/[smecontribs]/rpms/smeserver-phpldapadmin/contribs8/smeserver-phpldapadmin-1.2.3-template.patch
ViewVC logotype

Annotation of /rpms/smeserver-phpldapadmin/contribs8/smeserver-phpldapadmin-1.2.3-template.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Tue Nov 5 00:21:58 2013 UTC (10 years, 11 months ago) by unnilennium
Branch: MAIN
CVS Tags: smeserver-phpldapadmin-1_2_3-6_el5_sme, smeserver-phpldapadmin-1_2_3-3_el5_sme, smeserver-phpldapadmin-1_2_3-5_el5_sme, smeserver-phpldapadmin-1_2_3-2_el5_sme, HEAD
* Mon Nov 4 2013 JP Pialasse <tests@pialasse.com> 1.2.3-2.sme
- wrong tempalte path for config file [SME: 7975]

1 unnilennium 1.1 diff -Nur smeserver-phpldapadmin-1.2.3.old/createlinks smeserver-phpldapadmin-1.2.3/createlinks
2     --- smeserver-phpldapadmin-1.2.3.old/createlinks 2007-06-17 23:38:08.000000000 -0400
3     +++ smeserver-phpldapadmin-1.2.3/createlinks 2013-11-04 19:17:34.000000000 -0500
4     @@ -3,49 +3,13 @@
5     # Specific support exists to create symlinks within e-smith web "panels"
6     # and for links from named "events" directories into the "actions" directory
7    
8     -sub panel_link
9     -{
10     - my ($function, $panel) = @_;
11     -
12     - unlink "root/etc/e-smith/web/panels/$panel/cgi-bin/$function";
13     - symlink("../../../functions/$function",
14     - "root/etc/e-smith/web/panels/$panel/cgi-bin/$function")
15     - or die "Can't symlink to root/etc/e-smith/web/panels/$panel".
16     - "/cgi-bin/$function: $!";
17     -}
18     +use esmith::Build::CreateLinks qw(:all);
19    
20     -sub event_link
21     +for my $event (qw(
22     + bootstrap-console-save
23     + post-upgrade
24     + ))
25     {
26     - my ($action, $event, $level) = @_;
27     -
28     - unlink "root/etc/e-smith/events/${event}/S${level}${action}";
29     - symlink("../actions/${action}",
30     - "root/etc/e-smith/events/${event}/S${level}${action}")
31     - or die "Can't symlink to " .
32     - "root/etc/e-smith/events/${event}/S${level}${action}: $!";
33     + templates2events("/etc/phpldapadmin/config.php", $event)
34     }
35    
36     -#--------------------------------------------------
37     -# functions for manager panel
38     -#--------------------------------------------------
39     -my $panel = "manager";
40     -
41     -#panel_link("function1", $panel);
42     -#panel_link("function2", $panel);
43     -
44     -#--------------------------------------------------
45     -# actions for console-save event:
46     -#--------------------------------------------------
47     -$event = "console-save";
48     -
49     -#event_link("action1", $event, "55");
50     -#event_link("action2", $event, "60");
51     -
52     -#--------------------------------------------------
53     -# actions for domain-create event:
54     -#--------------------------------------------------
55     -$event = "domain-create";
56     -
57     -#event_link("action1", $event, "55");
58     -#event_link("action2", $event, "90");
59     -
60     diff -Nur smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/01header smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/01header
61     --- smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/01header 2013-05-26 20:24:11.000000000 -0400
62     +++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/01header 1969-12-31 19:00:00.000000000 -0500
63     @@ -1,38 +0,0 @@
64     -<?php
65     -/** NOTE **
66     - ** Make sure that <?php is the FIRST line of this file!
67     - ** IE: There should NOT be any blank lines or spaces BEFORE <?php
68     - **/
69     -
70     -/**
71     - * The phpLDAPadmin config file
72     - * See: http://phpldapadmin.sourceforge.net/wiki/index.php/Config.php
73     - *
74     - * This is where you can customise some of the phpLDAPadmin defaults
75     - * that are defined in config_default.php.
76     - *
77     - * To override a default, use the $config->custom variable to do so.
78     - * For example, the default for defining the language in config_default.php
79     - *
80     - * $this->default->appearance['language'] = array(
81     - * 'desc'=>'Language',
82     - * 'default'=>'auto');
83     - *
84     - * to override this, use $config->custom->appearance['language'] = 'en_EN';
85     - *
86     - * This file is also used to configure your LDAP server connections.
87     - *
88     - * You must specify at least one LDAP server there. You may add
89     - * as many as you like. You can also specify your language, and
90     - * many other options.
91     - *
92     - * NOTE: Commented out values in this file prefixed by //, represent the
93     - * defaults that have been defined in config_default.php.
94     - * Commented out values prefixed by #, dont reflect their default value, you can
95     - * check config_default.php if you want to see what the default is.
96     - *
97     - * DONT change config_default.php, you changes will be lost by the next release
98     - * of PLA. Instead change this file - as it will NOT be replaced by a new
99     - * version of phpLDAPadmin.
100     - */
101     -
102     diff -Nur smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/02UsefulConfOver smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/02UsefulConfOver
103     --- smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/02UsefulConfOver 2013-05-26 20:25:20.000000000 -0400
104     +++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/02UsefulConfOver 1969-12-31 19:00:00.000000000 -0500
105     @@ -1,60 +0,0 @@
106     -/*********************************************
107     - * Useful important configuration overrides *
108     - *********************************************/
109     -
110     -/* If you are asked to put PLA in debug mode, this is how you do it: */
111     -# $config->custom->debug['level'] = 255;
112     -# $config->custom->debug['syslog'] = true;
113     -# $config->custom->debug['file'] = '/tmp/pla_debug.log';
114     -
115     -/* phpLDAPadmin can encrypt the content of sensitive cookies if you set this
116     - to a big random string. */
117     -// $config->custom->session['blowfish'] = null;
118     -
119     -/* If your auth_type is http, you can override your HTTP Authentication Realm. */
120     -// $config->custom->session['http_realm'] = sprintf('%s %s',app_name(),'login');
121     -
122     -/* The language setting. If you set this to 'auto', phpLDAPadmin will attempt
123     - to determine your language automatically.
124     - If PLA doesnt show (all) strings in your language, then you can do some
125     - translation at http://translations.launchpad.net/phpldapadmin and download
126     - the translation files, replacing those provided with PLA.
127     - (We'll pick up the translations before making the next release too!) */
128     -// $config->custom->appearance['language'] = 'auto';
129     -
130     -/* The temporary storage directory where we will put jpegPhoto data
131     - This directory must be readable and writable by your web server. */
132     -// $config->custom->jpeg['tmpdir'] = '/tmp'; // Example for Unix systems
133     -# $config->custom->jpeg['tmpdir'] = 'c:\\temp'; // Example for Windows systems
134     -
135     -/* Set this to (bool)true if you do NOT want a random salt used when
136     - calling crypt(). Instead, use the first two letters of the user's
137     - password. This is insecure but unfortunately needed for some older
138     - environments. */
139     -# $config->custom->password['no_random_crypt_salt'] = true;
140     -
141     -/* PHP script timeout control. If php runs longer than this many seconds then
142     - PHP will stop with an Maximum Execution time error. Increase this value from
143     - the default if queries to your LDAP server are slow. The default is either
144     - 30 seconds or the setting of max_exection_time if this is null. */
145     -// $config->custom->session['timelimit'] = 30;
146     -
147     -// $config->custom->appearance['show_clear_password'] = false;
148     -
149     -// $config->custom->search['size_limit'] = 50;
150     -# $config->custom->search['size_limit'] = 1000;
151     -
152     -/* Our local timezone
153     - This is to make sure that when we ask the system for the current time, we
154     - get the right local time. If this is not set, all time() calculations will
155     - assume UTC if you have not set PHP date.timezone. */
156     -// $config->custom->appearance['timezone'] = null;
157     -# $config->custom->appearance['timezone'] = 'Australia/Melbourne';
158     -
159     - meaning that users will not be presented a form for modifying those
160     - attributes, and they will not be allowed to be modified on the "back-end"
161     - either. You may configure this list here:
162     - NOTE: The user must be able to read the readonly_attrs_exempt entry to be
163     - excluded. */
164     -// $config->custom->appearance['readonly_attrs'] = array();
165     -
166     diff -Nur smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/03Commands smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/03Commands
167     --- smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/03Commands 2013-05-26 20:27:25.000000000 -0400
168     +++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/03Commands 1969-12-31 19:00:00.000000000 -0500
169     @@ -1,58 +0,0 @@
170     -/*********************************************
171     - * Commands *
172     - *********************************************/
173     -
174     -/* Command availability ; if you don't authorize a command the command
175     - links will not be shown and the command action will not be permitted.
176     - For better security, set also ACL in your ldap directory. */
177     -/*
178     -$config->custom->commands['cmd'] = array(
179     - 'entry_internal_attributes_show' => true,
180     - 'entry_refresh' => true,
181     - 'oslinks' => true,
182     - 'switch_template' => true
183     -);
184     -
185     -$config->custom->commands['script'] = array(
186     - 'add_attr_form' => true,
187     - 'add_oclass_form' => true,
188     - 'add_value_form' => true,
189     - 'collapse' => true,
190     - 'compare' => true,
191     - 'compare_form' => true,
192     - 'copy' => true,
193     - 'copy_form' => true,
194     - 'create' => true,
195     - 'create_confirm' => true,
196     - 'delete' => true,
197     - 'delete_attr' => true,
198     - 'delete_form' => true,
199     - 'draw_tree_node' => true,
200     - 'expand' => true,
201     - 'export' => true,
202     - 'export_form' => true,
203     - 'import' => true,
204     - 'import_form' => true,
205     - 'login' => true,
206     - 'logout' => true,
207     - 'login_form' => true,
208     - 'mass_delete' => true,
209     - 'mass_edit' => true,
210     - 'mass_update' => true,
211     - 'modify_member_form' => true,
212     - 'monitor' => true,
213     - 'purge_cache' => true,
214     - 'query_engine' => true,
215     - 'rename' => true,
216     - 'rename_form' => true,
217     - 'rdelete' => true,
218     - 'refresh' => true,
219     - 'schema' => true,
220     - 'server_info' => true,
221     - 'show_cache' => true,
222     - 'template_engine' => true,
223     - 'update_confirm' => true,
224     - 'update' => true
225     -);
226     -*/
227     -
228     diff -Nur smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/04Attributes smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/04Attributes
229     --- smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/04Attributes 2013-05-26 20:28:55.000000000 -0400
230     +++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/04Attributes 1969-12-31 19:00:00.000000000 -0500
231     @@ -1,130 +0,0 @@
232     -
233     -/*********************************************
234     - * Appearance *
235     - *********************************************/
236     -
237     -/* If you want to choose the appearance of the tree, specify a class name which
238     - inherits from the Tree class. */
239     -// $config->custom->appearance['tree'] = 'AJAXTree';
240     -# $config->custom->appearance['tree'] = 'HTMLTree';
241     -
242     -/* Just show your custom templates. */
243     -// $config->custom->appearance['custom_templates_only'] = false;
244     -
245     -/* Disable the default template. */
246     -// $config->custom->appearance['disable_default_template'] = false;
247     -
248     -/* Hide the warnings for invalid objectClasses/attributes in templates. */
249     -// $config->custom->appearance['hide_template_warning'] = false;
250     -
251     -/* Set to true if you would like to hide header and footer parts. */
252     -// $config->custom->appearance['minimalMode'] = false;
253     -
254     -/* Configure what objects are shown in left hand tree */
255     -// $config->custom->appearance['tree_filter'] = '(objectclass=*)';
256     -
257     -/* The height and width of the tree. If these values are not set, then
258     - no tree scroll bars are provided. */
259     -// $config->custom->appearance['tree_height'] = null;
260     -# $config->custom->appearance['tree_height'] = 600;
261     -// $config->custom->appearance['tree_width'] = null;
262     -# $config->custom->appearance['tree_width'] = 250;
263     -
264     -/* Confirm create and update operations, allowing you to review the changes
265     - and optionally skip attributes during the create/update operation. */
266     -// $config->custom->confirm['create'] = true;
267     -// $config->custom->confirm['update'] = true;
268     -
269     -/* Confirm copy operations, and treat them like create operations. This allows
270     - you to edit the attributes (thus changing any that might conflict with
271     - uniqueness) before creating the new entry. */
272     -// $config->custom->confirm['copy'] = true;
273     -
274     -/*********************************************
275     - * User-friendly attribute translation *
276     - *********************************************/
277     -
278     -/* Use this array to map attribute names to user friendly names. For example, if
279     - you don't want to see "facsimileTelephoneNumber" but rather "Fax". */
280     -// $config->custom->appearance['friendly_attrs'] = array();
281     -$config->custom->appearance['friendly_attrs'] = array(
282     - 'facsimileTelephoneNumber' => 'Fax',
283     - 'gid' => 'Group',
284     - 'mail' => 'Email',
285     - 'telephoneNumber' => 'Telephone',
286     - 'uid' => 'User Name',
287     - 'userPassword' => 'Password'
288     -);
289     -
290     -/*********************************************
291     - * Hidden attributes *
292     - *********************************************/
293     -
294     -/* You may want to hide certain attributes from being edited. If you want to
295     - hide attributes from the user, you should use your LDAP servers ACLs.
296     - NOTE: The user must be able to read the hide_attrs_exempt entry to be
297     - excluded. */
298     -// $config->custom->appearance['hide_attrs'] = array();
299     -# $config->custom->appearance['hide_attrs'] = array('objectClass');
300     -
301     -/* Members of this list will be exempt from the hidden attributes. */
302     -// $config->custom->appearance['hide_attrs_exempt'] = null;
303     -# $config->custom->appearance['hide_attrs_exempt'] = 'cn=PLA UnHide,ou=Groups,c=AU';
304     -
305     -/*********************************************
306     - * Read-only attributes *
307     - *********************************************/
308     -
309     -/* You may want to phpLDAPadmin to display certain attributes as read only,
310     - meaning that users will not be presented a form for modifying those
311     - attributes, and they will not be allowed to be modified on the "back-end"
312     - either. You may configure this list here:
313     - NOTE: The user must be able to read the readonly_attrs_exempt entry to be
314     - excluded. */
315     -// $config->custom->appearance['readonly_attrs'] = array();
316     -
317     -/* Members of this list will be exempt from the readonly attributes. */
318     -// $config->custom->appearance['readonly_attrs_exempt'] = null;
319     -# $config->custom->appearance['readonly_attrs_exempt'] = 'cn=PLA ReadWrite,ou=Groups,c=AU';
320     -
321     -/*********************************************
322     - * Group attributes *
323     - *********************************************/
324     -
325     -/* Add "modify group members" link to the attribute. */
326     -// $config->custom->modify_member['groupattr'] = array('member','uniqueMember','memberUid');
327     -
328     -/* Configure filter for member search. This only applies to "modify group members" feature */
329     -// $config->custom->modify_member['filter'] = '(objectclass=Person)';
330     -
331     -/* Attribute that is added to the group member attribute. */
332     -// $config->custom->modify_member['attr'] = 'dn';
333     -
334     -/* For Posix attributes */
335     -// $config->custom->modify_member['posixattr'] = 'uid';
336     -// $config->custom->modify_member['posixfilter'] = '(uid=*)';
337     -// $config->custom->modify_member['posixgroupattr'] = 'memberUid';
338     -
339     -/*********************************************
340     - * Support for attrs display order *
341     - *********************************************/
342     -
343     -/* Use this array if you want to have your attributes displayed in a specific
344     - order. You can use default attribute names or their fridenly names.
345     - For example, "sn" will be displayed right after "givenName". All the other
346     - attributes that are not specified in this array will be displayed after in
347     - alphabetical order. */
348     -// $config->custom->appearance['attr_display_order'] = array();
349     -# $config->custom->appearance['attr_display_order'] = array(
350     -# 'givenName',
351     -# 'sn',
352     -# 'cn',
353     -# 'displayName',
354     -# 'uid',
355     -# 'uidNumber',
356     -# 'gidNumber',
357     -# 'homeDirectory',
358     -# 'mail',
359     -# 'userPassword'
360     -# );
361     -
362     diff -Nur smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/05LdapServer smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/05LdapServer
363     --- smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/05LdapServer 2013-05-26 20:42:12.000000000 -0400
364     +++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/05LdapServer 1969-12-31 19:00:00.000000000 -0500
365     @@ -1,86 +0,0 @@
366     -
367     -/*********************************************
368     - * Define your LDAP servers in this section *
369     - *********************************************/
370     -
371     -$servers = new Datastore();
372     -
373     -/* $servers->NewServer('ldap_pla') must be called before each new LDAP server
374     - declaration. */
375     -$servers->newServer('ldap_pla');
376     -
377     -/* A convenient name that will appear in the tree viewer and throughout
378     - phpLDAPadmin to identify this LDAP server to users. */
379     -$servers->setValue('server','name','Local LDAP Server');
380     -
381     -/* Examples:
382     - 'ldap.example.com',
383     - 'ldaps://ldap.example.com/',
384     - 'ldapi://%2fusr%local%2fvar%2frun%2fldapi'
385     - (Unix socket at /usr/local/var/run/ldap) */
386     -$servers->setValue('server','host','127.0.0.1');
387     -
388     -/* The port your LDAP server listens on (no quotes). 389 is standard. */
389     -$servers->setValue('server','port',389);
390     -
391     -/* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin
392     - auto-detect it for you. */
393     -// $servers->setValue('server','base',array(''));
394     -
395     -/* Five options for auth_type:
396     - 1. 'cookie': you will login via a web form, and a client-side cookie will
397     - store your login dn and password.
398     - 2. 'session': same as cookie but your login dn and password are stored on the
399     - web server in a persistent session variable.
400     - 3. 'http': same as session but your login dn and password are retrieved via
401     - HTTP authentication.
402     - 4. 'config': specify your login dn and password here in this config file. No
403     - login will be required to use phpLDAPadmin for this server.
404     - 5. 'sasl': login will be taken from the webserver's kerberos authentication.
405     - Currently only GSSAPI has been tested (using mod_auth_kerb).
406     -
407     - Choose wisely to protect your authentication information appropriately for
408     - your situation. If you choose 'cookie', your cookie contents will be
409     - encrypted using blowfish and the secret your specify above as
410     - session['blowfish']. */
411     -// $servers->setValue('login','auth_type','session');
412     -
413     -/* The DN of the user for phpLDAPadmin to bind with. For anonymous binds or
414     - 'cookie','session' or 'sasl' auth_types, LEAVE THE LOGIN_DN AND LOGIN_PASS
415     - BLANK. If you specify a login_attr in conjunction with a cookie or session
416     - auth_type, then you can also specify the bind_id/bind_pass here for searching
417     - the directory for users (ie, if your LDAP server does not allow anonymous
418     - binds. */
419     -// $servers->setValue('login','bind_id','');
420     -# $servers->setValue('login','bind_id','cn=Manager,dc=example,dc=com');
421     -
422     -/* Your LDAP password. If you specified an empty bind_id above, this MUST also
423     - be blank. */
424     -// $servers->setValue('login','bind_pass','');
425     -# $servers->setValue('login','bind_pass','secret');
426     -
427     -/* Use TLS (Transport Layer Security) to connect to the LDAP server. */
428     -// $servers->setValue('server','tls',false);
429     -
430     -
431     -{
432     - open (PW, "/etc/openldap/ldap.pw")
433     - || die "Could not read LDAP password.\n";
434     - my $pw = <PW>;
435     - chomp ($pw);
436     - close PW;
437     -
438     - use esmith::util;
439     -
440     - my %conf;
441     - tie %conf, 'esmith::config', '/home/e-smith/db/configuration';
442     -
443     - my $domain = db_get(\%conf, 'DomainName');
444     -
445     - my $dc = esmith::util::ldapBase($domain);
446     -
447     - $OUT .= "\$servers->setValue('server','base',array('$dc'));\n";
448     - $OUT .= "\$servers->setValue('server','auth_type','config');\n";
449     - $OUT .= "\$servers->SetValue('login','dn','cn=root,$dc');\n";
450     - $OUT .= "\$servers->setValue('login','pass','$pw');\n";
451     -}
452     diff -Nur smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/06SASLAuth smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/06SASLAuth
453     --- smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/06SASLAuth 2013-05-26 20:31:46.000000000 -0400
454     +++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/06SASLAuth 1969-12-31 19:00:00.000000000 -0500
455     @@ -1,169 +0,0 @@
456     -/************************************
457     - * SASL Authentication *
458     - ************************************/
459     -
460     -/* Enable SASL authentication LDAP SASL authentication requires PHP 5.x
461     - configured with --with-ldap-sasl=DIR. If this option is disabled (ie, set to
462     - false), then all other sasl options are ignored. */
463     -// $servers->setValue('login','auth_type','sasl');
464     -
465     -/* SASL auth mechanism */
466     -// $servers->setValue('sasl','mech','GSSAPI');
467     -
468     -/* SASL authentication realm name */
469     -// $servers->setValue('sasl','realm','');
470     -# $servers->setValue('sasl','realm','EXAMPLE.COM');
471     -
472     -/* SASL authorization ID name
473     - If this option is undefined, authorization id will be computed from bind DN,
474     - using authz_id_regex and authz_id_replacement. */
475     -// $servers->setValue('sasl','authz_id', null);
476     -
477     -/* SASL authorization id regex and replacement
478     - When authz_id property is not set (default), phpLDAPAdmin will try to
479     - figure out authorization id by itself from bind distinguished name (DN).
480     -
481     - This procedure is done by calling preg_replace() php function in the
482     - following way:
483     -
484     - $authz_id = preg_replace($sasl_authz_id_regex,$sasl_authz_id_replacement,
485     - $bind_dn);
486     -
487     - For info about pcre regexes, see:
488     - - pcre(3), perlre(3)
489     - - http://www.php.net/preg_replace */
490     -// $servers->setValue('sasl','authz_id_regex',null);
491     -// $servers->setValue('sasl','authz_id_replacement',null);
492     -# $servers->setValue('sasl','authz_id_regex','/^uid=([^,]+)(.+)/i');
493     -# $servers->setValue('sasl','authz_id_replacement','$1');
494     -
495     -/* SASL auth security props.
496     - See http://beepcore-tcl.sourceforge.net/tclsasl.html#anchor5 for explanation. */
497     -// $servers->setValue('sasl','props',null);
498     -
499     -/* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
500     - blowfish, crypt or leave blank for now default algorithm. */
501     -// $servers->setValue('appearance','password_hash','md5');
502     -$servers->setValue('appearance','password_hash','');
503     -
504     -/* If you specified 'cookie' or 'session' as the auth_type above, you can
505     - optionally specify here an attribute to use when logging in. If you enter
506     - 'uid' and login as 'dsmith', phpLDAPadmin will search for (uid=dsmith)
507     - and log in as that user.
508     - Leave blank or specify 'dn' to use full DN for logging in. Note also that if
509     - your LDAP server requires you to login to perform searches, you can enter the
510     - DN to use when searching in 'bind_id' and 'bind_pass' above. */
511     -// $servers->setValue('login','attr','dn');
512     -$servers->setValue('login','attr','uid');
513     -
514     -/* Base DNs to used for logins. If this value is not set, then the LDAP server
515     - Base DNs are used. */
516     -// $servers->setValue('login','base',array());
517     -
518     -/* If 'login,attr' is used above such that phpLDAPadmin will search for your DN
519     - at login, you may restrict the search to a specific objectClasses. EG, set this
520     - to array('posixAccount') or array('inetOrgPerson',..), depending upon your
521     - setup. */
522     -// $servers->setValue('login','class',array());
523     -
524     -/* If you specified something different from 'dn', for example 'uid', as the
525     - login_attr above, you can optionally specify here to fall back to
526     - authentication with dn.
527     - This is useful, when users should be able to log in with their uid, but
528     - the ldap administrator wants to log in with his root-dn, that does not
529     - necessarily have the uid attribute.
530     - When using this feature, login_class is ignored. */
531     -// $servers->setValue('login','fallback_dn',false);
532     -
533     -/* Specify true If you want phpLDAPadmin to not display or permit any
534     - modification to the LDAP server. */
535     -// $servers->setValue('server','read_only',false);
536     -
537     -/* Specify false if you do not want phpLDAPadmin to draw the 'Create new' links
538     - in the tree viewer. */
539     -// $servers->setValue('appearance','show_create',true);
540     -
541     -/* Set to true if you would like to initially open the first level of each tree. */
542     -// $servers->setValue('appearance','open_tree',false);
543     -
544     -/* This feature allows phpLDAPadmin to automatically determine the next
545     - available uidNumber for a new entry. */
546     -// $servers->setValue('auto_number','enable',true);
547     -
548     -/* The mechanism to use when finding the next available uidNumber. Two possible
549     - values: 'uidpool' or 'search'.
550     - The 'uidpool' mechanism uses an existing uidPool entry in your LDAP server to
551     - blindly lookup the next available uidNumber. The 'search' mechanism searches
552     - for entries with a uidNumber value and finds the first available uidNumber
553     - (slower). */
554     -// $servers->setValue('auto_number','mechanism','search');
555     -
556     -/* The DN of the search base when the 'search' mechanism is used above. */
557     -# $servers->setValue('auto_number','search_base','ou=People,dc=example,dc=com');
558     -
559     -/* The minimum number to use when searching for the next available number
560     - (only when 'search' is used for auto_number. */
561     -// $servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500));
562     -
563     -/* If you set this, then phpldapadmin will bind to LDAP with this user ID when
564     - searching for the uidnumber. The idea is, this user id would have full
565     - (readonly) access to uidnumber in your ldap directory (the logged in user
566     - may not), so that you can be guaranteed to get a unique uidnumber for your
567     - directory. */
568     -// $servers->setValue('auto_number','dn',null);
569     -
570     -/* The password for the dn above. */
571     -// $servers->setValue('auto_number','pass',null);
572     -
573     -/* Enable anonymous bind login. */
574     -// $servers->setValue('login','anon_bind',true);
575     -
576     -/* Use customized page with prefix when available. */
577     -# $servers->setValue('custom','pages_prefix','custom_');
578     -
579     -/* If you set this, then only these DNs are allowed to log in. This array can
580     - contain individual users, groups or ldap search filter(s). Keep in mind that
581     - the user has not authenticated yet, so this will be an anonymous search to
582     - the LDAP server, so make your ACLs allow these searches to return results! */
583     -# $servers->setValue('login','allowed_dns',array(
584     -# 'uid=stran,ou=People,dc=example,dc=com',
585     -# '(&(gidNumber=811)(objectClass=groupOfNames))',
586     -# '(|(uidNumber=200)(uidNumber=201))',
587     -# 'cn=callcenter,ou=Group,dc=example,dc=com'));
588     -
589     -/* Set this if you dont want this LDAP server to show in the tree */
590     -// $servers->setValue('server','visible',true);
591     -
592     -/* Set this if you want to hide the base DNs that dont exist instead of
593     - displaying the message "The base entry doesnt exist, create it?"
594     -// $servers->setValue('server','hide_noaccess_base',false);
595     -# $servers->setValue('server','hide_noaccess_base',true);
596     -
597     -/* This is the time out value in minutes for the server. After as many minutes
598     - of inactivity you will be automatically logged out. If not set, the default
599     - value will be ( session_cache_expire()-1 ) */
600     -# $servers->setValue('login','timeout',30);
601     -
602     -/* Set this if you want phpldapadmin to perform rename operation on entry which
603     - has children. Certain servers are known to allow it, certain are not. */
604     -// $servers->setValue('server','branch_rename',false);
605     -
606     -/* If you set this, then phpldapadmin will show these attributes as
607     - internal attributes, even if they are not defined in your schema. */
608     -// $servers->setValue('server','custom_sys_attrs',array(''));
609     -# $servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
610     -
611     -/* If you set this, then phpldapadmin will show these attributes on
612     - objects, even if they are not defined in your schema. */
613     -// $servers->setValue('server','custom_attrs',array(''));
614     -# $servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
615     -
616     -/* These attributes will be forced to MAY attributes and become option in the
617     - templates. If they are not defined in the templates, then they wont appear
618     - as per normal template processing. You may want to do this because your LDAP
619     - server may automatically calculate a default value.
620     - In Fedora Directory Server using the DNA Plugin one could ignore uidNumber,
621     - gidNumber and sambaSID. */
622     -// $servers->setValue('server','force_may',array(''));
623     -# $servers->setValue('server','force_may',array('uidNumber','gidNumber','sambaSID'));
624     -
625     diff -Nur smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/07Uniq smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/07Uniq
626     --- smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/07Uniq 2013-05-26 20:32:47.000000000 -0400
627     +++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/07Uniq 1969-12-31 19:00:00.000000000 -0500
628     @@ -1,20 +0,0 @@
629     -
630     -/*********************************************
631     - * Unique attributes *
632     - *********************************************/
633     -
634     -/* You may want phpLDAPadmin to enforce some attributes to have unique values
635     - (ie: not belong to other entries in your tree. This (together with
636     - 'unique','dn' and 'unique','pass' option will not let updates to
637     - occur with other attributes have the same value. */
638     -# $servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
639     -
640     -/* If you set this, then phpldapadmin will bind to LDAP with this user ID when
641     - searching for attribute uniqueness. The idea is, this user id would have full
642     - (readonly) access to your ldap directory (the logged in user may not), so
643     - that you can be guaranteed to get a unique uidnumber for your directory. */
644     -// $servers->setValue('unique','dn',null);
645     -
646     -/* The password for the dn above. */
647     -// $servers->setValue('unique','pass',null);
648     -
649     diff -Nur smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/08Others smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/08Others
650     --- smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/08Others 2013-05-26 20:33:37.000000000 -0400
651     +++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/opt/phpldapadmin/config/config.php/08Others 1969-12-31 19:00:00.000000000 -0500
652     @@ -1,55 +0,0 @@
653     -
654     -/**************************************************************************
655     - * If you want to configure additional LDAP servers, do so below. *
656     - * Remove the commented lines and use this section as a template for all *
657     - * your other LDAP servers. *
658     - **************************************************************************/
659     -
660     -/*
661     -$servers->newServer('ldap_pla');
662     -$servers->setValue('server','name','LDAP Server');
663     -$servers->setValue('server','host','127.0.0.1');
664     -$servers->setValue('server','port',389);
665     -$servers->setValue('server','base',array(''));
666     -$servers->setValue('login','auth_type','cookie');
667     -$servers->setValue('login','bind_id','');
668     -$servers->setValue('login','bind_pass','');
669     -$servers->setValue('server','tls',false);
670     -
671     -# SASL auth
672     -$servers->setValue('login','auth_type','sasl');
673     -$servers->setValue('sasl','mech','GSSAPI');
674     -$servers->setValue('sasl','realm','EXAMPLE.COM');
675     -$servers->setValue('sasl','authz_id',null);
676     -$servers->setValue('sasl','authz_id_regex','/^uid=([^,]+)(.+)/i');
677     -$servers->setValue('sasl','authz_id_replacement','$1');
678     -$servers->setValue('sasl','props',null);
679     -
680     -$servers->setValue('appearance','password_hash','md5');
681     -$servers->setValue('login','attr','dn');
682     -$servers->setValue('login','fallback_dn',false);
683     -$servers->setValue('login','class',null);
684     -$servers->setValue('server','read_only',false);
685     -$servers->setValue('appearance','show_create',true);
686     -
687     -$servers->setValue('auto_number','enable',true);
688     -$servers->setValue('auto_number','mechanism','search');
689     -$servers->setValue('auto_number','search_base',null);
690     -$servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500));
691     -$servers->setValue('auto_number','dn',null);
692     -$servers->setValue('auto_number','pass',null);
693     -
694     -$servers->setValue('login','anon_bind',true);
695     -$servers->setValue('custom','pages_prefix','custom_');
696     -$servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
697     -$servers->setValue('unique','dn',null);
698     -$servers->setValue('unique','pass',null);
699     -
700     -$servers->setValue('server','visible',true);
701     -$servers->setValue('login','timeout',30);
702     -$servers->setValue('server','branch_rename',false);
703     -$servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
704     -$servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
705     -$servers->setValue('server','force_may',array('uidNumber','gidNumber','sambaSID'));
706     -*/
707     -?>
708     diff -Nur smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/phpldapadmin/config.php/01header smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/01header
709     --- smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/phpldapadmin/config.php/01header 1969-12-31 19:00:00.000000000 -0500
710     +++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/01header 2013-05-26 20:24:11.000000000 -0400
711     @@ -0,0 +1,38 @@
712     +<?php
713     +/** NOTE **
714     + ** Make sure that <?php is the FIRST line of this file!
715     + ** IE: There should NOT be any blank lines or spaces BEFORE <?php
716     + **/
717     +
718     +/**
719     + * The phpLDAPadmin config file
720     + * See: http://phpldapadmin.sourceforge.net/wiki/index.php/Config.php
721     + *
722     + * This is where you can customise some of the phpLDAPadmin defaults
723     + * that are defined in config_default.php.
724     + *
725     + * To override a default, use the $config->custom variable to do so.
726     + * For example, the default for defining the language in config_default.php
727     + *
728     + * $this->default->appearance['language'] = array(
729     + * 'desc'=>'Language',
730     + * 'default'=>'auto');
731     + *
732     + * to override this, use $config->custom->appearance['language'] = 'en_EN';
733     + *
734     + * This file is also used to configure your LDAP server connections.
735     + *
736     + * You must specify at least one LDAP server there. You may add
737     + * as many as you like. You can also specify your language, and
738     + * many other options.
739     + *
740     + * NOTE: Commented out values in this file prefixed by //, represent the
741     + * defaults that have been defined in config_default.php.
742     + * Commented out values prefixed by #, dont reflect their default value, you can
743     + * check config_default.php if you want to see what the default is.
744     + *
745     + * DONT change config_default.php, you changes will be lost by the next release
746     + * of PLA. Instead change this file - as it will NOT be replaced by a new
747     + * version of phpLDAPadmin.
748     + */
749     +
750     diff -Nur smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/phpldapadmin/config.php/02UsefulConfOver smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/02UsefulConfOver
751     --- smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/phpldapadmin/config.php/02UsefulConfOver 1969-12-31 19:00:00.000000000 -0500
752     +++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/02UsefulConfOver 2013-05-26 20:25:20.000000000 -0400
753     @@ -0,0 +1,60 @@
754     +/*********************************************
755     + * Useful important configuration overrides *
756     + *********************************************/
757     +
758     +/* If you are asked to put PLA in debug mode, this is how you do it: */
759     +# $config->custom->debug['level'] = 255;
760     +# $config->custom->debug['syslog'] = true;
761     +# $config->custom->debug['file'] = '/tmp/pla_debug.log';
762     +
763     +/* phpLDAPadmin can encrypt the content of sensitive cookies if you set this
764     + to a big random string. */
765     +// $config->custom->session['blowfish'] = null;
766     +
767     +/* If your auth_type is http, you can override your HTTP Authentication Realm. */
768     +// $config->custom->session['http_realm'] = sprintf('%s %s',app_name(),'login');
769     +
770     +/* The language setting. If you set this to 'auto', phpLDAPadmin will attempt
771     + to determine your language automatically.
772     + If PLA doesnt show (all) strings in your language, then you can do some
773     + translation at http://translations.launchpad.net/phpldapadmin and download
774     + the translation files, replacing those provided with PLA.
775     + (We'll pick up the translations before making the next release too!) */
776     +// $config->custom->appearance['language'] = 'auto';
777     +
778     +/* The temporary storage directory where we will put jpegPhoto data
779     + This directory must be readable and writable by your web server. */
780     +// $config->custom->jpeg['tmpdir'] = '/tmp'; // Example for Unix systems
781     +# $config->custom->jpeg['tmpdir'] = 'c:\\temp'; // Example for Windows systems
782     +
783     +/* Set this to (bool)true if you do NOT want a random salt used when
784     + calling crypt(). Instead, use the first two letters of the user's
785     + password. This is insecure but unfortunately needed for some older
786     + environments. */
787     +# $config->custom->password['no_random_crypt_salt'] = true;
788     +
789     +/* PHP script timeout control. If php runs longer than this many seconds then
790     + PHP will stop with an Maximum Execution time error. Increase this value from
791     + the default if queries to your LDAP server are slow. The default is either
792     + 30 seconds or the setting of max_exection_time if this is null. */
793     +// $config->custom->session['timelimit'] = 30;
794     +
795     +// $config->custom->appearance['show_clear_password'] = false;
796     +
797     +// $config->custom->search['size_limit'] = 50;
798     +# $config->custom->search['size_limit'] = 1000;
799     +
800     +/* Our local timezone
801     + This is to make sure that when we ask the system for the current time, we
802     + get the right local time. If this is not set, all time() calculations will
803     + assume UTC if you have not set PHP date.timezone. */
804     +// $config->custom->appearance['timezone'] = null;
805     +# $config->custom->appearance['timezone'] = 'Australia/Melbourne';
806     +
807     + meaning that users will not be presented a form for modifying those
808     + attributes, and they will not be allowed to be modified on the "back-end"
809     + either. You may configure this list here:
810     + NOTE: The user must be able to read the readonly_attrs_exempt entry to be
811     + excluded. */
812     +// $config->custom->appearance['readonly_attrs'] = array();
813     +
814     diff -Nur smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/phpldapadmin/config.php/03Commands smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/03Commands
815     --- smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/phpldapadmin/config.php/03Commands 1969-12-31 19:00:00.000000000 -0500
816     +++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/03Commands 2013-05-26 20:27:25.000000000 -0400
817     @@ -0,0 +1,58 @@
818     +/*********************************************
819     + * Commands *
820     + *********************************************/
821     +
822     +/* Command availability ; if you don't authorize a command the command
823     + links will not be shown and the command action will not be permitted.
824     + For better security, set also ACL in your ldap directory. */
825     +/*
826     +$config->custom->commands['cmd'] = array(
827     + 'entry_internal_attributes_show' => true,
828     + 'entry_refresh' => true,
829     + 'oslinks' => true,
830     + 'switch_template' => true
831     +);
832     +
833     +$config->custom->commands['script'] = array(
834     + 'add_attr_form' => true,
835     + 'add_oclass_form' => true,
836     + 'add_value_form' => true,
837     + 'collapse' => true,
838     + 'compare' => true,
839     + 'compare_form' => true,
840     + 'copy' => true,
841     + 'copy_form' => true,
842     + 'create' => true,
843     + 'create_confirm' => true,
844     + 'delete' => true,
845     + 'delete_attr' => true,
846     + 'delete_form' => true,
847     + 'draw_tree_node' => true,
848     + 'expand' => true,
849     + 'export' => true,
850     + 'export_form' => true,
851     + 'import' => true,
852     + 'import_form' => true,
853     + 'login' => true,
854     + 'logout' => true,
855     + 'login_form' => true,
856     + 'mass_delete' => true,
857     + 'mass_edit' => true,
858     + 'mass_update' => true,
859     + 'modify_member_form' => true,
860     + 'monitor' => true,
861     + 'purge_cache' => true,
862     + 'query_engine' => true,
863     + 'rename' => true,
864     + 'rename_form' => true,
865     + 'rdelete' => true,
866     + 'refresh' => true,
867     + 'schema' => true,
868     + 'server_info' => true,
869     + 'show_cache' => true,
870     + 'template_engine' => true,
871     + 'update_confirm' => true,
872     + 'update' => true
873     +);
874     +*/
875     +
876     diff -Nur smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/phpldapadmin/config.php/04Attributes smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/04Attributes
877     --- smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/phpldapadmin/config.php/04Attributes 1969-12-31 19:00:00.000000000 -0500
878     +++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/04Attributes 2013-05-26 20:28:55.000000000 -0400
879     @@ -0,0 +1,130 @@
880     +
881     +/*********************************************
882     + * Appearance *
883     + *********************************************/
884     +
885     +/* If you want to choose the appearance of the tree, specify a class name which
886     + inherits from the Tree class. */
887     +// $config->custom->appearance['tree'] = 'AJAXTree';
888     +# $config->custom->appearance['tree'] = 'HTMLTree';
889     +
890     +/* Just show your custom templates. */
891     +// $config->custom->appearance['custom_templates_only'] = false;
892     +
893     +/* Disable the default template. */
894     +// $config->custom->appearance['disable_default_template'] = false;
895     +
896     +/* Hide the warnings for invalid objectClasses/attributes in templates. */
897     +// $config->custom->appearance['hide_template_warning'] = false;
898     +
899     +/* Set to true if you would like to hide header and footer parts. */
900     +// $config->custom->appearance['minimalMode'] = false;
901     +
902     +/* Configure what objects are shown in left hand tree */
903     +// $config->custom->appearance['tree_filter'] = '(objectclass=*)';
904     +
905     +/* The height and width of the tree. If these values are not set, then
906     + no tree scroll bars are provided. */
907     +// $config->custom->appearance['tree_height'] = null;
908     +# $config->custom->appearance['tree_height'] = 600;
909     +// $config->custom->appearance['tree_width'] = null;
910     +# $config->custom->appearance['tree_width'] = 250;
911     +
912     +/* Confirm create and update operations, allowing you to review the changes
913     + and optionally skip attributes during the create/update operation. */
914     +// $config->custom->confirm['create'] = true;
915     +// $config->custom->confirm['update'] = true;
916     +
917     +/* Confirm copy operations, and treat them like create operations. This allows
918     + you to edit the attributes (thus changing any that might conflict with
919     + uniqueness) before creating the new entry. */
920     +// $config->custom->confirm['copy'] = true;
921     +
922     +/*********************************************
923     + * User-friendly attribute translation *
924     + *********************************************/
925     +
926     +/* Use this array to map attribute names to user friendly names. For example, if
927     + you don't want to see "facsimileTelephoneNumber" but rather "Fax". */
928     +// $config->custom->appearance['friendly_attrs'] = array();
929     +$config->custom->appearance['friendly_attrs'] = array(
930     + 'facsimileTelephoneNumber' => 'Fax',
931     + 'gid' => 'Group',
932     + 'mail' => 'Email',
933     + 'telephoneNumber' => 'Telephone',
934     + 'uid' => 'User Name',
935     + 'userPassword' => 'Password'
936     +);
937     +
938     +/*********************************************
939     + * Hidden attributes *
940     + *********************************************/
941     +
942     +/* You may want to hide certain attributes from being edited. If you want to
943     + hide attributes from the user, you should use your LDAP servers ACLs.
944     + NOTE: The user must be able to read the hide_attrs_exempt entry to be
945     + excluded. */
946     +// $config->custom->appearance['hide_attrs'] = array();
947     +# $config->custom->appearance['hide_attrs'] = array('objectClass');
948     +
949     +/* Members of this list will be exempt from the hidden attributes. */
950     +// $config->custom->appearance['hide_attrs_exempt'] = null;
951     +# $config->custom->appearance['hide_attrs_exempt'] = 'cn=PLA UnHide,ou=Groups,c=AU';
952     +
953     +/*********************************************
954     + * Read-only attributes *
955     + *********************************************/
956     +
957     +/* You may want to phpLDAPadmin to display certain attributes as read only,
958     + meaning that users will not be presented a form for modifying those
959     + attributes, and they will not be allowed to be modified on the "back-end"
960     + either. You may configure this list here:
961     + NOTE: The user must be able to read the readonly_attrs_exempt entry to be
962     + excluded. */
963     +// $config->custom->appearance['readonly_attrs'] = array();
964     +
965     +/* Members of this list will be exempt from the readonly attributes. */
966     +// $config->custom->appearance['readonly_attrs_exempt'] = null;
967     +# $config->custom->appearance['readonly_attrs_exempt'] = 'cn=PLA ReadWrite,ou=Groups,c=AU';
968     +
969     +/*********************************************
970     + * Group attributes *
971     + *********************************************/
972     +
973     +/* Add "modify group members" link to the attribute. */
974     +// $config->custom->modify_member['groupattr'] = array('member','uniqueMember','memberUid');
975     +
976     +/* Configure filter for member search. This only applies to "modify group members" feature */
977     +// $config->custom->modify_member['filter'] = '(objectclass=Person)';
978     +
979     +/* Attribute that is added to the group member attribute. */
980     +// $config->custom->modify_member['attr'] = 'dn';
981     +
982     +/* For Posix attributes */
983     +// $config->custom->modify_member['posixattr'] = 'uid';
984     +// $config->custom->modify_member['posixfilter'] = '(uid=*)';
985     +// $config->custom->modify_member['posixgroupattr'] = 'memberUid';
986     +
987     +/*********************************************
988     + * Support for attrs display order *
989     + *********************************************/
990     +
991     +/* Use this array if you want to have your attributes displayed in a specific
992     + order. You can use default attribute names or their fridenly names.
993     + For example, "sn" will be displayed right after "givenName". All the other
994     + attributes that are not specified in this array will be displayed after in
995     + alphabetical order. */
996     +// $config->custom->appearance['attr_display_order'] = array();
997     +# $config->custom->appearance['attr_display_order'] = array(
998     +# 'givenName',
999     +# 'sn',
1000     +# 'cn',
1001     +# 'displayName',
1002     +# 'uid',
1003     +# 'uidNumber',
1004     +# 'gidNumber',
1005     +# 'homeDirectory',
1006     +# 'mail',
1007     +# 'userPassword'
1008     +# );
1009     +
1010     diff -Nur smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/phpldapadmin/config.php/05LdapServer smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/05LdapServer
1011     --- smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/phpldapadmin/config.php/05LdapServer 1969-12-31 19:00:00.000000000 -0500
1012     +++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/05LdapServer 2013-05-26 20:42:12.000000000 -0400
1013     @@ -0,0 +1,86 @@
1014     +
1015     +/*********************************************
1016     + * Define your LDAP servers in this section *
1017     + *********************************************/
1018     +
1019     +$servers = new Datastore();
1020     +
1021     +/* $servers->NewServer('ldap_pla') must be called before each new LDAP server
1022     + declaration. */
1023     +$servers->newServer('ldap_pla');
1024     +
1025     +/* A convenient name that will appear in the tree viewer and throughout
1026     + phpLDAPadmin to identify this LDAP server to users. */
1027     +$servers->setValue('server','name','Local LDAP Server');
1028     +
1029     +/* Examples:
1030     + 'ldap.example.com',
1031     + 'ldaps://ldap.example.com/',
1032     + 'ldapi://%2fusr%local%2fvar%2frun%2fldapi'
1033     + (Unix socket at /usr/local/var/run/ldap) */
1034     +$servers->setValue('server','host','127.0.0.1');
1035     +
1036     +/* The port your LDAP server listens on (no quotes). 389 is standard. */
1037     +$servers->setValue('server','port',389);
1038     +
1039     +/* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin
1040     + auto-detect it for you. */
1041     +// $servers->setValue('server','base',array(''));
1042     +
1043     +/* Five options for auth_type:
1044     + 1. 'cookie': you will login via a web form, and a client-side cookie will
1045     + store your login dn and password.
1046     + 2. 'session': same as cookie but your login dn and password are stored on the
1047     + web server in a persistent session variable.
1048     + 3. 'http': same as session but your login dn and password are retrieved via
1049     + HTTP authentication.
1050     + 4. 'config': specify your login dn and password here in this config file. No
1051     + login will be required to use phpLDAPadmin for this server.
1052     + 5. 'sasl': login will be taken from the webserver's kerberos authentication.
1053     + Currently only GSSAPI has been tested (using mod_auth_kerb).
1054     +
1055     + Choose wisely to protect your authentication information appropriately for
1056     + your situation. If you choose 'cookie', your cookie contents will be
1057     + encrypted using blowfish and the secret your specify above as
1058     + session['blowfish']. */
1059     +// $servers->setValue('login','auth_type','session');
1060     +
1061     +/* The DN of the user for phpLDAPadmin to bind with. For anonymous binds or
1062     + 'cookie','session' or 'sasl' auth_types, LEAVE THE LOGIN_DN AND LOGIN_PASS
1063     + BLANK. If you specify a login_attr in conjunction with a cookie or session
1064     + auth_type, then you can also specify the bind_id/bind_pass here for searching
1065     + the directory for users (ie, if your LDAP server does not allow anonymous
1066     + binds. */
1067     +// $servers->setValue('login','bind_id','');
1068     +# $servers->setValue('login','bind_id','cn=Manager,dc=example,dc=com');
1069     +
1070     +/* Your LDAP password. If you specified an empty bind_id above, this MUST also
1071     + be blank. */
1072     +// $servers->setValue('login','bind_pass','');
1073     +# $servers->setValue('login','bind_pass','secret');
1074     +
1075     +/* Use TLS (Transport Layer Security) to connect to the LDAP server. */
1076     +// $servers->setValue('server','tls',false);
1077     +
1078     +
1079     +{
1080     + open (PW, "/etc/openldap/ldap.pw")
1081     + || die "Could not read LDAP password.\n";
1082     + my $pw = <PW>;
1083     + chomp ($pw);
1084     + close PW;
1085     +
1086     + use esmith::util;
1087     +
1088     + my %conf;
1089     + tie %conf, 'esmith::config', '/home/e-smith/db/configuration';
1090     +
1091     + my $domain = db_get(\%conf, 'DomainName');
1092     +
1093     + my $dc = esmith::util::ldapBase($domain);
1094     +
1095     + $OUT .= "\$servers->setValue('server','base',array('$dc'));\n";
1096     + $OUT .= "\$servers->setValue('server','auth_type','config');\n";
1097     + $OUT .= "\$servers->SetValue('login','dn','cn=root,$dc');\n";
1098     + $OUT .= "\$servers->setValue('login','pass','$pw');\n";
1099     +}
1100     diff -Nur smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/phpldapadmin/config.php/06SASLAuth smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/06SASLAuth
1101     --- smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/phpldapadmin/config.php/06SASLAuth 1969-12-31 19:00:00.000000000 -0500
1102     +++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/06SASLAuth 2013-05-26 20:31:46.000000000 -0400
1103     @@ -0,0 +1,169 @@
1104     +/************************************
1105     + * SASL Authentication *
1106     + ************************************/
1107     +
1108     +/* Enable SASL authentication LDAP SASL authentication requires PHP 5.x
1109     + configured with --with-ldap-sasl=DIR. If this option is disabled (ie, set to
1110     + false), then all other sasl options are ignored. */
1111     +// $servers->setValue('login','auth_type','sasl');
1112     +
1113     +/* SASL auth mechanism */
1114     +// $servers->setValue('sasl','mech','GSSAPI');
1115     +
1116     +/* SASL authentication realm name */
1117     +// $servers->setValue('sasl','realm','');
1118     +# $servers->setValue('sasl','realm','EXAMPLE.COM');
1119     +
1120     +/* SASL authorization ID name
1121     + If this option is undefined, authorization id will be computed from bind DN,
1122     + using authz_id_regex and authz_id_replacement. */
1123     +// $servers->setValue('sasl','authz_id', null);
1124     +
1125     +/* SASL authorization id regex and replacement
1126     + When authz_id property is not set (default), phpLDAPAdmin will try to
1127     + figure out authorization id by itself from bind distinguished name (DN).
1128     +
1129     + This procedure is done by calling preg_replace() php function in the
1130     + following way:
1131     +
1132     + $authz_id = preg_replace($sasl_authz_id_regex,$sasl_authz_id_replacement,
1133     + $bind_dn);
1134     +
1135     + For info about pcre regexes, see:
1136     + - pcre(3), perlre(3)
1137     + - http://www.php.net/preg_replace */
1138     +// $servers->setValue('sasl','authz_id_regex',null);
1139     +// $servers->setValue('sasl','authz_id_replacement',null);
1140     +# $servers->setValue('sasl','authz_id_regex','/^uid=([^,]+)(.+)/i');
1141     +# $servers->setValue('sasl','authz_id_replacement','$1');
1142     +
1143     +/* SASL auth security props.
1144     + See http://beepcore-tcl.sourceforge.net/tclsasl.html#anchor5 for explanation. */
1145     +// $servers->setValue('sasl','props',null);
1146     +
1147     +/* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
1148     + blowfish, crypt or leave blank for now default algorithm. */
1149     +// $servers->setValue('appearance','password_hash','md5');
1150     +$servers->setValue('appearance','password_hash','');
1151     +
1152     +/* If you specified 'cookie' or 'session' as the auth_type above, you can
1153     + optionally specify here an attribute to use when logging in. If you enter
1154     + 'uid' and login as 'dsmith', phpLDAPadmin will search for (uid=dsmith)
1155     + and log in as that user.
1156     + Leave blank or specify 'dn' to use full DN for logging in. Note also that if
1157     + your LDAP server requires you to login to perform searches, you can enter the
1158     + DN to use when searching in 'bind_id' and 'bind_pass' above. */
1159     +// $servers->setValue('login','attr','dn');
1160     +$servers->setValue('login','attr','uid');
1161     +
1162     +/* Base DNs to used for logins. If this value is not set, then the LDAP server
1163     + Base DNs are used. */
1164     +// $servers->setValue('login','base',array());
1165     +
1166     +/* If 'login,attr' is used above such that phpLDAPadmin will search for your DN
1167     + at login, you may restrict the search to a specific objectClasses. EG, set this
1168     + to array('posixAccount') or array('inetOrgPerson',..), depending upon your
1169     + setup. */
1170     +// $servers->setValue('login','class',array());
1171     +
1172     +/* If you specified something different from 'dn', for example 'uid', as the
1173     + login_attr above, you can optionally specify here to fall back to
1174     + authentication with dn.
1175     + This is useful, when users should be able to log in with their uid, but
1176     + the ldap administrator wants to log in with his root-dn, that does not
1177     + necessarily have the uid attribute.
1178     + When using this feature, login_class is ignored. */
1179     +// $servers->setValue('login','fallback_dn',false);
1180     +
1181     +/* Specify true If you want phpLDAPadmin to not display or permit any
1182     + modification to the LDAP server. */
1183     +// $servers->setValue('server','read_only',false);
1184     +
1185     +/* Specify false if you do not want phpLDAPadmin to draw the 'Create new' links
1186     + in the tree viewer. */
1187     +// $servers->setValue('appearance','show_create',true);
1188     +
1189     +/* Set to true if you would like to initially open the first level of each tree. */
1190     +// $servers->setValue('appearance','open_tree',false);
1191     +
1192     +/* This feature allows phpLDAPadmin to automatically determine the next
1193     + available uidNumber for a new entry. */
1194     +// $servers->setValue('auto_number','enable',true);
1195     +
1196     +/* The mechanism to use when finding the next available uidNumber. Two possible
1197     + values: 'uidpool' or 'search'.
1198     + The 'uidpool' mechanism uses an existing uidPool entry in your LDAP server to
1199     + blindly lookup the next available uidNumber. The 'search' mechanism searches
1200     + for entries with a uidNumber value and finds the first available uidNumber
1201     + (slower). */
1202     +// $servers->setValue('auto_number','mechanism','search');
1203     +
1204     +/* The DN of the search base when the 'search' mechanism is used above. */
1205     +# $servers->setValue('auto_number','search_base','ou=People,dc=example,dc=com');
1206     +
1207     +/* The minimum number to use when searching for the next available number
1208     + (only when 'search' is used for auto_number. */
1209     +// $servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500));
1210     +
1211     +/* If you set this, then phpldapadmin will bind to LDAP with this user ID when
1212     + searching for the uidnumber. The idea is, this user id would have full
1213     + (readonly) access to uidnumber in your ldap directory (the logged in user
1214     + may not), so that you can be guaranteed to get a unique uidnumber for your
1215     + directory. */
1216     +// $servers->setValue('auto_number','dn',null);
1217     +
1218     +/* The password for the dn above. */
1219     +// $servers->setValue('auto_number','pass',null);
1220     +
1221     +/* Enable anonymous bind login. */
1222     +// $servers->setValue('login','anon_bind',true);
1223     +
1224     +/* Use customized page with prefix when available. */
1225     +# $servers->setValue('custom','pages_prefix','custom_');
1226     +
1227     +/* If you set this, then only these DNs are allowed to log in. This array can
1228     + contain individual users, groups or ldap search filter(s). Keep in mind that
1229     + the user has not authenticated yet, so this will be an anonymous search to
1230     + the LDAP server, so make your ACLs allow these searches to return results! */
1231     +# $servers->setValue('login','allowed_dns',array(
1232     +# 'uid=stran,ou=People,dc=example,dc=com',
1233     +# '(&(gidNumber=811)(objectClass=groupOfNames))',
1234     +# '(|(uidNumber=200)(uidNumber=201))',
1235     +# 'cn=callcenter,ou=Group,dc=example,dc=com'));
1236     +
1237     +/* Set this if you dont want this LDAP server to show in the tree */
1238     +// $servers->setValue('server','visible',true);
1239     +
1240     +/* Set this if you want to hide the base DNs that dont exist instead of
1241     + displaying the message "The base entry doesnt exist, create it?"
1242     +// $servers->setValue('server','hide_noaccess_base',false);
1243     +# $servers->setValue('server','hide_noaccess_base',true);
1244     +
1245     +/* This is the time out value in minutes for the server. After as many minutes
1246     + of inactivity you will be automatically logged out. If not set, the default
1247     + value will be ( session_cache_expire()-1 ) */
1248     +# $servers->setValue('login','timeout',30);
1249     +
1250     +/* Set this if you want phpldapadmin to perform rename operation on entry which
1251     + has children. Certain servers are known to allow it, certain are not. */
1252     +// $servers->setValue('server','branch_rename',false);
1253     +
1254     +/* If you set this, then phpldapadmin will show these attributes as
1255     + internal attributes, even if they are not defined in your schema. */
1256     +// $servers->setValue('server','custom_sys_attrs',array(''));
1257     +# $servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
1258     +
1259     +/* If you set this, then phpldapadmin will show these attributes on
1260     + objects, even if they are not defined in your schema. */
1261     +// $servers->setValue('server','custom_attrs',array(''));
1262     +# $servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
1263     +
1264     +/* These attributes will be forced to MAY attributes and become option in the
1265     + templates. If they are not defined in the templates, then they wont appear
1266     + as per normal template processing. You may want to do this because your LDAP
1267     + server may automatically calculate a default value.
1268     + In Fedora Directory Server using the DNA Plugin one could ignore uidNumber,
1269     + gidNumber and sambaSID. */
1270     +// $servers->setValue('server','force_may',array(''));
1271     +# $servers->setValue('server','force_may',array('uidNumber','gidNumber','sambaSID'));
1272     +
1273     diff -Nur smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/phpldapadmin/config.php/07Uniq smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/07Uniq
1274     --- smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/phpldapadmin/config.php/07Uniq 1969-12-31 19:00:00.000000000 -0500
1275     +++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/07Uniq 2013-05-26 20:32:47.000000000 -0400
1276     @@ -0,0 +1,20 @@
1277     +
1278     +/*********************************************
1279     + * Unique attributes *
1280     + *********************************************/
1281     +
1282     +/* You may want phpLDAPadmin to enforce some attributes to have unique values
1283     + (ie: not belong to other entries in your tree. This (together with
1284     + 'unique','dn' and 'unique','pass' option will not let updates to
1285     + occur with other attributes have the same value. */
1286     +# $servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
1287     +
1288     +/* If you set this, then phpldapadmin will bind to LDAP with this user ID when
1289     + searching for attribute uniqueness. The idea is, this user id would have full
1290     + (readonly) access to your ldap directory (the logged in user may not), so
1291     + that you can be guaranteed to get a unique uidnumber for your directory. */
1292     +// $servers->setValue('unique','dn',null);
1293     +
1294     +/* The password for the dn above. */
1295     +// $servers->setValue('unique','pass',null);
1296     +
1297     diff -Nur smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/phpldapadmin/config.php/08Others smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/08Others
1298     --- smeserver-phpldapadmin-1.2.3.old/root/etc/e-smith/templates/etc/phpldapadmin/config.php/08Others 1969-12-31 19:00:00.000000000 -0500
1299     +++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/08Others 2013-05-26 20:33:37.000000000 -0400
1300     @@ -0,0 +1,55 @@
1301     +
1302     +/**************************************************************************
1303     + * If you want to configure additional LDAP servers, do so below. *
1304     + * Remove the commented lines and use this section as a template for all *
1305     + * your other LDAP servers. *
1306     + **************************************************************************/
1307     +
1308     +/*
1309     +$servers->newServer('ldap_pla');
1310     +$servers->setValue('server','name','LDAP Server');
1311     +$servers->setValue('server','host','127.0.0.1');
1312     +$servers->setValue('server','port',389);
1313     +$servers->setValue('server','base',array(''));
1314     +$servers->setValue('login','auth_type','cookie');
1315     +$servers->setValue('login','bind_id','');
1316     +$servers->setValue('login','bind_pass','');
1317     +$servers->setValue('server','tls',false);
1318     +
1319     +# SASL auth
1320     +$servers->setValue('login','auth_type','sasl');
1321     +$servers->setValue('sasl','mech','GSSAPI');
1322     +$servers->setValue('sasl','realm','EXAMPLE.COM');
1323     +$servers->setValue('sasl','authz_id',null);
1324     +$servers->setValue('sasl','authz_id_regex','/^uid=([^,]+)(.+)/i');
1325     +$servers->setValue('sasl','authz_id_replacement','$1');
1326     +$servers->setValue('sasl','props',null);
1327     +
1328     +$servers->setValue('appearance','password_hash','md5');
1329     +$servers->setValue('login','attr','dn');
1330     +$servers->setValue('login','fallback_dn',false);
1331     +$servers->setValue('login','class',null);
1332     +$servers->setValue('server','read_only',false);
1333     +$servers->setValue('appearance','show_create',true);
1334     +
1335     +$servers->setValue('auto_number','enable',true);
1336     +$servers->setValue('auto_number','mechanism','search');
1337     +$servers->setValue('auto_number','search_base',null);
1338     +$servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500));
1339     +$servers->setValue('auto_number','dn',null);
1340     +$servers->setValue('auto_number','pass',null);
1341     +
1342     +$servers->setValue('login','anon_bind',true);
1343     +$servers->setValue('custom','pages_prefix','custom_');
1344     +$servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
1345     +$servers->setValue('unique','dn',null);
1346     +$servers->setValue('unique','pass',null);
1347     +
1348     +$servers->setValue('server','visible',true);
1349     +$servers->setValue('login','timeout',30);
1350     +$servers->setValue('server','branch_rename',false);
1351     +$servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
1352     +$servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
1353     +$servers->setValue('server','force_may',array('uidNumber','gidNumber','sambaSID'));
1354     +*/
1355     +?>

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed