("LDAP Administrator") . "\n" . N("Administrator is a power user with grant access on LDAP database") . "\n" . "cn=".N("Administrator").",".$o->{var}{suffix} . "\n\n",
+ name => N("Configuring LDAP Server") . "\n\n" . N("LDAP directory tree") . "\n" . N("The DNS naming is used for LDAP directory tree definition") . "\n" . N("Domain name: %s", $wiz_domain_name) . "\n" . ("LDAP Diretory Tree: %s", $o->{var}{suffix}) . "\n\n" . N("LDAP Administrator") . "\n" . N("Administrator is a power user with grant access on LDAP database") . "\n" . "cn=" . N("Administrator,%s", $o->{var}{suffix}) . "\n\n",
data => [
- { label => " " },
- { label => N("LDAP directory tree:"), val => \$o->{var}{suffix}, help => "aide p" },
- { label => N("LDAP Administrator:"), val => \$o->{var}{rootdn}, help => "aide p" },
- { label => N("LDAP Password:"), hidden => 1, val => \$o->{var}{rootpass}, help => "aide p" },
- { label => N("LDAP Password (again):"), hidden => 1, val => \$o->{var}{rootpass2}, help => "aide p" },
+ { label => " " },
+ { label => N("LDAP directory tree:"), val => \$o->{var}{suffix}, help => "aide p" },
+ { label => N("LDAP Administrator:"), val => \$o->{var}{rootdn}, help => "aide p" },
+ { label => N("LDAP Password:"), hidden => 1, val => \$o->{var}{rootpass}, help => "aide p" },
+ { label => N("LDAP Password (again):"), hidden => 1, val => \$o->{var}{rootpass2}, help => "aide p" },
],
pre => sub {
- $o->{var}{rootdn} = "cn=".N("Administrator").",".$o->{var}{suffix};
+ $o->{var}{rootdn} = "cn=" . N("Administrator,%s", $o->{var}{suffix});
},
complete => sub {
-
if (!$o->{var}{suffix} || $o->{var}{suffix} !~ /dc/) {
$::in->ask_warn(N("Error"), N("You must enter a valid LDAP directory tree."));
return 1;
- }
+ }
if (!$o->{var}{rootpass}) {
$::in->ask_warn(N("Error"), N("You must enter a password for LDAP."));
return 1;
- }
+ }
if ($o->{var}{rootpass} ne $o->{var}{rootpass2}) {
$::in->ask_warn(N("Error"), N("The passwords do not match"));
return 1;
}
#$o->{var}{rootdn} = "cn=".$rootdn_cn.$o->{var}{suffix},
},
- next => 'summary_set_srv'
+ next => 'summary_set_srv',
},
summary_add_user => {
name => N("Confirmation of the user to create"),
data => [
- { label => " " },
- { label => N("Name:"), type => 'field', fixed_val => \$o->{var}{sn} },
- { label => N("First name:"), type => 'field', fixed_val => \$o->{var}{cn} },
- { label => N("User Name:"), type => 'field', fixed_val => \$o->{var}{uid} },
- { label => N("Create in:"), type => 'field', fixed_val => \$o->{var}{defou} }, #. \$o->{var}{suffix} },
+ { label => " " },
+ { label => N("Name:"), type => 'field', fixed_val => \$o->{var}{sn} },
+ { label => N("First name:"), type => 'field', fixed_val => \$o->{var}{cn} },
+ { label => N("User Name:"), type => 'field', fixed_val => \$o->{var}{uid} },
+ { label => N("Create in:"), type => 'field', fixed_val => \$o->{var}{defou} }, #. \$o->{var}{suffix} },
],
post => \&do_it_user_add,
- next => $o->{var}{useraddisnogood}
+ next => $o->{var}{useraddisnogood},
},
summary_set_srv => {
name => N("Confirmation Information for create an LDAP server"),
data => [
- { label => " " },
+ { label => " " },
{ label => N("LDAP directory tree:"), type => 'field', fixed_val => \$o->{var}{suffix} },
{ label => N("LDAP Administrator:"), type => 'field', fixed_val => \$o->{var}{rootdn} },
{ label => N("Users Container:"), type => 'field', fixed_val => \$o->{var}{defou} },
],
post => \&do_it_setldap,
- next => 'end'
+ next => 'end',
},
end => {
name => N("Congratulations"),
- data => [
- { label => " " },
- { label => N("The wizard successfully configured the LDAP.") } ],
+ data => [
+ {
+ label => " " },
+ {
+ label => N("The wizard successfully configured the LDAP.") } ],
no_back => 1,
end => 1,
- next => 0
+ next => 0,
},
-
- add_user_good => {
- name => N("Successfully added User"),
- data => [
- { label => " " },
- { label => "\n",fixed_val => \$o->{var}{error_user_add} }
- ],
- no_back => '1',
- next => 'ask_menu',
- },
-
+ add_user_good => {
+ name => N("Successfully added User"),
+ data => [
+ { label => " " },
+ { label => "\n" , fixed_val => \$o->{var}{error_user_add} },
+ ],
+ no_back => '1',
+ next => 'ask_menu',
+ },
add_user_nogood => {
- name => N("Error when adding user in Ldap database"),
- data => [
- { label => " " },
- { label => "\n",fixed_val => \$o->{var}{error_user_add} }
- ],
- no_back => '1',
- next => 'add_userposix',
- },
-
-
-
-
+ name => N("Error when adding user in Ldap database"),
+ data => [
+ { label => " " },
+ { label => "\n" , fixed_val => \$o->{var}{error_user_add} },
+ ],
+ no_back => '1',
+ next => 'add_userposix',
+ },
resume => {
- name => N("Server already configured") . "\n\n" . N("You have already configured your Ldap Server") ,
- post => sub {
- my $container_ou = $o->{var}{wiz_level}.",".$o->{var}{suffix};
- },
- data => [ { label => " " } ,
- { label => N("LDAP directory tree:"), type => 'field', fixed_val => \$o->{var}{suffix} },
- { label => N("LDAP Administrator:"), type => 'field', fixed_val => \$o->{var}{rootdn} },
- { label => N("Users Container:"), type => 'field', fixed_val => \$o->{var}{defou} },
- ],
- no_back => '1',
- next => 'ask_menu',
- },
+ name => N("Server already configured") . "\n\n" . N("You have already configured your Ldap Server") ,
+ post => sub {
+ my $container_ou = $o->{var}{wiz_level} . "," . $o->{var}{suffix};
+ },
+ data => [ { label => " " } ,
+ { label => N("LDAP directory tree:"), type => 'field', fixed_val => \$o->{var}{suffix} },
+ { label => N("LDAP Administrator:"), type => 'field', fixed_val => \$o->{var}{rootdn} },
+ { label => N("Users Container:"), type => 'field', fixed_val => \$o->{var}{defou} },
+ ],
+ no_back => '1',
+ next => 'ask_menu',
+ },
};
+
sub do_it_setldap {
return if $::testing;
if (!-f $LDAPCONF) {
@@ -331,24 +311,24 @@ sub do_it_setldap {
my $_cryptpass = crypt($o->{var}{rootpass}, "crypt");
if (any { /^rootpw/ } cat_($LDAPCONF)) {
substInFile {
- #s/rootpw.*/rootpw $cryptpass/;
+ #s/rootpw.*/rootpw $cryptpass/;
s/rootpw.*/rootpw $o->{var}{rootpass}/;
} $LDAPCONF;
} else {
- #append_to_file($LDAPCONF, "rootpw {CRYPT}$cryptpass");
+ #append_to_file($LDAPCONF, "rootpw {CRYPT}$cryptpass");
append_to_file($LDAPCONF, "rootpw $o->{var}{rootpass}");
}
# Modify /etc/ldap.conf
#
-require authentication;
-authentication::update_ldap_conf(
- host => $o->{var}{srv},
- base => $wiz_domain_name,
- nss_base_shadow => "ou=People,$o->{var}{suffix}",
- nss_base_passwd => "ou=People,$o->{var}{suffix}",
- nss_base_group => "ou=Group,$o->{var}{suffix}",
- );
+ require authentication;
+ authentication::update_ldap_conf(
+ host => $o->{var}{srv},
+ base => $wiz_domain_name,
+ nss_base_shadow => "ou=People,$o->{var}{suffix}",
+ nss_base_passwd => "ou=People,$o->{var}{suffix}",
+ nss_base_group => "ou=Group,$o->{var}{suffix}",
+ );
# reset premisions
system("chown -R root.ldap /etc/openldap");
@@ -367,10 +347,10 @@ sub init_ldap {
$o->{var}{rootdn} =~ /cn=(\w+),/ and my $cnadmin = $1;
- my $LDAP;
- open($LDAP, "| ldapadd -x -D '$o->{var}{rootdn}' -w $o->{var}{rootpass}");
+ my $LDAP;
+ open($LDAP, "| ldapadd -x -D '$o->{var}{rootdn}' -w $o->{var}{rootpass}");
- print $LDAP <<RootLdif;
+ print $LDAP <<RootLdif;
dn: $o->{var}{suffix}
dc: $ldap_dc
objectClass: dcObject
@@ -404,7 +384,7 @@ RootLdif
close($LDAP);
- # create config file in /etc/sysconfig/ldapwiz
+ # create config file in /etc/sysconfig/ldapwiz
output($conf_file, <<EOF);
srv=$o->{var}{srv}
suffix=$o->{var}{suffix}
@@ -421,21 +401,20 @@ sub do_it_user_add {
return if $::testing;
my $uid = "10000";
while (defined(getpwuid($uid))) {
- $uid++;
- }
+ $uid++;
+ }
- $o->{var}{uidnb} = $uid;
- $o->{var}{gidnb} = $uid;
+ $o->{var}{uidnb} = $uid;
+ $o->{var}{gidnb} = $uid;
($o->{var}{code_return}, $o->{var}{error_user_add}) = add_user($o);
if ($o->{var}{code_return} =~ /success/i) {
- $o->{var}{useraddisnogood} = "add_user_good";
+ $o->{var}{useraddisnogood} = "add_user_good";
} else {
- $o->{var}{useraddisnogood} = "add_user_nogood";
+ $o->{var}{useraddisnogood} = "add_user_nogood";
}
-
}
-
+
sub sav_conf {
services::stop('ldap');
my $cmd = "slapcat -l /root/ldap-sav.ldiff";