From 0a04b17e1e866fd33c0071809fe2a99991f662e7 Mon Sep 17 00:00:00 2001
From: Vicent Guardiola <vguardiola@mandriva.com>
Date: Thu, 28 Oct 2004 11:07:44 +0000
Subject: Remove sasl entry Add check button for tls

---
 perl-install/authentication.pm | 33 +++++++++++++++++----------------
 1 file changed, 17 insertions(+), 16 deletions(-)

diff --git a/perl-install/authentication.pm b/perl-install/authentication.pm
index 09f683dc9..0ee66a6b5 100644
--- a/perl-install/authentication.pm
+++ b/perl-install/authentication.pm
@@ -75,22 +75,21 @@ sub ask_parameters {
 	    ssl => N("SSL"),
 	    kerberos => N("security layout (SASL/Kerberos)"),
 	);
+	my $tls = '';
 
 	my $AD_user = $authentication->{AD_user} =~ /(.*)\@\Q$authentication->{AD_domain}\E$/ ? $1 : $authentication->{AD_user};
 	my $anonymous = $AD_user;
-	my $anonymous = 'off';
 
 	$in->ask_from('',
 		     N("Authentication Active Directory")."\n",
 		     [ 
-		       { label => N("User allowed to Bind Active Directory"), val => \$AD_user },
-		       { label => N("Password for user"), val => \$authentication->{AD_password},hidden => 1},
-		     { label => N("Modify Options"), val => \$anonymous, type => 'bool' },
-		     { label => "\t".N("Domain"), val => \$authentication->{AD_domain}, disabled => sub { $anonymous } },
-		     #{ label => N("Server"), val => \$authentication->{AD_server} },
-		       { label => "\t".N("Server"), type => 'combo', val => \$authentication->{AD_server}, list => \@srvs , not_edit => 0, disabled => sub { $anonymous } },
-		       { label => "\t".N("LDAP users database"), val => \$authentication->{AD_users_db}, disabled => sub { $anonymous } },
-		       { label => N("Encryption"), val => \$authentication->{sub_kind}, list => [ map { $_->[0] } group_by2(@sub_kinds) ], format => sub { $sub_kinds{$_[0]} } },
+		     { label => N("Use anomymous bind"), val => \$authentication->{anonymous}, type => 'bool',"\n\n" },
+		     { label => N("User allowed to Bind Active Directory"), val => \$AD_user, disabled => sub { $authentication->{anonymous} } },
+		     { label => N("Password for user"), val => \$authentication->{AD_password},hidden => 1, disabled => sub { $authentication->{anonymous} }},
+		     { label => N("Enable TLS"), val => \$authentication->{tls}, type => 'bool'},
+		     { label => "\n".N("Domain"), val => \$authentication->{AD_domain} },
+		     { label => N("Server"), type => 'combo', val => \$authentication->{AD_server}, list => \@srvs , not_edit => 0, },
+		     { label => N("LDAP users database"), val => \$authentication->{AD_users_db}, },
 		     ]) or return;
 	$authentication->{AD_user} = !$AD_user || $authentication->{sub_kind} eq 'anonymous' ? '' : 
 	                             $AD_user =~ /@/ ? $AD_user : "$AD_user\@$authentication->{AD_domain}";
@@ -116,7 +115,7 @@ The command 'wbinfo -t' will test whether your authentication secrets are good."
 	  if $kind eq 'winbind';
 
 	$authentication->{AD_domain} ||= $netc->{DOMAINNAME} if $kind eq 'SMBKRB';
-	 $authentication->{AD_users_idmap} ||= 'ou=idmap,' . domain_to_ldap_domain($authentication->{AD_domain}) if $kind eq 'SMBKRB';
+	$authentication->{AD_users_idmap} ||= 'ou=idmap,' . domain_to_ldap_domain($authentication->{AD_domain}) if $kind eq 'SMBKRB';
 	$netc->{WINDOMAIN} ||= $netc->{DOMAINNAME};
 	my $anonymous = "off";
 	$in->ask_from('',
@@ -128,7 +127,9 @@ The command 'wbinfo -t' will test whether your authentication secrets are good."
 			  { label => N("Domain Admin User Name"), val => \$authentication->{winuser} },
 			  { label => N("Domain Admin Password"), val => \$authentication->{winpass}, hidden => 1 },
 			  { label => N("Use Idmap for store UID/SID "), val => \$anonymous, type => 'bool' },
-			  { label => N("Default Idmap "), val => \$authentication->{AD_users_idmap}, disabled => sub { $anonymous } },
+			  { label => "\t".N("Default Idmap "), val => \$authentication->{AD_users_idmap}, disabled => sub { $anonymous } },
+			  { label => "\t".N("Administrateur"), val => \$authentication->{AD_users_idmap_adm}, disabled => sub { $anonymous } },
+			  { label => "\t".N("Password"), val => \$authentication->{AD_users_idmap_passwd}, disabled => sub { $anonymous } },
 			]) or return;
     }
     $authentication->{$kind} ||= 1;
@@ -164,6 +165,7 @@ sub set {
 			);
     } elsif ($kind eq 'AD') {
 	$in->do_pkgs->install(qw(nss_ldap ));
+	
 	my $port = "389";
 	
 	set_nsswitch_priority('ldap');
@@ -176,9 +178,9 @@ sub set {
 		   ssl => 'on',
 		   kerberos => 'off',
 		  }->{$authentication->{sub_kind}};
-
-	if ($ssl eq 'on') {
-		$port = '636';
+	
+	if  ($authentication->{tls} eq '1' ){
+		$tls = 'start_tls';
 	};
 	
 	
@@ -190,8 +192,7 @@ sub set {
 			 nss_base_passwd => "$authentication->{AD_users_db}?sub",
 			 nss_base_group => "$authentication->{AD_users_db}?sub",
 
-			 ssl => $ssl,
-			 sasl_mech => $authentication->{sub_kind} eq 'kerberos' ? 'GSSAPI' : '',
+			 ssl => $tls,
 			 port => $port,
 
 			 binddn => $authentication->{AD_user},
-- 
cgit v1.2.1