Added a field for editing the description for LDAP groups.
---- Changes since 1.510 ----
The list of groups now includes descriptions, if any are set.
+---- Changes since 1.520 ----
+Added Module Config options for additional LDAP filters to find users and groups, in addition to the posixAccount / posixGroup object class filters.
$newdn = "uid=$user{'user'},$base";
$rv = $ldap->search(base => $newdn,
scope => 'base',
- filter => '(&(objectClass=posixAccount))');
+ filter => &user_filter());
($uinfo) = $rv->all_entries;
%user = &dn_to_hash($uinfo);
multi_fields=Allow multiple values for extra properties?,1,1-Yes,0-No
noclash=Attributes for which duplicates are disallowed,0
person=Give all Unix users the <tt>person</tt> object class?,1,1-Yes,0-No
+user_filter=Additional LDAP filter for users,3,None,,,,Attribute=value
+group_filter=Additional LDAP filter for groups,3,None,,,,Attribute=value
line5=Home directory options,11
homedir_perms=Permissions on new home directories,3,From Users and Groups module
else {
$rv = $ldap->search(base => $in{'dn'},
scope => 'base',
- filter => '(objectClass=posixGroup)');
+ filter => &group_filter());
($ginfo) = $rv->all_entries;
$group = $ginfo->get_value('cn');
$gid = $ginfo->get_value('gidNumber');
# Get values from current user
$rv = $ldap->search(base => $in{'dn'},
scope => 'base',
- filter => '(objectClass=posixAccount)');
+ filter => &user_filter());
($uinfo) = $rv->all_entries;
@users = $uinfo->get_value('uid');
$user = $users[0];
@defsecs = &split_quoted_string($mconfig{'default_secs'});
$base = &get_group_base();
$rv = $ldap->search(base => $base,
- filter => '(objectClass=posixGroup)');
+ filter => &group_filter());
%ingroups = ( );
foreach $g (sort { lc($a->dn()) cmp lc($b->dn()) } $rv->all_entries) {
$group = $g->get_value("cn");
# Count the number of users and groups
$base = &get_user_base();
$rv = $ldap->search(base => $base,
- filter => '(objectClass=posixAccount)',
+ filter => &user_filter(),
sizelimit => $mconfig{'display_max'}+1);
$ucount = $rv->count;
$base = &get_group_base();
$rv = $ldap->search(base => $base,
- filter => '(objectClass=posixGroup)',
+ filter => &group_filter(),
sizelimit => $mconfig{'display_max'}+1);
$gcount = $rv->count;
local $ldap = &ldap_connect();
local $base = &get_user_base();
local $rv = $ldap->search(base => $base,
- filter => '(objectClass=posixAccount)');
+ filter => &user_filter());
local $u;
foreach $u ($rv->all_entries) {
local %uinfo = &dn_to_hash($u);
local $ldap = &ldap_connect();
local $base = &get_group_base();
local $rv = $ldap->search(base => $base,
- filter => '(objectClass=posixGroup)');
+ filter => &group_filter());
local $g;
foreach $g ($rv->all_entries) {
local %ginfo = &dn_to_hash($g);
# Find existing group with the same GID
local $base = &get_group_base();
local $rv = $ldap->search(base => $base,
- filter => "(&(objectClass=posixGroup)(gidNumber=$user->{'gid'}))");
+ filter => "(&".&group_filter().
+ "(gidNumber=$user->{'gid'}))");
local ($ginfo) = $rv->all_entries;
if ($ginfo && $ginfo->get_value("sambaSID")) {
# We can get the SID from the actual group
return undef;
}
+# user_filter()
+# Returns an LDAP filter expression to find users
+sub user_filter
+{
+my $rv = "(objectClass=posixAccount)";
+if ($config{'user_filter'}) {
+ $rv = "(&".$rv."(".$config{'user_filter'}."))";
+ }
+return $rv;
+}
+
+# group_filter()
+# Returns an LDAP filter expression to find groups
+sub group_filter
+{
+my $rv = "(objectClass=posixGroup)";
+if ($config{'group_filter'}) {
+ $rv = "(&".$rv."(".$config{'group_filter'}."))";
+ }
+return $rv;
+}
+
1;
if ($in{'user'}) {
$rv = $ldap->search(base => $in{'dn'},
scope => 'base',
- filter => '(objectClass=posixAccount)');
+ filter => &user_filter());
}
else {
$rv = $ldap->search(base => $in{'dn'},
scope => 'base',
- filter => '(objectClass=posixGroup)');
+ filter => &group_filter());
}
($what) = $rv->all_entries;
# Get existing group
$rv = $ldap->search(base => $in{'dn'},
scope => 'base',
- filter => '(&(objectClass=posixGroup))');
+ filter => &group_filter());
($ginfo) = $rv->all_entries;
$ginfo || &error($text{'gsave_egone'});
$olddesc = $ginfo->get_value('description');
# Get existing user
$rv = $ldap->search(base => $in{'dn'},
scope => 'base',
- filter => '(&(objectClass=posixAccount))');
+ filter => &user_filter());
($uinfo) = $rv->all_entries;
$uinfo || &error($text{'usave_egone'});
%ouser = &dn_to_hash($uinfo);
print "$text{'udel_groups'}<br>\n";
$base = &get_group_base();
$rv = $ldap->search(base => $base,
- filter => '(&(objectClass=posixGroup))');
+ filter => &group_filter());
foreach $g ($rv->all_entries) {
local @mems = $g->get_value("memberUid");
local $idx = &indexof($user, @mems);
}
$base = &get_group_base();
$rv = $ldap->search(base => $base,
- filter => '(&(objectClass=posixGroup))');
+ filter => &group_filter());
foreach $g ($rv->all_entries) {
local @mems = $g->get_value("memberUid");
local $gname = $g->get_value("cn");
# Get the updated user object
$rv = $ldap->search(base => $newdn,
scope => 'base',
- filter => '(&(objectClass=posixAccount))');
+ filter => &user_filter());
($uinfo) = $rv->all_entries;
%user = &dn_to_hash($uinfo);
$search = "(!($in{'field'}=*$in{'what'}*))";
}
$rv = $ldap->search(base => $base,
- filter => "(&(objectClass=posixGroup)$search)");
+ filter => "(&".&group_filter().$search.")");
if ($rv->code) {
&error(&text('search_err', "<tt>$search</tt>",
"<tt>$base</tt>", $rv->error));
$search = "(!($in{'field'}=*$in{'what'}*))";
}
$rv = $ldap->search(base => $base,
- filter => "(&(objectClass=posixAccount)$search)");
+ filter => "(&".&user_filter().$search.")");
if ($rv->code) {
&error(&text('search_err', "<tt>$search</tt>",
"<tt>$base</tt>", $rv->error));