initial commit of file from CVS for smeserver-phpldapadmin on Sat Sep 7 20:51:26 AEST 2024

This commit is contained in:
Trevor Batley 2024-09-07 20:51:26 +10:00
parent 9192b6c4db
commit 106768eae6
24 changed files with 1135 additions and 2 deletions

4
.gitignore vendored Normal file
View File

@ -0,0 +1,4 @@
*.rpm
*.log
*spec-20*
*.tar.gz

21
Makefile Normal file
View File

@ -0,0 +1,21 @@
# Makefile for source rpm: smeserver-phpldapadmin
# $Id: Makefile,v 1.1 2021/06/01 15:47:04 jpp Exp $
NAME := smeserver-phpldapadmin
SPECFILE = $(firstword $(wildcard *.spec))
define find-makefile-common
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
endef
MAKEFILE_COMMON := $(shell $(find-makefile-common))
ifeq ($(MAKEFILE_COMMON),)
# attept a checkout
define checkout-makefile-common
test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
endef
MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
endif
include $(MAKEFILE_COMMON)

View File

@ -1,3 +1,16 @@
# smeserver-phpldapadmin
# <img src="https://www.koozali.org/images/koozali/Logo/Png/Koozali_logo_2016.png" width="25%" vertical="auto" style="vertical-align:bottom"> smeserver-phpldapadmin
SMEServer Koozali developed git repo for smeserver-phpldapadmin smecontribs
## Wiki
<br />https://wiki.koozali.org/Phpldapadmin
<br />https://wiki.koozali.org/Phpldapadmin/fr
## Bugzilla
Show list of outstanding bugs: [here](https://bugs.koozali.org/buglist.cgi?component=smeserver-phpldapadmin&product=SME%20Contribs&query_format=advanced&limit=0&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=CONFIRMED)
## Description
<br />*This description has been generated by an LLM AI system and cannot be relied on to be fully correct.*
*Once it has been checked, then this comment will be deleted*
<br />

340
additional/COPYING Normal file
View File

@ -0,0 +1,340 @@
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.
59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Library General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) 19yy <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) 19yy name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Library General
Public License instead of this License.

1
additional/README.md Normal file
View File

@ -0,0 +1 @@
smeserver-phpldapadmin is a contrib for SME Server, a Linux distro oriented server. see http://wiki.contribs.org

1
contriborbase Normal file
View File

@ -0,0 +1 @@
contribs10

21
createlinks Normal file
View File

@ -0,0 +1,21 @@
#!/usr/bin/perl -w
# This script creates the symlinks needed by this RPM
# Specific support exists to create symlinks within e-smith web "panels"
# and for links from named "events" directories into the "actions" directory
use esmith::Build::CreateLinks qw(:all);
for my $event (qw(
bootstrap-console-save
post-upgrade
console-save
smeserver-phpldapadmin-update
))
{
templates2events("/etc/phpldapadmin/config.php", $event);
templates2events("/etc/httpd/conf/httpd.conf", $event);
}
my $event="smeserver-phpldapadmin-update";
safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/httpd-e-smith");
safe_symlink("/etc/e-smith/templates-default/template-begin-php", "root/etc/e-smith/templates/etc/phpldapadmin/config.php/template-begin");

View File

@ -0,0 +1 @@
private

View File

@ -0,0 +1 @@
disabled

View File

@ -0,0 +1 @@
service

View File

@ -0,0 +1,27 @@
# Administration: phpldapadmin
<Directory /usr/share/phpldapadmin>
SSLRequireSSL on
Options -Indexes
AllowOverride None
Require { (($phpldapadmin{access} || 'private' ) eq "public" ) ? "all granted": "ip $localAccess $externalSSLAccess";}
{
# we use the ldap auth now
# AuthName "phpLdapAdmin"
# AuthBasicProvider external
# AuthType Basic
# AuthExternal pwauth
# require user admin
# Satisfy all
} AddType application/x-httpd-php .php
{
# we do not want people to mess with this for the moment
my $version = '74';
$OUT .= qq(
<FilesMatch .php\$\>
SetHandler "proxy:unix:/var/run/php-fpm/php$version.sock|fcgi://localhost"
</FilesMatch>
)
}
</Directory>

View File

@ -0,0 +1,9 @@
{
if ($port eq "80")
{
$OUT = ' RewriteRule ^/phpldapadmin(/.*|$) https://%{HTTP_HOST}/phpldapadmin$1 [L,R]';
} else {
$OUT = ' Alias /phpldapadmin /usr/share/phpldapadmin';
}
}

View File

@ -0,0 +1,38 @@
/** NOTE **
** Make sure that <?php is the FIRST line of this file!
** IE: There should NOT be any blank lines or spaces BEFORE <?php
**/
/**
* The phpLDAPadmin config file
* See: http://phpldapadmin.sourceforge.net/wiki/index.php/Config.php
*
* This is where you can customise some of the phpLDAPadmin defaults
* that are defined in config_default.php.
*
* To override a default, use the $config->custom variable to do so.
* For example, the default for defining the language in config_default.php
*
* $this->default->appearance['language'] = array(
* 'desc'=>'Language',
* 'default'=>'auto');
*
* to override this, use $config->custom->appearance['language'] = 'en_EN';
*
* This file is also used to configure your LDAP server connections.
*
* You must specify at least one LDAP server there. You may add
* as many as you like. You can also specify your language, and
* many other options.
*
* NOTE: Commented out values in this file prefixed by //, represent the
* defaults that have been defined in config_default.php.
* Commented out values prefixed by #, dont reflect their default value, you can
* check config_default.php if you want to see what the default is.
*
* DONT change config_default.php, you changes will be lost by the next release
* of PLA. Instead change this file - as it will NOT be replaced by a new
* version of phpLDAPadmin.
*/

View File

@ -0,0 +1,60 @@
/*********************************************
* Useful important configuration overrides *
*********************************************/
/* If you are asked to put PLA in debug mode, this is how you do it: */
# $config->custom->debug['level'] = 255;
# $config->custom->debug['syslog'] = true;
# $config->custom->debug['file'] = '/tmp/pla_debug.log';
/* phpLDAPadmin can encrypt the content of sensitive cookies if you set this
to a big random string. */
// $config->custom->session['blowfish'] = null;
/* If your auth_type is http, you can override your HTTP Authentication Realm. */
// $config->custom->session['http_realm'] = sprintf('%s %s',app_name(),'login');
/* The language setting. If you set this to 'auto', phpLDAPadmin will attempt
to determine your language automatically.
If PLA doesnt show (all) strings in your language, then you can do some
translation at http://translations.launchpad.net/phpldapadmin and download
the translation files, replacing those provided with PLA.
(We'll pick up the translations before making the next release too!) */
// $config->custom->appearance['language'] = 'auto';
/* The temporary storage directory where we will put jpegPhoto data
This directory must be readable and writable by your web server. */
// $config->custom->jpeg['tmpdir'] = '/tmp'; // Example for Unix systems
# $config->custom->jpeg['tmpdir'] = 'c:\\temp'; // Example for Windows systems
/* Set this to (bool)true if you do NOT want a random salt used when
calling crypt(). Instead, use the first two letters of the user's
password. This is insecure but unfortunately needed for some older
environments. */
# $config->custom->password['no_random_crypt_salt'] = true;
/* PHP script timeout control. If php runs longer than this many seconds then
PHP will stop with an Maximum Execution time error. Increase this value from
the default if queries to your LDAP server are slow. The default is either
30 seconds or the setting of max_exection_time if this is null. */
// $config->custom->session['timelimit'] = 30;
// $config->custom->appearance['show_clear_password'] = false;
// $config->custom->search['size_limit'] = 50;
# $config->custom->search['size_limit'] = 1000;
/* Our local timezone
This is to make sure that when we ask the system for the current time, we
get the right local time. If this is not set, all time() calculations will
assume UTC if you have not set PHP date.timezone. */
// $config->custom->appearance['timezone'] = null;
# $config->custom->appearance['timezone'] = 'Australia/Melbourne';
/* meaning that users will not be presented a form for modifying those
attributes, and they will not be allowed to be modified on the "back-end"
either. You may configure this list here:
NOTE: The user must be able to read the readonly_attrs_exempt entry to be
excluded. */
// $config->custom->appearance['readonly_attrs'] = array();

View File

@ -0,0 +1,58 @@
/*********************************************
* Commands *
*********************************************/
/* Command availability ; if you don't authorize a command the command
links will not be shown and the command action will not be permitted.
For better security, set also ACL in your ldap directory. */
/*
$config->custom->commands['cmd'] = array(
'entry_internal_attributes_show' => true,
'entry_refresh' => true,
'oslinks' => true,
'switch_template' => true
);
$config->custom->commands['script'] = array(
'add_attr_form' => true,
'add_oclass_form' => true,
'add_value_form' => true,
'collapse' => true,
'compare' => true,
'compare_form' => true,
'copy' => true,
'copy_form' => true,
'create' => true,
'create_confirm' => true,
'delete' => true,
'delete_attr' => true,
'delete_form' => true,
'draw_tree_node' => true,
'expand' => true,
'export' => true,
'export_form' => true,
'import' => true,
'import_form' => true,
'login' => true,
'logout' => true,
'login_form' => true,
'mass_delete' => true,
'mass_edit' => true,
'mass_update' => true,
'modify_member_form' => true,
'monitor' => true,
'purge_cache' => true,
'query_engine' => true,
'rename' => true,
'rename_form' => true,
'rdelete' => true,
'refresh' => true,
'schema' => true,
'server_info' => true,
'show_cache' => true,
'template_engine' => true,
'update_confirm' => true,
'update' => true
);
*/

View File

@ -0,0 +1,130 @@
/*********************************************
* Appearance *
*********************************************/
/* If you want to choose the appearance of the tree, specify a class name which
inherits from the Tree class. */
// $config->custom->appearance['tree'] = 'AJAXTree';
# $config->custom->appearance['tree'] = 'HTMLTree';
/* Just show your custom templates. */
// $config->custom->appearance['custom_templates_only'] = false;
/* Disable the default template. */
// $config->custom->appearance['disable_default_template'] = false;
/* Hide the warnings for invalid objectClasses/attributes in templates. */
// $config->custom->appearance['hide_template_warning'] = false;
/* Set to true if you would like to hide header and footer parts. */
// $config->custom->appearance['minimalMode'] = false;
/* Configure what objects are shown in left hand tree */
// $config->custom->appearance['tree_filter'] = '(objectclass=*)';
/* The height and width of the tree. If these values are not set, then
no tree scroll bars are provided. */
// $config->custom->appearance['tree_height'] = null;
# $config->custom->appearance['tree_height'] = 600;
// $config->custom->appearance['tree_width'] = null;
# $config->custom->appearance['tree_width'] = 250;
/* Confirm create and update operations, allowing you to review the changes
and optionally skip attributes during the create/update operation. */
// $config->custom->confirm['create'] = true;
// $config->custom->confirm['update'] = true;
/* Confirm copy operations, and treat them like create operations. This allows
you to edit the attributes (thus changing any that might conflict with
uniqueness) before creating the new entry. */
// $config->custom->confirm['copy'] = true;
/*********************************************
* User-friendly attribute translation *
*********************************************/
/* Use this array to map attribute names to user friendly names. For example, if
you don't want to see "facsimileTelephoneNumber" but rather "Fax". */
// $config->custom->appearance['friendly_attrs'] = array();
$config->custom->appearance['friendly_attrs'] = array(
'facsimileTelephoneNumber' => 'Fax',
'gid' => 'Group',
'mail' => 'Email',
'telephoneNumber' => 'Telephone',
'uid' => 'User Name',
'userPassword' => 'Password'
);
/*********************************************
* Hidden attributes *
*********************************************/
/* You may want to hide certain attributes from being edited. If you want to
hide attributes from the user, you should use your LDAP servers ACLs.
NOTE: The user must be able to read the hide_attrs_exempt entry to be
excluded. */
// $config->custom->appearance['hide_attrs'] = array();
# $config->custom->appearance['hide_attrs'] = array('objectClass');
/* Members of this list will be exempt from the hidden attributes. */
// $config->custom->appearance['hide_attrs_exempt'] = null;
# $config->custom->appearance['hide_attrs_exempt'] = 'cn=PLA UnHide,ou=Groups,c=AU';
/*********************************************
* Read-only attributes *
*********************************************/
/* You may want to phpLDAPadmin to display certain attributes as read only,
meaning that users will not be presented a form for modifying those
attributes, and they will not be allowed to be modified on the "back-end"
either. You may configure this list here:
NOTE: The user must be able to read the readonly_attrs_exempt entry to be
excluded. */
// $config->custom->appearance['readonly_attrs'] = array();
/* Members of this list will be exempt from the readonly attributes. */
// $config->custom->appearance['readonly_attrs_exempt'] = null;
# $config->custom->appearance['readonly_attrs_exempt'] = 'cn=PLA ReadWrite,ou=Groups,c=AU';
/*********************************************
* Group attributes *
*********************************************/
/* Add "modify group members" link to the attribute. */
// $config->custom->modify_member['groupattr'] = array('member','uniqueMember','memberUid');
/* Configure filter for member search. This only applies to "modify group members" feature */
// $config->custom->modify_member['filter'] = '(objectclass=Person)';
/* Attribute that is added to the group member attribute. */
// $config->custom->modify_member['attr'] = 'dn';
/* For Posix attributes */
// $config->custom->modify_member['posixattr'] = 'uid';
// $config->custom->modify_member['posixfilter'] = '(uid=*)';
// $config->custom->modify_member['posixgroupattr'] = 'memberUid';
/*********************************************
* Support for attrs display order *
*********************************************/
/* Use this array if you want to have your attributes displayed in a specific
order. You can use default attribute names or their fridenly names.
For example, "sn" will be displayed right after "givenName". All the other
attributes that are not specified in this array will be displayed after in
alphabetical order. */
// $config->custom->appearance['attr_display_order'] = array();
# $config->custom->appearance['attr_display_order'] = array(
# 'givenName',
# 'sn',
# 'cn',
# 'displayName',
# 'uid',
# 'uidNumber',
# 'gidNumber',
# 'homeDirectory',
# 'mail',
# 'userPassword'
# );

View File

@ -0,0 +1,49 @@
/*********************************************
* Define your LDAP servers in this section *
*********************************************/
$servers = new Datastore();
$servers->newServer('ldap_pla');
$servers->setValue('server','name','Local LDAP Server');
$servers->setValue('server','host','127.0.0.1');
$servers->setValue('server','port',389);
$servers->setValue('server','tls',false);
{
open (PW, "/etc/openldap/ldap.pw")
|| die "Could not read LDAP password.\n";
my $pw = <PW>;
chomp ($pw);
close PW;
my $kamikaze = $phpldapadmin{'kamikaze'} || 'disabled';
use esmith::util;
my %conf;
tie %conf, 'esmith::config', '/home/e-smith/db/configuration';
my $domain = db_get(\%conf, 'DomainName');
my $dc = esmith::util::ldapBase($domain);
if ( $kamikaze eq "enabled")
{
$OUT .= "\$servers->setValue('login','anon_bind',false);\n";
$OUT .= "\$servers->setValue('server','base',array('$dc'));\n";
$OUT .= "\$servers->setValue('login','base',array('$dc'));\n";
$OUT .= "\$servers->setValue('login','auth_type','config');\n";
$OUT .= "\$servers->SetValue('login','bind_id','cn=root,$dc');\n";
$OUT .= "\$servers->setValue('login','bind_pass','$pw');\n";
$OUT .= "\$servers->setValue('login','attr','dn');\n";
}
else
{
$OUT .= "\$servers->setValue('login','anon_bind',true);\n";
$OUT .= "\$servers->setValue('server','base',array('$dc'));\n";
$OUT .= "\$servers->setValue('login','base',array('$dc'));\n";
$OUT .= "\$servers->setValue('login','auth_type','cookie');\n";
$OUT .= "\$servers->setValue('login','attr','uid');\n";
}
}

View File

@ -0,0 +1,168 @@
/************************************
* SASL Authentication *
************************************/
/* Enable SASL authentication LDAP SASL authentication requires PHP 5.x
configured with --with-ldap-sasl=DIR. If this option is disabled (ie, set to
false), then all other sasl options are ignored. */
// $servers->setValue('login','auth_type','sasl');
/* SASL auth mechanism */
// $servers->setValue('sasl','mech','GSSAPI');
/* SASL authentication realm name */
// $servers->setValue('sasl','realm','');
# $servers->setValue('sasl','realm','EXAMPLE.COM');
/* SASL authorization ID name
If this option is undefined, authorization id will be computed from bind DN,
using authz_id_regex and authz_id_replacement. */
// $servers->setValue('sasl','authz_id', null);
/* SASL authorization id regex and replacement
When authz_id property is not set (default), phpLDAPAdmin will try to
figure out authorization id by itself from bind distinguished name (DN).
This procedure is done by calling preg_replace() php function in the
following way:
$authz_id = preg_replace($sasl_authz_id_regex,$sasl_authz_id_replacement,
$bind_dn);
For info about pcre regexes, see:
- pcre(3), perlre(3)
- http://www.php.net/preg_replace */
// $servers->setValue('sasl','authz_id_regex',null);
// $servers->setValue('sasl','authz_id_replacement',null);
# $servers->setValue('sasl','authz_id_regex','/^uid=([^,]+)(.+)/i');
# $servers->setValue('sasl','authz_id_replacement','$1');
/* SASL auth security props.
See http://beepcore-tcl.sourceforge.net/tclsasl.html#anchor5 for explanation. */
// $servers->setValue('sasl','props',null);
/* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
blowfish, crypt or leave blank for now default algorithm. */
// $servers->setValue('appearance','password_hash','md5');
$servers->setValue('appearance','pla_password_hash','');
/* If you specified 'cookie' or 'session' as the auth_type above, you can
optionally specify here an attribute to use when logging in. If you enter
'uid' and login as 'dsmith', phpLDAPadmin will search for (uid=dsmith)
and log in as that user.
Leave blank or specify 'dn' to use full DN for logging in. Note also that if
your LDAP server requires you to login to perform searches, you can enter the
DN to use when searching in 'bind_id' and 'bind_pass' above. */
// $servers->setValue('login','attr','dn');
/* Base DNs to used for logins. If this value is not set, then the LDAP server
Base DNs are used. */
// $servers->setValue('login','base',array());
/* If 'login,attr' is used above such that phpLDAPadmin will search for your DN
at login, you may restrict the search to a specific objectClasses. EG, set this
to array('posixAccount') or array('inetOrgPerson',..), depending upon your
setup. */
// $servers->setValue('login','class',array());
/* If you specified something different from 'dn', for example 'uid', as the
login_attr above, you can optionally specify here to fall back to
authentication with dn.
This is useful, when users should be able to log in with their uid, but
the ldap administrator wants to log in with his root-dn, that does not
necessarily have the uid attribute.
When using this feature, login_class is ignored. */
// $servers->setValue('login','fallback_dn',false);
/* Specify true If you want phpLDAPadmin to not display or permit any
modification to the LDAP server. */
// $servers->setValue('server','read_only',false);
/* Specify false if you do not want phpLDAPadmin to draw the 'Create new' links
in the tree viewer. */
// $servers->setValue('appearance','show_create',true);
/* Set to true if you would like to initially open the first level of each tree. */
// $servers->setValue('appearance','open_tree',false);
/* This feature allows phpLDAPadmin to automatically determine the next
available uidNumber for a new entry. */
// $servers->setValue('auto_number','enable',true);
/* The mechanism to use when finding the next available uidNumber. Two possible
values: 'uidpool' or 'search'.
The 'uidpool' mechanism uses an existing uidPool entry in your LDAP server to
blindly lookup the next available uidNumber. The 'search' mechanism searches
for entries with a uidNumber value and finds the first available uidNumber
(slower). */
// $servers->setValue('auto_number','mechanism','search');
/* The DN of the search base when the 'search' mechanism is used above. */
# $servers->setValue('auto_number','search_base','ou=People,dc=example,dc=com');
/* The minimum number to use when searching for the next available number
(only when 'search' is used for auto_number. */
// $servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500));
/* If you set this, then phpldapadmin will bind to LDAP with this user ID when
searching for the uidnumber. The idea is, this user id would have full
(readonly) access to uidnumber in your ldap directory (the logged in user
may not), so that you can be guaranteed to get a unique uidnumber for your
directory. */
// $servers->setValue('auto_number','dn',null);
/* The password for the dn above. */
// $servers->setValue('auto_number','pass',null);
/* Enable anonymous bind login. */
// $servers->setValue('login','anon_bind',true);
/* Use customized page with prefix when available. */
# $servers->setValue('custom','pages_prefix','custom_');
/* If you set this, then only these DNs are allowed to log in. This array can
contain individual users, groups or ldap search filter(s). Keep in mind that
the user has not authenticated yet, so this will be an anonymous search to
the LDAP server, so make your ACLs allow these searches to return results! */
# $servers->setValue('login','allowed_dns',array(
# 'uid=stran,ou=People,dc=example,dc=com',
# '(&(gidNumber=811)(objectClass=groupOfNames))',
# '(|(uidNumber=200)(uidNumber=201))',
# 'cn=callcenter,ou=Group,dc=example,dc=com'));
/* Set this if you dont want this LDAP server to show in the tree */
// $servers->setValue('server','visible',true);
/* Set this if you want to hide the base DNs that dont exist instead of
displaying the message "The base entry doesnt exist, create it?"
// $servers->setValue('server','hide_noaccess_base',false);
# $servers->setValue('server','hide_noaccess_base',true);
/* This is the time out value in minutes for the server. After as many minutes
of inactivity you will be automatically logged out. If not set, the default
value will be ( session_cache_expire()-1 ) */
# $servers->setValue('login','timeout',30);
/* Set this if you want phpldapadmin to perform rename operation on entry which
has children. Certain servers are known to allow it, certain are not. */
// $servers->setValue('server','branch_rename',false);
/* If you set this, then phpldapadmin will show these attributes as
internal attributes, even if they are not defined in your schema. */
// $servers->setValue('server','custom_sys_attrs',array(''));
# $servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
/* If you set this, then phpldapadmin will show these attributes on
objects, even if they are not defined in your schema. */
// $servers->setValue('server','custom_attrs',array(''));
# $servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
/* These attributes will be forced to MAY attributes and become option in the
templates. If they are not defined in the templates, then they wont appear
as per normal template processing. You may want to do this because your LDAP
server may automatically calculate a default value.
In Fedora Directory Server using the DNA Plugin one could ignore uidNumber,
gidNumber and sambaSID. */
// $servers->setValue('server','force_may',array(''));
# $servers->setValue('server','force_may',array('uidNumber','gidNumber','sambaSID'));

View File

@ -0,0 +1,20 @@
/*********************************************
* Unique attributes *
*********************************************/
/* You may want phpLDAPadmin to enforce some attributes to have unique values
(ie: not belong to other entries in your tree. This (together with
'unique','dn' and 'unique','pass' option will not let updates to
occur with other attributes have the same value. */
# $servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
/* If you set this, then phpldapadmin will bind to LDAP with this user ID when
searching for attribute uniqueness. The idea is, this user id would have full
(readonly) access to your ldap directory (the logged in user may not), so
that you can be guaranteed to get a unique uidnumber for your directory. */
// $servers->setValue('unique','dn',null);
/* The password for the dn above. */
// $servers->setValue('unique','pass',null);

View File

@ -0,0 +1,55 @@
/**************************************************************************
* If you want to configure additional LDAP servers, do so below. *
* Remove the commented lines and use this section as a template for all *
* your other LDAP servers. *
**************************************************************************/
/*
$servers->newServer('ldap_pla');
$servers->setValue('server','name','LDAP Server');
$servers->setValue('server','host','127.0.0.1');
$servers->setValue('server','port',389);
$servers->setValue('server','base',array(''));
$servers->setValue('login','auth_type','cookie');
$servers->setValue('login','bind_id','');
$servers->setValue('login','bind_pass','');
$servers->setValue('server','tls',false);
# SASL auth
$servers->setValue('login','auth_type','sasl');
$servers->setValue('sasl','mech','GSSAPI');
$servers->setValue('sasl','realm','EXAMPLE.COM');
$servers->setValue('sasl','authz_id',null);
$servers->setValue('sasl','authz_id_regex','/^uid=([^,]+)(.+)/i');
$servers->setValue('sasl','authz_id_replacement','$1');
$servers->setValue('sasl','props',null);
$servers->setValue('appearance','password_hash','md5');
$servers->setValue('login','attr','dn');
$servers->setValue('login','fallback_dn',false);
$servers->setValue('login','class',null);
$servers->setValue('server','read_only',false);
$servers->setValue('appearance','show_create',true);
$servers->setValue('auto_number','enable',true);
$servers->setValue('auto_number','mechanism','search');
$servers->setValue('auto_number','search_base',null);
$servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500));
$servers->setValue('auto_number','dn',null);
$servers->setValue('auto_number','pass',null);
$servers->setValue('login','anon_bind',true);
$servers->setValue('custom','pages_prefix','custom_');
$servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
$servers->setValue('unique','dn',null);
$servers->setValue('unique','pass',null);
$servers->setValue('server','visible',true);
$servers->setValue('login','timeout',30);
$servers->setValue('server','branch_rename',false);
$servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
$servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
$servers->setValue('server','force_may',array('uidNumber','gidNumber','sambaSID'));
*/
?>

115
smeserver-phpldapadmin.spec Normal file
View File

@ -0,0 +1,115 @@
# $Id: smeserver-phpldapadmin.spec,v 1.19 2022/08/01 03:16:06 jpp Exp $
# Authority: nocvs
# Name: Michel Van hees
Summary: PhpLdapAdmin for SME server
%define name smeserver-phpldapadmin
Name: %{name}
%define version 1.6.0
%define release 10
Version: %{version}
Release: %{release}%{?dist}
License: Freely distributable
Group: Apache
Source: %{name}-%{version}.tar.xz
#{name}-%{version}.patch.yyyymmddnn
BuildRoot: /var/tmp/e-smith-buildroot
BuildRequires: e-smith-devtools
BuildArchitectures: noarch
Requires: smeserver-release >= 10
Requires: e-smith-apache >= 2.6.0-19
Requires: phpldapadmin >= 1.2.6
AutoReqProv: no
%changelog
* Sat Sep 07 2024 cvs2git.sh aka Brian Read <brianr@koozali.org> 1.6.0-10.sme
- Roll up patches and move to git repo [SME: 12338]
* Sat Sep 07 2024 BogusDateBot
- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,
by assuming the date is correct and changing the weekday.
* Sun Jul 31 2022 Jean-Philippe Pialasse <tests@pialasse.com> 1.6.0-9.sme
- update to template httpd24 syntax [SME: 12055]
add Requires: e-smith-apache >= 2.6.0-19
* Wed Jul 27 2022 Zsolt Vasarhelyi <vasarhelyizsolt@hotmail.com> 1.6.0-7.sme
- update to template httpd24 syntax [SME: 12055]
* Sat Jul 23 2022 Jean-Philippe Pialasse <tests@pialasse.com> 1.6.0-6.sme
- update access to httpd24 syntax [SME: 12055]
* Wed Oct 06 2021 Brian Read <brianr@bjsystems.co.uk> 1.6.0-5.sme
- Remove-intial-req-to-login.patch [SME: 11699]
* Tue Oct 05 2021 Brian Read <brianr@bjsystems.co.uk> 1.6.0-4.sme
- Alter auth-type config parameter to cookie from http [SME: 11699]
* Mon Oct 04 2021 Brian Read <brianr@bjsystems.co.uk> 1.6.0-3.sme
- Update config to change password_hash to pla_ [SME: 11699 ]
* Mon Oct 04 2021 BogusDateBot
- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,
by assuming the date is correct and changing the weekday.
* Mon Oct 04 2021 Brian Read <brianr@bjsystems.co.uk> 1.6.0-2.sme
- change php to fpm and add -update event to createlinks [SME: 11699]
* Tue Sep 28 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 1.6.0-1.sme
- Initial release to contribs10 [SME: 11699]
* Sat Aug 22 2015 stephane de Labrusse <stephdl@de-labrusse.fr> 1.5.0-2.sme
- Initial release to contribs9
* Sat Jun 21 2014 stephane de Labrusse <stephdl@de-labrusse.fr> 1.5.0-1.sme
- Initial release to sme9
* Wed Nov 6 2013 JP Pialasse <tests@pialasse.com> 1.2.3-6.sme
- fix bug [SME: 5762]
- default admin read only but kamikaze mod for root modify access.
* Mon Nov 4 2013 JP Pialasse <tests@pialasse.com> 1.2.3-4.sme
- wrong template path for config file [SME: 7975]
- patching also incorrect template.
- error binding to server swith to http auth to prevent
* Sun May 26 2013 JP Pialasse <tests@pialasse.com> 1.2.3-1.sme
- remove phpldapadmin from package
- added Requires phpldapadmin-1.2.3-1
- clean spec file
- added default db value (patch file)
* Tue Jun 26 2007 Michel Van hees <michel@vanhees.cc>
Thu Jun 26 2007 --> Thu Jun 21 2007 or Tue Jun 26 2007 or Thu Jun 28 2007 or ....
- Restart contrib from scratch
- Use of phpldapadmin 0.9.8.3
%description
SME server - phpldapadmin for smeserver
%prep
%setup
%build
perl createlinks
%install
rm -rf $RPM_BUILD_ROOT
(cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT)
rm -f %{name}-%{version}-filelist
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT > %{name}-%{version}-filelist
echo "%doc COPYING" >> %{name}-%{version}-filelist
%clean
rm -rf $RPM_BUILD_ROOT
%pre
%preun
%post
%postun
%files -f %{name}-%{version}-filelist
%defattr(-,root,root)