diff options
Diffstat (limited to 'usr/local')
-rwxr-xr-x | usr/local/www/guiconfig.inc | 4 | ||||
-rw-r--r-- | usr/local/www/interfaces_bridge.php | 4 | ||||
-rw-r--r-- | usr/local/www/system_authservers.php | 32 | ||||
-rwxr-xr-x | usr/local/www/system_usermanager_settings.php | 8 | ||||
-rw-r--r-- | usr/local/www/system_usermanager_settings_ldapacpicker.php | 35 | ||||
-rw-r--r-- | usr/local/www/vpn_openvpn_server.php | 10 |
6 files changed, 61 insertions, 32 deletions
diff --git a/usr/local/www/guiconfig.inc b/usr/local/www/guiconfig.inc index 8906d56..b7966d4 100755 --- a/usr/local/www/guiconfig.inc +++ b/usr/local/www/guiconfig.inc @@ -134,9 +134,9 @@ $ldap_templates = array( 'msad' => array( 'desc' => "Microsoft AD", - 'attr_user' => "samAccountNAme", + 'attr_user' => "samAccountName", 'attr_group' => "cn", - 'attr_member' => "member"), + 'attr_member' => "memberOf"), 'edir' => array( 'desc' => "Novell eDirectory", diff --git a/usr/local/www/interfaces_bridge.php b/usr/local/www/interfaces_bridge.php index 05c69e2..9e009ba 100644 --- a/usr/local/www/interfaces_bridge.php +++ b/usr/local/www/interfaces_bridge.php @@ -61,7 +61,7 @@ function bridge_inuse($num) { if ($_GET['act'] == "del") { /* check if still in use */ if (bridge_inuse($_GET['id'])) { - $input_errors[] = "This bridge TUNNEL cannot be deleted because it is still being used as an interface."; + $input_errors[] = "This bridge cannot be deleted because it is assigned as an interface."; } else { mwexec("/sbin/ifconfig " . $a_bridges[$_GET['id']]['bridgeif'] . " destroy"); unset($a_bridges[$_GET['id']]); @@ -132,7 +132,7 @@ include("head.inc"); <?=htmlspecialchars($bridge['descr']);?> </td> <td valign="middle" nowrap class="list"> <a href="interfaces_bridge_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a> - <a href="interfaces_bridge.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this bridge tunnel?')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> + <a href="interfaces_bridge.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this bridge?')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> </tr> <?php $i++; endforeach; ?> <tr> diff --git a/usr/local/www/system_authservers.php b/usr/local/www/system_authservers.php index edf2e0a..799a77c 100644 --- a/usr/local/www/system_authservers.php +++ b/usr/local/www/system_authservers.php @@ -2,6 +2,7 @@ /* system_authservers.php + Copyright (C) 2010 Ermal Luçi Copyright (C) 2008 Shrew Soft Inc. All rights reserved. @@ -81,6 +82,7 @@ if ($act == "edit") { $pconfig['ldap_protver'] = $a_server[$id]['ldap_protver']; $pconfig['ldap_scope'] = $a_server[$id]['ldap_scope']; $pconfig['ldap_basedn'] = $a_server[$id]['ldap_basedn']; + $pconfig['ldap_authcn'] = $a_server[$id]['ldap_authcn']; $pconfig['ldap_binddn'] = $a_server[$id]['ldap_binddn']; $pconfig['ldap_bindpw'] = $a_server[$id]['ldap_bindpw']; $pconfig['ldap_attr_user'] = $a_server[$id]['ldap_attr_user']; @@ -135,11 +137,11 @@ if ($_POST) { if ($pconfig['type'] == "ldap") { $reqdfields = explode(" ", "name type ldap_host ldap_port ". "ldap_urltype ldap_protver ldap_scope ldap_basedn ". - "ldap_attr_user ldap_attr_group ldap_attr_member"); + "ldap_attr_user ldap_attr_group ldap_attr_member ldapauthcontainers"); $reqdfieldsn = explode(",", "Descriptive name,Type,Hostname or IP,". "Port value,Transport,Protocol version,Search level,". "Search Base DN,User naming Attribute,". - "Group naming Attribute,Group member attribute"); + "Group naming Attribute,Group member attribute,Authentication container"); if (!$pconfig['ldap_anon']) { $reqdfields[] = "ldap_binddn"; @@ -200,6 +202,7 @@ if ($_POST) { $server['ldap_protver'] = $pconfig['ldap_protver']; $server['ldap_scope'] = $pconfig['ldap_scope']; $server['ldap_basedn'] = $pconfig['ldap_basedn']; + $server['ldap_authcn'] = $pconfig['ldapauthcontainers']; $server['ldap_attr_user'] = $pconfig['ldap_attr_user']; $server['ldap_attr_group'] = $pconfig['ldap_attr_group']; $server['ldap_attr_member'] = $pconfig['ldap_attr_member']; @@ -469,6 +472,24 @@ function radius_srvcschange(){ </td> </tr> <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Authentication containers");?></td> + <td width="78%" class="vtable"> + <table border="0" cellspacing="0" cellpadding="2"> + <tr> + <td>Containers: </td> + <td> + <input name="ldapauthcontainers" type="text" class="formfld unknown" id="ldapauthcontainers" size="40" value="<?=htmlspecialchars($pconfig['ldap_authcn']);?>"/> + <input type="button" onClick="javascript:if(openwindow('system_usermanager_settings_ldapacpicker.php') == false) alert('Popup blocker detected. Action aborted.');" value="Select"> + <br />NOTE: Semi-Colon separated. This will be prepended to the search base dn above or you can specify full container path. + <br />EXAMPLE: CN=Users;DC=example + <br />EXAMPLE: CN=Users,DC=example,DC=com;OU=OtherUsers,DC=example,DC=com + </td> + </tr> + </table> + + </td> + </tr> + <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Bind credentials");?></td> <td width="78%" class="vtable"> <table border="0" cellspacing="0" cellpadding="2"> @@ -658,6 +679,13 @@ function radius_srvcschange(){ <?php include("fend.inc");?> <script type="text/javascript"> <!-- +function openwindow(url) { + var oWin = window.open(url,"pfSensePop","width=620,height=400,top=150,left=150"); + if (oWin==null || typeof(oWin)=="undefined") + return false; + else + return true; +} server_typechange('<?=$pconfig['type'];?>'); <?php if (!isset($id) || $pconfig['type'] == "ldap"): ?> ldap_bindchange(); diff --git a/usr/local/www/system_usermanager_settings.php b/usr/local/www/system_usermanager_settings.php index 4ef01f5..3956830 100755 --- a/usr/local/www/system_usermanager_settings.php +++ b/usr/local/www/system_usermanager_settings.php @@ -194,7 +194,7 @@ include("head.inc"); document.iform.ldapserver.disabled = 0;
document.iform.ldapbindun.disabled = 0;
document.iform.ldapbindpw.disabled = 0;
- document.iform.ldapfilter.value = "(samaccountname=*)";
+ document.iform.ldapfilter.value = "(samaccountname=_username_)";
document.iform.ldapnameattribute.value = "samaccountname";
document.iform.ldapgroupattribute.value = "memberOf";
break;
@@ -208,7 +208,7 @@ include("head.inc"); document.iform.ldapserver.disabled = 0;
document.iform.ldapbindun.disabled = 0;
document.iform.ldapbindpw.disabled = 0;
- document.iform.ldapfilter.value = "(cn=*)";
+ document.iform.ldapfilter.value = "(cn=_username_)";
document.iform.ldapnameattribute.value = "CN";
document.iform.ldapgroupattribute.value = "groupMembership";
break;
@@ -287,8 +287,8 @@ if(!$pconfig['backend']) </div>
<div id="filteradvdiv" name="filteradvdiv" style="display:none">
<input name="ldapfilter" id="ldapfilter" size="65" value="<?=htmlspecialchars($pconfig['ldapfilter']);?>">
- <br/>Example: For Active Directory you would want to use (samaccountname=$username)
- <br/>Example: For eDirectory you would want to use (cn=$username)
+ <br/>Example: For Active Directory you would want to use (samaccountname=_username_)
+ <br/>Example: For eDirectory you would want to use (cn=_username_)
</div>
</td>
</tr>
diff --git a/usr/local/www/system_usermanager_settings_ldapacpicker.php b/usr/local/www/system_usermanager_settings_ldapacpicker.php index 52953b0..891b146 100644 --- a/usr/local/www/system_usermanager_settings_ldapacpicker.php +++ b/usr/local/www/system_usermanager_settings_ldapacpicker.php @@ -36,24 +36,23 @@ require("priv.defs.inc"); require("priv.inc"); if($_POST) { - print_r($_POST); - $ous = ldap_get_user_ous(true); - $values = ""; - $isfirst = true; - foreach($ous as $ou) { - if(in_array($ou, $_POST['ou'])) { - if($isfirst == false) - $values .= ";"; - $isfirst = false; - $values .= $ou; - } - } - echo "<script language=\"JavaScript\">\n"; - echo "<!--\n"; - echo " opener.document.forms[0].ldapauthcontainers.value='$values'\n"; - echo " this.close();\n"; - echo "-->\n"; - echo "</script>\n"; + $ous = ldap_get_user_ous(true); + $values = ""; + $isfirst = true; + foreach($ous as $ou) { + if(in_array($ou, $_POST['ou'])) { + if($isfirst == false) + $values .= ";"; + $isfirst = false; + $values .= $ou; + } + } + echo "<script language=\"JavaScript\">\n"; + echo "<!--\n"; + echo " opener.document.forms[0].ldapauthcontainers.value='$values'\n"; + echo " this.close();\n"; + echo "-->\n"; + echo "</script>\n"; } ?> diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index c58942f..87328e0 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -265,7 +265,7 @@ if ($_POST) { if ($_POST['disable'] == "yes") $server['disable'] = true; $server['mode'] = $pconfig['mode']; - $server['authmode'] = $pconfig['authmode']; + $server['authmode'] = implode(",", $pconfig['authmode']); $server['protocol'] = $pconfig['protocol']; list($server['interface'], $server['ipaddr']) = explode ("|",$pconfig['interface']); $server['local_port'] = $pconfig['local_port']; @@ -338,6 +338,7 @@ if ($_POST) { header("Location: vpn_openvpn_server.php"); exit; } + $pconfig['authmode'] = implode(",", $pconfig['authmode']); } include("head.inc"); @@ -545,12 +546,13 @@ function netbios_change() { <tr id="authmodetr" style="display:none"> <td width="22%" valign="top" class="vncellreq"><?=gettext("Backend for authentication");?></td> <td width="78%" class="vtable"> - <select name='authmode' id='authmode' class="formselect"> - <option value="local" <?php if ($pconfig['authmode'] == "local") echo "selected";?>>Local authentication database</option> + <select name='authmode[]' id='authmode' class="formselect" multiple="true" size="<?php echo count($auth_servers) + 1; ?>"> + <?php $authmodes = explode(",", $pconfig['authmode']); ?> + <option value="local" <?php if (in_array("local", $authmodes)) echo "selected";?>>Local authentication database</option> <?php foreach ($auth_servers as $auth_server): $selected = ""; - if ($pconfig['authmode'] == $auth_server['name']) + if (in_array($auth_server['name'], $authmodes)) $selected = "selected"; ?> <option value="<?=$auth_server['name'];?>" <?=$selected;?>><?=$auth_server['name'];?></option> |