diff --git a/Dockerfile b/Dockerfile
index 3090e11..7f49e3d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -25,7 +25,7 @@ COPY www/ /opt/ldap_user_manager
RUN tar -xzf /tmp/v6.3.0.tar.gz -C /opt && mv /opt/PHPMailer-6.3.0 /opt/PHPMailer
COPY entrypoint /usr/local/bin/entrypoint
-RUN chmod a+x /usr/local/bin/entrypoint
+RUN chmod a+x /usr/local/bin/entrypoint && touch /etc/ldap/ldap.conf
CMD ["apache2-foreground"]
ENTRYPOINT ["/usr/local/bin/entrypoint"]
diff --git a/README.md b/README.md
index ed079ad..6dc9ea0 100644
--- a/README.md
+++ b/README.md
@@ -181,7 +181,7 @@ To send emails you'll need to use an existing SMTP server. Email sending will b
* `SMTP_PASSWORD` (no default): The password to use when the SMTP server requires authentication.
-* `SMTP_USE_TLS` (default: *FALSE*): Set to TRUE if the SMTP server requires TLS to be enabled. Overrides `SMTP_USE_TLS`.
+* `SMTP_USE_TLS` (default: *FALSE*): Set to TRUE if the SMTP server requires TLS to be enabled. Overrides `SMTP_USE_SSL`.
* `SMTP_USE_SSL` (default: *FALSE*): Set to TRUE if the SMTP server requires SSL to be enabled. This will be unset if `SMTP_USE_TLS` is `TRUE`.
diff --git a/www/account_manager/index.php b/www/account_manager/index.php
index ade7f0d..67dcd7a 100644
--- a/www/account_manager/index.php
+++ b/www/account_manager/index.php
@@ -14,17 +14,17 @@ $ldap_connection = open_ldap_connection();
if (isset($_POST['delete_user'])) {
- $this_user = $_POST['delete_user'];
- $this_user = urldecode($this_user);
+ $this_user = $_POST['delete_user'];
+ $this_user = urldecode($this_user);
- $del_user = ldap_delete_account($ldap_connection,$this_user);
+ $del_user = ldap_delete_account($ldap_connection,$this_user);
- if ($del_user) {
- render_alert_banner("User $this_user was deleted.");
- }
- else {
- render_alert_banner("User $this_user wasn't deleted. See the logs for more information.","danger",15000);
- }
+ if ($del_user) {
+ render_alert_banner("User $this_user was deleted.");
+ }
+ else {
+ render_alert_banner("User $this_user wasn't deleted. See the logs for more information.","danger",15000);
+ }
}
@@ -61,15 +61,15 @@ $people = ldap_get_user_list($ldap_connection);
$attribs){
- $group_membership = ldap_user_group_membership($ldap_connection,$account_identifier);
- if (isset($people[$account_identifier]['mail'])) { $this_mail = $people[$account_identifier]['mail']; } else { $this_mail = ""; }
+ $group_membership = ldap_user_group_membership($ldap_connection,$account_identifier);
+ if (isset($people[$account_identifier]['mail'])) { $this_mail = $people[$account_identifier]['mail']; } else { $this_mail = ""; }
+ print " \n | $account_identifier | \n";
+ print " " . $people[$account_identifier]['givenname'] . " | \n";
+ print " " . $people[$account_identifier]['sn'] . " | \n";
+ print " $this_mail | \n";
+ print " " . implode(", ", $group_membership) . " | \n";
+ print "
\n";
- print " \n | $account_identifier | \n";
- print " " . $people[$account_identifier]['givenname'] . " | \n";
- print " " . $people[$account_identifier]['sn'] . " | \n";
- print " $this_mail | \n";
- print " " . implode(", ", $group_membership) . " | \n";
- print "
\n";
}
?>
diff --git a/www/account_manager/new_user.php b/www/account_manager/new_user.php
index c029eed..9fcd7e2 100644
--- a/www/account_manager/new_user.php
+++ b/www/account_manager/new_user.php
@@ -8,8 +8,6 @@ include_once "module_functions.inc.php";
$attribute_map = $LDAP['default_attribute_map'];
if (isset($LDAP['account_additional_attributes'])) { $attribute_map = ldap_complete_attribute_array($attribute_map,$LDAP['account_additional_attributes']); }
-unset($attribute_map['uidnumber']);
-unset($attribute_map['gidnumber']);
if (! array_key_exists($LDAP['account_attribute'], $attribute_map)) {
$attribute_r = array_merge($attribute_map, array($LDAP['account_attribute'] => array("label" => "Account UID")));
@@ -51,6 +49,10 @@ $account_attribute = $LDAP['account_attribute'];
$new_account_r = array();
+if ($SHOW_POSIX_ATTRIBUTES == TRUE) {
+
+}
+
foreach ($attribute_map as $attribute => $attr_r) {
if (isset($_FILES[$attribute]['size']) and $_FILES[$attribute]['size'] > 0) {
@@ -103,11 +105,9 @@ if (isset($_GET['account_request'])) {
$givenname[0]=filter_var($_GET['first_name'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$new_account_r['givenname'] = $givenname[0];
- unset($new_account_r['givenname']['count']);
$sn[0]=filter_var($_GET['last_name'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$new_account_r['sn'] = $sn[0];
- unset($new_account_r['sn']['count']);
$mail[0]=filter_var($_GET['email'], FILTER_SANITIZE_EMAIL);
if ($mail[0] == "") {
diff --git a/www/includes/ldap_functions.inc.php b/www/includes/ldap_functions.inc.php
index c255929..6ec1e8d 100644
--- a/www/includes/ldap_functions.inc.php
+++ b/www/includes/ldap_functions.inc.php
@@ -174,7 +174,7 @@ function generate_salt($length) {
$permitted_chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ./';
- mt_srand((double)microtime() * 1000000);
+ mt_srand(intval(microtime()) * 1000000);
$salt = '';
while (strlen($salt) < $length) {
@@ -724,6 +724,29 @@ function ldap_get_gid_of_group($ldap_connection,$group_name) {
}
+##################################
+
+function ldap_get_group_name_from_gid($ldap_connection,$gid) {
+
+ global $log_prefix, $LDAP, $LDAP_DEBUG;
+
+ if (isset($gid)) {
+
+ $ldap_search_query = "(gidnumber=" . ldap_escape($gid, "", LDAP_ESCAPE_FILTER) . ")";
+ $ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query , array("cn"));
+ $result = @ ldap_get_entries($ldap_connection, $ldap_search);
+
+ if (isset($result[0]['cn'][0])) {
+ return $result[0]['cn'][0];
+ }
+
+ }
+
+ return FALSE;
+
+}
+
+
##################################
function ldap_complete_attribute_array($default_attributes,$additional_attributes) {
@@ -812,22 +835,26 @@ function ldap_new_account($ldap_connection,$account_r) {
$account_attributes = array_merge($account_r, $account_attributes);
- if (!isset($account_attributes['uidnumber']) or !is_numeric($account_attributes['uidnumber'])) {
+ if (!isset($account_attributes['uidnumber'][0]) or !is_numeric($account_attributes['uidnumber'][0])) {
$highest_uid = ldap_get_highest_id($ldap_connection,'uid');
- $account_attributes['uidnumber'] = $highest_uid + 1;
+ $account_attributes['uidnumber'][0] = $highest_uid + 1;
}
- if (!isset($account_attributes['gidnumber']) or !is_numeric($account_attributes['gidnumber'])) {
+ if (!isset($account_attributes['gidnumber'][0]) or !is_numeric($account_attributes['gidnumber'][0])) {
$default_gid = ldap_get_gid_of_group($ldap_connection,$DEFAULT_USER_GROUP);
if (!is_numeric($default_gid)) {
$group_add = ldap_new_group($ldap_connection,$account_identifier,$account_identifier);
- $account_attributes['gidnumber'] = ldap_get_gid_of_group($ldap_connection,$account_identifier);
+ $account_attributes['gidnumber'][0] = ldap_get_gid_of_group($ldap_connection,$account_identifier);
}
else {
- $account_attributes['gidnumber'] = $default_gid;
+ $account_attributes['gidnumber'][0] = $default_gid;
$add_to_group = $DEFAULT_USER_GROUP;
}
}
+ else {
+ $add_to_group = ldap_get_group_name_from_gid($ldap_connection,$account_attributes['gidnumber'][0]);
+ if (!$add_to_group) { $add_to_group = $DEFAULT_USER_GROUP; }
+ }
if (empty($account_attributes['loginshell'])) { $account_attributes['loginshell'] = $DEFAULT_USER_SHELL; }
if (empty($account_attributes['homedirectory'])) { $account_attributes['homedirectory'] = "/home/" . $account_r['uid'][0]; }
@@ -842,7 +869,7 @@ function ldap_new_account($ldap_connection,$account_r) {
ldap_add_member_to_group($ldap_connection,$add_to_group,$account_identifier);
$this_uid = fetch_id_stored_in_ldap($ldap_connection,"uid");
- $new_uid = $account_attributes['uidnumber'];
+ $new_uid = $account_attributes['uidnumber'][0];
if ($this_uid != FALSE) {
$update_uid = @ ldap_mod_replace($ldap_connection, "cn=lastUID,${LDAP['base_dn']}", array( 'serialNumber' => $new_uid ));
diff --git a/www/log_in/index.php b/www/log_in/index.php
index e7e552c..ce6b843 100644
--- a/www/log_in/index.php
+++ b/www/log_in/index.php
@@ -75,7 +75,7 @@ else {