diff options
author | Vicent Guardiola <vguardiola@mandriva.com> | 2004-10-28 11:07:44 +0000 |
---|---|---|
committer | Vicent Guardiola <vguardiola@mandriva.com> | 2004-10-28 11:07:44 +0000 |
commit | 0a04b17e1e866fd33c0071809fe2a99991f662e7 (patch) | |
tree | 284860095ed3a53073edef028136e288d9f5f90e /perl-install/authentication.pm | |
parent | 4de81343d34ad6234c9375402597d835f16394ae (diff) | |
download | drakx-0a04b17e1e866fd33c0071809fe2a99991f662e7.tar drakx-0a04b17e1e866fd33c0071809fe2a99991f662e7.tar.gz drakx-0a04b17e1e866fd33c0071809fe2a99991f662e7.tar.bz2 drakx-0a04b17e1e866fd33c0071809fe2a99991f662e7.tar.xz drakx-0a04b17e1e866fd33c0071809fe2a99991f662e7.zip |
Remove sasl entry
Add check button for tls
Diffstat (limited to 'perl-install/authentication.pm')
-rw-r--r-- | perl-install/authentication.pm | 33 |
1 files changed, 17 insertions, 16 deletions
diff --git a/perl-install/authentication.pm b/perl-install/authentication.pm index 09f683dc9..0ee66a6b5 100644 --- a/perl-install/authentication.pm +++ b/perl-install/authentication.pm @@ -75,22 +75,21 @@ sub ask_parameters { ssl => N("SSL"), kerberos => N("security layout (SASL/Kerberos)"), ); + my $tls = ''; my $AD_user = $authentication->{AD_user} =~ /(.*)\@\Q$authentication->{AD_domain}\E$/ ? $1 : $authentication->{AD_user}; my $anonymous = $AD_user; - my $anonymous = 'off'; $in->ask_from('', N("Authentication Active Directory")."\n", [ - { label => N("User allowed to Bind Active Directory"), val => \$AD_user }, - { label => N("Password for user"), val => \$authentication->{AD_password},hidden => 1}, - { label => N("Modify Options"), val => \$anonymous, type => 'bool' }, - { label => "\t".N("Domain"), val => \$authentication->{AD_domain}, disabled => sub { $anonymous } }, - #{ label => N("Server"), val => \$authentication->{AD_server} }, - { label => "\t".N("Server"), type => 'combo', val => \$authentication->{AD_server}, list => \@srvs , not_edit => 0, disabled => sub { $anonymous } }, - { label => "\t".N("LDAP users database"), val => \$authentication->{AD_users_db}, disabled => sub { $anonymous } }, - { label => N("Encryption"), val => \$authentication->{sub_kind}, list => [ map { $_->[0] } group_by2(@sub_kinds) ], format => sub { $sub_kinds{$_[0]} } }, + { label => N("Use anomymous bind"), val => \$authentication->{anonymous}, type => 'bool',"\n\n" }, + { label => N("User allowed to Bind Active Directory"), val => \$AD_user, disabled => sub { $authentication->{anonymous} } }, + { label => N("Password for user"), val => \$authentication->{AD_password},hidden => 1, disabled => sub { $authentication->{anonymous} }}, + { label => N("Enable TLS"), val => \$authentication->{tls}, type => 'bool'}, + { label => "\n".N("Domain"), val => \$authentication->{AD_domain} }, + { label => N("Server"), type => 'combo', val => \$authentication->{AD_server}, list => \@srvs , not_edit => 0, }, + { label => N("LDAP users database"), val => \$authentication->{AD_users_db}, }, ]) or return; $authentication->{AD_user} = !$AD_user || $authentication->{sub_kind} eq 'anonymous' ? '' : $AD_user =~ /@/ ? $AD_user : "$AD_user\@$authentication->{AD_domain}"; @@ -116,7 +115,7 @@ The command 'wbinfo -t' will test whether your authentication secrets are good." if $kind eq 'winbind'; $authentication->{AD_domain} ||= $netc->{DOMAINNAME} if $kind eq 'SMBKRB'; - $authentication->{AD_users_idmap} ||= 'ou=idmap,' . domain_to_ldap_domain($authentication->{AD_domain}) if $kind eq 'SMBKRB'; + $authentication->{AD_users_idmap} ||= 'ou=idmap,' . domain_to_ldap_domain($authentication->{AD_domain}) if $kind eq 'SMBKRB'; $netc->{WINDOMAIN} ||= $netc->{DOMAINNAME}; my $anonymous = "off"; $in->ask_from('', @@ -128,7 +127,9 @@ The command 'wbinfo -t' will test whether your authentication secrets are good." { label => N("Domain Admin User Name"), val => \$authentication->{winuser} }, { label => N("Domain Admin Password"), val => \$authentication->{winpass}, hidden => 1 }, { label => N("Use Idmap for store UID/SID "), val => \$anonymous, type => 'bool' }, - { label => N("Default Idmap "), val => \$authentication->{AD_users_idmap}, disabled => sub { $anonymous } }, + { label => "\t".N("Default Idmap "), val => \$authentication->{AD_users_idmap}, disabled => sub { $anonymous } }, + { label => "\t".N("Administrateur"), val => \$authentication->{AD_users_idmap_adm}, disabled => sub { $anonymous } }, + { label => "\t".N("Password"), val => \$authentication->{AD_users_idmap_passwd}, disabled => sub { $anonymous } }, ]) or return; } $authentication->{$kind} ||= 1; @@ -164,6 +165,7 @@ sub set { ); } elsif ($kind eq 'AD') { $in->do_pkgs->install(qw(nss_ldap )); + my $port = "389"; set_nsswitch_priority('ldap'); @@ -176,9 +178,9 @@ sub set { ssl => 'on', kerberos => 'off', }->{$authentication->{sub_kind}}; - - if ($ssl eq 'on') { - $port = '636'; + + if ($authentication->{tls} eq '1' ){ + $tls = 'start_tls'; }; @@ -190,8 +192,7 @@ sub set { nss_base_passwd => "$authentication->{AD_users_db}?sub", nss_base_group => "$authentication->{AD_users_db}?sub", - ssl => $ssl, - sasl_mech => $authentication->{sub_kind} eq 'kerberos' ? 'GSSAPI' : '', + ssl => $tls, port => $port, binddn => $authentication->{AD_user}, |