summaryrefslogtreecommitdiffstats
path: root/ldap-site-mngmt/webinterface/lib/au_management_functions.php
diff options
context:
space:
mode:
Diffstat (limited to 'ldap-site-mngmt/webinterface/lib/au_management_functions.php')
-rw-r--r--ldap-site-mngmt/webinterface/lib/au_management_functions.php1333
1 files changed, 0 insertions, 1333 deletions
diff --git a/ldap-site-mngmt/webinterface/lib/au_management_functions.php b/ldap-site-mngmt/webinterface/lib/au_management_functions.php
deleted file mode 100644
index d924aec0..00000000
--- a/ldap-site-mngmt/webinterface/lib/au_management_functions.php
+++ /dev/null
@@ -1,1333 +0,0 @@
-<?php
-
-/**
-* au_management_functions.php - Administrative Unit Management Funktions-Bibliothek
-* Diese Bibliothek enthält alle Funktionen für die Verwaltung von AUs, deren DNS Domains, sowie
-* zum Rollen-Management
-*
-* @param string ldapError
-* @param resource ds
-*
-* @author Tarik Gasmi
-* @copyright Tarik Gasmi
-*/
-
-# Konfiguration laden
-require_once("config.inc.php");
-
-$ldapError = null;
-
-########################################################################################################
-
-
-
-###############################################################################
-# Funktionen zur Verwaltung der AU (und Child-AUs)
-#
-
-
-# Ändern des DN der AU, d.h. beim Ändern des Attributes 'ou'
-function modify_au_dn($auDN, $newauDN){
-
- global $ds, $suffix, $ldapError;
-
- if (move_subtree($auDN,$newauDN)){
- adjust_dn_entries($auDN,$newauDN);}
-}
-
-
-
-# Anlegen neue untergeordnete AU
-function new_childau($childDN,$childou,$childcn,$childdesc,$mainadmin){
-
- global $ds, $suffix, $auDN, $ldapError;
-
- $entryAU ["objectclass"][0] = "administrativeunit";
- $entryAU ["objectclass"][1] = "organizationalunit";
- $entryAU ["objectclass"][2] = "top";
- $entryAU ["ou"] = $childou;
- $entryAU ["dhcpmtime"] = 0;
- if ($childcn != ""){$entryAU ["cn"] = $childcn;}
- if ($childdesc != ""){$entryAU ["description"] = $childdesc;}
-
- if ($resultAU = ldap_add($ds,$childDN,$entryAU)){
-
- # alle Au Container anlegen
- $containers = array("computers","dhcp","groups","pxe","rbs","roles");
- foreach ($containers as $cont){
- $entryCont = array();
- $entryCont ['objectclass'] = "AUContainer";
- $entryCont ['cn'] = $cont;
- #print_r($entryRolesCont); echo "<br><br>";
- $resultC = ldap_add($ds,"cn=".$cont.",".$childDN,$entryCont);
- if (!($resultC)) break;
- }
-
- # MainAdmin anlegen
- $entryMA ['objectclass'] = "groupOfNames";
- $entryMA ['cn'] = "MainAdmin";
- $entryMA ['member'] = $mainadmin;
- if ($resultMA = ldap_add($ds,"cn=MainAdmin,cn=roles,".$childDN,$entryMA)){
- #$admins = array("HostAdmin","DhcpAdmin","ZoneAdmin");
- #foreach ($admins as $admin){
- # $entryAdmin ['objectclass'] = "Admins";
- # $entryAdmin ['cn'] = $admin;
- # ldap_add($ds,"cn=".$admin.",cn=roles,".$childDN,$entryAdmin);
- #}
- return 1;
- }
- else{
- return 0;
- }
- }
- else{
- return 0;
- }
-}
-
-
-
-# Löschen untergeordnete AU (d.h. deren untergeordnete AUs werden als neue uAUs integriert)
-function delete_childau($childDN,$childou,$delmodus){
-
- global $ds, $suffix, $auDN, $domDN, $assocdom, $ldapError;
-
- if ( $delmodus == "integrate"){
-
- # Associated DNS Domain integrieren
- $childdc = get_domain_data($childDN,array("dn","associatedname"));
- print_r($childdc); echo "<br>";
- # wenn einzige AU dann einfach in Parentdomain aufnehmen und betroffene Einträge löschen
- if (count($childdc[0]['associatedname']) == 1 ){
- echo "einzige AU<br>";
- # dc Childs verschieben
- $dcchilds = get_dc_childs($childdc[0]['dn'],array("dn","dc"));
- # print_r($dcchilds); echo "<br>";
- if (count($dcchilds) != 0){
- foreach ($dcchilds as $dcc){
- # print_r($dcc['dn']); echo " >> "; print_r("dc=".$dcc['dc'].",".$domDN); echo "<br>";
- if(move_subtree($dcc['dn'],"dc=".$dcc['dc'].",".$domDN)){
- $newdom = $dcc['dc'].".".$assocdom;
- #print_r($newdom); echo "<br><br>";
- dive_into_dctree_adapt("dc=".$dcc['dc'].",".$domDN,$newdom);
- }
- }
- }
-
- # alten dc-Knoten löschen
- dive_into_tree_del($childdc[0]['dn'],"");
-
- }
- # wenn noch andere AUs in der Domain, dann nur betroffene Einträge entfernen
- if (count($childdc[0]['associatedname']) > 1 ){
- echo "mehrere AUs<br>";
- # ChildAU-Rollen unterhalb dc-Knoten löschen (nur diese)(oder übernehmen: MA zu HA, HA zu HA)
- $roles = get_roles($childDN);
- #print_r($roles); echo "<br>";
-
- # was ist wenn rollen nur noch ein member haben ... fehler
- if(count($roles['MainAdmin']) != 0){
- $mainadmins = $roles['MainAdmin'];
- for ($i=0; $i<count($mainadmins); $i++){
- $entryRoleMain ['member'][$i] = $mainadmins[$i];
- }
- #print_r($entryRoleHost); echo "<br>";
- $resultMA = ldap_mod_del($ds,"cn=MainAdmin,cn=roles,".$childdc[0]['dn'],$entryRoleMain);
- }
- if(count($roles['HostAdmin']) != 0){
- $hostadmins = $roles['HostAdmin'];
- for ($i=0; $i<count($hostadmins); $i++){
- $entryRoleHost ['member'][$i] = $hostadmins[$i];
- }
- #print_r($entryRoleHost); echo "<br>";
- $resultHA = ldap_mod_del($ds,"cn=HostAdmin,cn=roles,".$childdc[0]['dn'],$entryRoleHost);
- }
- if(count($roles['ZoneAdmin']) != 0){
- $zoneadmins = $roles['ZoneAdmin'];
- for ($i=0; $i<count($zoneadmins); $i++){
- $entryRoleZone ['member'][$i] = $zoneadmins[$i];
- }
- $resultZA = ldap_mod_del($ds,"cn=ZoneAdmin,cn=roles,".$childdc[0]['dn'],$entryRoleZone);
- }
-
- $entrydel ['associatedname'] = $childDN;
- # print_r($entrydel); echo "<br>";
- ldap_mod_del($ds, $childdc[0]['dn'], $entrydel);
- $zentries = get_zone_entries_assocname($childdc[0]['dn'],array("dn"),$childDN);
- # print_r($zentries); echo "<br>";
- foreach ($zentries as $ze){
- # print_r($ze['dn']); echo "<br>";
- ldap_delete($ds, $ze['dn']);
- }
- }
-
- # Rechner (mit IP) + dranhängende MCs, PXEs verschieben
- $hosts = get_hosts($childDN,array("dn","hostname"));
- if (count($hosts) != 0){
- foreach ($hosts as $host){
- # print_r($host['dn']); echo "<br>";
- # print_r($host['hostname']); echo "<br>";
- # print_r("hostname=".$host['hostname']."-int-".$childou.",cn=computers,".$auDN); echo "<br><br>";
- if (move_subtree($host['dn'], "hostname=".$host['hostname']."-ex-".$childou.",cn=computers,".$auDN)){
- $newhostDN = "hostname=".$host['hostname']."-ex-".$childou.",cn=computers,".$auDN;
- $dhcp = get_node_data($newhostDN, array("dhcphlpcont"));
- # print_r($dhcp); echo "<br>";
- if ($dhcp['dhcphlpcont'] != ""){
- $entrydel ['dhcphlpcont'] = array();
- $entrydel ['objectclass'] = "dhcpHost";
- # print_r($dhcphlpcont);
- ldap_mod_del($ds, $newhostDN, $entrydel);
- }
- }
- }
- }
- # DHCP Objekte IP Ranges löschen
- $subnets = get_subnets($childDN,array("dn"));
- # print_r($subnets); echo "<br>";
- if (count($subnets) != 0){
- foreach ($subnets as $subnet){
- # print_r($subnet['dn']); echo "<br>";
- delete_ip_dhcprange($subnet['dn'],$childDN);
- }
- } # DHCP Pools auch noch
-
- # Freie IP Bereiche zurücknehmen
- $fipb_array = get_freeipblocks_au($childDN);
- # print_r($fipb_array); echo "<br>";
- # print_r(count($fipb_array)); echo "<br>";
- if (count($fipb_array) == 1 && $fipb_array[0] != ""){
- $entry_ipblock ['freeipblock'] = $fipb_array[0];
- # print_r($entry_ipblock); echo "<br>";
- ldap_mod_add($ds,$auDN,$entry_ipblock);
- }
- if (count($fipb_array) > 1 ){
- foreach ($fipb_array as $fipb){
- $entry_ipblock ['FreeIPBlock'][] = $fipb;
- # print_r($entry_ipblock); echo "<br>";
- ldap_mod_add($ds,$auDN,$entry_ipblock);
- }
- }
- merge_ipranges($auDN);
-
-
- # Verschieben der Childs an neue Stelle
- $child_childs = get_childau($childDN,array("dn","ou"));
- # print_r($child_childs); echo "<br>";
- if (count($child_childs) != 0){
- foreach ($child_childs as $cc){
- $child_childDN = $cc['dn'];
- $newccDN = "ou=".$cc['ou'].",".$auDN;
- # print_r($child_childDN); echo " >> ";
- # print_r($newccDN); echo "<br>";
- if (move_subtree($child_childDN,$newccDN)){
- adjust_dn_entries($child_childDN,$newccDN);
- }
- }
- }
-
- # Löschen des AU Knotens
- dive_into_tree_del($childDN,"");
-
- $mesg = "<br>Erfolgreich gel&ouml;scht mit Integration<br>";
- return $mesg;
- }
-
- if ( $delmodus == "complete" ){
- # IP Bereiche zurück
- # DNS Teilbaum Objekte löschen
- # alles rekursive löschen
-
- /*if (dive_into_tree_del($dcDN,"")){
- $delentry ['objectclass'] = "domainrelatedobject";
- $delentry ['associateddomain'] = $domsuffix;
- #print_r($delentry); echo "<br>";
- $delresult = ldap_mod_del($ds,$childDN,$delentry);
- if ($delresult){
- $mesg = "Domain komplett gel&ouml;scht<br>";
- }else{$mesg = "Fehler! ldap_mod_del<br>";}
- }else{$mesg = "Fehler! dive_into_tree_del<br>";}
- */
- $mesg = "Komplettes l&ouml;schen mometan noch nicht unterst&uuml;tzt.<br>
- Nur eine Ebene mit Integration ...<br>";
- return $mesg;
- }
-}
-
-
-
-
-###############################################################################
-# Funktionen zur Verwaltung von Domains
-#
-
-
-# Anlegen Domain beim Anlegen einer Child-AU
-function new_child_domain($childdomain, $childDN, $assocdom, $domDN){
-
- global $ds, $suffix, $domprefix, $domsuffix, $ldapError;
- $domsuffix_actual = $domsuffix;
-
- # ChildAU in gleicher Domain wie AU
- if ( $childdomain == "" || $childdomain == $domprefix ){
-
- $entryDC ["associatedname"] = $childDN;
- $resultDC = ldap_mod_add($ds,$domDN,$entryDC);
- if ($resultDC){
- # HostAdmins übernehmen, welche Admins noch? MainAdmin?
- $roles = get_roles($childDN);
- if(count($roles['MainAdmin']) != 0){
- $mainadmins = $roles['MainAdmin'];
- for ($i=0; $i<count($mainadmins); $i++){
- $entryRoleMain ['member'][$i] = $mainadmins[$i];
- }
- #print_r($entryRoleHost); echo "<br>";
- $resultMA = ldap_mod_add($ds,"cn=MainAdmin,cn=roles,".$domDN,$entryRoleMain);
- }
- #if(count($roles['HostAdmin']) != 0){
- # $dnsroles = get_roles($domDN);
- # ...
- # $hostadmins = $roles['HostAdmin'];
- # for ($i=0; $i<count($hostadmins); $i++){
- # $entryRoleHost ['member'][$i] = $hostadmins[$i];
- # }
- # #print_r($entryRoleHost); echo "<br>";
- # $resultHA = ldap_mod_add($ds,"cn=HostAdmin,cn=roles,".$domDN,$entryRoleHost);
- #}
- # Domainname zu associatedDomain der ChildAU
- $entryAD['objectclass'] = "domainRelatedObject";
- $entryAD['associateddomain'] = $assocdom;
- $resultAD = ldap_mod_add($ds,$childDN,$entryAD);
- if($resultAD){return 1;}else{return 0;}
- }
- else{return 0;}
- }
-
- # ChildAU in eigner Domain (inklusive Subdomain von AU Domain)
- if ( $childdomain != "" && $childdomain != $domprefix ){
-
- # entsprechenden DC Knoten anlegen, sowie Roles (MainAdmin, HostAdmin)
- $dc_array = explode('.',$childdomain);
- $dc_array = array_reverse($dc_array);
- $dcDN = "ou=DNS,".$suffix;
- # $childdomainfull = $childdomain.".".$domsuffix;
- #print_r($dc_array);
- foreach ($dc_array as $dc){
- $resultsum = false;
- if (check_for_dc($dcDN,$dc)){
- echo "dc <b>".$dc."</b> schon vorhanden ... n&auml;chster dc<br>";
- $domsuffix_actual = $dc.".".$domsuffix_actual;
- $dcDN = "dc=".$dc.",".$dcDN;
- }
- else{
- $dcDN = "dc=".$dc.",".$dcDN;
-
- $entryDC ["objectclass"][0] = "dnsdomain";
- $entryDC ["objectclass"][1] = "domainrelatedobject";
- $entryDC ["objectclass"][2] = "top";
- $entryDC ["dc"] = $dc;
- $entryDC ["associatedname"] = $childDN;
- $entryDC ["associateddomain"] = $dc.".".$domsuffix_actual;
- #print_r($entryDC); echo "<br>";
- #print_r($dcDN); echo "<br><br>";
- $resultDC = ldap_add($ds,$dcDN,$entryDC);
- if ($resultDC){
- $domsuffix_actual = $dc.".".$domsuffix_actual;
-
- #print_r($dcDN); echo"<br><br>";
-
- $entryRolesCont ['objectclass'] = "AUContainer";
- $entryRolesCont ['cn'] = "roles";
- #print_r($entryRolesCont); echo "<br><br>";
- $resultRC = ldap_add($ds,"cn=roles,".$dcDN,$entryRolesCont);
- if ($resultRC){
- # Rollen eintragen
- $roles = get_roles($childDN);
- #print_r($roles); echo "<br><br>";
- $mainadmins = $roles['MainAdmin'];
- $entryRoleMain ['objectclass'] = "groupOfNames";
- $entryRoleMain ['cn'] = "MainAdmin";
- for ($i=0; $i<count($mainadmins); $i++){
- $entryRoleMain ['member'][$i] = $mainadmins[$i];
- }
- #print_r($entryRoleMain); echo "<br>";
- $resultMA = ldap_add($ds,"cn=MainAdmin,cn=roles,".$dcDN,$entryRoleMain);
-
- if(count($roles['HostAdmin']) != 0){
- $entryRoleHost ['objectclass'] = "groupOfNames";
- $entryRoleHost ['cn'] = "HostAdmin";
- $hostadmins = $roles['HostAdmin'];
- for ($i=0; $i<count($hostadmins); $i++){
- $entryRoleHost ['member'][$i] = $hostadmins[$i];
- }
- #print_r($entryRoleHost); echo "<br>";
- $resultHA = ldap_add($ds,"cn=HostAdmin,cn=roles,".$dcDN,$entryRoleHost);
- }
-
- #$entryRoleZone ['objectclass'] = "Admins";
- #$entryRoleZone ['cn'] = "ZoneAdmin";
- #$resultZA = ldap_add($ds,"cn=ZoneAdmin,cn=roles,".$dcDN,$entryRoleZone);
-
- if ($resultMA){$resultsum = true;}
- }
- }
- break; # damit dc-Zuwachs immer nur um eine neue Ebene moeglich
- }
- }
- # Domainname zu associatedDomain der ChildAU
- if ($resultsum == true){
- $entryAD['objectclass'] = "domainRelatedObject";
- $entryAD['associateddomain'] = $domsuffix_actual;
- $resultAD = ldap_mod_add($ds,$childDN,$entryAD);
- }
- # fixme: fehlt noch anlegen der INCLUDE-Direktive in der parentdomain
- if($resultAD){return 1;}
- else{return 0;}
- }
-}
-
-
-# Domain einer Child-AU ändern
-function change_child_domain($childdomain, $oldchilddomain, $childDN, $assocdom, $domDN, $domprefix){
-
- global $ds, $suffix, $domsuffix, $ldapError;
- #print_r($oldchilddomain); echo "<br>";
- #print_r($domprefix); echo "<br>";
- # dcDNnew
- $dcDN = "ou=DNS,".$suffix;
- $dc_array = explode('.',$childdomain);
- $dc_array = array_reverse($dc_array);
- $dcDNnew = "";
- foreach ($dc_array as $dc){
- if (check_for_dc($dcDN,$dc)){
- $dcDN = "dc=".$dc.",".$dcDN;
- }
- else{
- $dcDN = "dc=".$dc.",".$dcDN;
- $dcDNnew .= $dcDN;
- break;
- }
- }
- # dcDNold
- $dcDNold = "ou=DNS,".$suffix;
- $dcold_array = explode('.',$oldchilddomain);
- $dcold_array = array_reverse($dcold_array);
- foreach ($dcold_array as $dc){
- $dcDNold = "dc=".$dc.",".$dcDNold;
- }
-
- #print_r($dcDNnew); echo "<br>";
- #print_r($dcDNold); echo "<br>";
- # Aus eigener AU Domain heraus in neue nicht AU Domain, d.h. dcDNold = domDN
- # Subdomain oder neue Domain anlegen
- if ($oldchilddomain == $domprefix){
-
- # associatedDomain aus ChildAU entfernen
- $entryAD['objectclass'] = "domainRelatedObject";
- $entryAD['associateddomain'] = $assocdom;
- #print_r($entryAD); echo "<br>";
- if ($resultAD = ldap_mod_del($ds,$childDN,$entryAD)){
-
- # neuen dc Knoten anlegen mit Rollen ...
- if(new_child_domain($childdomain, $childDN, $assocdom, $domDN)){
-
- # associatedName ChildDN aus altem dc-Knoten entfernen
- $entryAN ['associatedname'] = $childDN;
- #print_r($entryAN); echo "<br>";
- $result = ldap_mod_del($ds,$domDN,$entryAN);
-
- # Eigene Rollen aus dc-Knoten entfernen
- $roles = get_roles($childDN);
- if(count($roles['MainAdmin']) != 0){
- $mainadmins = $roles['MainAdmin'];
- if (count($mainadmins) > 1){
- for ($i=0; $i<count($mainadmins); $i++){
- $entryRoleMain ['member'][$i] = $mainadmins[$i];
- }
- }else{
- $entryRoleMain ['member'] = $mainadmins[0];
- }
- #print_r($entryRoleMain); echo "<br>";
- $resultMA = ldap_mod_del($ds,"cn=MainAdmin,cn=roles,".$dcDNold,$entryRoleMain);
- }
- if(count($roles['HostAdmin']) != 0){
- $hostadmins = $roles['HostAdmin'];
- if (count($hostadmins) > 1){
- for ($i=0; $i<count($hostadmins); $i++){
- $entryRoleHost ['member'][$i] = $hostadmins[$i];
- }
- }else{
- $entryRoleHost ['member'] = $hostadmins[0];
- }
- #print_r($entryRoleHost); echo "<br>";
- $resultHA = ldap_mod_del($ds,"cn=HostAdmin,cn=roles,".$dcDNold,$entryRoleHost);
- }
- if(count($roles['ZoneAdmin']) != 0){
- $zoneadmins = $roles['ZoneAdmin'];
- if (count($zoneadmins) > 1){
- for ($i=0; $i<count($zoneadmins); $i++){
- $entryRoleZone ['member'][$i] = $zoneadmins[$i];
- }
- }else{
- $entryRoleZone ['member'] = $zoneadmins[0];
- }
- #print_r($entryRoleZone); echo "<br>";
- $resultZA = ldap_mod_del($ds,"cn=ZoneAdmin,cn=roles,".$dcDNold,$entryRoleZone);
- }
-
-
- # DNS Einträge mit associatedName ChildDN verschieben
- $zone_entries = get_zone_entries_assocname($domDN,array("dn","relativedomainname"),$childDN);
- #echo "<br>"; print_r($zone_entries); echo "<br>";
- if (count($zone_entries) >= 1){
- foreach ($zone_entries as $ze){
- #print_r($ze['relativedomainname']); echo "<br>";
- #print_r($dcDNnew); echo "<br>";
- move_subtree($ze['dn'], "relativedomainname=".$ze['relativedomainname'].",".$dcDNnew);
- $domsuffix = "uni-freiburg.de"; # neu setzen da es beim new_child_domain schon mal hochgezählt wurde
- $newassocdom = $childdomain.".".$domsuffix;
- $entryZE ['zonename'] = $newassocdom;
- #print_r($entryZE); echo "<br>";
- $resultZE = ldap_mod_replace($ds,"relativedomainname=".$ze['relativedomainname'].",".$dcDNnew,$entryZE);
- }
- }
- # fixme: fehlt noch anpassen der INCLUDE-Direktive in der parentdomain
- return 1;
- }
- else{
- return 0;
- }
- }
- else{
- return 0;
- }
- }
- # Aus nicht AU Domain (aber eventuell Subdomain) in nicht AU Domain
- # Verschieben des dc-Teilbaumes
- if ($oldchilddomain != $domprefix){
- # Verschiebe dc-Baum von dcDNold nach dcDNnew
- # dcDNnew
- $dcDN = "ou=DNS,".$suffix;
- $dc_array = explode('.',$childdomain);
- $dc_array = array_reverse($dc_array);
- $dcDNnew = "";
- foreach ($dc_array as $dc){
- if (check_for_dc($dcDN,$dc)){
- $dcDN = "dc=".$dc.",".$dcDN;
- }
- else{
- $dcDN = "dc=".$dc.",".$dcDN;
- $dcDNnew .= $dcDN;
- break;
- }
- }
-
- # dcDNold
- $dcDNold = "ou=DNS,".$suffix;
- $dcold_array = explode('.',$oldchilddomain);
- $dcold_array = array_reverse($dcold_array);
- foreach ($dcold_array as $dc){
- $dcDNold = "dc=".$dc.",".$dcDNold;
- }
-
- # dc Baum verschieben
- if ($dcDNnew != ""){
- if (move_subtree($dcDNold, $dcDNnew)){
- # rekursives anpassen im neue dc-Baum:
- # associatedDomain, zoneName, includeFilename, includeOrigin
- $newassocdom = $childdomain.".".$domsuffix;
- if(dive_into_dctree_adapt($dcDNnew,$newassocdom)){
- return 1;
- # fixme: fehlt noch anpassen der INCLUDE-Direktive in der parentdomain
- }
- else{
- return 0;
- }
- }
- else{
- return 0;
- }
- }else{
- echo "Domain existiert schon, bitte anderen Domainnamen w&auml;hlen!";
- return 0;
- }
- }
-}
-
-function dive_into_dctree_adapt($dcDNnew,$newassocdom){
-
- global $ds, $suffix, $domprefix, $domsuffix, $ldapError;
- print_r($dcDNnew); echo "<br>";
- print_r($newassocdom); echo "<br><br>";
-
- # associatedDomain in dc-Knoten und in allen (mehrere) associatedName-ou-Knoten
- $entryAD['associateddomain'] = $newassocdom;
- print_r($entryAD); echo "<br>";
- $resultAD = ldap_mod_replace($ds,$dcDNnew,$entryAD);
- #$top_dcDN = str_replace("ou=DNS,","",$dcDNnew);
- #print_r($top_dcDN); echo "<br>";
- $assocnames = get_dc_data($dcDNnew,array("associatedname")); # funkt nicht bei uni-freiburg.de
- echo "<br>"; print_r($assocnames); echo "<br>";
- if (count($assocnames['associatedname']) > 1){
- foreach ($assocnames['associatedname'] as $aname){
- print_r($aname); echo "<br>";
- $resultAU = ldap_mod_replace($ds,$aname,$entryAD);
- }
- }else{
- $aname = $assocnames['associatedname'];
- print_r($aname); echo "<br>";
- $resultAU = ldap_mod_replace($ds,$aname,$entryAD);
- }
-
- # ZoneName in allen Knoten eine Ebene tiefer
- $zone_entries = get_zone_entries($dcDNnew,array("dn","zonename"));
- echo "<br>"; print_r($zone_entries); echo "<br>";
- foreach ($zone_entries as $ze){
- $entryZE ['zonename'] = $newassocdom;
- print_r($entryZE); echo "<br>";
- $resultZE = ldap_mod_replace($ds,$ze['dn'],$entryZE);
- }
-
- # Zonenamen in Reversezones ... Fehlt noch
-
- # Rekursion
- # child dc für Rekursion
- $dcchilds = get_dc_childs($dcDNnew,array("dn","dc"));
- echo "<br>"; print_r($dcchilds); echo "<br>";
- foreach ($dcchilds as $dcc){
- $newassocdom = $dcc['dc'].".".$newassocdom;
- print_r($dcc['dn']); echo " >> "; print_r($newassocdom); echo "<br>";
- dive_into_dctree_adapt($dcc['dn'],$newassocdom);
- }
-
-}
-
-
-function delete_child_domain($oldchilddomain,$assocdom,$childDN, $domDN, $delmodus){
-
- global $ds, $suffix, $domprefix, $domsuffix, $ldapError;
- #print_r($domDN); echo "<br>";
-
- # dcDNold
- $dcDNold = "ou=DNS,".$suffix;
- $dcold_array = explode('.',$oldchilddomain);
- $dcold_array = array_reverse($dcold_array);
- foreach ($dcold_array as $dc){
- $dcDNold = "dc=".$dc.",".$dcDNold;
- }
- #print_r($dcDNold); echo "<br>";
- # dcDNnew = domDN
-
- if ( $delmodus == "integrate" ){
-
- # associatedNames zu neuem dc-Knoten hinzufügen
- $assocnames = get_dc_data($dcDNold,array("associatedname")); # funkt nicht bei uni-freiburg.de
- # echo "<br>"; print_r($assocnames); echo "<br>";
- if (count($assocnames['associatedname']) > 1){
- foreach ($assocnames['associatedname'] as $aname){
- #print_r($aname); echo "<br>";
- $entryAN['associatedname'][] = $aname;
- }
- }else{
- $entryAN['associatedname'] = $assocnames['associatedname'];
- $assocname = $assocnames['associatedname'];
- $assocnames ['associatedname'] = array($assocname);
- }
- #print_r($entryAN); echo "<br>";
- $resultAN = ldap_mod_add($ds,$domDN,$entryAN);
- if($resultAN){
-
- # DNS Einträge verschieben und an neue Domain anpassen
- $zone_entries = get_zone_entries($dcDNold,array("dn","relativedomainname"));
- #echo "<br>"; print_r($zone_entries); echo "<br>";
- if (count($zone_entries) >= 1){
- foreach ($zone_entries as $ze){
- #print_r($ze['relativedomainname']); echo "<br>";
- #print_r($domDN); echo "<br>";
- move_subtree($ze['dn'], "relativedomainname=".$ze['relativedomainname'].",".$domDN);
- $entryZE ['zonename'] = $assocdom;
- print_r($entryZE); echo "<br>";
- $resultZE = ldap_mod_replace($ds,"relativedomainname=".$ze['relativedomainname'].",".$domDN,$entryZE);
- }
- }
-
- # Rollenmembers kopieren für jeden associatedName (ohne Duplikate zu generieren)
- $newdom_roles = get_roles_dns($domDN);
- #print_r($newdom_roles); echo "<br>";
- if (count($newdom_roles['MainAdmin']) != 0){$newmainadmins = $newdom_roles['MainAdmin'];}else{$newmainadmins = array();}
- if (count($newdom_roles['HostAdmin']) != 0){$newhostadmins = $newdom_roles['HostAdmin'];}else{$newhostadmins = array();}
- if (count($newdom_roles['ZoneAdmin']) != 0){$newzoneadmins = $newdom_roles['ZoneAdmin'];}else{$newzoneadmins = array();}
- #print_r($newmainadmins); echo "<br>";
- #print_r($newhostadmins); echo "<br>";
- #print_r($newzoneadmins); echo "<br><br>";
- foreach ($assocnames['associatedname'] as $aname){
- #echo "_________________________________________<br>";
- #print_r($aname); echo "<br>";
- $roles = get_roles($aname);
- #print_r($roles); echo "<br>";
- $mainadmins = $roles['MainAdmin'];
- #print_r($mainadmins); echo "<br>";
- #print_r($newmainadmins); echo "<br>";
- $mainadmins = array_diff($mainadmins, $newmainadmins);
- $mainadmins = array_merge($newmainadmins,$mainadmins);
- #print_r($mainadmins); echo "<br>";
- if (count($mainadmins) > 1){
- for ($i=0; $i<count($mainadmins); $i++){
- $entryRoleMain ['member'][$i] = $mainadmins[$i];
- }
- }else{
- $entryRoleMain ['member'] = $mainadmins[0];
- }
- #print_r($entryRoleMain); echo "<br><br>";
- $resultMA = ldap_mod_replace($ds,"cn=MainAdmin,cn=roles,".$domDN,$entryRoleMain);
-
- if(count($roles['HostAdmin']) != 0){
- $hostadmins = $roles['HostAdmin'];
- #print_r($hostadmins); echo "<br>";
- #print_r($newhostadmins); echo "<br>";
- $hostadmins = array_diff($hostadmins, $newhostadmins);
- $hostadmins = array_merge($newhostadmins,$hostadmins);
- #print_r($hostadmins); echo "<br>";
- if (count($hostadmins) > 1){
- for ($i=0; $i<count($hostadmins); $i++){
- $entryRoleHost ['member'][$i] = $hostadmins[$i];
- }
- }else{
- $entryRoleHost ['member'] = $hostadmins[0];
- }
-
- #print_r($entryRoleHost); echo "<br><br>";
- $resultHA = ldap_mod_replace($ds,"cn=HostAdmin,cn=roles,".$domDN,$entryRoleHost);
-
- }
- if(count($roles['ZoneAdmin']) != 0){
- $zoneadmins = $roles['ZoneAdmin'];
- #print_r($zoneadmins); echo "<br>";
- #print_r($newzoneadmins); echo "<br>";
- $zoneadmins = array_diff($zoneadmins, $newzoneadmins);
- $zoneadmins = array_merge($newzoneadmins,$zoneadmins);
- #print_r($zoneadmins); echo "<br>";
- if (count($zoneadmins) > 1){
- for ($i=0; $i<count($zoneadmins); $i++){
- $entryRoleZone ['member'][$i] = $zoneadmins[$i];
- }
- }else{
- $entryRoleZone ['member'] = $zoneadmins[0];
- }
- #print_r($entryRoleZone); echo "<br><br>";
- $resultZA = ldap_mod_replace($ds,"cn=ZoneAdmin,cn=roles,".$domDN,$entryRoleZone);
-
- }
-
- # associatedDomain anpassen in allen AUs von $assocnames (alt)
- $entryAD ['associateddomain'] = $assocdom;
- #print_r($entryAD); echo "<br>";
- $resultAD = ldap_mod_replace($ds,$aname,$entryAD);
-
- #echo "_________________________________________<br>";
- }
-
- # Falls alter dc-Knoten noch Subdomains, d.h. dc-Teilbäume hat, diese verschieben mit
- # rekursivem Anpassen aller Einträge
- $dcchilds = get_dc_childs($dcDNold,array("dn","dc"));
- #echo "<br><br>"; print_r($dcchilds); echo "<br>";
- if (count($dcchilds) != 0){
- foreach ($dcchilds as $dcc){
- print_r($dcc['dn']); echo " >> "; print_r("dc=".$dcc['dc'].",".$domDN); echo "<br>";
- if(move_subtree($dcc['dn'],"dc=".$dcc['dc'].",".$domDN)){
- $newdom = $dcc['dc'].".".$assocdom;
- #print_r($newdom); echo "<br><br>";
- dive_into_dctree_adapt("dc=".$dcc['dc'].",".$domDN,$newdom);
- }
- }
- }
-
- # alten dc-Knoten entfernen
- dive_into_tree_del($dcDNold,"");
-
- # fixme: fehlt noch löschen der INCLUDE-Direktive in der parentdomain
-
- }
- else{
- return 0;
- }
- }
-
-
- if ( $delmodus == "complete" ){
- # if (dive_into_tree_del($dcDNold,"")){
- $delentry ['objectclass'] = "domainrelatedobject";
- $delentry ['associateddomain'] = $oldchilddomain.".".$domsuffix;
- print_r($delentry); echo "<br>";
- # $delresult = ldap_mod_del($ds,$childDN,$delentry);
- # if ($delresult){
- # $mesg = "Domain komplett gel&ouml;scht<br>";
- # }else{$mesg = "Fehler! ldap_mod_del<br>";}
- # }else{$mesg = "Fehler! dive_into_tree_del<br>";}
- }
-
- # return $mesg;
-}
-
-
-/*
-function modify_childau_domain($childdomain, $oldchilddomain, $childDN){
-
- global $ds, $suffix, $domsuffix, $ldapError;
- $dcDN = "ou=DNS,".$suffix;
- $dcoldDN = "ou=DNS,".$suffix;
-
- $dc_array = explode('.',$childdomain);
- $dc_array = array_reverse($dc_array);
- $dcold_array = explode('.',$oldchilddomain);
- $dcold_array = array_reverse($dcold_array);
-
- foreach ($dcold_array as $dc){
- $dcoldDN = "dc=".$dc.",".$dcoldDN;
- $aname = get_dc_data($dcoldDN,array("associatedname"));
- if ($aname == $childDN){
- break;
- }
- }
- #print_r($dcoldDN); echo "<br>";
- #print_r($domsuffix); echo "<br>";
-
- $dcnewDN = "";
- foreach ($dc_array as $dc){
- if (check_for_dc($dc)){
- # echo "dc <b>".$dc."</b> schon vorhanden ... n&auml;chster dc<br>";
- $domsuffix = $dc.".".$domsuffix;
- $dcDN = "dc=".$dc.",".$dcDN;
- }
- else{
- $dcDN = "dc=".$dc.",".$dcDN;
- $domsuffix = $dc.".".$domsuffix;
- $dcnewDN .= $dcDN;
- break;
- }
- }
- #print_r($dcnewDN); echo "<br>";
- #print_r($domsuffix); echo "<br>";
-
- if ($dcnewDN != ""){
- if (move_subtree($dcoldDN,$dcnewDN)){
- $entryAD['associateddomain'] = $childdomain.".".$domsuffix;
- $resultAD = ldap_mod_replace($ds,$childDN,$entryAD);
- $resultAD2 = ldap_mod_replace($ds,$dcnewDN,$entryAD);
- if ($resultAD && $resultAD2){return 1;}else{return 0;}
- }
- }else{
- echo "Domain existiert schon, bitte anderen Domainnamen w&auml;hlen!";
- }
-
-}
-
-
-function same_domain($assocdom, $dcDN, $childDN){
-
- global $ds, $suffix, $domsuffix, $ldapError;
-
- $entryDC ["associatedname"] = $childDN;
- $resultDC = ldap_mod_add($ds,$dcDN,$entryDC);
- if ($resultDC){
- # HostAdmins übernehmen, welche Admins noch? MainAdmin?
- $roles = get_roles($childDN);
- if(count($roles['HostAdmin']) != 0){
- $hostadmins = $roles['HostAdmin'];
- for ($i=0; $i<count($hostadmins); $i++){
- $entryRoleHost ['member'][$i] = $hostadmins[$i];
- }
- #print_r($entryRoleHost); echo "<br>";
- $resultHA = ldap_mod_add($ds,"cn=HostAdmin,cn=roles,".$dcDN,$entryRoleHost);
- }
- # Domainname zu associatedDomain der ChildAU
- $entryAD['objectclass'] = "domainRelatedObject";
- $entryAD['associateddomain'] = $assocdom;
- $resultAD = ldap_mod_add($ds,$childDN,$entryAD);
- if($resultAD){return 1;}else{return 0;}
- }
- else{return 0;}
-}
-
-
-function new_childau_domain($childdomain, $childDN){
-
- global $ds, $suffix, $domsuffix, $ldapError;
-
- # entsprechenden DC Knoten anlegen, sowie Roles (MainAdmin, HostAdmin)
- $dc_array = explode('.',$childdomain);
- $dc_array = array_reverse($dc_array);
- $dcDN = "ou=DNS,".$suffix;
- # $childdomainfull = $childdomain.".".$domsuffix;
- #print_r($dc_array);
- foreach ($dc_array as $dc){
- $resultsum = false;
- if (check_for_dc($dc)){
- echo "dc <b>".$dc."</b> schon vorhanden ... n&auml;chster dc<br>";
- $domsuffix = $dc.".".$domsuffix;
- $dcDN = "dc=".$dc.",".$dcDN;
- }
- else{
- $dcDN = "dc=".$dc.",".$dcDN;
-
- $entryDC ["objectclass"][0] = "dnsdomain";
- $entryDC ["objectclass"][1] = "domainrelatedobject";
- $entryDC ["objectclass"][2] = "top";
- $entryDC ["dc"] = $dc;
- $entryDC ["associatedname"] = $childDN;
- $entryDC ["associateddomain"] = $dc.".".$domsuffix;
- #print_r($entryDC); echo "<br>";
- #print_r($dcDN); echo "<br><br>";
- $resultDC = ldap_add($ds,$dcDN,$entryDC);
- if ($resultDC){
- $domsuffix = $dc.".".$domsuffix;
-
- #print_r($dcDN); echo"<br><br>";
-
- $entryRolesCont ['objectclass'] = "AUContainer";
- $entryRolesCont ['cn'] = "roles";
- #print_r($entryRolesCont); echo "<br><br>";
- $resultRC = ldap_add($ds,"cn=roles,".$dcDN,$entryRolesCont);
- if ($resultRC){
- $roles = get_roles($childDN);
- print_r($roles); echo "<br><br>";
- $mainadmins = $roles['MainAdmin'];
- $entryRoleMain ['objectclass'] = "groupOfNames";
- $entryRoleMain ['cn'] = "MainAdmin";
- for ($i=0; $i<count($mainadmins); $i++){
- $entryRoleMain ['member'][$i] = $mainadmins[$i];
- }
- #print_r($entryRoleMain); echo "<br>";
- $resultMA = ldap_add($ds,"cn=MainAdmin,cn=roles,".$dcDN,$entryRoleMain);
-
- if(count($roles['HostAdmin']) != 0){
- $hostadmins = $roles['HostAdmin'];
- $entryRoleHost ['objectclass'] = "groupOfNames";
- $entryRoleHost ['cn'] = "HostAdmin";
- for ($i=0; $i<count($hostadmins); $i++){
- $entryRoleHost ['member'][$i] = $hostadmins[$i];
- }
- #print_r($entryRoleHost); echo "<br>";
- $resultHA = ldap_add($ds,"cn=HostAdmin,cn=roles,".$dcDN,$entryRoleHost);
- }
- if ($resultMA){$resultsum = true;}
- }
- }
- break; # damit dc-Zuwachs immer nur um eine neue Ebene moeglich
- }
- }
- # Domainname zu associatedDomain der ChildAU
- if ($resultsum == true){
- $entryAD['objectclass'] = "domainRelatedObject";
- $entryAD['associateddomain'] = $domsuffix;
- $resultAD = ldap_mod_add($ds,$childDN,$entryAD);
- }
- if($resultAD){return 1;}
- else{return 0;}
-
-}
-
-
-
-function delete_childau_domain($oldchilddomain,$childDN,$delmodus){
-
- global $ds, $suffix, $domsuffix, $ldapError;
-
- $dcold_array = explode('.',$oldchilddomain);
- $dcold_array = array_reverse($dcold_array);
- $dcDN = "ou=DNS,".$suffix;
-
- foreach ($dcold_array as $dc){
- $dcDN = "dc=".$dc.",".$dcDN;
- $aname = get_dc_data($dcDN,array("associatedname"));
- $domsuffix = $dc.".".$domsuffix;
-
- if ($aname == $childDN){
- break;
- }
- }
- #print_r($dcDN); echo "<br>";
- #print_r($domsuffix); echo "<br>";
-
- if ( $delmodus == "complete" ){
- if (dive_into_tree_del($dcDN,"")){
- $delentry ['objectclass'] = "domainrelatedobject";
- $delentry ['associateddomain'] = $domsuffix;
- #print_r($delentry); echo "<br>";
- $delresult = ldap_mod_del($ds,$childDN,$delentry);
- if ($delresult){
- $mesg = "Domain komplett gel&ouml;scht<br>";
- }else{$mesg = "Fehler! ldap_mod_del<br>";}
- }else{$mesg = "Fehler! dive_into_tree_del<br>";}
- }
-
- if ( $delmodus == "integrate"){
- $mesg = "DNS Integration, noch nicht fertiggestellt";
- }
-
- return $mesg;
-}
-*/
-
-
-
-
-###############################################################################
-# Funktionen für das Rollen Management
-#
-
-
-function new_role_member($userDN,$role,$auDN,$domDN){
-
- global $ds, $suffix, $ldapError;
-
- $actroles = get_roles($auDN);
-
- $entry['member'] = $userDN;
-
- if ($domDN != ""){
- $actdnsroles = get_roles_dns($domDN);
- switch ($role){
- case 'MainAdmin':
- $roleDN1 = "cn=".$role.",cn=roles,".$auDN;
- $roleDN2 = "cn=".$role.",cn=roles,".$domDN;
- $results1 = ldap_mod_add($ds,$roleDN1,$entry);
- $results2 = ldap_mod_add($ds,$roleDN2,$entry);
- if ($results1 && $results2){
- return 1;
- }else{
- return 0;
- }
- break;
- case 'HostAdmin':
- $roleDN1 = "cn=".$role.",cn=roles,".$auDN;
- #$roleDN2 = "cn=".$role.",cn=roles,".$domDN;
- if ( count($actroles['HostAdmin']) != 0 ){
- $results1 = ldap_mod_add($ds,$roleDN1,$entry);
- #$results2 = ldap_mod_add($ds,$roleDN2,$entry);
- }else{
- $entrynew ['objectclass'] = "groupOfNames";
- $entrynew ['cn'] = $role;
- $entrynew ['member'] = $userDN;
- $results1 = ldap_add($ds,$roleDN1,$entrynew);
- #$results2 = ldap_add($ds,$roleDN2,$entryHA);
- }
- if ($results1){ #&& $results2){
- return 1;
- }else{
- return 0;
- }
- break;
- case 'DhcpAdmin':
- $roleDN = "cn=".$role.",cn=roles,".$auDN;
- if ( count($actroles['DhcpAdmin']) != 0 ){
- $results = ldap_mod_add($ds,$roleDN,$entry);
- }else{
- $entrynew ['objectclass'] = "groupOfNames";
- $entrynew ['cn'] = $role;
- $entrynew ['member'] = $userDN;
- $results = ldap_add($ds,$roleDN,$entrynew);
- }
- if ($results){
- return 1;
- }else{
- return 0;
- }
- break;
- case 'RbsAdmin':
- $roleDN = "cn=".$role.",cn=roles,".$auDN;
- if ( count($actroles['RbsAdmin']) != 0 ){
- $results = ldap_mod_add($ds,$roleDN,$entry);
- }else{
- $entrynew ['objectclass'] = "groupOfNames";
- $entrynew ['cn'] = $role;
- $entrynew ['member'] = $userDN;
- $results = ldap_add($ds,$roleDN,$entrynew);
- }
- if ($results){
- return 1;
- }else{
- return 0;
- }
- break;
- case 'ZoneAdmin':
- $roleDN1 = "cn=".$role.",cn=roles,".$auDN;
- #$roleDN2 = "cn=".$role.",cn=roles,".$domDN;
- if ( count($actroles['ZoneAdmin']) != 0 ){
- $results1 = ldap_mod_add($ds,$roleDN1,$entry);
- #$results2 = ldap_mod_add($ds,$roleDN2,$entry);
- }else{
- $entrynew ['objectclass'] = "groupOfNames";
- $entrynew ['cn'] = $role;
- $entrynew ['member'] = $userDN;
- $results = ldap_add($ds,$roleDN1,$entrynew);
- }
- if ($results1){ #&& $results2){
- return 1;
- }else{
- return 0;
- }
- break;
- }
- }else{
- switch ($role){
- case 'MainAdmin':
- $roleDN = "cn=".$role.",cn=roles,".$auDN;
- $results = ldap_mod_add($ds,$roleDN,$entry);
- if ($results){
- return 1;
- }else{
- return 0;
- }
- break;
- case 'HostAdmin':
- $roleDN = "cn=".$role.",cn=roles,".$auDN;
- if ( count($actroles['HostAdmin']) != 0 ){
- $results = ldap_mod_add($ds,$roleDN,$entry);
- }else{
- $entrynew ['objectclass'] = "groupOfNames";
- $entrynew ['cn'] = $role;
- $entrynew ['member'] = $userDN;
- $results = ldap_add($ds,$roleDN,$entrynew);
- }
- if ($results){
- return 1;
- }else{
- return 0;
- }
- break;
- case 'DhcpAdmin':
- $roleDN = "cn=".$role.",cn=roles,".$auDN;
- if ( count($actroles['DhcpAdmin']) != 0 ){
- $results = ldap_mod_add($ds,$roleDN,$entry);
- }else{
- $entrynew ['objectclass'] = "groupOfNames";
- $entrynew ['cn'] = $role;
- $entrynew ['member'] = $userDN;
- $results = ldap_add($ds,$roleDN,$entrynew);
- }
- if ($results){
- return 1;
- }else{
- return 0;
- }
- break;
- case 'RbsAdmin':
- $roleDN = "cn=".$role.",cn=roles,".$auDN;
- if ( count($actroles['RbsAdmin']) != 0 ){
- $results = ldap_mod_add($ds,$roleDN,$entry);
- }else{
- $entrynew ['objectclass'] = "groupOfNames";
- $entrynew ['cn'] = $role;
- $entrynew ['member'] = $userDN;
- $results = ldap_add($ds,$roleDN,$entrynew);
- }
- if ($results){
- return 1;
- }else{
- return 0;
- }
- break;
- case 'ZoneAdmin':
- $roleDN = "cn=".$role.",cn=roles,".$auDN;
- if ( count($actroles['ZoneAdmin']) != 0 ){
- $results = ldap_mod_add($ds,$roleDN,$entry);
- }else{
- $entrynew ['objectclass'] = "groupOfNames";
- $entrynew ['cn'] = $role;
- $entrynew ['member'] = $userDN;
- $results = ldap_add($ds,$roleDN,$entrynew);
- }
- if ($results){
- return 1;
- }else{
- return 0;
- }
- break;
- }
- }
-}
-
-
-function delete_role_member($userDN,$role,$auDN,$domDN){
-
- global $ds, $suffix, $ldapError;
-
- $actroles = get_roles($auDN);
-
- $entry['member'] = $userDN;
-
- if ($domDN != ""){
- $actdnsroles = get_roles_dns($domDN);
-
- switch ($role){
- case 'MainAdmin':
- $roleDN1 = "cn=".$role.",cn=roles,".$auDN;
- $roleDN2 = "cn=".$role.",cn=roles,".$domDN;
- if ( count($actroles['MainAdmin']) == 1 || count($actdnsroles['MainAdmin']) == 1 ){
- echo "Rolle <b>MainAdmin</b> muss mindestens ein Mitglied haben!<br>
- <b>$userDN</b> wird nicht gel&ouml;scht.<br><br>";
- }else{
- $results1 = ldap_mod_del($ds,$roleDN1,$entry);
- $results2 = ldap_mod_del($ds,$roleDN2,$entry);
- }
- if ($results1 && $results2){
- return 1;
- }else{
- return 0;
- }
- break;
- case 'HostAdmin':
- $roleDN1 = "cn=".$role.",cn=roles,".$auDN;
- #$roleDN2 = "cn=".$role.",cn=roles,".$domDN;
- if ( count($actroles['HostAdmin']) == 1 ){
- $results1 = ldap_delete($ds,$roleDN1);
- }else{
- $results1 = ldap_mod_del($ds,$roleDN1,$entry);
- }
- #$results2 = ldap_mod_del($ds,$roleDN2,$entry);
- if ($results1){ #&& $results2){
- return 1;
- }else{
- return 0;
- }
- break;
- case 'DhcpAdmin':
- $roleDN = "cn=".$role.",cn=roles,".$auDN;
- if ( count($actroles['DhcpAdmin']) == 1 ){
- $results = ldap_delete($ds,$roleDN);
- }else{
- $results = ldap_mod_del($ds,$roleDN,$entry);
- }
- if ($results){
- return 1;
- }else{
- return 0;
- }
- break;
- case 'RbsAdmin':
- $roleDN = "cn=".$role.",cn=roles,".$auDN;
- if ( count($actroles['RbsAdmin']) == 1 ){
- $results = ldap_delete($ds,$roleDN);
- }else{
- $results = ldap_mod_del($ds,$roleDN,$entry);
- }
- if ($results){
- return 1;
- }else{
- return 0;
- }
- break;
- case 'ZoneAdmin':
- $roleDN1 = "cn=".$role.",cn=roles,".$auDN;
- #$roleDN2 = "cn=".$role.",cn=roles,".$domDN;
- if ( count($actroles['ZoneAdmin']) == 1 ){
- $results1 = ldap_delete($ds,$roleDN1);
- }else{
- $results1 = ldap_mod_del($ds,$roleDN1,$entry);
- }
- #$results2 = ldap_mod_del($ds,$roleDN2,$entry);
- if ($results1){ #&& $results2){
- return 1;
- }else{
- return 0;
- }
- break;
- }
- }else{
- switch ($role){
- case 'MainAdmin':
- $roleDN = "cn=".$role.",cn=roles,".$auDN;
- if ( count($actroles['MainAdmin']) == 1 ){
- echo "Rolle <b>MainAdmin</b> muss mindestens ein Mitglied haben!<br>
- <b>$userDN</b> wird nicht gel&oumlscht.<br><br>";
- }else{
- $results = ldap_mod_del($ds,$roleDN,$entry);
- }
- if ($results){
- return 1;
- }else{
- return 0;
- }
- break;
- case 'HostAdmin':
- $roleDN = "cn=".$role.",cn=roles,".$auDN;
- if ( count($actroles['HostAdmin']) == 1 ){
- $results = ldap_delete($ds,$roleDN);
- }else{
- $results = ldap_mod_del($ds,$roleDN,$entry);
- }
- if ($results){
- return 1;
- }else{
- return 0;
- }
- break;
- case 'DhcpAdmin':
- $roleDN = "cn=".$role.",cn=roles,".$auDN;
- if ( count($actroles['DhcpAdmin']) == 1 ){
- $results = ldap_delete($ds,$roleDN);
- }else{
- $results = ldap_mod_del($ds,$roleDN,$entry);
- }
- if ($results){
- return 1;
- }else{
- return 0;
- }
- break;
- case 'RbsAdmin':
- $roleDN = "cn=".$role.",cn=roles,".$auDN;
- if ( count($actroles['RbsAdmin']) == 1 ){
- $results = ldap_delete($ds,$roleDN);
- }else{
- $results = ldap_mod_del($ds,$roleDN,$entry);
- }
- if ($results){
- return 1;
- }else{
- return 0;
- }
- break;
- case 'ZoneAdmin':
- $roleDN = "cn=".$role.",cn=roles,".$auDN;
- if ( count($actroles['ZoneAdmin']) == 1 ){
- $results = ldap_delete($ds,$roleDN);
- }else{
- $results = ldap_mod_del($ds,$roleDN,$entry);
- }
- if ($results){
- return 1;
- }else{
- return 0;
- }
- break;
- }
- }
-}
-
-
-function get_role_members($roleDN)
-{
- global $ds, $suffix, $ldapError;
-
- if(!($result = uniLdapSearch($ds, $roleDN, "objectclass=*", array("member"), "", "one", 0, 0))) {
- # redirect(5, "", $ldapError, FALSE);
- echo "search problem";
- die;
- } else {
- $members_array = array();
- $result = ldapArraySauber($result);
- foreach ($result as $item){
- if (count($item['member']) > 1){
- $members_array = $item['member'];
- }
- else{
- $members_array[] = $item['member'];
- }
- }
- }
- return $members_array;
-}
-
-
-?> \ No newline at end of file
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-06-01 05:31:58 +0200