forked from extern/egroupware
WIP account-migration incl. mail-attributes AD --> SQL --> Univentionapi/src/Accounts*
This commit is contained in:
parent
a11b9a266b
commit
2353439517
@ -45,7 +45,8 @@ if (!is_object($GLOBALS['egw_setup']->db))
|
|||||||
}
|
}
|
||||||
// Load configuration values account_repository and auth_type, as setup has not yet done so
|
// Load configuration values account_repository and auth_type, as setup has not yet done so
|
||||||
foreach($GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->config_table,'config_name,config_value',
|
foreach($GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->config_table,'config_name,config_value',
|
||||||
"config_name LIKE 'ldap%' OR config_name LIKE 'account_%' OR config_name LIKE '%encryption%' OR config_name='auth_type' OR config_name='mail_suffix' OR config_name LIKE 'ads_%'",
|
"config_name LIKE 'ldap%' OR config_name LIKE 'account_%' OR config_name LIKE '%encryption%' OR ".
|
||||||
|
"config_name IN ('auth_type','install_id','mail_suffix') OR config_name LIKE 'ads_%'",
|
||||||
__LINE__,__FILE__) as $row)
|
__LINE__,__FILE__) as $row)
|
||||||
{
|
{
|
||||||
$GLOBALS['egw_info']['server'][$row['config_name']] = $row['config_value'];
|
$GLOBALS['egw_info']['server'][$row['config_name']] = $row['config_value'];
|
||||||
@ -58,7 +59,7 @@ if (!$from && !($from = $GLOBALS['egw_info']['server']['auth_type']))
|
|||||||
$to = $from == 'sql' ? 'ldap' : 'sql';
|
$to = $from == 'sql' ? 'ldap' : 'sql';
|
||||||
|
|
||||||
// for Univention: cant check /etc/lsb-release, because it's not in open_basedir!
|
// for Univention: cant check /etc/lsb-release, because it's not in open_basedir!
|
||||||
if ($to == 'ldap' && @file_exists('/usr/share/univention-directory-manager-tools'))
|
if ($to == 'ldap' && Api\Accounts\Univention::available())
|
||||||
{
|
{
|
||||||
$to = 'univention';
|
$to = 'univention';
|
||||||
}
|
}
|
||||||
@ -154,6 +155,9 @@ if (!$_POST['migrate'] && !$_POST['passwords2sql'])
|
|||||||
}
|
}
|
||||||
else // do the migration
|
else // do the migration
|
||||||
{
|
{
|
||||||
|
// switching off execution time limit, as migration can take quite some time
|
||||||
|
@set_time_limit(0);
|
||||||
|
|
||||||
$cmd->only = (array)$_POST['users'];
|
$cmd->only = (array)$_POST['users'];
|
||||||
if (empty($_POST['passwords2sql'])) $cmd->only = array_merge($cmd->only, (array)$_POST['groups']);
|
if (empty($_POST['passwords2sql'])) $cmd->only = array_merge($cmd->only, (array)$_POST['groups']);
|
||||||
$cmd->verbose = true;
|
$cmd->verbose = true;
|
||||||
@ -163,6 +167,7 @@ else // do the migration
|
|||||||
if ($_POST['migrate'])
|
if ($_POST['migrate'])
|
||||||
{
|
{
|
||||||
Api\Config::save_value('account_repository', $GLOBALS['egw_info']['server']['account_repository']=$to, 'phpgwapi');
|
Api\Config::save_value('account_repository', $GLOBALS['egw_info']['server']['account_repository']=$to, 'phpgwapi');
|
||||||
|
if ($to == 'univention') $to = 'ldap'; // there is no auth type "univention", just "ldap"
|
||||||
if (empty($GLOBALS['egw_info']['server']['auth_type']) || $GLOBALS['egw_info']['server']['auth_type'] == $from)
|
if (empty($GLOBALS['egw_info']['server']['auth_type']) || $GLOBALS['egw_info']['server']['auth_type'] == $from)
|
||||||
{
|
{
|
||||||
Api\Config::save_value('auth_type', $GLOBALS['egw_info']['server']['auth_type']=$to, 'phpgwapi');
|
Api\Config::save_value('auth_type', $GLOBALS['egw_info']['server']['auth_type']=$to, 'phpgwapi');
|
||||||
|
@ -50,6 +50,12 @@ use EGroupware\Api;
|
|||||||
* ldap_context=ou=accounts,dc=local ldap_root_dn=cn=admin,dc=local ldap_root_pw=secret ldap_host=localhost
|
* ldap_context=ou=accounts,dc=local ldap_root_dn=cn=admin,dc=local ldap_root_pw=secret ldap_host=localhost
|
||||||
*
|
*
|
||||||
* - updating passwords for existing users in SQL from LDAP, eg. to switch off authentication to LDAP on a SQL install.
|
* - updating passwords for existing users in SQL from LDAP, eg. to switch off authentication to LDAP on a SQL install.
|
||||||
|
*
|
||||||
|
* - migrate whole domain from AD to Univention:
|
||||||
|
* 1. migrate from AD --> SQL including mail-attributes
|
||||||
|
* 2. optionaly fix user-names etc in SQL
|
||||||
|
* 3. migrate from SQL --> Univention (make sure NOT to select existing users like "join-backup/slaves"
|
||||||
|
* and delete "anonymous" user from EGroupware App install in UCS)
|
||||||
*/
|
*/
|
||||||
class setup_cmd_ldap extends setup_cmd
|
class setup_cmd_ldap extends setup_cmd
|
||||||
{
|
{
|
||||||
@ -517,6 +523,19 @@ class setup_cmd_ldap extends setup_cmd
|
|||||||
$errors++;
|
$errors++;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
if ($accounts_obj->exists($account['account_lid']))
|
||||||
|
{
|
||||||
|
$msg[] = lang('%1 already exists in %2.',
|
||||||
|
lang('User').' '.$account['account_lid'].' ('.$account_id.')', $target);
|
||||||
|
$errors++;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if ($to == 'univention' && in_array($account['account_lid'], array('root')))
|
||||||
|
{
|
||||||
|
$msg[] = lang('%1 not allowed to create in Univention.', $what);
|
||||||
|
$errors++;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
if ($to != 'sql')
|
if ($to != 'sql')
|
||||||
{
|
{
|
||||||
if ($GLOBALS['egw_info']['server']['ldap_extra_attributes'])
|
if ($GLOBALS['egw_info']['server']['ldap_extra_attributes'])
|
||||||
@ -668,7 +687,7 @@ class setup_cmd_ldap extends setup_cmd
|
|||||||
$addressbook = new Api\Contacts\Storage();
|
$addressbook = new Api\Contacts\Storage();
|
||||||
foreach($this->as_array() as $name => $value)
|
foreach($this->as_array() as $name => $value)
|
||||||
{
|
{
|
||||||
if (substr($name, 5) == 'ldap_')
|
if (substr($name, 5) == 'ldap_' || substr($name, 4) == 'ads_')
|
||||||
{
|
{
|
||||||
$GLOBALS['egw_info']['server'][$name] = $value;
|
$GLOBALS['egw_info']['server'][$name] = $value;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user