| 1 |
unnilennium |
1.1 |
diff -up smeserver-phpldapadmin-1.2.3/root/etc/e-smith/db/configuration/defaults/phpldapadmin/kamikaze.authpatch smeserver-phpldapadmin-1.2.3/root/etc/e-smith/db/configuration/defaults/phpldapadmin/kamikaze |
| 2 |
|
|
--- smeserver-phpldapadmin-1.2.3/root/etc/e-smith/db/configuration/defaults/phpldapadmin/kamikaze.authpatch 2013-11-06 17:25:19.000000000 -0500 |
| 3 |
|
|
+++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/db/configuration/defaults/phpldapadmin/kamikaze 2013-11-06 17:25:31.000000000 -0500 |
| 4 |
|
|
@@ -0,0 +1 @@ |
| 5 |
|
|
+disabled |
| 6 |
|
|
diff -up smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/05LdapServer.authpatch smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/05LdapServer |
| 7 |
|
|
--- smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/05LdapServer.authpatch 2013-11-06 17:23:45.000000000 -0500 |
| 8 |
|
|
+++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/05LdapServer 2013-11-06 17:38:43.000000000 -0500 |
| 9 |
|
|
@@ -4,66 +4,13 @@ |
| 10 |
|
|
*********************************************/ |
| 11 |
|
|
|
| 12 |
|
|
$servers = new Datastore(); |
| 13 |
|
|
- |
| 14 |
|
|
-/* $servers->NewServer('ldap_pla') must be called before each new LDAP server |
| 15 |
|
|
- declaration. */ |
| 16 |
|
|
$servers->newServer('ldap_pla'); |
| 17 |
|
|
- |
| 18 |
|
|
-/* A convenient name that will appear in the tree viewer and throughout |
| 19 |
|
|
- phpLDAPadmin to identify this LDAP server to users. */ |
| 20 |
|
|
$servers->setValue('server','name','Local LDAP Server'); |
| 21 |
|
|
- |
| 22 |
|
|
-/* Examples: |
| 23 |
|
|
- 'ldap.example.com', |
| 24 |
|
|
- 'ldaps://ldap.example.com/', |
| 25 |
|
|
- 'ldapi://%2fusr%local%2fvar%2frun%2fldapi' |
| 26 |
|
|
- (Unix socket at /usr/local/var/run/ldap) */ |
| 27 |
|
|
$servers->setValue('server','host','127.0.0.1'); |
| 28 |
|
|
- |
| 29 |
|
|
-/* The port your LDAP server listens on (no quotes). 389 is standard. */ |
| 30 |
|
|
$servers->setValue('server','port',389); |
| 31 |
|
|
|
| 32 |
|
|
-/* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin |
| 33 |
|
|
- auto-detect it for you. */ |
| 34 |
|
|
-// $servers->setValue('server','base',array('')); |
| 35 |
|
|
- |
| 36 |
|
|
-/* Five options for auth_type: |
| 37 |
|
|
- 1. 'cookie': you will login via a web form, and a client-side cookie will |
| 38 |
|
|
- store your login dn and password. |
| 39 |
|
|
- 2. 'session': same as cookie but your login dn and password are stored on the |
| 40 |
|
|
- web server in a persistent session variable. |
| 41 |
|
|
- 3. 'http': same as session but your login dn and password are retrieved via |
| 42 |
|
|
- HTTP authentication. |
| 43 |
|
|
- 4. 'config': specify your login dn and password here in this config file. No |
| 44 |
|
|
- login will be required to use phpLDAPadmin for this server. |
| 45 |
|
|
- 5. 'sasl': login will be taken from the webserver's kerberos authentication. |
| 46 |
|
|
- Currently only GSSAPI has been tested (using mod_auth_kerb). |
| 47 |
|
|
- |
| 48 |
|
|
- Choose wisely to protect your authentication information appropriately for |
| 49 |
|
|
- your situation. If you choose 'cookie', your cookie contents will be |
| 50 |
|
|
- encrypted using blowfish and the secret your specify above as |
| 51 |
|
|
- session['blowfish']. */ |
| 52 |
|
|
-// $servers->setValue('login','auth_type','session'); |
| 53 |
|
|
- |
| 54 |
|
|
-/* The DN of the user for phpLDAPadmin to bind with. For anonymous binds or |
| 55 |
|
|
- 'cookie','session' or 'sasl' auth_types, LEAVE THE LOGIN_DN AND LOGIN_PASS |
| 56 |
|
|
- BLANK. If you specify a login_attr in conjunction with a cookie or session |
| 57 |
|
|
- auth_type, then you can also specify the bind_id/bind_pass here for searching |
| 58 |
|
|
- the directory for users (ie, if your LDAP server does not allow anonymous |
| 59 |
|
|
- binds. */ |
| 60 |
|
|
-// $servers->setValue('login','bind_id',''); |
| 61 |
|
|
-# $servers->setValue('login','bind_id','cn=Manager,dc=example,dc=com'); |
| 62 |
|
|
- |
| 63 |
|
|
-/* Your LDAP password. If you specified an empty bind_id above, this MUST also |
| 64 |
|
|
- be blank. */ |
| 65 |
|
|
-// $servers->setValue('login','bind_pass',''); |
| 66 |
|
|
-# $servers->setValue('login','bind_pass','secret'); |
| 67 |
|
|
- |
| 68 |
|
|
-/* Use TLS (Transport Layer Security) to connect to the LDAP server. */ |
| 69 |
|
|
-// $servers->setValue('server','tls',false); |
| 70 |
|
|
|
| 71 |
|
|
$servers->setValue('server','tls',false); |
| 72 |
|
|
-$servers->setValue('login','anon_bind',false); |
| 73 |
|
|
|
| 74 |
|
|
{ |
| 75 |
|
|
open (PW, "/etc/openldap/ldap.pw") |
| 76 |
|
|
@@ -71,6 +18,7 @@ $servers->setValue('login','anon_bind',f |
| 77 |
|
|
my $pw = <PW>; |
| 78 |
|
|
chomp ($pw); |
| 79 |
|
|
close PW; |
| 80 |
|
|
+ my $kamikaze = $phpldapadmin{'kamikaze'} || 'disabled'; |
| 81 |
|
|
|
| 82 |
|
|
use esmith::util; |
| 83 |
|
|
|
| 84 |
|
|
@@ -80,10 +28,22 @@ $servers->setValue('login','anon_bind',f |
| 85 |
|
|
my $domain = db_get(\%conf, 'DomainName'); |
| 86 |
|
|
|
| 87 |
|
|
my $dc = esmith::util::ldapBase($domain); |
| 88 |
|
|
- |
| 89 |
|
|
- $OUT .= "\$servers->setValue('server','base',array('$dc'));\n"; |
| 90 |
|
|
- $OUT .= "\$servers->setValue('login','base',array('$dc'));\n"; |
| 91 |
|
|
- $OUT .= "\$servers->setValue('login','auth_type','http');\n"; |
| 92 |
|
|
- $OUT .= "\$servers->SetValue('login','bind_id','cn=root,$dc');\n"; |
| 93 |
|
|
- $OUT .= "\$servers->setValue('login','bind_pass','$pw');\n"; |
| 94 |
|
|
+ if ( $kamikaze eq "enabled") |
| 95 |
|
|
+ { |
| 96 |
|
|
+ $OUT .= "\$servers->setValue('login','anon_bind',false);\n"; |
| 97 |
|
|
+ $OUT .= "\$servers->setValue('server','base',array('$dc'));\n"; |
| 98 |
|
|
+ $OUT .= "\$servers->setValue('login','base',array('$dc'));\n"; |
| 99 |
|
|
+ $OUT .= "\$servers->setValue('login','auth_type','config');\n"; |
| 100 |
|
|
+ $OUT .= "\$servers->SetValue('login','bind_id','cn=root,$dc');\n"; |
| 101 |
|
|
+ $OUT .= "\$servers->setValue('login','bind_pass','$pw');\n"; |
| 102 |
unnilennium |
1.2 |
+ $OUT .= "\$servers->setValue('login','attr','dn');\n"; |
| 103 |
unnilennium |
1.1 |
+ } |
| 104 |
|
|
+ else |
| 105 |
|
|
+ { |
| 106 |
|
|
+ $OUT .= "\$servers->setValue('login','anon_bind',true);\n"; |
| 107 |
|
|
+ $OUT .= "\$servers->setValue('server','base',array('$dc'));\n"; |
| 108 |
|
|
+ $OUT .= "\$servers->setValue('login','base',array('$dc'));\n"; |
| 109 |
|
|
+ $OUT .= "\$servers->setValue('login','auth_type','http');\n"; |
| 110 |
|
|
+ $OUT .= "\$servers->setValue('login','attr','uid');\n"; |
| 111 |
|
|
+ } |
| 112 |
|
|
} |
| 113 |
|
|
diff -up smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/06SASLAuth.authpatch smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/06SASLAuth |
| 114 |
|
|
--- smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/06SASLAuth.authpatch 2013-11-06 17:23:45.000000000 -0500 |
| 115 |
|
|
+++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/06SASLAuth 2013-11-06 17:40:18.000000000 -0500 |
| 116 |
|
|
@@ -54,7 +54,6 @@ $servers->setValue('appearance','passwor |
| 117 |
|
|
your LDAP server requires you to login to perform searches, you can enter the |
| 118 |
|
|
DN to use when searching in 'bind_id' and 'bind_pass' above. */ |
| 119 |
|
|
// $servers->setValue('login','attr','dn'); |
| 120 |
|
|
-$servers->setValue('login','attr','uid'); |
| 121 |
|
|
|
| 122 |
|
|
/* Base DNs to used for logins. If this value is not set, then the LDAP server |
| 123 |
|
|
Base DNs are used. */ |
Parent Directory
| 
Revision Log
| 
Revision Graph
