alterator-openldap-0.8.1/000075500000000000000000000000001204430145500153115ustar00rootroot00000000000000alterator-openldap-0.8.1/Makefile000064400000000000000000000004001204430145500167430ustar00rootroot00000000000000NAME=openldap DESCRIPTION="OpenLDAP server" all: clean: install: install-module install-data include /usr/share/alterator/build/module.mak install-data: $(INSTALL) -d $(sysconfdir)/alterator/openldap cp -a openldap/* $(sysconfdir)/alterator/openldap alterator-openldap-0.8.1/applications/000075500000000000000000000000001204430145500177775ustar00rootroot00000000000000alterator-openldap-0.8.1/applications/openldap.desktop000064400000000000000000000004101204430145500231670ustar00rootroot00000000000000[Desktop Entry] Type=Application Categories=X-Alterator-Servers Icon=openldap Terminal=false Name=Directory service LDAP Name[ru_RU]=Служба каталогов LDAP X-Alterator-UI=html X-Alterator-URI=/openldap X-Alterator-Weight=10 X-Alterator-Help=openldap alterator-openldap-0.8.1/backend3/000075500000000000000000000000001204430145500167635ustar00rootroot00000000000000alterator-openldap-0.8.1/backend3/openldap000075500000000000000000000420261204430145500205170ustar00rootroot00000000000000#!/bin/sh po_domain="alterator-openldap" alterator_api_version=1 set -f . alterator-sh-functions . alterator-openldap-functions . shell-quote . cert-sh-functions . shell-config SLAPD_CONF_DIR="/etc/openldap" MAIN_SLAPD_CONF="$SLAPD_CONF_DIR/slapd.conf" LDAP_SYSCONFIG="/etc/sysconfig/ldap" LDAP_CONF="$SLAPD_CONF_DIR/ldap.conf" CERT_FILE="/var/lib/ssl/certs/slapd.pem" KEY_FILE="/var/lib/ssl/private/slapd.key" SERVICEDIR="/etc/alterator/openldap" CONTAINERS="$SERVICEDIR/knowncontainers" DEFAULT_CONTAINERS="People;Group;Computers" cache_dir=/var/cache/alterator/openldap reset_cache() { rm -rf -- "$cache_dir" mkdir -p -- "$cache_dir" } validate_cert() { get_expire_date() { local cert="$1"; shift local d="$(openssl x509 -text -noout -in "$cert" | sed -nr 's/^[[:blank:]]*Not After : (.+)$/\1/p' 2>/dev/null)" [ -n "$d" ] && date --date="$d" +%d.%m.%Y%t%H:%M } if [ -f "$CERT_FILE" ]; then expire="$(get_expire_date "$CERT_FILE")" [ -n "$expire" ] && str="`_ "Certificate expire"`: $expire" else str="`_ "Certificate not found"`" fi printf "$str" } write_tls() { quote_sed_regexp_variable certfile "$CERT_FILE" quote_sed_regexp_variable keyfile "$KEY_FILE" if [ "$in_enable_tls" = "#t" -o "$in_local_and_tls" = "#t" ] ;then for i in TLSCACertificateFile TLSCertificateFile ;do sed -e "/^#$i[[:space:]]/s/.*/$i $certfile/" -i $MAIN_SLAPD_CONF done sed -e "/^#TLSCertificateKeyFile[[:space:]]/s/.*/TLSCertificateKeyFile $keyfile/" -i $MAIN_SLAPD_CONF else for i in TLSCACertificateFile TLSCertificateFile TLSCertificateKeyFile;do sed -e "/^$i[[:space:]]/s/.*/#$i /" -i $MAIN_SLAPD_CONF done fi } list_dn() { local name= local conf= local master_conf= local master_dn= master_dn=$(/usr/sbin/system-auth status|cut -f2 -d' ') check_method(){ local rootpw=$(egrep "rootpw" "$1"|cut -f2 -d' ') method=$(echo "$rootpw"|sed -n -e "s/^.*{\([^}]*\)}.*$/\1/p") if [ -n "$method" ]; then echo "`_ "Encoded password"`" else echo "`_ "Unsafe password"`" fi } ldap-dn list| while read name conf;do if [ "$master_dn" != "$name" ];then dst="" else dst="`_ "Used for autentification", `" fi write_table_item \ name "$name" \ conf "$conf" \ dstat "$dst $(check_method $conf)" done } list_schema(){ local name= local conf= grep "/schema" "$MAIN_SLAPD_CONF"| while read status conf;do name=$(echo "$conf"| sed -e 's/\/etc\/openldap\/schema\///i'|sed -e 's/\.schema//i') write_table_item \ name "$name" \ conf "$conf" done } status_schema(){ local name= included= grep "/schema" "$MAIN_SLAPD_CONF"| { while read status conf;do name=$(echo "$conf"| sed -e 's/\/etc\/openldap\/schema\///i'|sed -e 's/\.schema//i') [ "$status" != "#include" ] && included="$name;$included" done write_string_param "avail_schema" "$included" } } check_samba3(){ local included= grep "samba.schema" "$MAIN_SLAPD_CONF"| { while read status conf;do [ "$status" != "#include" ] && included="Yes" || included="No" done write_string_param "samba3" "$included" } } repair_samba3(){ sed -e "/^#include.*\/samba\.schema/s/^#//g" -i "$MAIN_SLAPD_CONF" /etc/init.d/slapd restart >/dev/null check_samba3 } write_schemas(){ #Turn OFF all schemas sed 's/^\(include[[:space:]][[:space:]]*.*schema\).*$/\#\1/g' -i "$MAIN_SLAPD_CONF" #Turn ON selected schemas local IFS=";" for i in $in_schemas; do sed -e "/^#include.*\/$i\.schema/s/^#//g" -i "$MAIN_SLAPD_CONF" done /etc/init.d/slapd restart >/dev/null } new_schema(){ cp -f "$in_schema_file" "$cache_dir/$in_schema_name.schema" new_name="/etc/openldap/schema/$in_schema_name.schema" cp -f "$in_schema_file" "$new_name" chown root.root "$new_name" chmod 444 "$new_name" #determine last line with include line="$(grep -n include.*\.schema /etc/openldap/slapd.conf|tail -1|cut -f1 -d:)" # Write new include in config after last including sed -e "$line a\#include\t\t\/etc\/openldap\/schema\/$in_schema_name\.schema" -i "$MAIN_SLAPD_CONF" reset_cache } list_actions() { write_enum_item "publish" "`_ "Publish"`" write_enum_item "unpublish" "`_ "Unpublish"`" write_enum_item "delete" "`_ "Delete"`" } present_list() { ldapsearch -x -H ldap://127.0.0.1 -LLL -b "$in_base" -s one | \ grep "^dn:" | cut -f2 -d:| sed -e "s/^ //g"|sort| \ while read node ; do name=$(echo "$node"|sed -e "s/,$in_base//g"|sed -e "s/.*=//g") write_enum_item "$name" "$name" done } all_containers(){ find_known(){ cat $CONTAINERS | sort | while IFS=':' read name description; do echo "$name" done } container_def(){ alterator-dump-desktop \ -v lang="$in_language" \ -v out="Name" \ -v def="notfound;" \ $SERVICEDIR/containers/$name.def } for name in $(find_known); do write_enum_item "$name" "ou=$name" "$(container_def)" done } container_list(){ find_container(){ ldapsearch -x -H ldap://127.0.0.1 -LLL -b $in_base -s one | \ grep "^dn:" | cut -f2 -d:| sed -e "s/^ //g"|sort| \ while read node ; do echo $node|sed -e "s/,$in_base//g"|sed -e "s/.*=//g" done } find_known(){ cat $CONTAINERS | sort | while IFS=':' read name description; do echo "$name" done } container_def(){ alterator-dump-desktop \ -v lang="$in_language" \ -v out="Name" \ -v def="notfound;" \ $SERVICEDIR/containers/$name.def } for name in $(find_known); do if [ -n "$in_base" ];then found= for ex in $(find_container); do [ "$ex" == "$name" ] || continue found=1 break done fi [ -z "$found" ] && write_enum_item "$name" "ou=$name" "$(container_def)" done } new_base_from_ldif(){ newdn="$(head -n 1 $cache_dir/new_base.ldif|cut -f2 -d ' ')" local domain=$(dn_2_host "$newdn") local basedir="$SLAPD_CONF_DIR" local template="$basedir/slapd-template.conf" local new_dn_conf="$basedir/slapd-$domain.conf" local binddn="cn=ldaproot,$newdn" local bindpw="$in_bindpw" #copy template into slapd-domain.conf cp "$template" "$new_dn_conf" chmod 640 "$new_dn_conf" chown root:ldap "$new_dn_conf" [ "$in_encript_pw" == "on" ] && bindpw=`slappasswd -h {SSHA} -s $bindpw` #fix dc=. base, password sed -i -e "s/dc=template/$newdn/g" $new_dn_conf sed -i -e "s/template/$domain/g" $new_dn_conf sed -i -e "s/^rootdn.*/rootdn \"$binddn\"/g" $new_dn_conf sed -i -e "s/secret/$(quote_sed_regexp "$bindpw")/g" $new_dn_conf sed -i -e "s/REALM/$(to_realm "$domain")/g" $new_dn_conf echo "include $new_dn_conf" >> "$MAIN_SLAPD_CONF" export DN_CONF="$new_dn_conf" db_dir="$(read_config "$DN_CONF" directory)" mkdir -p "$db_dir" chmod 700 "$db_dir" # copy default berkeley db config into $db_dir # before initial slapadd cp "/var/lib/ldap/bases/DB_CONFIG" "$db_dir" chown root:ldap "$db_dir/DB_CONFIG" chmod 640 "$db_dir/DB_CONFIG" # initial slapadd slapadd -b "$newdn" -l "$cache_dir/new_base.ldif" chown -R ldap:ldap "$db_dir" /etc/init.d/slapd restart >/dev/null reset_cache } read_ldif(){ newdn="$(head -n 1 $cache_dir/new_base.ldif|cut -f2 -d ' ')" prepare_new_base "$newdn" } prepare_new_base(){ local newdnname local newfqdnname echo "$1" | grep -qs "^dc=" if [ $? -eq 0 ];then newdnname="$1" newfqdnname=$(dn_2_host "$1") else newdnname=$(host_2_dn "$1") newfqdnname="$1" fi grep -qs "$SLAPD_CONF_DIR/slapd-$newfqdnname.conf$" "$MAIN_SLAPD_CONF" if [ $? -eq 0 ];then write_error "`_ "Base DN"` $1 `_ "already exists in the system"`" write_string_param "newfqdnname" "" write_string_param "basedn" "" write_string_param "binddn" "" write_string_param "bindpw" "" else write_string_param "newfqdnname" "$newfqdnname" write_string_param "basedn" "$newdnname" write_string_param "binddn" "cn=ldaproot,$newdnname" write_string_param "bindpw" `pwqgen` fi } read_main_config(){ local url url="$(shell_config_get "$LDAP_SYSCONFIG" SLAPDURLLIST)" [ "${url/\/\/127\.0\.0\.1\/}" != "$url" ] && write_bool_param 'local' 'yes' [ "${url/localhost/}" != "$url" ] && write_bool_param 'local' 'yes' [ "${url/ldaps:\/\//}" != "$url" ] && write_bool_param 'enable_tls' 'yes' if [ "${url/ldap:\/\/localhost\/[[:space:]]ldaps:\/\/\//}" != "$url" ];then write_bool_param 'local_and_tls' 'yes' write_bool_param 'local' 'no' write_bool_param 'enable_tls' 'no' fi write_string_param key_state "$(validate_cert)" } delete_selected_dn(){ master_dn=$(/usr/sbin/system-auth status|cut -f2 -d' ') local IFS=";" for i in $in_avail_dn; do if [ "$master_dn" != "$i" ];then ldap-dn delete "$i" ; else write_error "`_ "Base DN"` $i `_ " used for system autentification."`" fi done } check_and_create() { local newdnname echo "$1" | grep -qs "^dc=" if [ $? -eq 0 ];then newdnname="$1" else newdnname=$(host_2_dn "$1") fi grep -qs "$SLAPD_CONF_DIR/slapd-$(dn_2_host "$newdnname").conf$" "$MAIN_SLAPD_CONF" if [ $? -eq 0 ];then write_error "`_ "Base DN"` $newdnname `_ "already exists in the system"`" else ldap-dn create "$newdnname" fi } to_realm() { echo "$1"|tr '[[:lower:]]' '[[:upper:]]' } create_expert_dn(){ local dn="$1"; shift local binddn="$1";shift local bindpw="$1";shift local encript_pw="$1";shift local containers="$1";shift local plus_containers="$1";shift local domain=$(dn_2_host "$dn") local basedir="$SLAPD_CONF_DIR" local template="$basedir/slapd-template.conf" local new_dn_conf="$basedir/slapd-$domain.conf" #copy template into slapd-domain.conf cp "$template" "$new_dn_conf" chmod 640 "$new_dn_conf" chown root:ldap "$new_dn_conf" [ "$encript_pw" == "on" ] && bindpw=`slappasswd -h {SSHA} -s $bindpw` #fix dc=. base, password sed -i -e "s/dc=template/$dn/g" $new_dn_conf sed -i -e "s/template/$domain/g" $new_dn_conf sed -i -e "s/^rootdn.*/rootdn \"$binddn\"/g" $new_dn_conf sed -i -e "s/secret/$(quote_sed_regexp "$bindpw")/g" $new_dn_conf sed -i -e "s/REALM/$(to_realm "$domain")/g" $new_dn_conf echo "include $new_dn_conf" >> "$MAIN_SLAPD_CONF" export DN_CONF="$new_dn_conf" # base_rootdn_rootpw # ldap-init init_ldap_base "$dn" "$binddn" "$containers;$(echo "$plus_containers"|tr ', ' ';')" /etc/init.d/slapd restart >/dev/null } init_ldap_base(){ local base="$1";shift local rootdn="$1";shift local containers="$1";shift TMPFILE="$(mktemp -t "ldap-db-init.XXXXXXXXXX")" || fatal "can't create tempfile" set_cleanup_handler cleanup_function cleanup_function(){ [ -z "$TMPFILE" ] || rm -rf -- "$TMPFILE" } db_dir="$(read_config "$DN_CONF" directory)" # Default entries cat > "$TMPFILE" <> "$TMPFILE" <> "$TMPFILE" < $file write_blob_param "ldif_file" "$file" } reset_cache on_message() { case "$in_action" in check) check_samba3 ;; repair) repair_samba3 ;; list) case "$in__objects" in avail_dn) list_dn ;; avail_actions) list_actions ;; available_containers) if [ -n "$in_base" ]; then container_list "$in_base" else all_containers fi ;; present_containers) [ -n "$in_base" ] && present_list "$in_base" ;; avail_schema) list_schema ;; *) ;; esac ;; read) case "$in__objects" in config) ! slapd_daemon_status write_bool_param daemon "$?" write_string_param daemon_state "$(service slapd status)" read_main_config ;; selected_dn) write_string_param bdn "$in_name" determine_mode ;; available_containers) write_string_param "available_containers" "$DEFAULT_CONTAINERS" ;; base) [ -n "$in_newdnname" ] || return 0 prepare_new_base "$in_newdnname" ;; fromldif) [ -f "$cache_dir/new_base.ldif" ] && read_ldif "$cache_dir/new_base.ldif" ;; avail_schema) status_schema ;; *) ;; esac ;; save) local host="" local url="ldap://localhost/" if [ "$in_enable_tls" = "#t" ]; then url="ldaps:///" fi if [ "$in_enable_tls" = "#t" -a "$in_local" = "#t" ]; then url="ldaps://localhost/" fi if [ "$in_local_and_tls" = "#t" ]; then url="ldap://localhost/ ldaps:///" fi write_tls shell_config_set "$LDAP_SYSCONFIG" SLAPDURLLIST "\"'$url'\"" ;; write) case "$in__objects" in avail_schema) [ -n "$in_schemas" ] && write_schemas "$in_schemas" ;; daemon) if test_bool "$in_status"; then slapd_daemon_on else slapd_daemon_off fi ;; newldif) [ -z "$in_ldif_file" ] || cp -f "$in_ldif_file" "$cache_dir/new_base.ldif" ;; *) ;; esac ;; new) case "$in__objects" in base) [ -n "$in_newdnname" ] || fatal "DN not set" prepare_new_base "$in_newdnname" ;; dn) # create new dn #echo "$(set|grep -a "in_")" >&2 [ -n "$in_newdnname" ] || fatal "DN not set" check_and_create "$in_newdnname" ;; schema) [ -z "$in_schema_file" ] || new_schema ;; fromldif) [ -n "$in_bindpw" -a -n "$in_encript_pw" ] || \ write_error "`_ "Not all data present."`" [ -f "$cache_dir/new_base.ldif" ] && new_base_from_ldif ;; exp_dn) #echo "$(set|grep -a "in_")" >&2 [ -n "$in_basedn" -a -n "$in_binddn" -a -n "$in_bindpw" -a -n "$in_encript_pw" ] || \ write_error "`_ "Not all data present."`" create_expert_dn "$in_basedn" "$in_binddn" "$in_bindpw" "$in_encript_pw" "$in_containers" "$in_plus_containers" esac ;; delete) # echo "$(set|grep -a "in_")" >&2 [ -z "$in_avail_dn" ] || delete_selected_dn "$in_avail_dn" ;; generate) write_string_param "bindpw" $(pwqgen) ;; upgrade) case "$in__objects" in exp_dn) [ -z "$in_containers" ] || upgrade_base ;; esac ;; download) [ -n "$in_base" ] && make_ldif $in_base ;; esac } message_loop alterator-openldap-0.8.1/help/000075500000000000000000000000001204430145500162415ustar00rootroot00000000000000alterator-openldap-0.8.1/help/ru_RU/000075500000000000000000000000001204430145500172755ustar00rootroot00000000000000alterator-openldap-0.8.1/help/ru_RU/openldap.html000064400000000000000000000032751204430145500217740ustar00rootroot00000000000000

Служба каталогов

Назначение модуля

Служба каталогов представляет собой средство централизованного хранения данных, организованных в виде древовидной (иерархической) структуры.

Модуль предназначен для выполнения следующих операций:

  • настройка параметров приёма соединений;
  • включение и выключение отдельных модулей сервера;

Общие параметры конфигурации

В данном разделе расположен набор переключателей. Первые три из них: "Принимать только локальные соединения", "Включить порт LDAP" и "Включить LDAPS", предназначены для конфигурации режима приёма соединений.

Внимание! Новые настройки вступают в силу только после перезапуска службы. Осуществить это можно, воспользовавшись модулем «Системные службы».

alterator-openldap-0.8.1/openldap/000075500000000000000000000000001204430145500171135ustar00rootroot00000000000000alterator-openldap-0.8.1/openldap/containers/000075500000000000000000000000001204430145500212605ustar00rootroot00000000000000alterator-openldap-0.8.1/openldap/containers/AddressBook.def000064400000000000000000000001661204430145500241430ustar00rootroot00000000000000[Desktop Entry] Name=Node for Corporative AddressBook Name[ru]=Корпоративная адресная книга alterator-openldap-0.8.1/openldap/containers/Aliases.def000064400000000000000000000001531204430145500233200ustar00rootroot00000000000000[Desktop Entry] Name=Node for mail aliases Name[ru]=Псевдонимы электронной почты alterator-openldap-0.8.1/openldap/containers/Computers.def000064400000000000000000000002001204430145500237110ustar00rootroot00000000000000[Desktop Entry] Name=Node for Workstations Name[ru]=Узел для зарегистрированных компьютеров alterator-openldap-0.8.1/openldap/containers/Group.def000064400000000000000000000001531204430145500230330ustar00rootroot00000000000000[Desktop Entry] Name=Node for User's Groups Name[ru]=Узел для Групп пользователей alterator-openldap-0.8.1/openldap/containers/Hosts.def000064400000000000000000000001031204430145500230320ustar00rootroot00000000000000[Desktop Entry] Name=Node for Hosts Name[ru]=Узел для Hosts alterator-openldap-0.8.1/openldap/containers/Networks.def000064400000000000000000000001131204430145500235470ustar00rootroot00000000000000[Desktop Entry] Name=Node for Networks Name[ru]=Узел для Сетей alterator-openldap-0.8.1/openldap/containers/People.def000064400000000000000000000001051204430145500231600ustar00rootroot00000000000000[Desktop Entry] Name=Node for People Name[ru]=Узел для People alterator-openldap-0.8.1/openldap/containers/Protocols.def000064400000000000000000000001661204430145500237270ustar00rootroot00000000000000[Desktop Entry] Name=Node for Protokols Name[ru]=Узел для описания сетевых протоколов alterator-openldap-0.8.1/openldap/containers/Rpc.def000064400000000000000000000001201204430145500224550ustar00rootroot00000000000000[Desktop Entry] Name=Node for RPC Name[ru]=Узел для описания RPC alterator-openldap-0.8.1/openldap/containers/Services.def000064400000000000000000000001611204430145500235210ustar00rootroot00000000000000[Desktop Entry] Name=Node for Services Name[ru]=Узел для описания сетевых сервисов alterator-openldap-0.8.1/openldap/knowncontainers000064400000000000000000000001211204430145500222520ustar00rootroot00000000000000AddressBook Aliases Computers Group Hosts Networks People Protocols Rpc Services alterator-openldap-0.8.1/ui/000075500000000000000000000000001204430145500157265ustar00rootroot00000000000000alterator-openldap-0.8.1/ui/openldap/000075500000000000000000000000001204430145500175305ustar00rootroot00000000000000alterator-openldap-0.8.1/ui/openldap/ajax.scm000064400000000000000000000171021204430145500211600ustar00rootroot00000000000000(define-module (ui openldap ajax) :use-module (alterator woo) :use-module (alterator ajax) :use-module (alterator str) :use-module (alterator card-index) :export (init)) (define *have-ldif* "no") (define *samba* "No") (define *mode* "RO") (define (check_samba) (let* ((data (woo "check" "/openldap/" ))) (set! *samba* (woo-get-option (car data) 'samba3))) (if (equal? *samba* "Yes") (set! *mode* "RW")) ) (define (repair_samba) (let* ((data (woo "repair" "/openldap/" ))) (set! *samba* (woo-get-option (car data) 'samba3))) (ui-init) ) (define (read_only) (set! *mode* "RO") (form-update-visibility '("ro_info") #t ) (form-update-activity '("newdn_btn" "expert_dn_btn") #f ) (ui-init) ) (define (read_ports) (form-update-value-list '("daemon" "daemon_state" "local" "enable_tls" "local_and_tls" "key_state") (woo-read-first "/openldap/config" 'language (form-value "language")))) (define (change_daemon) (catch/message (lambda() (woo-write "/openldap/daemon" 'status (form-value "daemon")))) (read_ports) ) (define (save-main) (let ((local (form-value "local")) (enable_tls (form-value "enable_tls")) (local_and_tls (form-value "local_and_tls")) ) (woo "save" "/openldap" 'local local 'enable_tls enable_tls 'local_and_tls local_and_tls)) (read_ports)) (define (newdn) (if (string-contains-ci (form-value "newdnname") "?") (begin (form-update-value "newdnname" (string-append (form-value "newdnname") "?"))) (begin (if (not (string-null? (form-value "newdnname") )) (begin (let ((newdnname (form-value "newdnname"))) (catch/message (lambda() (woo-new "/openldap/dn" 'newdnname newdnname 'language (form-value "language")) (ui-init) (form-update-visibility '("new_dn_area") #f ) (form-update-visibility '("list_dn_area") #t ))))) (begin (form-update-value "newdnname" "?")))) ) ) (define (adddn) (reset_exp_form) (form-update-visibility '("new_dn_area") #t ) (form-update-visibility '("list_dn_area") #f ) (form-update-visibility '("config") #f ) (f-update-list "available_containers" "/openldap/available_containers") (f-reset "/openldap/available_containers") (if (string-contains-ci (form-value "newdnname") "?") (form-update-value "newdnname" "")) ) (define (ret_list) (form-update-visibility '("new_dn_area") #f ) (form-update-visibility '("list_dn_area") #t ) (form-update-visibility '("config") #t ) (form-update-visibility '("schema_area") #f ) ) (define (show_schema) (form-update-visibility '("new_dn_area") #f ) (form-update-visibility '("list_dn_area") #f ) (form-update-visibility '("config") #f ) (form-update-visibility '("schema_area") #t ) ) (define (include_schema) (catch/message (lambda() (woo-write "/openldap/avail_schema" 'schemas (form-value "avail_schema")))) (ui-init)) (define (ldif_prepare_base) (if (not (string-null? (form-value "ldif_file"))) (call-with-form-file "ldif_file" (lambda(path) (catch/message (lambda() (woo-write "/openldap/newldif" 'ldif_file path 'language (form-value "language")) (let* ((data (woo-read "/openldap/fromldif" 'language (form-value "language")))) (form-update-value-list data)) ))))) (set! *have-ldif* "yes") ) (define (add_schema) (call-with-form-file "schema_file" (lambda(path) (catch/message (lambda() (woo-new "/openldap/schema" 'schema_file path 'schema_name (form-value "newschemaname")) )))) (form-update-enum "avail_schema" (woo-list "/openldap/avail_schema" 'language (form-value "language"))) (f-reset "/openldap/avail_schema") (form-update-value "newschemaname" "") (form-update-value "schema_file" "") ) (define (deldn) (catch/message (lambda() (apply woo-delete "/openldap" 'language (form-value "language") (form-value-list '("avail_dn" "name" "conf" "dstat"))) (ui-init) ))) (define (use_encript_pw) (let ((status (form-value "encript_pw"))) (form-update-visibility '("pw_alert") status))) (define (prepare_base) (let ((newdnname (form-value "newfqdnname"))) (f-reset "/openldap/base" 'newdnname newdnname ))) (define (change_ports) (form-update-value "local" "#f") (form-update-value "enable_tls" "#f")) (define (set_local) (form-update-value "local_and_tls" "#f")) (define (reset_exp_form) (form-update-visibility '("pw_alert") #f) (form-update-value "newfqdnname" "") (form-update-value "basedn" "") (form-update-value "binddn" "") (form-update-value "bindpw" "") (form-update-value "encript_pw" "#f") (set! *have-ldif* "no") (form-update-value "ldif_file" "") ) (define (addexpert_dn) (if (equal? *have-ldif* "no") (begin (woo "new" "/openldap/exp_dn" 'basedn (form-value "basedn") 'binddn (form-value "binddn") 'bindpw (form-value "bindpw") 'encript_pw (form-value "encript_pw") 'containers (form-value "available_containers") 'plus_containers (form-value "plus_containers") 'language (form-value "language"))) (begin (woo "new" "/openldap/fromldif" 'bindpw (form-value "bindpw") 'encript_pw (form-value "encript_pw") 'language (form-value "language"))) ) (reset_exp_form) (ui-init) (form-update-visibility '("new_dn_area") #f ) (form-update-visibility '("list_dn_area") #t ) ) (define (new_pass) (form-update-value-list '("bindpw") (car (woo "generate" "/openldap"))) ) (define (ui-init) (check_samba) (if (or (equal? *samba* "Yes") (equal? *mode* "RO")) (begin (form-update-visibility '("samba_warn") #f ) (read_ports) (form-update-value "newdnname" "") (form-update-enum "avail_dn" (woo-list "/openldap/avail_dn" 'language (form-value "language"))) (form-update-enum "avail_schema" (woo-list "/openldap/avail_schema" 'language (form-value "language"))) (f-reset "/openldap/avail_schema") (form-update-visibility '("config" "list_dn_area") #t) (form-update-visibility '("schema_area" "new_dn_area") #f) (if (equal? *mode* "RW") (begin (form-update-activity '("newdn_btn" "expert_dn_btn") #t) (form-update-visibility '("ro_info") #f)) (begin (form-update-activity '("newdn_btn" "expert_dn_btn") #f) (form-update-visibility '("ro_info") #t)) )) (begin (form-update-visibility '("config" "list_dn_area" ) #f ) (form-update-visibility '("samba_warn") #t )) ) ) (define (init) (ui-init) (form-bind "repair" "click" repair_samba) (form-bind "readonly" "click" read_only) (form-bind "main_btn" "click" save-main) (form-bind "newdn_btn" "click" newdn) (form-bind "deldn_btn" "click" deldn) (form-bind "adddn_btn" "click" adddn) (form-bind "expert_dn_btn" "click" addexpert_dn) (form-bind "ret_btn" "click" ret_list) (form-bind "new_pass_btn" "click" new_pass) (form-bind "manage_schema" "click" show_schema) (form-bind "schema_btn" "click" include_schema) (form-bind-upload "addschema_btn" "click" "schema_file" add_schema) (form-bind-upload "prepare_ldif_btn" "click" "ldif_file" ldif_prepare_base) (form-bind "newfqdnname" "change" prepare_base) (form-bind "encript_pw" "change" use_encript_pw) (form-bind "daemon" "change" change_daemon) (form-bind "local_and_tls" "change" change_ports) (form-bind "local" "change" set_local) (form-bind "enable_tls" "change" set_local) ) alterator-openldap-0.8.1/ui/openldap/index.html000064400000000000000000000230761204430145500215350ustar00rootroot00000000000000
RO mode. You can delete some bases and can't create new bases.
You can manage schemas.
Samba scheme not included in /etc/slapd.conf
Creation of new base can make your slapd service inaccessible !!!
Repair configuration?

Main server option
  Enable SLAPD server Current state
  Accept only local connections
  Enable LDAPS (TLS)
  LDAP on local and LDAPS (TLS) on all interfaces

Schema management
Schema Config File

Addition of the conflicting schemes or
disabling some schemes may cause your databases inoperable!
You have been warned...
New schema name:    from file:   

Bases management
Base DN Config File Status
 
New base DN:    
Load from LDIF file 
New base:
Your FQDN:
Base DN:
Bind DN:
Bind PW:
Encript rootPW
For SAMBA PDC (coming soon...)
Please, remember this password!!!
Encripted passwor NOT accessible for other modules.
You will be asked for a password every time
of using modules, e.g. "Users" and "Groups".
Create containers:


(Separated by commas or spaces. Without ou=)
 
alterator-openldap-0.8.1/ui/openldap/selected_dn/000075500000000000000000000000001204430145500220015ustar00rootroot00000000000000alterator-openldap-0.8.1/ui/openldap/selected_dn/ajax.scm000064400000000000000000000055431204430145500234370ustar00rootroot00000000000000(define-module (ui openldap selected_dn ajax) :use-module (alterator ajax) :use-module (alterator woo) :use-module (alterator card-index) :use-module (alterator str) :use-module (alterator effect) :export (init)) (define *rootdn* "") (define *rootpw* "") (define *bind_info* "") (define (ui-read) (form-update-value "bdn" (form-value "name")) (test_bind) (form-update-enum "actions" (woo-list "/openldap/avail_actions" 'language (form-value "language"))) (form-update-enum "container_dn" (woo-list "/openldap/present_containers" 'base (form-value "name") 'language (form-value "language"))) (let ((available-list (woo-list "/openldap/available_containers" 'base (form-value "name") 'language (form-value "language")))) (form-update-enum "available_new" available-list) ; (if (null? available-list) ; (begin ; (form-update-visibility "create-containers_btn" #f) ; (form-update-visibility "addcontainer_area" #f)) ; (begin ; (form-update-visibility "create-containers_btn" #t) ; (form-update-visibility "addcontainer_area" #t) ; (form-update-enum "available_new" available-list)) ; ) ) (form-update-value "plus_containers_new" "") ) (define (test_bind) (if (not (string-contains-ci *rootdn* (form-value "name"))) (begin (let* ((data (woo-read "/openldap/selected_dn" 'name (form-value "name")))) (set! *bind_info* (woo-get-option (car data) 'bind_info)) (set! *rootdn* (woo-get-option (car data) 'rootdn)) (set! *rootpw* (woo-get-option (car data) 'rootpw)) (form-update-value "bind_rootdn" *rootdn*) (form-update-value "bind_rootpw" *rootpw*) ))) (bind_request) ) (define (bind_request) (if (equal? *bind_info* "present") (begin (form-update-visibility "main_table" #t) (form-update-visibility "need_bind_info" #f)) (begin (form-update-visibility "main_table" #f) (form-update-visibility "need_bind_info" #t))) ) (define (set_bind) (if (not (string-null? (form-value "bind_rootpw"))) (begin (set! *rootpw* (form-value "bind_rootpw")) (set! *rootdn* (form-value "bind_rootdn")) (set! *bind_info* "present"))) (bind_request) ) (define (upgrade_dn) (woo "upgrade" "/openldap/exp_dn" 'base (form-value "name") 'binddn *rootdn* 'bindpw *rootpw* 'containers (form-value "available_new") 'plus_containers (form-value "plus_containers_new") 'language (form-value "language")) (ui-read) ) (define (download-ldif) (form-replace "/openldap/selected_dn/download" 'base (form-value "name")) ) (define (return) (form-replace "/openldap")) (define (init) (ui-read) (form-bind "bind_btn" "click" set_bind) (form-bind "return_to" "click" return) (form-bind "export_to_ldif_btn" "click" download-ldif) (form-bind "create-containers_btn" "click" upgrade_dn) ) alterator-openldap-0.8.1/ui/openldap/selected_dn/download/000075500000000000000000000000001204430145500236105ustar00rootroot00000000000000alterator-openldap-0.8.1/ui/openldap/selected_dn/download/ajax.scm000064400000000000000000000010511204430145500252340ustar00rootroot00000000000000(define-module (ui openldap selected_dn download ajax) :use-module (alterator algo) :use-module (alterator ajax) :use-module (alterator woo) :export (ui)) (define (ui) (let ((base (form-value "base"))) (and (string? base) (ui-blob "ldif_file" (cond-car (woo "download" "/openldap" 'base base)) "text/plain" (string-append (string-join (map (lambda (s) (cadr (string-split s #\=))) (string-split base #\,)) ".") ".ldif"))))) alterator-openldap-0.8.1/ui/openldap/selected_dn/index.html000064400000000000000000000047041204430145500240030ustar00rootroot00000000000000

Managed base: 

Please enter correct bind data for this base  
root dn:    root password: 
Select action:
Containers in base:
 Available Containers:

(Separated by commas or spaces. Without ou=)