ActiveSambaLdap 0.0.7
Sign up to get free protection for your applications and to get access to all the features.
- data/NEWS.en +40 -0
- data/NEWS.ja +44 -0
- data/README.en +366 -0
- data/README.ja +361 -0
- data/Rakefile +168 -0
- data/bin/asl-groupadd +73 -0
- data/bin/asl-groupadd.help +1 -0
- data/bin/asl-groupdel +61 -0
- data/bin/asl-groupdel.help +1 -0
- data/bin/asl-groupmod +137 -0
- data/bin/asl-groupmod.help +1 -0
- data/bin/asl-groupshow +33 -0
- data/bin/asl-groupshow.help +1 -0
- data/bin/asl-passwd +90 -0
- data/bin/asl-passwd.help +1 -0
- data/bin/asl-populate +101 -0
- data/bin/asl-populate.help +1 -0
- data/bin/asl-purge +26 -0
- data/bin/asl-purge.help +1 -0
- data/bin/asl-samba-computeradd +96 -0
- data/bin/asl-samba-computeradd.help +1 -0
- data/bin/asl-samba-groupadd +57 -0
- data/bin/asl-samba-groupadd.help +1 -0
- data/bin/asl-samba-groupdel +55 -0
- data/bin/asl-samba-groupdel.help +1 -0
- data/bin/asl-samba-groupmod +99 -0
- data/bin/asl-samba-groupmod.help +1 -0
- data/bin/asl-samba-useradd +100 -0
- data/bin/asl-samba-useradd.help +1 -0
- data/bin/asl-samba-userdel +49 -0
- data/bin/asl-samba-userdel.help +1 -0
- data/bin/asl-samba-usermod +94 -0
- data/bin/asl-samba-usermod.help +1 -0
- data/bin/asl-useradd +264 -0
- data/bin/asl-useradd.help +1 -0
- data/bin/asl-userdel +84 -0
- data/bin/asl-userdel.help +1 -0
- data/bin/asl-usermod +335 -0
- data/bin/asl-usermod.help +1 -0
- data/bin/asl-usershow +33 -0
- data/bin/asl-usershow.help +1 -0
- data/lib/active_samba_ldap.rb +42 -0
- data/lib/active_samba_ldap/account_entry.rb +208 -0
- data/lib/active_samba_ldap/base.rb +137 -0
- data/lib/active_samba_ldap/command.rb +100 -0
- data/lib/active_samba_ldap/computer.rb +24 -0
- data/lib/active_samba_ldap/computer_account_entry.rb +34 -0
- data/lib/active_samba_ldap/configuration.rb +333 -0
- data/lib/active_samba_ldap/dc.rb +19 -0
- data/lib/active_samba_ldap/entry.rb +81 -0
- data/lib/active_samba_ldap/get_text_support.rb +12 -0
- data/lib/active_samba_ldap/group.rb +17 -0
- data/lib/active_samba_ldap/group_entry.rb +187 -0
- data/lib/active_samba_ldap/idmap.rb +19 -0
- data/lib/active_samba_ldap/ou.rb +20 -0
- data/lib/active_samba_ldap/populate.rb +257 -0
- data/lib/active_samba_ldap/reloadable.rb +15 -0
- data/lib/active_samba_ldap/samba_account_entry.rb +225 -0
- data/lib/active_samba_ldap/samba_entry.rb +26 -0
- data/lib/active_samba_ldap/samba_group_entry.rb +143 -0
- data/lib/active_samba_ldap/unix_id_pool.rb +43 -0
- data/lib/active_samba_ldap/user.rb +44 -0
- data/lib/active_samba_ldap/user_account_entry.rb +30 -0
- data/lib/active_samba_ldap/version.rb +3 -0
- data/lib/samba/encrypt.rb +86 -0
- data/misc/rd2html.rb +42 -0
- data/po/ja/active-samba-ldap.po +465 -0
- data/rails/README +30 -0
- data/rails/init.rb +33 -0
- data/rails_generators/scaffold_active_samba_ldap/scaffold_active_samba_ldap_generator.rb +27 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/computer.rb +3 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/dc.rb +3 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/group.rb +3 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/idmap.rb +3 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/ldap.yml +24 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/ou.rb +3 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/samba_controller.rb +12 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/samba_helper.rb +2 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/samba_index.rhtml +17 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/samba_populate.rhtml +15 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/samba_purge.rhtml +10 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/unix_id_pool.rb +3 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/user.rb +3 -0
- data/setup.rb +1585 -0
- data/test-unit/History.txt +107 -0
- data/test-unit/README.txt +52 -0
- data/test-unit/Rakefile +40 -0
- data/test-unit/TODO +5 -0
- data/test-unit/bin/testrb +5 -0
- data/test-unit/lib/test/unit.rb +342 -0
- data/test-unit/lib/test/unit/assertionfailederror.rb +14 -0
- data/test-unit/lib/test/unit/assertions.rb +1149 -0
- data/test-unit/lib/test/unit/attribute.rb +125 -0
- data/test-unit/lib/test/unit/autorunner.rb +329 -0
- data/test-unit/lib/test/unit/collector.rb +43 -0
- data/test-unit/lib/test/unit/collector/descendant.rb +23 -0
- data/test-unit/lib/test/unit/collector/dir.rb +108 -0
- data/test-unit/lib/test/unit/collector/load.rb +135 -0
- data/test-unit/lib/test/unit/collector/objectspace.rb +34 -0
- data/test-unit/lib/test/unit/color-scheme.rb +86 -0
- data/test-unit/lib/test/unit/color.rb +96 -0
- data/test-unit/lib/test/unit/diff.rb +538 -0
- data/test-unit/lib/test/unit/error.rb +124 -0
- data/test-unit/lib/test/unit/exceptionhandler.rb +39 -0
- data/test-unit/lib/test/unit/failure.rb +110 -0
- data/test-unit/lib/test/unit/fixture.rb +176 -0
- data/test-unit/lib/test/unit/notification.rb +125 -0
- data/test-unit/lib/test/unit/omission.rb +143 -0
- data/test-unit/lib/test/unit/pending.rb +146 -0
- data/test-unit/lib/test/unit/priority.rb +181 -0
- data/test-unit/lib/test/unit/runner/console.rb +52 -0
- data/test-unit/lib/test/unit/runner/emacs.rb +8 -0
- data/test-unit/lib/test/unit/testcase.rb +425 -0
- data/test-unit/lib/test/unit/testresult.rb +89 -0
- data/test-unit/lib/test/unit/testsuite.rb +110 -0
- data/test-unit/lib/test/unit/ui/console/outputlevel.rb +14 -0
- data/test-unit/lib/test/unit/ui/console/testrunner.rb +223 -0
- data/test-unit/lib/test/unit/ui/emacs/testrunner.rb +49 -0
- data/test-unit/lib/test/unit/ui/testrunner.rb +20 -0
- data/test-unit/lib/test/unit/ui/testrunnermediator.rb +77 -0
- data/test-unit/lib/test/unit/ui/testrunnerutilities.rb +41 -0
- data/test-unit/lib/test/unit/util/backtracefilter.rb +41 -0
- data/test-unit/lib/test/unit/util/method-owner-finder.rb +28 -0
- data/test-unit/lib/test/unit/util/observable.rb +90 -0
- data/test-unit/lib/test/unit/util/procwrapper.rb +48 -0
- data/test-unit/lib/test/unit/version.rb +7 -0
- data/test-unit/sample/adder.rb +13 -0
- data/test-unit/sample/subtracter.rb +12 -0
- data/test-unit/sample/tc_adder.rb +18 -0
- data/test-unit/sample/tc_subtracter.rb +18 -0
- data/test-unit/sample/test_user.rb +22 -0
- data/test-unit/sample/ts_examples.rb +7 -0
- data/test-unit/test/collector/test-descendant.rb +135 -0
- data/test-unit/test/collector/test-load.rb +333 -0
- data/test-unit/test/collector/test_dir.rb +406 -0
- data/test-unit/test/collector/test_objectspace.rb +98 -0
- data/test-unit/test/run-test.rb +13 -0
- data/test-unit/test/test-attribute.rb +86 -0
- data/test-unit/test/test-color-scheme.rb +56 -0
- data/test-unit/test/test-color.rb +47 -0
- data/test-unit/test/test-diff.rb +477 -0
- data/test-unit/test/test-emacs-runner.rb +60 -0
- data/test-unit/test/test-fixture.rb +287 -0
- data/test-unit/test/test-notification.rb +33 -0
- data/test-unit/test/test-omission.rb +81 -0
- data/test-unit/test/test-pending.rb +70 -0
- data/test-unit/test/test-priority.rb +119 -0
- data/test-unit/test/test-testcase.rb +507 -0
- data/test-unit/test/test_assertions.rb +1082 -0
- data/test-unit/test/test_error.rb +26 -0
- data/test-unit/test/test_failure.rb +33 -0
- data/test-unit/test/test_testresult.rb +113 -0
- data/test-unit/test/test_testsuite.rb +129 -0
- data/test-unit/test/testunit-test-util.rb +14 -0
- data/test-unit/test/ui/test_testrunmediator.rb +20 -0
- data/test-unit/test/util/test-method-owner-finder.rb +38 -0
- data/test-unit/test/util/test_backtracefilter.rb +41 -0
- data/test-unit/test/util/test_observable.rb +102 -0
- data/test-unit/test/util/test_procwrapper.rb +36 -0
- data/test/asl-test-utils.rb +276 -0
- data/test/command.rb +67 -0
- data/test/config.yaml.sample +17 -0
- data/test/run-test.rb +20 -0
- data/test/test_asl_groupadd.rb +69 -0
- data/test/test_asl_groupdel.rb +88 -0
- data/test/test_asl_groupmod.rb +259 -0
- data/test/test_asl_groupshow.rb +21 -0
- data/test/test_asl_passwd.rb +126 -0
- data/test/test_asl_populate.rb +92 -0
- data/test/test_asl_purge.rb +21 -0
- data/test/test_asl_useradd.rb +712 -0
- data/test/test_asl_userdel.rb +75 -0
- data/test/test_asl_usermod.rb +549 -0
- data/test/test_asl_usershow.rb +27 -0
- data/test/test_entry.rb +21 -0
- data/test/test_group.rb +21 -0
- data/test/test_password.rb +51 -0
- data/test/test_samba_encrypt.rb +35 -0
- data/test/test_user_home_directory.rb +43 -0
- metadata +314 -0
@@ -0,0 +1,15 @@
|
|
1
|
+
module ActiveSambaLdap
|
2
|
+
module Reloadable
|
3
|
+
def self.included(base)
|
4
|
+
super
|
5
|
+
return unless Object.const_defined?(:Reloadable)
|
6
|
+
base.class_eval do
|
7
|
+
if ::Reloadable.const_defined?(:Deprecated)
|
8
|
+
include ::Reloadable::Deprecated
|
9
|
+
else
|
10
|
+
include ::Reloadable::Subclasses
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,225 @@
|
|
1
|
+
module ActiveSambaLdap
|
2
|
+
module SambaAccountEntry
|
3
|
+
def self.included(base)
|
4
|
+
super
|
5
|
+
base.extend(ClassMethods)
|
6
|
+
end
|
7
|
+
|
8
|
+
# from source/include/rpc_misc.c in Samba
|
9
|
+
DOMAIN_ADMIN_RID = 0x000001F4
|
10
|
+
DOMAIN_GUEST_RID = 0x000001F5
|
11
|
+
|
12
|
+
# from source/rpc_server/srv_util.c in Samba
|
13
|
+
DOMAIN_ADMIN_NAME = "Administrator"
|
14
|
+
DOMAIN_GUEST_NAME = "Guest"
|
15
|
+
|
16
|
+
WELL_KNOWN_RIDS = []
|
17
|
+
WELL_KNOWN_NAMES = []
|
18
|
+
constants.each do |name|
|
19
|
+
case name
|
20
|
+
when /_RID$/
|
21
|
+
WELL_KNOWN_RIDS << const_get(name)
|
22
|
+
when /_NAME$/
|
23
|
+
WELL_KNOWN_NAMES << const_get(name)
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
# FAR_FUTURE_TIME = Time.parse("2050/01/01").to_i.to_s
|
28
|
+
FAR_FUTURE_TIME = Time.parse("2038/01/18").to_i.to_s
|
29
|
+
ACCOUNT_FLAGS_RE = /\A\[([NDHTUMWSLXI ]+)\]\z/
|
30
|
+
|
31
|
+
module ClassMethods
|
32
|
+
def samba_object_class
|
33
|
+
"sambaSamAccount"
|
34
|
+
end
|
35
|
+
|
36
|
+
def uid2rid(uid)
|
37
|
+
uid = Integer(uid)
|
38
|
+
if WELL_KNOWN_RIDS.include?(uid)
|
39
|
+
uid
|
40
|
+
else
|
41
|
+
2 * uid + 1000
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
def rid2uid(rid)
|
46
|
+
rid = Integer(rid)
|
47
|
+
if WELL_KNOWN_RIDS.include?(rid)
|
48
|
+
rid
|
49
|
+
else
|
50
|
+
(Integer(rid) - 1000) / 2
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
def start_rid
|
55
|
+
uid2rid(start_uid)
|
56
|
+
end
|
57
|
+
|
58
|
+
private
|
59
|
+
def default_recommended_classes
|
60
|
+
super + [samba_object_class]
|
61
|
+
end
|
62
|
+
|
63
|
+
def primary_group_options(options)
|
64
|
+
super.merge(:extend => PrimaryGroupProxy)
|
65
|
+
end
|
66
|
+
|
67
|
+
module PrimaryGroupProxy
|
68
|
+
def replace(entry)
|
69
|
+
result = super
|
70
|
+
return result unless @owner.samba_available?
|
71
|
+
|
72
|
+
if @target and @target.samba_available?
|
73
|
+
if @target.samba_sid.to_s.empty?
|
74
|
+
raise GroupDoesNotHaveSambaSID.new(@target.gid_number)
|
75
|
+
end
|
76
|
+
@owner.samba_primary_group_sid = @target.samba_sid
|
77
|
+
else
|
78
|
+
@owner.samba_primary_group_sid = nil
|
79
|
+
end
|
80
|
+
|
81
|
+
result
|
82
|
+
end
|
83
|
+
end
|
84
|
+
end
|
85
|
+
|
86
|
+
def fill_default_values(options={})
|
87
|
+
result = super
|
88
|
+
return result unless samba_available?
|
89
|
+
|
90
|
+
self.samba_logon_time ||= "0"
|
91
|
+
self.samba_logoff_time ||= FAR_FUTURE_TIME
|
92
|
+
self.samba_kickoff_time ||= nil
|
93
|
+
|
94
|
+
password = options["password"]
|
95
|
+
change_samba_password(password) if password
|
96
|
+
self.samba_lm_password ||= "XXX"
|
97
|
+
self.samba_nt_password ||= "XXX"
|
98
|
+
self.samba_pwd_last_set ||= "0"
|
99
|
+
|
100
|
+
account_flags_is_not_set = samba_acct_flags.nil?
|
101
|
+
self.samba_acct_flags ||= default_account_flags
|
102
|
+
|
103
|
+
can_change_password = options["can_change_password"]
|
104
|
+
if can_change_password
|
105
|
+
self.enable_password_change
|
106
|
+
elsif account_flags_is_not_set or can_change_password == false
|
107
|
+
self.disable_password_change
|
108
|
+
end
|
109
|
+
|
110
|
+
must_change_password = options["must_change_password"]
|
111
|
+
if must_change_password
|
112
|
+
self.enable_forcing_password_change
|
113
|
+
elsif account_flags_is_not_set or must_change_password == false
|
114
|
+
self.disable_forcing_password_change
|
115
|
+
end
|
116
|
+
|
117
|
+
enable_account = options["enable"]
|
118
|
+
if enable_account
|
119
|
+
self.enable
|
120
|
+
elsif account_flags_is_not_set or enable_account == false
|
121
|
+
self.disable
|
122
|
+
end
|
123
|
+
|
124
|
+
self
|
125
|
+
end
|
126
|
+
|
127
|
+
def change_uid_number(uid, allow_non_unique=false)
|
128
|
+
result = super
|
129
|
+
return result unless samba_available?
|
130
|
+
|
131
|
+
rid = self.class.uid2rid(uid_number.to_s)
|
132
|
+
change_sid(rid, allow_non_unique)
|
133
|
+
end
|
134
|
+
|
135
|
+
def change_uid_number_by_rid(rid, allow_non_unique=false)
|
136
|
+
assert_samba_available
|
137
|
+
change_uid_number(self.class.rid2uid(rid), allow_non_unique)
|
138
|
+
end
|
139
|
+
|
140
|
+
def change_sid(rid, allow_non_unique=false)
|
141
|
+
assert_samba_available
|
142
|
+
sid = "#{self.class.configuration[:sid]}-#{rid}"
|
143
|
+
# check_unique_sid_number(sid) unless allow_non_unique
|
144
|
+
self.samba_sid = sid
|
145
|
+
end
|
146
|
+
|
147
|
+
def rid
|
148
|
+
assert_samba_available
|
149
|
+
Integer(samba_sid.split(/-/).last)
|
150
|
+
end
|
151
|
+
|
152
|
+
def change_samba_password(password)
|
153
|
+
assert_samba_available
|
154
|
+
self.samba_lm_password = Samba::Encrypt.lm_hash(password)
|
155
|
+
self.samba_nt_password = Samba::Encrypt.ntlm_hash(password)
|
156
|
+
self.samba_pwd_last_set = Time.now.to_i.to_s
|
157
|
+
end
|
158
|
+
|
159
|
+
def enable_password_change
|
160
|
+
assert_samba_available
|
161
|
+
self.samba_pwd_can_change = "0"
|
162
|
+
end
|
163
|
+
|
164
|
+
def disable_password_change
|
165
|
+
assert_samba_available
|
166
|
+
self.samba_pwd_can_change = FAR_FUTURE_TIME
|
167
|
+
end
|
168
|
+
|
169
|
+
def can_change_password?
|
170
|
+
assert_samba_available
|
171
|
+
samba_pwd_can_change.nil? or
|
172
|
+
Time.at(samba_pwd_can_change.to_i) <= Time.now
|
173
|
+
end
|
174
|
+
|
175
|
+
def enable_forcing_password_change
|
176
|
+
assert_samba_available
|
177
|
+
self.samba_pwd_must_change = "0"
|
178
|
+
if /X/ =~ samba_acct_flags.to_s
|
179
|
+
self.samba_acct_flags = samba_acct_flags.sub(/X/, '')
|
180
|
+
end
|
181
|
+
if samba_pwd_last_set.to_i.zero?
|
182
|
+
self.samba_pwd_last_set = FAR_FUTURE_TIME
|
183
|
+
end
|
184
|
+
end
|
185
|
+
|
186
|
+
def disable_forcing_password_change
|
187
|
+
assert_samba_available
|
188
|
+
self.samba_pwd_must_change = FAR_FUTURE_TIME
|
189
|
+
end
|
190
|
+
|
191
|
+
def must_change_password?
|
192
|
+
assert_samba_available
|
193
|
+
!(/X/ =~ samba_acct_flags.to_s or
|
194
|
+
samba_pwd_must_change.nil? or
|
195
|
+
Time.at(samba_pwd_must_change.to_i) > Time.now)
|
196
|
+
end
|
197
|
+
|
198
|
+
def enable
|
199
|
+
assert_samba_available
|
200
|
+
if /D/ =~ samba_acct_flags.to_s
|
201
|
+
self.samba_acct_flags = samba_acct_flags.gsub(/D/, '')
|
202
|
+
end
|
203
|
+
end
|
204
|
+
|
205
|
+
def disable
|
206
|
+
assert_samba_available
|
207
|
+
flags = ""
|
208
|
+
if ACCOUNT_FLAGS_RE =~ samba_acct_flags.to_s
|
209
|
+
flags = $1
|
210
|
+
return if /D/ =~ flags
|
211
|
+
end
|
212
|
+
self.samba_acct_flags = "[D#{flags}]"
|
213
|
+
end
|
214
|
+
|
215
|
+
def enabled?
|
216
|
+
assert_samba_available
|
217
|
+
!disabled?
|
218
|
+
end
|
219
|
+
|
220
|
+
def disabled?
|
221
|
+
assert_samba_available
|
222
|
+
(/D/ =~ samba_acct_flags.to_s) ? true : false
|
223
|
+
end
|
224
|
+
end
|
225
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
module ActiveSambaLdap
|
2
|
+
module SambaEntry
|
3
|
+
def samba_available?
|
4
|
+
classes.include?(samba_object_class)
|
5
|
+
end
|
6
|
+
|
7
|
+
def remove_samba_availability
|
8
|
+
remove_class(samba_object_class)
|
9
|
+
end
|
10
|
+
|
11
|
+
def ensure_samba_available
|
12
|
+
add_class(samba_object_class)
|
13
|
+
end
|
14
|
+
|
15
|
+
def samba_object_class
|
16
|
+
self.class.samba_object_class
|
17
|
+
end
|
18
|
+
|
19
|
+
private
|
20
|
+
def assert_samba_available
|
21
|
+
unless samba_available?
|
22
|
+
raise NotSambaAavialableError.new(self)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
@@ -0,0 +1,143 @@
|
|
1
|
+
require 'active_samba_ldap/samba_entry'
|
2
|
+
|
3
|
+
module ActiveSambaLdap
|
4
|
+
module SambaGroupEntry
|
5
|
+
include SambaEntry
|
6
|
+
|
7
|
+
def self.included(base)
|
8
|
+
super
|
9
|
+
base.extend(ClassMethods)
|
10
|
+
end
|
11
|
+
|
12
|
+
# from librpc/ndr/security.h in Samba
|
13
|
+
SID_BUILTIN = "S-1-5-32"
|
14
|
+
|
15
|
+
# from source/include/rpc_misc.c in Samba
|
16
|
+
DOMAIN_ADMINS_RID = 0x00000200
|
17
|
+
DOMAIN_USERS_RID = 0x00000201
|
18
|
+
DOMAIN_GUESTS_RID = 0x00000202
|
19
|
+
DOMAIN_COMPUTERS_RID = 0x00000203
|
20
|
+
|
21
|
+
LOCAL_ADMINS_RID = 0x00000220
|
22
|
+
LOCAL_USERS_RID = 0x00000221
|
23
|
+
LOCAL_GUESTS_RID = 0x00000222
|
24
|
+
LOCAL_POWER_USERS_RID = 0x00000223
|
25
|
+
|
26
|
+
LOCAL_ACCOUNT_OPERATORS_RID = 0x00000224
|
27
|
+
LOCAL_SYSTEM_OPERATORS_RID = 0x00000225
|
28
|
+
LOCAL_PRINT_OPERATORS_RID = 0x00000226
|
29
|
+
LOCAL_BACKUP_OPERATORS_RID = 0x00000227
|
30
|
+
|
31
|
+
LOCAL_REPLICATORS_RID = 0x00000228
|
32
|
+
|
33
|
+
|
34
|
+
# from source/rpc_server/srv_util.c in Samba
|
35
|
+
DOMAIN_ADMINS_NAME = "Domain Administrators"
|
36
|
+
DOMAIN_USERS_NAME = "Domain Users"
|
37
|
+
DOMAIN_GUESTS_NAME = "Domain Guests"
|
38
|
+
DOMAIN_COMPUTERS_NAME = "Domain Computers"
|
39
|
+
|
40
|
+
|
41
|
+
WELL_KNOWN_RIDS = []
|
42
|
+
WELL_KNOWN_NAMES = []
|
43
|
+
constants.each do |name|
|
44
|
+
case name
|
45
|
+
when /_RID$/
|
46
|
+
WELL_KNOWN_RIDS << const_get(name)
|
47
|
+
when /_NAME$/
|
48
|
+
WELL_KNOWN_NAMES << const_get(name)
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
|
53
|
+
# from source/librpc/idl/lsa.idl in Samba
|
54
|
+
TYPES = {
|
55
|
+
"domain" => 2,
|
56
|
+
"local" => 4,
|
57
|
+
"builtin" => 5,
|
58
|
+
}
|
59
|
+
|
60
|
+
module ClassMethods
|
61
|
+
def samba_object_class
|
62
|
+
"sambaGroupMapping"
|
63
|
+
end
|
64
|
+
|
65
|
+
def gid2rid(gid)
|
66
|
+
gid = Integer(gid)
|
67
|
+
if WELL_KNOWN_RIDS.include?(gid)
|
68
|
+
gid
|
69
|
+
else
|
70
|
+
2 * gid + 1001
|
71
|
+
end
|
72
|
+
end
|
73
|
+
|
74
|
+
def rid2gid(rid)
|
75
|
+
rid = Integer(rid)
|
76
|
+
if WELL_KNOWN_RIDS.include?(rid)
|
77
|
+
rid
|
78
|
+
else
|
79
|
+
(rid - 1001) / 2
|
80
|
+
end
|
81
|
+
end
|
82
|
+
|
83
|
+
def start_rid
|
84
|
+
gid2rid(start_gid)
|
85
|
+
end
|
86
|
+
|
87
|
+
private
|
88
|
+
def default_recommended_classes
|
89
|
+
super + [samba_object_class]
|
90
|
+
end
|
91
|
+
end
|
92
|
+
|
93
|
+
def fill_default_values(options={})
|
94
|
+
if samba_available?
|
95
|
+
options = options.stringify_keys
|
96
|
+
change_type(options["group_type"] || "domain") unless samba_group_type
|
97
|
+
self.display_name ||= options["display_name"] || cn
|
98
|
+
end
|
99
|
+
super
|
100
|
+
end
|
101
|
+
|
102
|
+
def change_gid_number(gid, allow_non_unique=false)
|
103
|
+
result = super
|
104
|
+
return result unless samba_available?
|
105
|
+
rid = self.class.gid2rid(gid_number)
|
106
|
+
change_sid(rid, allow_non_unique)
|
107
|
+
end
|
108
|
+
|
109
|
+
def change_gid_number_by_rid(rid, allow_non_unique=false)
|
110
|
+
assert_samba_available
|
111
|
+
change_gid_number(self.class.rid2gid(rid), allow_non_unique)
|
112
|
+
end
|
113
|
+
|
114
|
+
def change_sid(rid, allow_non_unique=false)
|
115
|
+
assert_samba_available
|
116
|
+
if (LOCAL_ADMINS_RID..LOCAL_REPLICATORS_RID).include?(rid.to_i)
|
117
|
+
sid = "#{SID_BUILTIN}-#{rid}"
|
118
|
+
else
|
119
|
+
sid = "#{self.class.configuration[:sid]}-#{rid}"
|
120
|
+
end
|
121
|
+
# check_unique_sid_number(sid) unless allow_non_unique
|
122
|
+
self.samba_sid = sid
|
123
|
+
end
|
124
|
+
|
125
|
+
def rid
|
126
|
+
assert_samba_available
|
127
|
+
Integer(samba_sid.split(/-/).last)
|
128
|
+
end
|
129
|
+
|
130
|
+
def change_type(type)
|
131
|
+
assert_samba_available
|
132
|
+
normalized_type = type.to_s.downcase
|
133
|
+
if TYPES.has_key?(normalized_type)
|
134
|
+
type = TYPES[normalized_type]
|
135
|
+
elsif TYPES.values.include?(type.to_i)
|
136
|
+
# pass
|
137
|
+
else
|
138
|
+
raise ArgumentError, _("invalid type: %s") % type
|
139
|
+
end
|
140
|
+
self.samba_group_type = type.to_s
|
141
|
+
end
|
142
|
+
end
|
143
|
+
end
|
@@ -0,0 +1,43 @@
|
|
1
|
+
require 'active_samba_ldap/base'
|
2
|
+
|
3
|
+
module ActiveSambaLdap
|
4
|
+
class UnixIdPool < Base
|
5
|
+
include Reloadable
|
6
|
+
|
7
|
+
class << self
|
8
|
+
def ldap_mapping(options={})
|
9
|
+
default_options = {
|
10
|
+
:dn_attribute => "sambaDomainName",
|
11
|
+
:prefix => "",
|
12
|
+
:classes => ["top", "sambaDomain", "sambaUnixIdPool"],
|
13
|
+
}
|
14
|
+
options = default_options.merge(options)
|
15
|
+
super options
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
def find_available_uid_number(account_class)
|
20
|
+
find_available_number(account_class, "uidNumber", uid_number) do
|
21
|
+
account_class.configuration[:start_uid]
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
def find_available_gid_number(group_class)
|
26
|
+
find_available_number(group_class, "gidNumber", gid_number) do
|
27
|
+
group_class.configuration[:start_gid]
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
private
|
32
|
+
def find_available_number(klass, key, start_value)
|
33
|
+
number = Integer(start_value || yield)
|
34
|
+
|
35
|
+
100.times do |i|
|
36
|
+
return number if klass.search(:filter => "(#{key}=#{number})").empty?
|
37
|
+
number += 1
|
38
|
+
end
|
39
|
+
|
40
|
+
nil
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|