diff options
author | Simon Rettberg | 2018-03-15 17:08:55 +0100 |
---|---|---|
committer | Simon Rettberg | 2018-03-15 17:08:55 +0100 |
commit | 6cc6619d9037d2664c35839191c25fef1c64daf8 (patch) | |
tree | 0097d3cc5266111df6a657e627d70c6bec43ef2d /modules-available/sysconfig | |
parent | [inc/Dictionary] Hide languages that are missing flag.png AND name.txt (diff) | |
download | slx-admin-6cc6619d9037d2664c35839191c25fef1c64daf8.tar.gz slx-admin-6cc6619d9037d2664c35839191c25fef1c64daf8.tar.xz slx-admin-6cc6619d9037d2664c35839191c25fef1c64daf8.zip |
[sysconfig] Support new multiserver auth, mount option config support
references #3313
Diffstat (limited to 'modules-available/sysconfig')
8 files changed, 43 insertions, 29 deletions
diff --git a/modules-available/sysconfig/addmodule_adauth.inc.php b/modules-available/sysconfig/addmodule_adauth.inc.php index df7f385d..7d30e15b 100644 --- a/modules-available/sysconfig/addmodule_adauth.inc.php +++ b/modules-available/sysconfig/addmodule_adauth.inc.php @@ -434,9 +434,11 @@ class AdAuth_HomeDir extends AddModule_Base $data[$key . '_c'] = 'checked="checked"'; } } - $data['shareRemapMode_' . $this->edit->getData('shareRemapMode')] = 'selected="selected"'; - $data['shareDomain'] = $this->edit->getData('shareDomain'); $letter = $this->edit->getData('shareHomeDrive'); + $data['shareRemapMode_' . $this->edit->getData('shareRemapMode')] = 'selected="selected"'; + foreach (['shareDomain', 'shareHomeMountOpts', 'ldapAttrMountOpts'] as $key) { + $data[$key] = $this->edit->getData($key); + } } else { $data['shareDownloads_c'] = $data['shareMedia_c'] = $data['shareDocuments_c'] = $data['shareRemapCreate_c'] = 'checked="checked"'; $data['shareRemapMode_1'] = 'selected="selected"'; @@ -475,16 +477,12 @@ class AdAuth_Finish extends AddModule_Base else $module = $this->edit; $ssl = Request::post('ssl', 'off') === 'on'; - $module->setData('server', Request::post('server')); - $module->setData('searchbase', Request::post('searchbase')); - $module->setData('binddn', Request::post('binddn')); - $module->setData('bindpw', Request::post('bindpw')); - $module->setData('home', Request::post('home')); - $module->setData('homeattr', Request::post('homeattr')); - $module->setData('certificate', Request::post('certificate')); + foreach (['searchbase', 'binddn', 'server', 'bindpw', 'home', 'homeattr', 'certificate', 'fixnumeric', + 'ldapAttrMountOpts', 'shareHomeMountOpts'] as $key) { + $module->setData($key, Request::post($key, '', 'string')); + } $module->setData('ssl', $ssl); $module->setData('mapping', Request::post('mapping', false, 'array')); - $module->setData('fixnumeric', Request::post('fixnumeric', '', 'string')); foreach (AdAuth_HomeDir::getAttributes() as $key) { $value = Request::post($key); if (is_numeric($value)) { diff --git a/modules-available/sysconfig/addmodule_ldapauth.inc.php b/modules-available/sysconfig/addmodule_ldapauth.inc.php index 1db6cb51..6490ff20 100644 --- a/modules-available/sysconfig/addmodule_ldapauth.inc.php +++ b/modules-available/sysconfig/addmodule_ldapauth.inc.php @@ -205,9 +205,11 @@ class LdapAuth_HomeDir extends AddModule_Base $data[$key . '_c'] = 'checked="checked"'; } } - $data['shareRemapMode_' . $this->edit->getData('shareRemapMode')] = 'selected="selected"'; - $data['shareDomain'] = $this->edit->getData('shareDomain'); $letter = $this->edit->getData('shareHomeDrive'); + $data['shareRemapMode_' . $this->edit->getData('shareRemapMode')] = 'selected="selected"'; + foreach (['shareDomain', 'shareHomeMountOpts', 'ldapAttrMountOpts'] as $key) { + $data[$key] = $this->edit->getData($key); + } } else { $data['shareDownloads_c'] = $data['shareMedia_c'] = $data['shareDocuments_c'] = $data['shareRemapCreate_c'] = 'checked="checked"'; $data['shareRemapMode_1'] = 'selected="selected"'; @@ -238,8 +240,6 @@ class LdapAuth_Finish extends AddModule_Base protected function preprocessInternal() { - $binddn = Request::post('binddn'); - $searchbase = Request::post('searchbase'); $title = Request::post('title'); if (empty($title)) $title = 'LDAP: ' . Request::post('server'); @@ -248,15 +248,12 @@ class LdapAuth_Finish extends AddModule_Base else $module = $this->edit; $ssl = Request::post('ssl', 'off') === 'on'; - $module->setData('server', Request::post('server')); - $module->setData('searchbase', $searchbase); - $module->setData('binddn', $binddn); - $module->setData('bindpw', Request::post('bindpw')); - $module->setData('home', Request::post('home')); - $module->setData('certificate', Request::post('certificate')); + foreach (['searchbase', 'binddn', 'server', 'bindpw', 'home', 'certificate', 'fixnumeric', + 'ldapAttrMountOpts', 'shareHomeMountOpts'] as $key) { + $module->setData($key, Request::post($key, '', 'string')); + } $module->setData('ssl', $ssl); $module->setData('mapping', Request::post('mapping', false, 'array')); - $module->setData('fixnumeric', Request::post('fixnumeric', '', 'string')); foreach (LdapAuth_HomeDir::getAttributes() as $key) { $value = Request::post($key); if (is_numeric($value)) { diff --git a/modules-available/sysconfig/inc/configmodule/adauth.inc.php b/modules-available/sysconfig/inc/configmodule/adauth.inc.php index db06a4a4..ed7b318d 100644 --- a/modules-available/sysconfig/inc/configmodule/adauth.inc.php +++ b/modules-available/sysconfig/inc/configmodule/adauth.inc.php @@ -12,5 +12,5 @@ ConfigModule::registerModule( Dictionary::translateFileModule('sysconfig', 'config-module', 'adAuth_title'), // Title Dictionary::translateFileModule('sysconfig', 'config-module', 'adAuth_description'), // Description Dictionary::translateFileModule('sysconfig', 'config-module', 'group_authentication'), // Group - true // Only one per config? + false // Only one per config? ); diff --git a/modules-available/sysconfig/inc/configmodule/ldapauth.inc.php b/modules-available/sysconfig/inc/configmodule/ldapauth.inc.php index 1a706234..e8df2877 100644 --- a/modules-available/sysconfig/inc/configmodule/ldapauth.inc.php +++ b/modules-available/sysconfig/inc/configmodule/ldapauth.inc.php @@ -19,5 +19,5 @@ ConfigModule::registerModule( Dictionary::translateFileModule('sysconfig', 'config-module', 'ldapAuth_title'), // Title Dictionary::translateFileModule('sysconfig', 'config-module', 'ldapAuth_description'), // Description Dictionary::translateFileModule('sysconfig', 'config-module', 'group_authentication'), // Group - true // Only one per config? + false // Only one per config? ); diff --git a/modules-available/sysconfig/inc/configmodulebaseldap.inc.php b/modules-available/sysconfig/inc/configmodulebaseldap.inc.php index d6fc3ed9..c5df8697 100644 --- a/modules-available/sysconfig/inc/configmodulebaseldap.inc.php +++ b/modules-available/sysconfig/inc/configmodulebaseldap.inc.php @@ -3,12 +3,13 @@ abstract class ConfigModuleBaseLdap extends ConfigModule { - const VERSION = 2; + const VERSION = 3; private static $REQUIRED_FIELDS = array('server', 'searchbase'); private static $OPTIONAL_FIELDS = array('binddn', 'bindpw', 'home', 'ssl', 'fixnumeric', 'fingerprint', 'certificate', 'homeattr', 'shareRemapMode', 'shareRemapCreate', 'shareDocuments', 'shareDownloads', 'shareDesktop', 'shareMedia', - 'shareOther', 'shareHomeDrive', 'shareDomain', 'credentialPassthrough', 'mapping'); + 'shareOther', 'shareHomeDrive', 'shareDomain', 'credentialPassthrough', 'mapping', + 'ldapAttrMountOpts', 'shareHomeMountOpts'); public static function getMapping($config = false, &$empty = true) { diff --git a/modules-available/sysconfig/lang/de/template-tags.json b/modules-available/sysconfig/lang/de/template-tags.json index 7f8511e6..c2738ca4 100644 --- a/modules-available/sysconfig/lang/de/template-tags.json +++ b/modules-available/sysconfig/lang/de/template-tags.json @@ -53,11 +53,11 @@ "lang_helpHomeAttrText": "Hier k\u00f6nnen Sie alternativ zum fest vorgegebenem Template des Home-Verzeichnis Servers den Attributsnamen im Active Directory angeben, der diesen Pfad bereitstellt. Normalerweise ist dies \"homeDirectory\". Wird das Feld leer gelassen, versucht der Assistent, das Attribut selbstst\u00e4ndig zu ermitteln. Falls das Einbinden der Home-Verzeichnisse anschlie\u00dfend nicht funktioniert, \u00fcberpr\u00fcfen Sie bitte den Client-Log (Status->Client Log) und den LDAP-Proxy-Log (Status->Server Status).", "lang_helpModuleConfiguration": "Konfigurationsmodule sind die Bausteine, aus denen eine Systemkonfiguration erstellt wird. Hier lassen sich sowohl generische Module durch einen Wizard anlegen, als auch komplett eigene Module erstellen (fortgeschritten, Linuxkenntnisse erforderlich).", "lang_helpSystemConfiguration": "\u00dcber eine Systemkonfiguration wird die grundlegende Lokalisierung des bwLehrpool-Systems durchgef\u00fchrt. Dazu geh\u00f6ren Aspekte wie das Authentifizierungsverfahren f\u00fcr Benutzer (z.B. Active Directory, LDAP), Druckerkonfiguration, Home-Verzeichnisse, etc. Eine Systemkonfiguration setzt sich aus einem oder mehreren Konfigurationsmodulen zusammen, welche im angrenzenden Panel verwaltet werden k\u00f6nnen.", - "lang_homeAttr": "Home-Attribut", "lang_homeAttributeExplanation": "Bitte w\u00e4hlen Sie das Attribut, welches das Home-Verzeichnis der User enth\u00e4lt.", "lang_homeFallback": "Home-Fallback", "lang_homedirHandling": "(Home-)Verzeichnis Einbindung", "lang_inheritFromParentLoc": "Von \u00fcbergeordnetem Ort erben", + "lang_ldapAttrMountOpts": "LDAP-Attribut f\u00fcr Mount-Optionen", "lang_ldapStarted": "Der LDAP-Proxy wurde gestartet", "lang_ldapText1": "Mit diesem Wizard k\u00f6nnen Sie Authentifizierung gegen einen LDAP-Server einrichten.", "lang_ldapText2": "Zu diesem Zweck wird ein LDAP-Proxy auf dem Satelliten-Server gestartet. Dies bedeutet, dass der LDAP-Server von diesem Server aus erreichbar sein muss. Die Pool-PCs hingegen m\u00fcssen nicht direkt mit dem LDAP-Server kommunizieren k\u00f6nnen.", @@ -72,6 +72,7 @@ "lang_moduleConfiguration": "Konfigurationsmodule", "lang_moduleName": "Modulname", "lang_moduleTitle": "Titel", + "lang_mountOptionsNote": "Diese Einstellungen beziehen sich nur auf Linux und \u00e4hnliche Systeme (sowohl das MiiLinux als auch laufende VMs) und beeinflussen die Optionen, die beim Mounten des Verzeichnisses verwendet werden sollen. Sofern es im LDAP\/AD ein Nutzerattribut gibt, welches die passenden Optionen enth\u00e4lt, k\u00f6nnen Sie dieses hier angeben. Das Attribut wird dann vorrangig behandelt. Ist das Attribut leer oder nicht vorhanden, werden die Optionen verwendet, die Sie im Feld \"feste Mount-Optionen\" eingetragen haben. Sind beide Felder leer, werden verschiedene Optionen automatisch durchprobiert.", "lang_name": "Name", "lang_newConfiguration": "Neue Konfiguration", "lang_newModule": "Neues Modul", @@ -99,6 +100,7 @@ "lang_shareDomainNote": "Der Dom\u00e4nenname wird beim Einbinden des Home-Verzeichnisses dem Benutzernamen vorangestellt (DOMAIN\\user). Normalerweise wird der Dom\u00e4nenname automatisch ermittelt, er l\u00e4sst sich hiermit aber explizit \u00fcberschreiben.", "lang_shareDownloads": "Downloads", "lang_shareHomeDrive": "Home-Verzeichnis Buchstabe (Windows)", + "lang_shareHomeMountOpts": "Fest vorgegebene Mount-Optionen", "lang_shareMapCreate": "Ordner auf dem Netzlaufwerk bei Bedarf anlegen", "lang_shareMedia": "Eigene Musik, Videos, Bilder", "lang_shareModeNote": "\"Nativer Modus mit Fallback auf VMware\" ist experimentell und kann dazu f\u00fchren, dass die VM in regelm\u00e4\u00dfigen Abst\u00e4nden H\u00e4nger hat.", @@ -124,4 +126,4 @@ "lang_userDirectoryInfo1": "Optionale Angabe: Wenn die Clients f\u00fcr die Benutzer ein eigenes Verzeichnis (Homeverzeichnis, Benutzerverzeichnis) von einem Server einbinden sollen, geben Sie bitte hier das Format in UNC-Notation an, also z.B.", "lang_userDirectoryInfo2": "%s ist dabei ein Platzhalter f\u00fcr den Login-Namen des Benutzers.", "lang_userDirectoryInfo3": "Das Verzeichnis wird mit den gleichen Zugangsdaten eingebunden, die der Benutzer beim Login angibt. (D.h. kein Kerberos Support o.\u00e4.)" -} +}
\ No newline at end of file diff --git a/modules-available/sysconfig/lang/en/template-tags.json b/modules-available/sysconfig/lang/en/template-tags.json index 5a73c254..e98038a9 100644 --- a/modules-available/sysconfig/lang/en/template-tags.json +++ b/modules-available/sysconfig/lang/en/template-tags.json @@ -53,11 +53,11 @@ "lang_helpHomeAttrText": "Here you can specify the name of the attribute on the Active Directory that contains the path of the home directory server. Usually this is \"homeDirectory\". If you leave this blank, the wiszard will try to determine the attribute name automatically. If home directories don't work, check the client log (Status->Client log) and the LDAP proxy log (Status->Server status).", "lang_helpModuleConfiguration": "Configuration modules are the building blocks from which a system configuration is created. Here you can create both generic modules by a wizard, as well as create completely custom modules (advanced Linux knowledge required).", "lang_helpSystemConfiguration": "The fundamental localization of the bwLehrpool system is done through a system configuration. These include aspects such as the authentication method for users (eg Active Directory, LDAP), printer configuration, home directories, etc. A system configuration is composed of one or more configuration modules, which can be managed in the panel next to this one.", - "lang_homeAttr": "Home attribute", "lang_homeAttributeExplanation": "Please select the attribute which holds the user's home directory.", "lang_homeFallback": "Home fallback", "lang_homedirHandling": "(Home) directory handling", "lang_inheritFromParentLoc": "Inherit from parent location", + "lang_ldapAttrMountOpts": "LDAP attribute containing mount options", "lang_ldapStarted": "The LDAP proxy has been launched", "lang_ldapText1": "Here you can create a configuration module to authenticate agains an LDAP server", "lang_ldapText2": "An LDAP-Proxy will be launched on this server. This means the LDAP-Server must be reachable from it. The client PCs in the labs however don't have to be able to talk to the LDAP server \u2013 they will use the proxy running on this server.", @@ -72,6 +72,7 @@ "lang_moduleConfiguration": "Module Configuration", "lang_moduleName": "Module Name", "lang_moduleTitle": "Title", + "lang_mountOptionsNote": "These settings are relevant for the MiniLinux and VMs containing non-Windows OSes. If you specify an LDAP user attribute, its contents will be used as mount options when mounting the user's home directory. If the attribute is not specified or its contents are empty, the mount attributes specified in the other field will be used. If you leave both fields empty, the clients will try to determine the options automatically.", "lang_name": "Name", "lang_newConfiguration": "New Configuration", "lang_newModule": "New Module", @@ -99,6 +100,7 @@ "lang_shareDomainNote": "The user name will be prefixed by the domain when trying to mount home directories (DOMAIN\\user). Usually this will be determined automatically, but you can always override it here.", "lang_shareDownloads": "Downloads", "lang_shareHomeDrive": "Home drive letter (Windows)", + "lang_shareHomeMountOpts": "Fixed mount options", "lang_shareMapCreate": "Create folders on network share if they don't exist", "lang_shareMedia": "My Music, Videos, Pictures", "lang_shareModeNote": "\"Native mode with fallback\" is experimental and known to cause temporary freezes with some VMs. Use with care.", @@ -124,4 +126,4 @@ "lang_userDirectoryInfo1": "Optional: If the clients should embed a separate directory (home directory, user directory) from a server for the user, please enter here the format in UNC notation, eg", "lang_userDirectoryInfo2": "%s is a placeholder for the user's login name.", "lang_userDirectoryInfo3": "The directory is loaded with the same credentials that the user specifies when login. (That is no Kerberos support, etc.)" -} +}
\ No newline at end of file diff --git a/modules-available/sysconfig/templates/ad_ldap-homedir.html b/modules-available/sysconfig/templates/ad_ldap-homedir.html index ad543594..a8c9441a 100644 --- a/modules-available/sysconfig/templates/ad_ldap-homedir.html +++ b/modules-available/sysconfig/templates/ad_ldap-homedir.html @@ -61,6 +61,20 @@ <p><i>{{lang_driveLetterNote}}</i></p> </div> </div> + <div class="form-group row"> + <label for="inputldapAttrMountOpts" class="control-label col-xs-4">{{lang_ldapAttrMountOpts}}</label> + <div class="col-xs-8"> + <input type="text" class="form-control" id="inputldapAttrMountOpts" name="ldapAttrMountOpts" value="{{ldapAttrMountOpts}}"> + </div> + </div> + <div class="form-group row"> + <label for="inputshareHomeMountOpts" class="control-label col-xs-4">{{lang_shareHomeMountOpts}}</label> + <div class="col-xs-8"> + <input type="text" class="form-control" id="inputshareHomeMountOpts" name="shareHomeMountOpts" value="{{shareHomeMountOpts}}" + placeholder="vers=3.0,forceuid,forcegid,nounix,file_mode=0700,dir_mode=0700,noacl,nobrl"> + <p><i>{{lang_mountOptionsNote}}</i></p> + </div> + </div> <hr> <div class="slx-bold">{{lang_folderRedirection}}</div> |