From b9102b010c5dd29c5f00911b525dbaf77344d81e Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Sat, 25 May 2013 11:07:38 +0000 Subject: [PATCH] * Sambaadmin: create new users/groups in LDAP with uidNumber/gidNumber matching relative id (last part of SID) to ease migration to AD or Samba4 --- phpgwapi/inc/class.accounts.inc.php | 1 + phpgwapi/inc/class.accounts_ldap.inc.php | 15 +++++++++++---- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/phpgwapi/inc/class.accounts.inc.php b/phpgwapi/inc/class.accounts.inc.php index 0c5edeedf6..c45e44c6e1 100644 --- a/phpgwapi/inc/class.accounts.inc.php +++ b/phpgwapi/inc/class.accounts.inc.php @@ -727,6 +727,7 @@ class accounts { $this->backend->set_memberships($groups, $account_id); + if (!$old_memberships) $old_memberships = array(); self::cache_invalidate(array_unique(array_merge( array($account_id), array_diff($old_memberships, $groups), diff --git a/phpgwapi/inc/class.accounts_ldap.inc.php b/phpgwapi/inc/class.accounts_ldap.inc.php index 95e5021aa6..f0a1f6c302 100644 --- a/phpgwapi/inc/class.accounts_ldap.inc.php +++ b/phpgwapi/inc/class.accounts_ldap.inc.php @@ -1141,6 +1141,10 @@ class accounts_ldap $min = $this->frontend->config['account_min_id'] ? $this->frontend->config['account_min_id'] : 0; $max = $this->frontend->config['account_max_id'] ? $this->frontend->config['account_max_id'] : 0; + // prefer ids above 1000 (below reserved for system users under AD or Linux), + // if that's possible within what is configured, or nothing is configured + if ($min < 1000 && (!$max || $max > 1000)) $min = 1000; + if ($account_type == 'g') { $type = 'groups'; @@ -1154,12 +1158,15 @@ class accounts_ldap /* Loop until we find a free id */ do { - $account_id = (int) $GLOBALS['egw']->common->next_id($type,$min,$max); + $account_id = (int) common::next_id($type,$min,$max); } - while ($account_id && ($this->frontend->exists($sign * $account_id) || $this->frontend->exists(-1 * $sign * $account_id))); // check need to include the sign! + while ($account_id && ($this->frontend->exists($sign * $account_id) || // check need to include the sign! + $this->frontend->exists(-1 * $sign * $account_id) || + // if sambaadmin is installed, call it to check there's not yet a relative id (last part of SID) with that number + // to ease migration to AD or Samba4 + $GLOBALS['egw_info']['apps']['sambaadmin'] && ExecMethod2('sambaadmin.sosambaadmin.sidExists', $account_id))); - if (!$account_id || $this->frontend->config['account_max_id'] && - $account_id > $this->frontend->config['account_max_id']) + if (!$account_id || $max && $account_id > $max) { return False; }