ataxya/dockerwiki
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Ataxya
2021-10-26 13:02:53 +02:00
commit 73843b66ce
4678 changed files with 319494 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

90
content/lib/plugins/authad/action.php Normal file
View File

@@ -0,0 +1,90 @@
<?php
/**
* DokuWiki Plugin addomain (Action Component)
*
* @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html
* @author Andreas Gohr <gohr@cosmocode.de>
*/
/**
* Class action_plugin_addomain
*/
class action_plugin_authad extends DokuWiki_Action_Plugin
{
/**
* Registers a callback function for a given event
*/
public function register(Doku_Event_Handler $controller)
{
$controller->register_hook('AUTH_LOGIN_CHECK', 'BEFORE', $this, 'handleAuthLoginCheck');
$controller->register_hook('HTML_LOGINFORM_OUTPUT', 'BEFORE', $this, 'handleHtmlLoginformOutput');
}
/**
* Adds the selected domain as user postfix when attempting a login
*
* @param Doku_Event $event
* @param array $param
*/
public function handleAuthLoginCheck(Doku_Event $event, $param)
{
global $INPUT;
/** @var auth_plugin_authad $auth */
global $auth;
if (!is_a($auth, 'auth_plugin_authad')) return; // AD not even used
if ($INPUT->str('dom')) {
$usr = $auth->cleanUser($event->data['user']);
$dom = $auth->getUserDomain($usr);
if (!$dom) {
$usr = "$usr@".$INPUT->str('dom');
}
$INPUT->post->set('u', $usr);
$event->data['user'] = $usr;
}
}
/**
* Shows a domain selection in the login form when more than one domain is configured
*
* @param Doku_Event $event
* @param array $param
*/
public function handleHtmlLoginformOutput(Doku_Event $event, $param)
{
global $INPUT;
/** @var auth_plugin_authad $auth */
global $auth;
if (!is_a($auth, 'auth_plugin_authad')) return; // AD not even used
$domains = $auth->getConfiguredDomains();
if (count($domains) <= 1) return; // no choice at all
/** @var Doku_Form $form */
$form =& $event->data;
// any default?
$dom = '';
if ($INPUT->has('u')) {
$usr = $auth->cleanUser($INPUT->str('u'));
$dom = $auth->getUserDomain($usr);
// update user field value
if ($dom) {
$usr = $auth->getUserName($usr);
$pos = $form->findElementByAttribute('name', 'u');
$ele =& $form->getElementAt($pos);
$ele['value'] = $usr;
}
}
// add select box
$element = form_makeListboxField('dom', $domains, $dom, $this->getLang('domain'), '', 'block');
$pos = $form->findElementByAttribute('name', 'p');
$form->insertElement($pos + 1, $element);
}
}
// vim:ts=4:sw=4:et:

949
content/lib/plugins/authad/adLDAP/adLDAP.php Normal file
View File

@@ -0,0 +1,949 @@
<?php
/**
* PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
* Version 4.0.4
*
* PHP Version 5 with SSL and LDAP support
*
* Written by Scott Barnett, Richard Hyland
* email: scott@wiggumworld.com, adldap@richardhyland.com
* http://adldap.sourceforge.net/
*
* Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
*
* We'd appreciate any improvements or additions to be submitted back
* to benefit the entire community :)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* @category ToolsAndUtilities
* @package adLDAP
* @author Scott Barnett, Richard Hyland
* @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
* @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
* @revision $Revision: 169 $
* @version 4.0.4
* @link http://adldap.sourceforge.net/
*/
/**
* Main adLDAP class
*
* Can be initialised using $adldap = new adLDAP();
*
* Something to keep in mind is that Active Directory is a permissions
* based directory. If you bind as a domain user, you can't fetch as
* much information on other users as you could as a domain admin.
*
* Before asking questions, please read the Documentation at
* http://adldap.sourceforge.net/wiki/doku.php?id=api
*/
require_once(dirname(__FILE__) . '/collections/adLDAPCollection.php');
require_once(dirname(__FILE__) . '/classes/adLDAPGroups.php');
require_once(dirname(__FILE__) . '/classes/adLDAPUsers.php');
require_once(dirname(__FILE__) . '/classes/adLDAPFolders.php');
require_once(dirname(__FILE__) . '/classes/adLDAPUtils.php');
require_once(dirname(__FILE__) . '/classes/adLDAPContacts.php');
require_once(dirname(__FILE__) . '/classes/adLDAPExchange.php');
require_once(dirname(__FILE__) . '/classes/adLDAPComputers.php');
class adLDAP {
/**
* Define the different types of account in AD
*/
const ADLDAP_NORMAL_ACCOUNT = 805306368;
const ADLDAP_WORKSTATION_TRUST = 805306369;
const ADLDAP_INTERDOMAIN_TRUST = 805306370;
const ADLDAP_SECURITY_GLOBAL_GROUP = 268435456;
const ADLDAP_DISTRIBUTION_GROUP = 268435457;
const ADLDAP_SECURITY_LOCAL_GROUP = 536870912;
const ADLDAP_DISTRIBUTION_LOCAL_GROUP = 536870913;
const ADLDAP_FOLDER = 'OU';
const ADLDAP_CONTAINER = 'CN';
/**
* The default port for LDAP non-SSL connections
*/
const ADLDAP_LDAP_PORT = '389';
/**
* The default port for LDAPS SSL connections
*/
const ADLDAP_LDAPS_PORT = '636';
/**
* The account suffix for your domain, can be set when the class is invoked
*
* @var string
*/
protected $accountSuffix = "@mydomain.local";
/**
* The base dn for your domain
*
* If this is set to null then adLDAP will attempt to obtain this automatically from the rootDSE
*
* @var string
*/
protected $baseDn = "DC=mydomain,DC=local";
/**
* Port used to talk to the domain controllers.
*
* @var int
*/
protected $adPort = self::ADLDAP_LDAP_PORT;
/**
* Array of domain controllers. Specifiy multiple controllers if you
* would like the class to balance the LDAP queries amongst multiple servers
*
* @var array
*/
protected $domainControllers = array("dc01.mydomain.local");
/**
* Optional account with higher privileges for searching
* This should be set to a domain admin account
*
* @var string
* @var string
*/
protected $adminUsername = NULL;
protected $adminPassword = NULL;
/**
* AD does not return the primary group. http://support.microsoft.com/?kbid=321360
* This tweak will resolve the real primary group.
* Setting to false will fudge "Domain Users" and is much faster. Keep in mind though that if
* someone's primary group is NOT domain users, this is obviously going to mess up the results
*
* @var bool
*/
protected $realPrimaryGroup = true;
/**
* Use SSL (LDAPS), your server needs to be setup, please see
* http://adldap.sourceforge.net/wiki/doku.php?id=ldap_over_ssl
*
* @var bool
*/
protected $useSSL = false;
/**
* Use TLS
* If you wish to use TLS you should ensure that $useSSL is set to false and vice-versa
*
* @var bool
*/
protected $useTLS = false;
/**
* Use SSO
* To indicate to adLDAP to reuse password set by the brower through NTLM or Kerberos
*
* @var bool
*/
protected $useSSO = false;
/**
* When querying group memberships, do it recursively
* eg. User Fred is a member of Group A, which is a member of Group B, which is a member of Group C
* user_ingroup("Fred","C") will returns true with this option turned on, false if turned off
*
* @var bool
*/
protected $recursiveGroups = true;
// You should not need to edit anything below this line
//******************************************************************************************
/**
* Connection and bind default variables
*
* @var mixed
* @var mixed
*/
protected $ldapConnection;
protected $ldapBind;
/**
* Get the active LDAP Connection
*
* @return resource
*/
public function getLdapConnection() {
if ($this->ldapConnection) {
return $this->ldapConnection;
}
return false;
}
/**
* Get the bind status
*
* @return bool
*/
public function getLdapBind() {
return $this->ldapBind;
}
/**
* Get the current base DN
*
* @return string
*/
public function getBaseDn() {
return $this->baseDn;
}
/**
* The group class
*
* @var adLDAPGroups
*/
protected $groupClass;
/**
* Get the group class interface
*
* @return adLDAPGroups
*/
public function group() {
if (!$this->groupClass) {
$this->groupClass = new adLDAPGroups($this);
}
return $this->groupClass;
}
/**
* The user class
*
* @var adLDAPUsers
*/
protected $userClass;
/**
* Get the userclass interface
*
* @return adLDAPUsers
*/
public function user() {
if (!$this->userClass) {
$this->userClass = new adLDAPUsers($this);
}
return $this->userClass;
}
/**
* The folders class
*
* @var adLDAPFolders
*/
protected $folderClass;
/**
* Get the folder class interface
*
* @return adLDAPFolders
*/
public function folder() {
if (!$this->folderClass) {
$this->folderClass = new adLDAPFolders($this);
}
return $this->folderClass;
}
/**
* The utils class
*
* @var adLDAPUtils
*/
protected $utilClass;
/**
* Get the utils class interface
*
* @return adLDAPUtils
*/
public function utilities() {
if (!$this->utilClass) {
$this->utilClass = new adLDAPUtils($this);
}
return $this->utilClass;
}
/**
* The contacts class
*
* @var adLDAPContacts
*/
protected $contactClass;
/**
* Get the contacts class interface
*
* @return adLDAPContacts
*/
public function contact() {
if (!$this->contactClass) {
$this->contactClass = new adLDAPContacts($this);
}
return $this->contactClass;
}
/**
* The exchange class
*
* @var adLDAPExchange
*/
protected $exchangeClass;
/**
* Get the exchange class interface
*
* @return adLDAPExchange
*/
public function exchange() {
if (!$this->exchangeClass) {
$this->exchangeClass = new adLDAPExchange($this);
}
return $this->exchangeClass;
}
/**
* The computers class
*
* @var adLDAPComputers
*/
protected $computersClass;
/**
* Get the computers class interface
*
* @return adLDAPComputers
*/
public function computer() {
if (!$this->computerClass) {
$this->computerClass = new adLDAPComputers($this);
}
return $this->computerClass;
}
/**
* Getters and Setters
*/
/**
* Set the account suffix
*
* @param string $accountSuffix
* @return void
*/
public function setAccountSuffix($accountSuffix)
{
$this->accountSuffix = $accountSuffix;
}
/**
* Get the account suffix
*
* @return string
*/
public function getAccountSuffix()
{
return $this->accountSuffix;
}
/**
* Set the domain controllers array
*
* @param array $domainControllers
* @return void
*/
public function setDomainControllers(array $domainControllers)
{
$this->domainControllers = $domainControllers;
}
/**
* Get the list of domain controllers
*
* @return void
*/
public function getDomainControllers()
{
return $this->domainControllers;
}
/**
* Sets the port number your domain controller communicates over
*
* @param int $adPort
*/
public function setPort($adPort)
{
$this->adPort = $adPort;
}
/**
* Gets the port number your domain controller communicates over
*
* @return int
*/
public function getPort()
{
return $this->adPort;
}
/**
* Set the username of an account with higher priviledges
*
* @param string $adminUsername
* @return void
*/
public function setAdminUsername($adminUsername)
{
$this->adminUsername = $adminUsername;
}
/**
* Get the username of the account with higher priviledges
*
* This will throw an exception for security reasons
*/
public function getAdminUsername()
{
throw new adLDAPException('For security reasons you cannot access the domain administrator account details');
}
/**
* Set the password of an account with higher priviledges
*
* @param string $adminPassword
* @return void
*/
public function setAdminPassword($adminPassword)
{
$this->adminPassword = $adminPassword;
}
/**
* Get the password of the account with higher priviledges
*
* This will throw an exception for security reasons
*/
public function getAdminPassword()
{
throw new adLDAPException('For security reasons you cannot access the domain administrator account details');
}
/**
* Set whether to detect the true primary group
*
* @param bool $realPrimaryGroup
* @return void
*/
public function setRealPrimaryGroup($realPrimaryGroup)
{
$this->realPrimaryGroup = $realPrimaryGroup;
}
/**
* Get the real primary group setting
*
* @return bool
*/
public function getRealPrimaryGroup()
{
return $this->realPrimaryGroup;
}
/**
* Set whether to use SSL
*
* @param bool $useSSL
* @return void
*/
public function setUseSSL($useSSL)
{
$this->useSSL = $useSSL;
// Set the default port correctly
if($this->useSSL) {
$this->setPort(self::ADLDAP_LDAPS_PORT);
}
else {
$this->setPort(self::ADLDAP_LDAP_PORT);
}
}
/**
* Get the SSL setting
*
* @return bool
*/
public function getUseSSL()
{
return $this->useSSL;
}
/**
* Set whether to use TLS
*
* @param bool $useTLS
* @return void
*/
public function setUseTLS($useTLS)
{
$this->useTLS = $useTLS;
}
/**
* Get the TLS setting
*
* @return bool
*/
public function getUseTLS()
{
return $this->useTLS;
}
/**
* Set whether to use SSO
* Requires ldap_sasl_bind support. Be sure --with-ldap-sasl is used when configuring PHP otherwise this function will be undefined.
*
* @param bool $useSSO
* @return void
*/
public function setUseSSO($useSSO)
{
if ($useSSO === true && !$this->ldapSaslSupported()) {
throw new adLDAPException('No LDAP SASL support for PHP. See: http://php.net/ldap_sasl_bind');
}
$this->useSSO = $useSSO;
}
/**
* Get the SSO setting
*
* @return bool
*/
public function getUseSSO()
{
return $this->useSSO;
}
/**
* Set whether to lookup recursive groups
*
* @param bool $recursiveGroups
* @return void
*/
public function setRecursiveGroups($recursiveGroups)
{
$this->recursiveGroups = $recursiveGroups;
}
/**
* Get the recursive groups setting
*
* @return bool
*/
public function getRecursiveGroups()
{
return $this->recursiveGroups;
}
/**
* Default Constructor
*
* Tries to bind to the AD domain over LDAP or LDAPs
*
* @param array $options Array of options to pass to the constructor
* @throws Exception - if unable to bind to Domain Controller
* @return bool
*/
function __construct($options = array()) {
// You can specifically overide any of the default configuration options setup above
if (count($options) > 0) {
if (array_key_exists("account_suffix",$options)){ $this->accountSuffix = $options["account_suffix"]; }
if (array_key_exists("base_dn",$options)){ $this->baseDn = $options["base_dn"]; }
if (array_key_exists("domain_controllers",$options)){
if (!is_array($options["domain_controllers"])) {
throw new adLDAPException('[domain_controllers] option must be an array');
}
$this->domainControllers = $options["domain_controllers"];
}
if (array_key_exists("admin_username",$options)){ $this->adminUsername = $options["admin_username"]; }
if (array_key_exists("admin_password",$options)){ $this->adminPassword = $options["admin_password"]; }
if (array_key_exists("real_primarygroup",$options)){ $this->realPrimaryGroup = $options["real_primarygroup"]; }
if (array_key_exists("use_ssl",$options)){ $this->setUseSSL($options["use_ssl"]); }
if (array_key_exists("use_tls",$options)){ $this->useTLS = $options["use_tls"]; }
if (array_key_exists("recursive_groups",$options)){ $this->recursiveGroups = $options["recursive_groups"]; }
if (array_key_exists("ad_port",$options)){ $this->setPort($options["ad_port"]); }
if (array_key_exists("sso",$options)) {
$this->setUseSSO($options["sso"]);
if (!$this->ldapSaslSupported()) {
$this->setUseSSO(false);
}
}
}
if ($this->ldapSupported() === false) {
throw new adLDAPException('No LDAP support for PHP. See: http://php.net/ldap');
}
return $this->connect();
}
/**
* Default Destructor
*
* Closes the LDAP connection
*
* @return void
*/
function __destruct() {
$this->close();
}
/**
* Connects and Binds to the Domain Controller
*
* @return bool
*/
public function connect()
{
// Connect to the AD/LDAP server as the username/password
$domainController = $this->randomController();
if ($this->useSSL) {
$this->ldapConnection = ldap_connect("ldaps://" . $domainController, $this->adPort);
} else {
$this->ldapConnection = ldap_connect($domainController, $this->adPort);
}
// Set some ldap options for talking to AD
ldap_set_option($this->ldapConnection, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($this->ldapConnection, LDAP_OPT_REFERRALS, 0);
if ($this->useTLS) {
ldap_start_tls($this->ldapConnection);
}
// Bind as a domain admin if they've set it up
if ($this->adminUsername !== NULL && $this->adminPassword !== NULL) {
$this->ldapBind = @ldap_bind($this->ldapConnection, $this->adminUsername . $this->accountSuffix, $this->adminPassword);
if (!$this->ldapBind) {
if ($this->useSSL && !$this->useTLS) {
// If you have problems troubleshooting, remove the @ character from the ldapldapBind command above to get the actual error message
throw new adLDAPException('Bind to Active Directory failed. Either the LDAPs connection failed or the login credentials are incorrect. AD said: ' . $this->getLastError());
}
else {
throw new adLDAPException('Bind to Active Directory failed. Check the login credentials and/or server details. AD said: ' . $this->getLastError());
}
}
}
if ($this->useSSO && $_SERVER['REMOTE_USER'] && $this->adminUsername === null && $_SERVER['KRB5CCNAME']) {
putenv("KRB5CCNAME=" . $_SERVER['KRB5CCNAME']);
$this->ldapBind = @ldap_sasl_bind($this->ldapConnection, NULL, NULL, "GSSAPI");
if (!$this->ldapBind){
throw new adLDAPException('Rebind to Active Directory failed. AD said: ' . $this->getLastError());
}
else {
return true;
}
}
if ($this->baseDn == NULL) {
$this->baseDn = $this->findBaseDn();
}
return true;
}
/**
* Closes the LDAP connection
*
* @return void
*/
public function close() {
if ($this->ldapConnection) {
@ldap_close($this->ldapConnection);
}
}
/**
* Validate a user's login credentials
*
* @param string $username A user's AD username
* @param string $password A user's AD password
* @param bool optional $preventRebind
* @return bool
*/
public function authenticate($username, $password, $preventRebind = false) {
// Prevent null binding
if ($username === NULL || $password === NULL) { return false; }
if (empty($username) || empty($password)) { return false; }
// Allow binding over SSO for Kerberos
if ($this->useSSO && $_SERVER['REMOTE_USER'] && $_SERVER['REMOTE_USER'] == $username && $this->adminUsername === NULL && $_SERVER['KRB5CCNAME']) {
putenv("KRB5CCNAME=" . $_SERVER['KRB5CCNAME']);
$this->ldapBind = @ldap_sasl_bind($this->ldapConnection, NULL, NULL, "GSSAPI");
if (!$this->ldapBind) {
throw new adLDAPException('Rebind to Active Directory failed. AD said: ' . $this->getLastError());
}
else {
return true;
}
}
// Bind as the user
$ret = true;
$this->ldapBind = @ldap_bind($this->ldapConnection, $username . $this->accountSuffix, $password);
if (!$this->ldapBind){
$ret = false;
}
// Cnce we've checked their details, kick back into admin mode if we have it
if ($this->adminUsername !== NULL && !$preventRebind) {
$this->ldapBind = @ldap_bind($this->ldapConnection, $this->adminUsername . $this->accountSuffix , $this->adminPassword);
if (!$this->ldapBind){
// This should never happen in theory
throw new adLDAPException('Rebind to Active Directory failed. AD said: ' . $this->getLastError());
}
}
return $ret;
}
/**
* Find the Base DN of your domain controller
*
* @return string
*/
public function findBaseDn()
{
$namingContext = $this->getRootDse(array('defaultnamingcontext'));
return $namingContext[0]['defaultnamingcontext'][0];
}
/**
* Get the RootDSE properties from a domain controller
*
* @param array $attributes The attributes you wish to query e.g. defaultnamingcontext
* @return array
*/
public function getRootDse($attributes = array("*", "+")) {
if (!$this->ldapBind){ return (false); }
$sr = @ldap_read($this->ldapConnection, NULL, 'objectClass=*', $attributes);
$entries = @ldap_get_entries($this->ldapConnection, $sr);
return $entries;
}
/**
* Get last error from Active Directory
*
* This function gets the last message from Active Directory
* This may indeed be a 'Success' message but if you get an unknown error
* it might be worth calling this function to see what errors were raised
*
* return string
*/
public function getLastError() {
return @ldap_error($this->ldapConnection);
}
/**
* Detect LDAP support in php
*
* @return bool
*/
protected function ldapSupported()
{
if (!function_exists('ldap_connect')) {
return false;
}
return true;
}
/**
* Detect ldap_sasl_bind support in PHP
*
* @return bool
*/
protected function ldapSaslSupported()
{
if (!function_exists('ldap_sasl_bind')) {
return false;
}
return true;
}
/**
* Schema
*
* @param array $attributes Attributes to be queried
* @return array
*/
public function adldap_schema($attributes){
// LDAP doesn't like NULL attributes, only set them if they have values
// If you wish to remove an attribute you should set it to a space
// TO DO: Adapt user_modify to use ldap_mod_delete to remove a NULL attribute
$mod=array();
// Check every attribute to see if it contains 8bit characters and then UTF8 encode them
array_walk($attributes, array($this, 'encode8bit'));
if ($attributes["address_city"]){ $mod["l"][0]=$attributes["address_city"]; }
if ($attributes["address_code"]){ $mod["postalCode"][0]=$attributes["address_code"]; }
//if ($attributes["address_country"]){ $mod["countryCode"][0]=$attributes["address_country"]; } // use country codes?
if ($attributes["address_country"]){ $mod["c"][0]=$attributes["address_country"]; }
if ($attributes["address_pobox"]){ $mod["postOfficeBox"][0]=$attributes["address_pobox"]; }
if ($attributes["address_state"]){ $mod["st"][0]=$attributes["address_state"]; }
if ($attributes["address_street"]){ $mod["streetAddress"][0]=$attributes["address_street"]; }
if ($attributes["company"]){ $mod["company"][0]=$attributes["company"]; }
if ($attributes["change_password"]){ $mod["pwdLastSet"][0]=0; }
if ($attributes["department"]){ $mod["department"][0]=$attributes["department"]; }
if ($attributes["description"]){ $mod["description"][0]=$attributes["description"]; }
if ($attributes["display_name"]){ $mod["displayName"][0]=$attributes["display_name"]; }
if ($attributes["email"]){ $mod["mail"][0]=$attributes["email"]; }
if ($attributes["expires"]){ $mod["accountExpires"][0]=$attributes["expires"]; } //unix epoch format?
if ($attributes["firstname"]){ $mod["givenName"][0]=$attributes["firstname"]; }
if ($attributes["home_directory"]){ $mod["homeDirectory"][0]=$attributes["home_directory"]; }
if ($attributes["home_drive"]){ $mod["homeDrive"][0]=$attributes["home_drive"]; }
if ($attributes["initials"]){ $mod["initials"][0]=$attributes["initials"]; }
if ($attributes["logon_name"]){ $mod["userPrincipalName"][0]=$attributes["logon_name"]; }
if ($attributes["manager"]){ $mod["manager"][0]=$attributes["manager"]; } //UNTESTED ***Use DistinguishedName***
if ($attributes["office"]){ $mod["physicalDeliveryOfficeName"][0]=$attributes["office"]; }
if ($attributes["password"]){ $mod["unicodePwd"][0]=$this->user()->encodePassword($attributes["password"]); }
if ($attributes["profile_path"]){ $mod["profilepath"][0]=$attributes["profile_path"]; }
if ($attributes["script_path"]){ $mod["scriptPath"][0]=$attributes["script_path"]; }
if ($attributes["surname"]){ $mod["sn"][0]=$attributes["surname"]; }
if ($attributes["title"]){ $mod["title"][0]=$attributes["title"]; }
if ($attributes["telephone"]){ $mod["telephoneNumber"][0]=$attributes["telephone"]; }
if ($attributes["mobile"]){ $mod["mobile"][0]=$attributes["mobile"]; }
if ($attributes["pager"]){ $mod["pager"][0]=$attributes["pager"]; }
if ($attributes["ipphone"]){ $mod["ipphone"][0]=$attributes["ipphone"]; }
if ($attributes["web_page"]){ $mod["wWWHomePage"][0]=$attributes["web_page"]; }
if ($attributes["fax"]){ $mod["facsimileTelephoneNumber"][0]=$attributes["fax"]; }
if ($attributes["enabled"]){ $mod["userAccountControl"][0]=$attributes["enabled"]; }
if ($attributes["homephone"]){ $mod["homephone"][0]=$attributes["homephone"]; }
// Distribution List specific schema
if ($attributes["group_sendpermission"]){ $mod["dlMemSubmitPerms"][0]=$attributes["group_sendpermission"]; }
if ($attributes["group_rejectpermission"]){ $mod["dlMemRejectPerms"][0]=$attributes["group_rejectpermission"]; }
// Exchange Schema
if ($attributes["exchange_homemdb"]){ $mod["homeMDB"][0]=$attributes["exchange_homemdb"]; }
if ($attributes["exchange_mailnickname"]){ $mod["mailNickname"][0]=$attributes["exchange_mailnickname"]; }
if ($attributes["exchange_proxyaddress"]){ $mod["proxyAddresses"][0]=$attributes["exchange_proxyaddress"]; }
if ($attributes["exchange_usedefaults"]){ $mod["mDBUseDefaults"][0]=$attributes["exchange_usedefaults"]; }
if ($attributes["exchange_policyexclude"]){ $mod["msExchPoliciesExcluded"][0]=$attributes["exchange_policyexclude"]; }
if ($attributes["exchange_policyinclude"]){ $mod["msExchPoliciesIncluded"][0]=$attributes["exchange_policyinclude"]; }
if ($attributes["exchange_addressbook"]){ $mod["showInAddressBook"][0]=$attributes["exchange_addressbook"]; }
if ($attributes["exchange_altrecipient"]){ $mod["altRecipient"][0]=$attributes["exchange_altrecipient"]; }
if ($attributes["exchange_deliverandredirect"]){ $mod["deliverAndRedirect"][0]=$attributes["exchange_deliverandredirect"]; }
// This schema is designed for contacts
if ($attributes["exchange_hidefromlists"]){ $mod["msExchHideFromAddressLists"][0]=$attributes["exchange_hidefromlists"]; }
if ($attributes["contact_email"]){ $mod["targetAddress"][0]=$attributes["contact_email"]; }
//echo ("<pre>"); print_r($mod);
/*
// modifying a name is a bit fiddly
if ($attributes["firstname"] && $attributes["surname"]){
$mod["cn"][0]=$attributes["firstname"]." ".$attributes["surname"];
$mod["displayname"][0]=$attributes["firstname"]." ".$attributes["surname"];
$mod["name"][0]=$attributes["firstname"]." ".$attributes["surname"];
}
*/
if (count($mod)==0){ return (false); }
return ($mod);
}
/**
* Convert 8bit characters e.g. accented characters to UTF8 encoded characters
*/
protected function encode8Bit(&$item, $key) {
$encode = false;
if (is_string($item)) {
for ($i=0; $i<strlen($item); $i++) {
if (ord($item[$i]) >> 7) {
$encode = true;
}
}
}
if ($encode === true && $key != 'password') {
$item = utf8_encode($item);
}
}
/**
* Select a random domain controller from your domain controller array
*
* @return string
*/
protected function randomController()
{
mt_srand(doubleval(microtime()) * 100000000); // For older PHP versions
/*if (sizeof($this->domainControllers) > 1) {
$adController = $this->domainControllers[array_rand($this->domainControllers)];
// Test if the controller is responding to pings
$ping = $this->pingController($adController);
if ($ping === false) {
// Find the current key in the domain controllers array
$key = array_search($adController, $this->domainControllers);
// Remove it so that we don't end up in a recursive loop
unset($this->domainControllers[$key]);
// Select a new controller
return $this->randomController();
}
else {
return ($adController);
}
} */
return $this->domainControllers[array_rand($this->domainControllers)];
}
/**
* Test basic connectivity to controller
*
* @return bool
*/
protected function pingController($host) {
$port = $this->adPort;
fsockopen($host, $port, $errno, $errstr, 10);
if ($errno > 0) {
return false;
}
return true;
}
}
/**
* adLDAP Exception Handler
*
* Exceptions of this type are thrown on bind failure or when SSL is required but not configured
* Example:
* try {
* $adldap = new adLDAP();
* }
* catch (adLDAPException $e) {
* echo $e;
* exit();
* }
*/
class adLDAPException extends Exception {}

153
content/lib/plugins/authad/adLDAP/classes/adLDAPComputers.php Normal file
View File

@@ -0,0 +1,153 @@
<?php
/**
* PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
* Version 4.0.4
*
* PHP Version 5 with SSL and LDAP support
*
* Written by Scott Barnett, Richard Hyland
* email: scott@wiggumworld.com, adldap@richardhyland.com
* http://adldap.sourceforge.net/
*
* Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
*
* We'd appreciate any improvements or additions to be submitted back
* to benefit the entire community :)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* @category ToolsAndUtilities
* @package adLDAP
* @subpackage Computers
* @author Scott Barnett, Richard Hyland
* @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
* @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
* @revision $Revision: 97 $
* @version 4.0.4
* @link http://adldap.sourceforge.net/
*/
require_once(dirname(__FILE__) . '/../adLDAP.php');
require_once(dirname(__FILE__) . '/../collections/adLDAPComputerCollection.php');
/**
* COMPUTER MANAGEMENT FUNCTIONS
*/
class adLDAPComputers {
/**
* The current adLDAP connection via dependency injection
*
* @var adLDAP
*/
protected $adldap;
public function __construct(adLDAP $adldap) {
$this->adldap = $adldap;
}
/**
* Get information about a specific computer. Returned in a raw array format from AD
*
* @param string $computerName The name of the computer
* @param array $fields Attributes to return
* @return array
*/
public function info($computerName, $fields = NULL)
{
if ($computerName === NULL) { return false; }
if (!$this->adldap->getLdapBind()) { return false; }
$filter = "(&(objectClass=computer)(cn=" . $computerName . "))";
if ($fields === NULL) {
$fields = array("memberof","cn","displayname","dnshostname","distinguishedname","objectcategory","operatingsystem","operatingsystemservicepack","operatingsystemversion");
}
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
return $entries;
}
/**
* Find information about the computers. Returned in a raw array format from AD
*
* @param string $computerName The name of the computer
* @param array $fields Array of parameters to query
* @return mixed
*/
public function infoCollection($computerName, $fields = NULL)
{
if ($computerName === NULL) { return false; }
if (!$this->adldap->getLdapBind()) { return false; }
$info = $this->info($computerName, $fields);
if ($info !== false) {
$collection = new adLDAPComputerCollection($info, $this->adldap);
return $collection;
}
return false;
}
/**
* Check if a computer is in a group
*
* @param string $computerName The name of the computer
* @param string $group The group to check
* @param bool $recursive Whether to check recursively
* @return array
*/
public function inGroup($computerName, $group, $recursive = NULL)
{
if ($computerName === NULL) { return false; }
if ($group === NULL) { return false; }
if (!$this->adldap->getLdapBind()) { return false; }
if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } // use the default option if they haven't set it
//get a list of the groups
$groups = $this->groups($computerName, array("memberof"), $recursive);
//return true if the specified group is in the group list
if (in_array($group, $groups)){
return true;
}
return false;
}
/**
* Get the groups a computer is in
*
* @param string $computerName The name of the computer
* @param bool $recursive Whether to check recursively
* @return array
*/
public function groups($computerName, $recursive = NULL)
{
if ($computerName === NULL) { return false; }
if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it
if (!$this->adldap->getLdapBind()){ return false; }
//search the directory for their information
$info = @$this->info($computerName, array("memberof", "primarygroupid"));
$groups = $this->adldap->utilities()->niceNames($info[0]["memberof"]); //presuming the entry returned is our guy (unique usernames)
if ($recursive === true) {
foreach ($groups as $id => $groupName){
$extraGroups = $this->adldap->group()->recursiveGroups($groupName);
$groups = array_merge($groups, $extraGroups);
}
}
return $groups;
}
}
?>

294
content/lib/plugins/authad/adLDAP/classes/adLDAPContacts.php Normal file
View File

@@ -0,0 +1,294 @@
<?php
/**
* PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
* Version 4.0.4
*
* PHP Version 5 with SSL and LDAP support
*
* Written by Scott Barnett, Richard Hyland
* email: scott@wiggumworld.com, adldap@richardhyland.com
* http://adldap.sourceforge.net/
*
* Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
*
* We'd appreciate any improvements or additions to be submitted back
* to benefit the entire community :)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* @category ToolsAndUtilities
* @package adLDAP
* @subpackage Contacts
* @author Scott Barnett, Richard Hyland
* @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
* @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
* @revision $Revision: 97 $
* @version 4.0.4
* @link http://adldap.sourceforge.net/
*/
require_once(dirname(__FILE__) . '/../adLDAP.php');
require_once(dirname(__FILE__) . '/../collections/adLDAPContactCollection.php');
class adLDAPContacts {
/**
* The current adLDAP connection via dependency injection
*
* @var adLDAP
*/
protected $adldap;
public function __construct(adLDAP $adldap) {
$this->adldap = $adldap;
}
//*****************************************************************************************************************
// CONTACT FUNCTIONS
// * Still work to do in this area, and new functions to write
/**
* Create a contact
*
* @param array $attributes The attributes to set to the contact
* @return bool
*/
public function create($attributes)
{
// Check for compulsory fields
if (!array_key_exists("display_name", $attributes)) { return "Missing compulsory field [display_name]"; }
if (!array_key_exists("email", $attributes)) { return "Missing compulsory field [email]"; }
if (!array_key_exists("container", $attributes)) { return "Missing compulsory field [container]"; }
if (!is_array($attributes["container"])) { return "Container attribute must be an array."; }
// Translate the schema
$add = $this->adldap->adldap_schema($attributes);
// Additional stuff only used for adding contacts
$add["cn"][0] = $attributes["display_name"];
$add["objectclass"][0] = "top";
$add["objectclass"][1] = "person";
$add["objectclass"][2] = "organizationalPerson";
$add["objectclass"][3] = "contact";
if (!isset($attributes['exchange_hidefromlists'])) {
$add["msExchHideFromAddressLists"][0] = "TRUE";
}
// Determine the container
$attributes["container"] = array_reverse($attributes["container"]);
$container= "OU=" . implode(",OU=", $attributes["container"]);
// Add the entry
$result = @ldap_add($this->adldap->getLdapConnection(), "CN=" . $this->adldap->utilities()->escapeCharacters($add["cn"][0]) . ", " . $container . "," . $this->adldap->getBaseDn(), $add);
if ($result != true) {
return false;
}
return true;
}
/**
* Determine the list of groups a contact is a member of
*
* @param string $distinguisedname The full DN of a contact
* @param bool $recursive Recursively check groups
* @return array
*/
public function groups($distinguishedName, $recursive = NULL)
{
if ($distinguishedName === NULL) { return false; }
if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it
if (!$this->adldap->getLdapBind()){ return false; }
// Search the directory for their information
$info = @$this->info($distinguishedName, array("memberof", "primarygroupid"));
$groups = $this->adldap->utilities()->niceNames($info[0]["memberof"]); //presuming the entry returned is our contact
if ($recursive === true){
foreach ($groups as $id => $groupName){
$extraGroups = $this->adldap->group()->recursiveGroups($groupName);
$groups = array_merge($groups, $extraGroups);
}
}
return $groups;
}
/**
* Get contact information. Returned in a raw array format from AD
*
* @param string $distinguisedname The full DN of a contact
* @param array $fields Attributes to be returned
* @return array
*/
public function info($distinguishedName, $fields = NULL)
{
if ($distinguishedName === NULL) { return false; }
if (!$this->adldap->getLdapBind()) { return false; }
$filter = "distinguishedName=" . $distinguishedName;
if ($fields === NULL) {
$fields = array("distinguishedname", "mail", "memberof", "department", "displayname", "telephonenumber", "primarygroupid", "objectsid");
}
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
if ($entries[0]['count'] >= 1) {
// AD does not return the primary group in the ldap query, we may need to fudge it
if ($this->adldap->getRealPrimaryGroup() && isset($entries[0]["primarygroupid"][0]) && isset($entries[0]["primarygroupid"][0])){
//$entries[0]["memberof"][]=$this->group_cn($entries[0]["primarygroupid"][0]);
$entries[0]["memberof"][] = $this->adldap->group()->getPrimaryGroup($entries[0]["primarygroupid"][0], $entries[0]["objectsid"][0]);
} else {
$entries[0]["memberof"][] = "CN=Domain Users,CN=Users," . $this->adldap->getBaseDn();
}
}
$entries[0]["memberof"]["count"]++;
return $entries;
}
/**
* Find information about the contacts. Returned in a raw array format from AD
*
* @param string $distinguishedName The full DN of a contact
* @param array $fields Array of parameters to query
* @return mixed
*/
public function infoCollection($distinguishedName, $fields = NULL)
{
if ($distinguishedName === NULL) { return false; }
if (!$this->adldap->getLdapBind()) { return false; }
$info = $this->info($distinguishedName, $fields);
if ($info !== false) {
$collection = new adLDAPContactCollection($info, $this->adldap);
return $collection;
}
return false;
}
/**
* Determine if a contact is a member of a group
*
* @param string $distinguisedName The full DN of a contact
* @param string $group The group name to query
* @param bool $recursive Recursively check groups
* @return bool
*/
public function inGroup($distinguisedName, $group, $recursive = NULL)
{
if ($distinguisedName === NULL) { return false; }
if ($group === NULL) { return false; }
if (!$this->adldap->getLdapBind()) { return false; }
if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it
// Get a list of the groups
$groups = $this->groups($distinguisedName, array("memberof"), $recursive);
// Return true if the specified group is in the group list
if (in_array($group, $groups)){
return true;
}
return false;
}
/**
* Modify a contact
*
* @param string $distinguishedName The contact to query
* @param array $attributes The attributes to modify. Note if you set the enabled attribute you must not specify any other attributes
* @return bool
*/
public function modify($distinguishedName, $attributes) {
if ($distinguishedName === NULL) { return "Missing compulsory field [distinguishedname]"; }
// Translate the update to the LDAP schema
$mod = $this->adldap->adldap_schema($attributes);
// Check to see if this is an enabled status update
if (!$mod) {
return false;
}
// Do the update
$result = ldap_modify($this->adldap->getLdapConnection(), $distinguishedName, $mod);
if ($result == false) {
return false;
}
return true;
}
/**
* Delete a contact
*
* @param string $distinguishedName The contact dn to delete (please be careful here!)
* @return array
*/
public function delete($distinguishedName)
{
$result = $this->folder()->delete($distinguishedName);
if ($result != true) {
return false;
}
return true;
}
/**
* Return a list of all contacts
*
* @param bool $includeDescription Include a description of a contact
* @param string $search The search parameters
* @param bool $sorted Whether to sort the results
* @return array
*/
public function all($includeDescription = false, $search = "*", $sorted = true) {
if (!$this->adldap->getLdapBind()) { return false; }
// Perform the search and grab all their details
$filter = "(&(objectClass=contact)(cn=" . $search . "))";
$fields = array("displayname","distinguishedname");
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
$usersArray = array();
for ($i=0; $i<$entries["count"]; $i++){
if ($includeDescription && strlen($entries[$i]["displayname"][0])>0){
$usersArray[$entries[$i]["distinguishedname"][0]] = $entries[$i]["displayname"][0];
} elseif ($includeDescription){
$usersArray[$entries[$i]["distinguishedname"][0]] = $entries[$i]["distinguishedname"][0];
} else {
array_push($usersArray, $entries[$i]["distinguishedname"][0]);
}
}
if ($sorted) {
asort($usersArray);
}
return $usersArray;
}
/**
* Mail enable a contact
* Allows email to be sent to them through Exchange
*
* @param string $distinguishedname The contact to mail enable
* @param string $emailaddress The email address to allow emails to be sent through
* @param string $mailnickname The mailnickname for the contact in Exchange. If NULL this will be set to the display name
* @return bool
*/
public function contactMailEnable($distinguishedName, $emailAddress, $mailNickname = NULL){
return $this->adldap->exchange()->contactMailEnable($distinguishedName, $emailAddress, $mailNickname);
}
}
?>

390
content/lib/plugins/authad/adLDAP/classes/adLDAPExchange.php Normal file
View File

@@ -0,0 +1,390 @@
<?php
/**
* PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
* Version 4.0.4
*
* PHP Version 5 with SSL and LDAP support
*
* Written by Scott Barnett, Richard Hyland
* email: scott@wiggumworld.com, adldap@richardhyland.com
* http://adldap.sourceforge.net/
*
* Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
*
* We'd appreciate any improvements or additions to be submitted back
* to benefit the entire community :)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* @category ToolsAndUtilities
* @package adLDAP
* @subpackage Exchange
* @author Scott Barnett, Richard Hyland
* @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
* @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
* @revision $Revision: 97 $
* @version 4.0.4
* @link http://adldap.sourceforge.net/
*/
require_once(dirname(__FILE__) . '/../adLDAP.php');
/**
* MICROSOFT EXCHANGE FUNCTIONS
*/
class adLDAPExchange {
/**
* The current adLDAP connection via dependency injection
*
* @var adLDAP
*/
protected $adldap;
public function __construct(adLDAP $adldap) {
$this->adldap = $adldap;
}
/**
* Create an Exchange account
*
* @param string $username The username of the user to add the Exchange account to
* @param array $storageGroup The mailbox, Exchange Storage Group, for the user account, this must be a full CN
* If the storage group has a different base_dn to the adLDAP configuration, set it using $base_dn
* @param string $emailAddress The primary email address to add to this user
* @param string $mailNickname The mail nick name. If mail nickname is blank, the username will be used
* @param bool $mdbUseDefaults Indicates whether the store should use the default quota, rather than the per-mailbox quota.
* @param string $baseDn Specify an alternative base_dn for the Exchange storage group
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return bool
*/
public function createMailbox($username, $storageGroup, $emailAddress, $mailNickname=NULL, $useDefaults=TRUE, $baseDn=NULL, $isGUID=false)
{
if ($username === NULL){ return "Missing compulsory field [username]"; }
if ($storageGroup === NULL) { return "Missing compulsory array [storagegroup]"; }
if (!is_array($storageGroup)) { return "[storagegroup] must be an array"; }
if ($emailAddress === NULL) { return "Missing compulsory field [emailAddress]"; }
if ($baseDn === NULL) {
$baseDn = $this->adldap->getBaseDn();
}
$container = "CN=" . implode(",CN=", $storageGroup);
if ($mailNickname === NULL) {
$mailNickname = $username;
}
$mdbUseDefaults = $this->adldap->utilities()->boolToString($useDefaults);
$attributes = array(
'exchange_homemdb'=>$container.",".$baseDn,
'exchange_proxyaddress'=>'SMTP:' . $emailAddress,
'exchange_mailnickname'=>$mailNickname,
'exchange_usedefaults'=>$mdbUseDefaults
);
$result = $this->adldap->user()->modify($username, $attributes, $isGUID);
if ($result == false) {
return false;
}
return true;
}
/**
* Add an X400 address to Exchange
* See http://tools.ietf.org/html/rfc1685 for more information.
* An X400 Address looks similar to this X400:c=US;a= ;p=Domain;o=Organization;s=Doe;g=John;
*
* @param string $username The username of the user to add the X400 to to
* @param string $country Country
* @param string $admd Administration Management Domain
* @param string $pdmd Private Management Domain (often your AD domain)
* @param string $org Organization
* @param string $surname Surname
* @param string $givenName Given name
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return bool
*/
public function addX400($username, $country, $admd, $pdmd, $org, $surname, $givenName, $isGUID=false)
{
if ($username === NULL){ return "Missing compulsory field [username]"; }
$proxyValue = 'X400:';
// Find the dn of the user
$user = $this->adldap->user()->info($username, array("cn","proxyaddresses"), $isGUID);
if ($user[0]["dn"] === NULL) { return false; }
$userDn = $user[0]["dn"];
// We do not have to demote an email address from the default so we can just add the new proxy address
$attributes['exchange_proxyaddress'] = $proxyValue . 'c=' . $country . ';a=' . $admd . ';p=' . $pdmd . ';o=' . $org . ';s=' . $surname . ';g=' . $givenName . ';';
// Translate the update to the LDAP schema
$add = $this->adldap->adldap_schema($attributes);
if (!$add) { return false; }
// Do the update
// Take out the @ to see any errors, usually this error might occur because the address already
// exists in the list of proxyAddresses
$result = @ldap_mod_add($this->adldap->getLdapConnection(), $userDn, $add);
if ($result == false) {
return false;
}
return true;
}
/**
* Add an address to Exchange
*
* @param string $username The username of the user to add the Exchange account to
* @param string $emailAddress The email address to add to this user
* @param bool $default Make this email address the default address, this is a bit more intensive as we have to demote any existing default addresses
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return bool
*/
public function addAddress($username, $emailAddress, $default = FALSE, $isGUID = false)
{
if ($username === NULL) { return "Missing compulsory field [username]"; }
if ($emailAddress === NULL) { return "Missing compulsory fields [emailAddress]"; }
$proxyValue = 'smtp:';
if ($default === true) {
$proxyValue = 'SMTP:';
}
// Find the dn of the user
$user = $this->adldap->user()->info($username, array("cn","proxyaddresses"), $isGUID);
if ($user[0]["dn"] === NULL){ return false; }
$userDn = $user[0]["dn"];
// We need to scan existing proxy addresses and demote the default one
if (is_array($user[0]["proxyaddresses"]) && $default === true) {
$modAddresses = array();
for ($i=0;$i<sizeof($user[0]['proxyaddresses']);$i++) {
if (strstr($user[0]['proxyaddresses'][$i], 'SMTP:') !== false) {
$user[0]['proxyaddresses'][$i] = str_replace('SMTP:', 'smtp:', $user[0]['proxyaddresses'][$i]);
}
if ($user[0]['proxyaddresses'][$i] != '') {
$modAddresses['proxyAddresses'][$i] = $user[0]['proxyaddresses'][$i];
}
}
$modAddresses['proxyAddresses'][(sizeof($user[0]['proxyaddresses'])-1)] = 'SMTP:' . $emailAddress;
$result = @ldap_mod_replace($this->adldap->getLdapConnection(), $userDn, $modAddresses);
if ($result == false) {
return false;
}
return true;
}
else {
// We do not have to demote an email address from the default so we can just add the new proxy address
$attributes['exchange_proxyaddress'] = $proxyValue . $emailAddress;
// Translate the update to the LDAP schema
$add = $this->adldap->adldap_schema($attributes);
if (!$add) {
return false;
}
// Do the update
// Take out the @ to see any errors, usually this error might occur because the address already
// exists in the list of proxyAddresses
$result = @ldap_mod_add($this->adldap->getLdapConnection(), $userDn,$add);
if ($result == false) {
return false;
}
return true;
}
}
/**
* Remove an address to Exchange
* If you remove a default address the account will no longer have a default,
* we recommend changing the default address first
*
* @param string $username The username of the user to add the Exchange account to
* @param string $emailAddress The email address to add to this user
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return bool
*/
public function deleteAddress($username, $emailAddress, $isGUID=false)
{
if ($username === NULL) { return "Missing compulsory field [username]"; }
if ($emailAddress === NULL) { return "Missing compulsory fields [emailAddress]"; }
// Find the dn of the user
$user = $this->adldap->user()->info($username, array("cn","proxyaddresses"), $isGUID);
if ($user[0]["dn"] === NULL) { return false; }
$userDn = $user[0]["dn"];
if (is_array($user[0]["proxyaddresses"])) {
$mod = array();
for ($i=0;$i<sizeof($user[0]['proxyaddresses']);$i++) {
if (strstr($user[0]['proxyaddresses'][$i], 'SMTP:') !== false && $user[0]['proxyaddresses'][$i] == 'SMTP:' . $emailAddress) {
$mod['proxyAddresses'][0] = 'SMTP:' . $emailAddress;
}
elseif (strstr($user[0]['proxyaddresses'][$i], 'smtp:') !== false && $user[0]['proxyaddresses'][$i] == 'smtp:' . $emailAddress) {
$mod['proxyAddresses'][0] = 'smtp:' . $emailAddress;
}
}
$result = @ldap_mod_del($this->adldap->getLdapConnection(), $userDn,$mod);
if ($result == false) {
return false;
}
return true;
}
else {
return false;
}
}
/**
* Change the default address
*
* @param string $username The username of the user to add the Exchange account to
* @param string $emailAddress The email address to make default
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return bool
*/
public function primaryAddress($username, $emailAddress, $isGUID = false)
{
if ($username === NULL) { return "Missing compulsory field [username]"; }
if ($emailAddress === NULL) { return "Missing compulsory fields [emailAddress]"; }
// Find the dn of the user
$user = $this->adldap->user()->info($username, array("cn","proxyaddresses"), $isGUID);
if ($user[0]["dn"] === NULL){ return false; }
$userDn = $user[0]["dn"];
if (is_array($user[0]["proxyaddresses"])) {
$modAddresses = array();
for ($i=0;$i<sizeof($user[0]['proxyaddresses']);$i++) {
if (strstr($user[0]['proxyaddresses'][$i], 'SMTP:') !== false) {
$user[0]['proxyaddresses'][$i] = str_replace('SMTP:', 'smtp:', $user[0]['proxyaddresses'][$i]);
}
if ($user[0]['proxyaddresses'][$i] == 'smtp:' . $emailAddress) {
$user[0]['proxyaddresses'][$i] = str_replace('smtp:', 'SMTP:', $user[0]['proxyaddresses'][$i]);
}
if ($user[0]['proxyaddresses'][$i] != '') {
$modAddresses['proxyAddresses'][$i] = $user[0]['proxyaddresses'][$i];
}
}
$result = @ldap_mod_replace($this->adldap->getLdapConnection(), $userDn, $modAddresses);
if ($result == false) {
return false;
}
return true;
}
}
/**
* Mail enable a contact
* Allows email to be sent to them through Exchange
*
* @param string $distinguishedName The contact to mail enable
* @param string $emailAddress The email address to allow emails to be sent through
* @param string $mailNickname The mailnickname for the contact in Exchange. If NULL this will be set to the display name
* @return bool
*/
public function contactMailEnable($distinguishedName, $emailAddress, $mailNickname = NULL)
{
if ($distinguishedName === NULL) { return "Missing compulsory field [distinguishedName]"; }
if ($emailAddress === NULL) { return "Missing compulsory field [emailAddress]"; }
if ($mailNickname !== NULL) {
// Find the dn of the user
$user = $this->adldap->contact()->info($distinguishedName, array("cn","displayname"));
if ($user[0]["displayname"] === NULL) { return false; }
$mailNickname = $user[0]['displayname'][0];
}
$attributes = array("email"=>$emailAddress,"contact_email"=>"SMTP:" . $emailAddress,"exchange_proxyaddress"=>"SMTP:" . $emailAddress,"exchange_mailnickname" => $mailNickname);
// Translate the update to the LDAP schema
$mod = $this->adldap->adldap_schema($attributes);
// Check to see if this is an enabled status update
if (!$mod) { return false; }
// Do the update
$result = ldap_modify($this->adldap->getLdapConnection(), $distinguishedName, $mod);
if ($result == false) { return false; }
return true;
}
/**
* Returns a list of Exchange Servers in the ConfigurationNamingContext of the domain
*
* @param array $attributes An array of the AD attributes you wish to return
* @return array
*/
public function servers($attributes = array('cn','distinguishedname','serialnumber'))
{
if (!$this->adldap->getLdapBind()){ return false; }
$configurationNamingContext = $this->adldap->getRootDse(array('configurationnamingcontext'));
$sr = @ldap_search($this->adldap->getLdapConnection(), $configurationNamingContext[0]['configurationnamingcontext'][0],'(&(objectCategory=msExchExchangeServer))', $attributes);
$entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr);
return $entries;
}
/**
* Returns a list of Storage Groups in Exchange for a given mail server
*
* @param string $exchangeServer The full DN of an Exchange server. You can use exchange_servers() to find the DN for your server
* @param array $attributes An array of the AD attributes you wish to return
* @param bool $recursive If enabled this will automatically query the databases within a storage group
* @return array
*/
public function storageGroups($exchangeServer, $attributes = array('cn','distinguishedname'), $recursive = NULL)
{
if (!$this->adldap->getLdapBind()){ return false; }
if ($exchangeServer === NULL) { return "Missing compulsory field [exchangeServer]"; }
if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); }
$filter = '(&(objectCategory=msExchStorageGroup))';
$sr = @ldap_search($this->adldap->getLdapConnection(), $exchangeServer, $filter, $attributes);
$entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr);
if ($recursive === true) {
for ($i=0; $i<$entries['count']; $i++) {
$entries[$i]['msexchprivatemdb'] = $this->storageDatabases($entries[$i]['distinguishedname'][0]);
}
}
return $entries;
}
/**
* Returns a list of Databases within any given storage group in Exchange for a given mail server
*
* @param string $storageGroup The full DN of an Storage Group. You can use exchange_storage_groups() to find the DN
* @param array $attributes An array of the AD attributes you wish to return
* @return array
*/
public function storageDatabases($storageGroup, $attributes = array('cn','distinguishedname','displayname')) {
if (!$this->adldap->getLdapBind()){ return false; }
if ($storageGroup === NULL) { return "Missing compulsory field [storageGroup]"; }
$filter = '(&(objectCategory=msExchPrivateMDB))';
$sr = @ldap_search($this->adldap->getLdapConnection(), $storageGroup, $filter, $attributes);
$entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr);
return $entries;
}
}
?>

179
content/lib/plugins/authad/adLDAP/classes/adLDAPFolders.php Normal file
View File

@@ -0,0 +1,179 @@
<?php
/**
* PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
* Version 4.0.4
*
* PHP Version 5 with SSL and LDAP support
*
* Written by Scott Barnett, Richard Hyland
* email: scott@wiggumworld.com, adldap@richardhyland.com
* http://adldap.sourceforge.net/
*
* Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
*
* We'd appreciate any improvements or additions to be submitted back
* to benefit the entire community :)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* @category ToolsAndUtilities
* @package adLDAP
* @subpackage Folders
* @author Scott Barnett, Richard Hyland
* @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
* @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
* @revision $Revision: 97 $
* @version 4.0.4
* @link http://adldap.sourceforge.net/
*/
require_once(dirname(__FILE__) . '/../adLDAP.php');
/**
* FOLDER / OU MANAGEMENT FUNCTIONS
*/
class adLDAPFolders {
/**
* The current adLDAP connection via dependency injection
*
* @var adLDAP
*/
protected $adldap;
public function __construct(adLDAP $adldap) {
$this->adldap = $adldap;
}
/**
* Delete a distinguished name from Active Directory
* You should never need to call this yourself, just use the wrapper functions user_delete and contact_delete
*
* @param string $dn The distinguished name to delete
* @return bool
*/
public function delete($dn){
$result = ldap_delete($this->adldap->getLdapConnection(), $dn);
if ($result != true) {
return false;
}
return true;
}
/**
* Returns a folder listing for a specific OU
* See http://adldap.sourceforge.net/wiki/doku.php?id=api_folder_functions
*
* @param array $folderName An array to the OU you wish to list.
* If set to NULL will list the root, strongly recommended to set
* $recursive to false in that instance!
* @param string $dnType The type of record to list. This can be ADLDAP_FOLDER or ADLDAP_CONTAINER.
* @param bool $recursive Recursively search sub folders
* @param bool $type Specify a type of object to search for
* @return array
*/
public function listing($folderName = NULL, $dnType = adLDAP::ADLDAP_FOLDER, $recursive = NULL, $type = NULL)
{
if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it
if (!$this->adldap->getLdapBind()) { return false; }
$filter = '(&';
if ($type !== NULL) {
switch ($type) {
case 'contact':
$filter .= '(objectClass=contact)';
break;
case 'computer':
$filter .= '(objectClass=computer)';
break;
case 'group':
$filter .= '(objectClass=group)';
break;
case 'folder':
$filter .= '(objectClass=organizationalUnit)';
break;
case 'container':
$filter .= '(objectClass=container)';
break;
case 'domain':
$filter .= '(objectClass=builtinDomain)';
break;
default:
$filter .= '(objectClass=user)';
break;
}
}
else {
$filter .= '(objectClass=*)';
}
// If the folder name is null then we will search the root level of AD
// This requires us to not have an OU= part, just the base_dn
$searchOu = $this->adldap->getBaseDn();
if (is_array($folderName)) {
$ou = $dnType . "=" . implode("," . $dnType . "=", $folderName);
$filter .= '(!(distinguishedname=' . $ou . ',' . $this->adldap->getBaseDn() . ')))';
$searchOu = $ou . ',' . $this->adldap->getBaseDn();
}
else {
$filter .= '(!(distinguishedname=' . $this->adldap->getBaseDn() . ')))';
}
if ($recursive === true) {
$sr = ldap_search($this->adldap->getLdapConnection(), $searchOu, $filter, array('objectclass', 'distinguishedname', 'samaccountname'));
$entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr);
if (is_array($entries)) {
return $entries;
}
}
else {
$sr = ldap_list($this->adldap->getLdapConnection(), $searchOu, $filter, array('objectclass', 'distinguishedname', 'samaccountname'));
$entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr);
if (is_array($entries)) {
return $entries;
}
}
return false;
}
/**
* Create an organizational unit
*
* @param array $attributes Default attributes of the ou
* @return bool
*/
public function create($attributes)
{
if (!is_array($attributes)){ return "Attributes must be an array"; }
if (!is_array($attributes["container"])) { return "Container attribute must be an array."; }
if (!array_key_exists("ou_name",$attributes)) { return "Missing compulsory field [ou_name]"; }
if (!array_key_exists("container",$attributes)) { return "Missing compulsory field [container]"; }
$attributes["container"] = array_reverse($attributes["container"]);
$add=array();
$add["objectClass"] = "organizationalUnit";
$add["OU"] = $attributes['ou_name'];
$containers = "";
if (count($attributes['container']) > 0) {
$containers = "OU=" . implode(",OU=", $attributes["container"]) . ",";
}
$containers = "OU=" . implode(",OU=", $attributes["container"]);
$result = ldap_add($this->adldap->getLdapConnection(), "OU=" . $add["OU"] . ", " . $containers . $this->adldap->getBaseDn(), $add);
if ($result != true) {
return false;
}
return true;
}
}
?>

631
content/lib/plugins/authad/adLDAP/classes/adLDAPGroups.php Normal file
View File

@@ -0,0 +1,631 @@
<?php
/**
* PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
* Version 4.0.4
*
* PHP Version 5 with SSL and LDAP support
*
* Written by Scott Barnett, Richard Hyland
* email: scott@wiggumworld.com, adldap@richardhyland.com
* http://adldap.sourceforge.net/
*
* Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
*
* We'd appreciate any improvements or additions to be submitted back
* to benefit the entire community :)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* @category ToolsAndUtilities
* @package adLDAP
* @subpackage Groups
* @author Scott Barnett, Richard Hyland
* @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
* @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
* @revision $Revision: 97 $
* @version 4.0.4
* @link http://adldap.sourceforge.net/
*/
require_once(dirname(__FILE__) . '/../adLDAP.php');
require_once(dirname(__FILE__) . '/../collections/adLDAPGroupCollection.php');
/**
* GROUP FUNCTIONS
*/
class adLDAPGroups {
/**
* The current adLDAP connection via dependency injection
*
* @var adLDAP
*/
protected $adldap;
public function __construct(adLDAP $adldap) {
$this->adldap = $adldap;
}
/**
* Add a group to a group
*
* @param string $parent The parent group name
* @param string $child The child group name
* @return bool
*/
public function addGroup($parent,$child){
// Find the parent group's dn
$parentGroup = $this->ginfo($parent, array("cn"));
if ($parentGroup[0]["dn"] === NULL){
return false;
}
$parentDn = $parentGroup[0]["dn"];
// Find the child group's dn
$childGroup = $this->info($child, array("cn"));
if ($childGroup[0]["dn"] === NULL){
return false;
}
$childDn = $childGroup[0]["dn"];
$add = array();
$add["member"] = $childDn;
$result = @ldap_mod_add($this->adldap->getLdapConnection(), $parentDn, $add);
if ($result == false) {
return false;
}
return true;
}
/**
* Add a user to a group
*
* @param string $group The group to add the user to
* @param string $user The user to add to the group
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return bool
*/
public function addUser($group, $user, $isGUID = false)
{
// Adding a user is a bit fiddly, we need to get the full DN of the user
// and add it using the full DN of the group
// Find the user's dn
$userDn = $this->adldap->user()->dn($user, $isGUID);
if ($userDn === false) {
return false;
}
// Find the group's dn
$groupInfo = $this->info($group, array("cn"));
if ($groupInfo[0]["dn"] === NULL) {
return false;
}
$groupDn = $groupInfo[0]["dn"];
$add = array();
$add["member"] = $userDn;
$result = @ldap_mod_add($this->adldap->getLdapConnection(), $groupDn, $add);
if ($result == false) {
return false;
}
return true;
}
/**
* Add a contact to a group
*
* @param string $group The group to add the contact to
* @param string $contactDn The DN of the contact to add
* @return bool
*/
public function addContact($group, $contactDn)
{
// To add a contact we take the contact's DN
// and add it using the full DN of the group
// Find the group's dn
$groupInfo = $this->info($group, array("cn"));
if ($groupInfo[0]["dn"] === NULL) {
return false;
}
$groupDn = $groupInfo[0]["dn"];
$add = array();
$add["member"] = $contactDn;
$result = @ldap_mod_add($this->adldap->getLdapConnection(), $groupDn, $add);
if ($result == false) {
return false;
}
return true;
}
/**
* Create a group
*
* @param array $attributes Default attributes of the group
* @return bool
*/
public function create($attributes)
{
if (!is_array($attributes)){ return "Attributes must be an array"; }
if (!array_key_exists("group_name", $attributes)){ return "Missing compulsory field [group_name]"; }
if (!array_key_exists("container", $attributes)){ return "Missing compulsory field [container]"; }
if (!array_key_exists("description", $attributes)){ return "Missing compulsory field [description]"; }
if (!is_array($attributes["container"])){ return "Container attribute must be an array."; }
$attributes["container"] = array_reverse($attributes["container"]);
//$member_array = array();
//$member_array[0] = "cn=user1,cn=Users,dc=yourdomain,dc=com";
//$member_array[1] = "cn=administrator,cn=Users,dc=yourdomain,dc=com";
$add = array();
$add["cn"] = $attributes["group_name"];
$add["samaccountname"] = $attributes["group_name"];
$add["objectClass"] = "Group";
$add["description"] = $attributes["description"];
//$add["member"] = $member_array; UNTESTED
$container = "OU=" . implode(",OU=", $attributes["container"]);
$result = ldap_add($this->adldap->getLdapConnection(), "CN=" . $add["cn"] . ", " . $container . "," . $this->adldap->getBaseDn(), $add);
if ($result != true) {
return false;
}
return true;
}
/**
* Delete a group account
*
* @param string $group The group to delete (please be careful here!)
*
* @return array
*/
public function delete($group) {
if (!$this->adldap->getLdapBind()){ return false; }
if ($group === null){ return "Missing compulsory field [group]"; }
$groupInfo = $this->info($group, array("*"));
$dn = $groupInfo[0]['distinguishedname'][0];
$result = $this->adldap->folder()->delete($dn);
if ($result !== true) {
return false;
} return true;
}
/**
* Remove a group from a group
*
* @param string $parent The parent group name
* @param string $child The child group name
* @return bool
*/
public function removeGroup($parent , $child)
{
// Find the parent dn
$parentGroup = $this->info($parent, array("cn"));
if ($parentGroup[0]["dn"] === NULL) {
return false;
}
$parentDn = $parentGroup[0]["dn"];
// Find the child dn
$childGroup = $this->info($child, array("cn"));
if ($childGroup[0]["dn"] === NULL) {
return false;
}
$childDn = $childGroup[0]["dn"];
$del = array();
$del["member"] = $childDn;
$result = @ldap_mod_del($this->adldap->getLdapConnection(), $parentDn, $del);
if ($result == false) {
return false;
}
return true;
}
/**
* Remove a user from a group
*
* @param string $group The group to remove a user from
* @param string $user The AD user to remove from the group
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return bool
*/
public function removeUser($group, $user, $isGUID = false)
{
// Find the parent dn
$groupInfo = $this->info($group, array("cn"));
if ($groupInfo[0]["dn"] === NULL){
return false;
}
$groupDn = $groupInfo[0]["dn"];
// Find the users dn
$userDn = $this->adldap->user()->dn($user, $isGUID);
if ($userDn === false) {
return false;
}
$del = array();
$del["member"] = $userDn;
$result = @ldap_mod_del($this->adldap->getLdapConnection(), $groupDn, $del);
if ($result == false) {
return false;
}
return true;
}
/**
* Remove a contact from a group
*
* @param string $group The group to remove a user from
* @param string $contactDn The DN of a contact to remove from the group
* @return bool
*/
public function removeContact($group, $contactDn)
{
// Find the parent dn
$groupInfo = $this->info($group, array("cn"));
if ($groupInfo[0]["dn"] === NULL) {
return false;
}
$groupDn = $groupInfo[0]["dn"];
$del = array();
$del["member"] = $contactDn;
$result = @ldap_mod_del($this->adldap->getLdapConnection(), $groupDn, $del);
if ($result == false) {
return false;
}
return true;
}
/**
* Return a list of groups in a group
*
* @param string $group The group to query
* @param bool $recursive Recursively get groups
* @return array
*/
public function inGroup($group, $recursive = NULL)
{
if (!$this->adldap->getLdapBind()){ return false; }
if ($recursive === NULL){ $recursive = $this->adldap->getRecursiveGroups(); } // Use the default option if they haven't set it
// Search the directory for the members of a group
$info = $this->info($group, array("member","cn"));
$groups = $info[0]["member"];
if (!is_array($groups)) {
return false;
}
$groupArray = array();
for ($i=0; $i<$groups["count"]; $i++){
$filter = "(&(objectCategory=group)(distinguishedName=" . $this->adldap->utilities()->ldapSlashes($groups[$i]) . "))";
$fields = array("samaccountname", "distinguishedname", "objectClass");
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
// not a person, look for a group
if ($entries['count'] == 0 && $recursive == true) {
$filter = "(&(objectCategory=group)(distinguishedName=" . $this->adldap->utilities()->ldapSlashes($groups[$i]) . "))";
$fields = array("distinguishedname");
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
if (!isset($entries[0]['distinguishedname'][0])) {
continue;
}
$subGroups = $this->inGroup($entries[0]['distinguishedname'][0], $recursive);
if (is_array($subGroups)) {
$groupArray = array_merge($groupArray, $subGroups);
$groupArray = array_unique($groupArray);
}
continue;
}
$groupArray[] = $entries[0]['distinguishedname'][0];
}
return $groupArray;
}
/**
* Return a list of members in a group
*
* @param string $group The group to query
* @param bool $recursive Recursively get group members
* @return array
*/
public function members($group, $recursive = NULL)
{
if (!$this->adldap->getLdapBind()){ return false; }
if ($recursive === NULL){ $recursive = $this->adldap->getRecursiveGroups(); } // Use the default option if they haven't set it
// Search the directory for the members of a group
$info = $this->info($group, array("member","cn"));
$users = $info[0]["member"];
if (!is_array($users)) {
return false;
}
$userArray = array();
for ($i=0; $i<$users["count"]; $i++){
$filter = "(&(objectCategory=person)(distinguishedName=" . $this->adldap->utilities()->ldapSlashes($users[$i]) . "))";
$fields = array("samaccountname", "distinguishedname", "objectClass");
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
// not a person, look for a group
if ($entries['count'] == 0 && $recursive == true) {
$filter = "(&(objectCategory=group)(distinguishedName=" . $this->adldap->utilities()->ldapSlashes($users[$i]) . "))";
$fields = array("samaccountname");
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
if (!isset($entries[0]['samaccountname'][0])) {
continue;
}
$subUsers = $this->members($entries[0]['samaccountname'][0], $recursive);
if (is_array($subUsers)) {
$userArray = array_merge($userArray, $subUsers);
$userArray = array_unique($userArray);
}
continue;
}
else if ($entries['count'] == 0) {
continue;
}
if ((!isset($entries[0]['samaccountname'][0]) || $entries[0]['samaccountname'][0] === NULL) && $entries[0]['distinguishedname'][0] !== NULL) {
$userArray[] = $entries[0]['distinguishedname'][0];
}
else if ($entries[0]['samaccountname'][0] !== NULL) {
$userArray[] = $entries[0]['samaccountname'][0];
}
}
return $userArray;
}
/**
* Group Information. Returns an array of raw information about a group.
* The group name is case sensitive
*
* @param string $groupName The group name to retrieve info about
* @param array $fields Fields to retrieve
* @return array
*/
public function info($groupName, $fields = NULL)
{
if ($groupName === NULL) { return false; }
if (!$this->adldap->getLdapBind()) { return false; }
if (stristr($groupName, '+')) {
$groupName = stripslashes($groupName);
}
$filter = "(&(objectCategory=group)(name=" . $this->adldap->utilities()->ldapSlashes($groupName) . "))";
if ($fields === NULL) {
$fields = array("member","memberof","cn","description","distinguishedname","objectcategory","samaccountname");
}
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
return $entries;
}
/**
* Group Information. Returns an collection
* The group name is case sensitive
*
* @param string $groupName The group name to retrieve info about
* @param array $fields Fields to retrieve
* @return adLDAPGroupCollection
*/
public function infoCollection($groupName, $fields = NULL)
{
if ($groupName === NULL) { return false; }
if (!$this->adldap->getLdapBind()) { return false; }
$info = $this->info($groupName, $fields);
if ($info !== false) {
$collection = new adLDAPGroupCollection($info, $this->adldap);
return $collection;
}
return false;
}
/**
* Return a complete list of "groups in groups"
*
* @param string $group The group to get the list from
* @return array
*/
public function recursiveGroups($group)
{
if ($group === NULL) { return false; }
$stack = array();
$processed = array();
$retGroups = array();
array_push($stack, $group); // Initial Group to Start with
while (count($stack) > 0) {
$parent = array_pop($stack);
array_push($processed, $parent);
$info = $this->info($parent, array("memberof"));
if (isset($info[0]["memberof"]) && is_array($info[0]["memberof"])) {
$groups = $info[0]["memberof"];
if ($groups) {
$groupNames = $this->adldap->utilities()->niceNames($groups);
$retGroups = array_merge($retGroups, $groupNames); //final groups to return
foreach ($groupNames as $id => $groupName) {
if (!in_array($groupName, $processed)) {
array_push($stack, $groupName);
}
}
}
}
}
return $retGroups;
}
/**
* Returns a complete list of the groups in AD based on a SAM Account Type
*
* @param string $sAMAaccountType The account type to return
* @param bool $includeDescription Whether to return a description
* @param string $search Search parameters
* @param bool $sorted Whether to sort the results
* @return array
*/
public function search($sAMAaccountType = adLDAP::ADLDAP_SECURITY_GLOBAL_GROUP, $includeDescription = false, $search = "*", $sorted = true) {
if (!$this->adldap->getLdapBind()) { return false; }
$filter = '(&(objectCategory=group)';
if ($sAMAaccountType !== null) {
$filter .= '(samaccounttype='. $sAMAaccountType .')';
}
$filter .= '(cn=' . $search . '))';
// Perform the search and grab all their details
$fields = array("samaccountname", "description");
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
$groupsArray = array();
for ($i=0; $i<$entries["count"]; $i++){
if ($includeDescription && strlen($entries[$i]["description"][0]) > 0 ) {
$groupsArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["description"][0];
}
else if ($includeDescription){
$groupsArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["samaccountname"][0];
}
else {
array_push($groupsArray, $entries[$i]["samaccountname"][0]);
}
}
if ($sorted) {
asort($groupsArray);
}
return $groupsArray;
}
/**
* Returns a complete list of all groups in AD
*
* @param bool $includeDescription Whether to return a description
* @param string $search Search parameters
* @param bool $sorted Whether to sort the results
* @return array
*/
public function all($includeDescription = false, $search = "*", $sorted = true){
$groupsArray = $this->search(null, $includeDescription, $search, $sorted);
return $groupsArray;
}
/**
* Returns a complete list of security groups in AD
*
* @param bool $includeDescription Whether to return a description
* @param string $search Search parameters
* @param bool $sorted Whether to sort the results
* @return array
*/
public function allSecurity($includeDescription = false, $search = "*", $sorted = true){
$groupsArray = $this->search(adLDAP::ADLDAP_SECURITY_GLOBAL_GROUP, $includeDescription, $search, $sorted);
return $groupsArray;
}
/**
* Returns a complete list of distribution lists in AD
*
* @param bool $includeDescription Whether to return a description
* @param string $search Search parameters
* @param bool $sorted Whether to sort the results
* @return array
*/
public function allDistribution($includeDescription = false, $search = "*", $sorted = true){
$groupsArray = $this->search(adLDAP::ADLDAP_DISTRIBUTION_GROUP, $includeDescription, $search, $sorted);
return $groupsArray;
}
/**
* Coping with AD not returning the primary group
* http://support.microsoft.com/?kbid=321360
*
* This is a re-write based on code submitted by Bruce which prevents the
* need to search each security group to find the true primary group
*
* @param string $gid Group ID
* @param string $usersid User's Object SID
* @return mixed
*/
public function getPrimaryGroup($gid, $usersid)
{
if ($gid === NULL || $usersid === NULL) { return false; }
$sr = false;
$gsid = substr_replace($usersid, pack('V',$gid), strlen($usersid)-4,4);
$filter = '(objectsid=' . $this->adldap->utilities()->getTextSID($gsid).')';
$fields = array("samaccountname","distinguishedname");
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
if (isset($entries[0]['distinguishedname'][0])) {
return $entries[0]['distinguishedname'][0];
}
return false;
}
/**
* Coping with AD not returning the primary group
* http://support.microsoft.com/?kbid=321360
*
* For some reason it's not possible to search on primarygrouptoken=XXX
* If someone can show otherwise, I'd like to know about it :)
* this way is resource intensive and generally a pain in the @#%^
*
* @deprecated deprecated since version 3.1, see get get_primary_group
* @param string $gid Group ID
* @return string
*/
public function cn($gid){
if ($gid === NULL) { return false; }
$sr = false;
$r = '';
$filter = "(&(objectCategory=group)(samaccounttype=" . adLDAP::ADLDAP_SECURITY_GLOBAL_GROUP . "))";
$fields = array("primarygrouptoken", "samaccountname", "distinguishedname");
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
for ($i=0; $i<$entries["count"]; $i++){
if ($entries[$i]["primarygrouptoken"][0] == $gid) {
$r = $entries[$i]["distinguishedname"][0];
$i = $entries["count"];
}
}
return $r;
}
}
?>

682
content/lib/plugins/authad/adLDAP/classes/adLDAPUsers.php Normal file
View File

@@ -0,0 +1,682 @@
<?php
/**
* PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
* Version 4.0.4
*
* PHP Version 5 with SSL and LDAP support
*
* Written by Scott Barnett, Richard Hyland
* email: scott@wiggumworld.com, adldap@richardhyland.com
* http://adldap.sourceforge.net/
*
* Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
*
* We'd appreciate any improvements or additions to be submitted back
* to benefit the entire community :)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* @category ToolsAndUtilities
* @package adLDAP
* @subpackage User
* @author Scott Barnett, Richard Hyland
* @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
* @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
* @revision $Revision: 97 $
* @version 4.0.4
* @link http://adldap.sourceforge.net/
*/
require_once(dirname(__FILE__) . '/../adLDAP.php');
require_once(dirname(__FILE__) . '/../collections/adLDAPUserCollection.php');
/**
* USER FUNCTIONS
*/
class adLDAPUsers {
/**
* The current adLDAP connection via dependency injection
*
* @var adLDAP
*/
protected $adldap;
public function __construct(adLDAP $adldap) {
$this->adldap = $adldap;
}
/**
* Validate a user's login credentials
*
* @param string $username A user's AD username
* @param string $password A user's AD password
* @param bool optional $prevent_rebind
* @return bool
*/
public function authenticate($username, $password, $preventRebind = false) {
return $this->adldap->authenticate($username, $password, $preventRebind);
}
/**
* Create a user
*
* If you specify a password here, this can only be performed over SSL
*
* @param array $attributes The attributes to set to the user account
* @return bool
*/
public function create($attributes)
{
// Check for compulsory fields
if (!array_key_exists("username", $attributes)){ return "Missing compulsory field [username]"; }
if (!array_key_exists("firstname", $attributes)){ return "Missing compulsory field [firstname]"; }
if (!array_key_exists("surname", $attributes)){ return "Missing compulsory field [surname]"; }
if (!array_key_exists("email", $attributes)){ return "Missing compulsory field [email]"; }
if (!array_key_exists("container", $attributes)){ return "Missing compulsory field [container]"; }
if (!is_array($attributes["container"])){ return "Container attribute must be an array."; }
if (array_key_exists("password",$attributes) && (!$this->adldap->getUseSSL() && !$this->adldap->getUseTLS())){
throw new adLDAPException('SSL must be configured on your webserver and enabled in the class to set passwords.');
}
if (!array_key_exists("display_name", $attributes)) {
$attributes["display_name"] = $attributes["firstname"] . " " . $attributes["surname"];
}
// Translate the schema
$add = $this->adldap->adldap_schema($attributes);
// Additional stuff only used for adding accounts
$add["cn"][0] = $attributes["display_name"];
$add["samaccountname"][0] = $attributes["username"];
$add["objectclass"][0] = "top";
$add["objectclass"][1] = "person";
$add["objectclass"][2] = "organizationalPerson";
$add["objectclass"][3] = "user"; //person?
//$add["name"][0]=$attributes["firstname"]." ".$attributes["surname"];
// Set the account control attribute
$control_options = array("NORMAL_ACCOUNT");
if (!$attributes["enabled"]) {
$control_options[] = "ACCOUNTDISABLE";
}
$add["userAccountControl"][0] = $this->accountControl($control_options);
// Determine the container
$attributes["container"] = array_reverse($attributes["container"]);
$container = "OU=" . implode(", OU=",$attributes["container"]);
// Add the entry
$result = @ldap_add($this->adldap->getLdapConnection(), "CN=" . $add["cn"][0] . ", " . $container . "," . $this->adldap->getBaseDn(), $add);
if ($result != true) {
return false;
}
return true;
}
/**
* Account control options
*
* @param array $options The options to convert to int
* @return int
*/
protected function accountControl($options)
{
$val=0;
if (is_array($options)) {
if (in_array("SCRIPT",$options)){ $val=$val+1; }
if (in_array("ACCOUNTDISABLE",$options)){ $val=$val+2; }
if (in_array("HOMEDIR_REQUIRED",$options)){ $val=$val+8; }
if (in_array("LOCKOUT",$options)){ $val=$val+16; }
if (in_array("PASSWD_NOTREQD",$options)){ $val=$val+32; }
//PASSWD_CANT_CHANGE Note You cannot assign this permission by directly modifying the UserAccountControl attribute.
//For information about how to set the permission programmatically, see the "Property flag descriptions" section.
if (in_array("ENCRYPTED_TEXT_PWD_ALLOWED",$options)){ $val=$val+128; }
if (in_array("TEMP_DUPLICATE_ACCOUNT",$options)){ $val=$val+256; }
if (in_array("NORMAL_ACCOUNT",$options)){ $val=$val+512; }
if (in_array("INTERDOMAIN_TRUST_ACCOUNT",$options)){ $val=$val+2048; }
if (in_array("WORKSTATION_TRUST_ACCOUNT",$options)){ $val=$val+4096; }
if (in_array("SERVER_TRUST_ACCOUNT",$options)){ $val=$val+8192; }
if (in_array("DONT_EXPIRE_PASSWORD",$options)){ $val=$val+65536; }
if (in_array("MNS_LOGON_ACCOUNT",$options)){ $val=$val+131072; }
if (in_array("SMARTCARD_REQUIRED",$options)){ $val=$val+262144; }
if (in_array("TRUSTED_FOR_DELEGATION",$options)){ $val=$val+524288; }
if (in_array("NOT_DELEGATED",$options)){ $val=$val+1048576; }
if (in_array("USE_DES_KEY_ONLY",$options)){ $val=$val+2097152; }
if (in_array("DONT_REQ_PREAUTH",$options)){ $val=$val+4194304; }
if (in_array("PASSWORD_EXPIRED",$options)){ $val=$val+8388608; }
if (in_array("TRUSTED_TO_AUTH_FOR_DELEGATION",$options)){ $val=$val+16777216; }
}
return $val;
}
/**
* Delete a user account
*
* @param string $username The username to delete (please be careful here!)
* @param bool $isGUID Is the username a GUID or a samAccountName
* @return array
*/
public function delete($username, $isGUID = false)
{
$userinfo = $this->info($username, array("*"), $isGUID);
$dn = $userinfo[0]['distinguishedname'][0];
$result = $this->adldap->folder()->delete($dn);
if ($result != true) {
return false;
}
return true;
}
/**
* Groups the user is a member of
*
* @param string $username The username to query
* @param bool $recursive Recursive list of groups
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return array
*/
public function groups($username, $recursive = NULL, $isGUID = false)
{
if ($username === NULL) { return false; }
if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } // Use the default option if they haven't set it
if (!$this->adldap->getLdapBind()) { return false; }
// Search the directory for their information
$info = @$this->info($username, array("memberof", "primarygroupid"), $isGUID);
$groups = $this->adldap->utilities()->niceNames($info[0]["memberof"]); // Presuming the entry returned is our guy (unique usernames)
if ($recursive === true){
foreach ($groups as $id => $groupName){
$extraGroups = $this->adldap->group()->recursiveGroups($groupName);
$groups = array_merge($groups, $extraGroups);
}
}
return $groups;
}
/**
* Find information about the users. Returned in a raw array format from AD
*
* @param string $username The username to query
* @param array $fields Array of parameters to query
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return array
*/
public function info($username, $fields = NULL, $isGUID = false)
{
if ($username === NULL) { return false; }
if (!$this->adldap->getLdapBind()) { return false; }
if ($isGUID === true) {
$username = $this->adldap->utilities()->strGuidToHex($username);
$filter = "objectguid=" . $username;
}
else if (strstr($username, "@")) {
$filter = "userPrincipalName=" . $username;
}
else {
$filter = "samaccountname=" . $username;
}
$filter = "(&(objectCategory=person)({$filter}))";
if ($fields === NULL) {
$fields = array("samaccountname","mail","memberof","department","displayname","telephonenumber","primarygroupid","objectsid");
}
if (!in_array("objectsid", $fields)) {
$fields[] = "objectsid";
}
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
if (isset($entries[0])) {
if ($entries[0]['count'] >= 1) {
if (in_array("memberof", $fields)) {
// AD does not return the primary group in the ldap query, we may need to fudge it
if ($this->adldap->getRealPrimaryGroup() && isset($entries[0]["primarygroupid"][0]) && isset($entries[0]["objectsid"][0])){
//$entries[0]["memberof"][]=$this->group_cn($entries[0]["primarygroupid"][0]);
$entries[0]["memberof"][] = $this->adldap->group()->getPrimaryGroup($entries[0]["primarygroupid"][0], $entries[0]["objectsid"][0]);
} else {
$entries[0]["memberof"][] = "CN=Domain Users,CN=Users," . $this->adldap->getBaseDn();
}
if (!isset($entries[0]["memberof"]["count"])) {
$entries[0]["memberof"]["count"] = 0;
}
$entries[0]["memberof"]["count"]++;
}
}
return $entries;
}
return false;
}
/**
* Find information about the users. Returned in a raw array format from AD
*
* @param string $username The username to query
* @param array $fields Array of parameters to query
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return mixed
*/
public function infoCollection($username, $fields = NULL, $isGUID = false)
{
if ($username === NULL) { return false; }
if (!$this->adldap->getLdapBind()) { return false; }
$info = $this->info($username, $fields, $isGUID);
if ($info !== false) {
$collection = new adLDAPUserCollection($info, $this->adldap);
return $collection;
}
return false;
}
/**
* Determine if a user is in a specific group
*
* @param string $username The username to query
* @param string $group The name of the group to check against
* @param bool $recursive Check groups recursively
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return bool
*/
public function inGroup($username, $group, $recursive = NULL, $isGUID = false)
{
if ($username === NULL) { return false; }
if ($group === NULL) { return false; }
if (!$this->adldap->getLdapBind()) { return false; }
if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } // Use the default option if they haven't set it
// Get a list of the groups
$groups = $this->groups($username, $recursive, $isGUID);
// Return true if the specified group is in the group list
if (in_array($group, $groups)) {
return true;
}
return false;
}
/**
* Determine a user's password expiry date
*
* @param string $username The username to query
* @param book $isGUID Is the username passed a GUID or a samAccountName
* @requires bcmath http://php.net/manual/en/book.bc.php
* @return array
*/
public function passwordExpiry($username, $isGUID = false)
{
if ($username === NULL) { return "Missing compulsory field [username]"; }
if (!$this->adldap->getLdapBind()) { return false; }
if (!function_exists('bcmod')) { throw new adLDAPException("Missing function support [bcmod] http://php.net/manual/en/book.bc.php"); };
$userInfo = $this->info($username, array("pwdlastset", "useraccountcontrol"), $isGUID);
$pwdLastSet = $userInfo[0]['pwdlastset'][0];
$status = array();
if ($userInfo[0]['useraccountcontrol'][0] == '66048') {
// Password does not expire
return "Does not expire";
}
if ($pwdLastSet === '0') {
// Password has already expired
return "Password has expired";
}
// Password expiry in AD can be calculated from TWO values:
// - User's own pwdLastSet attribute: stores the last time the password was changed
// - Domain's maxPwdAge attribute: how long passwords last in the domain
//
// Although Microsoft chose to use a different base and unit for time measurements.
// This function will convert them to Unix timestamps
$sr = ldap_read($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), 'objectclass=*', array('maxPwdAge'));
if (!$sr) {
return false;
}
$info = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
$maxPwdAge = $info[0]['maxpwdage'][0];
// See MSDN: http://msdn.microsoft.com/en-us/library/ms974598.aspx
//
// pwdLastSet contains the number of 100 nanosecond intervals since January 1, 1601 (UTC),
// stored in a 64 bit integer.
//
// The number of seconds between this date and Unix epoch is 11644473600.
//
// maxPwdAge is stored as a large integer that represents the number of 100 nanosecond
// intervals from the time the password was set before the password expires.
//
// We also need to scale this to seconds but also this value is a _negative_ quantity!
//
// If the low 32 bits of maxPwdAge are equal to 0 passwords do not expire
//
// Unfortunately the maths involved are too big for PHP integers, so I've had to require
// BCMath functions to work with arbitrary precision numbers.
if (bcmod($maxPwdAge, 4294967296) === '0') {
return "Domain does not expire passwords";
}
// Add maxpwdage and pwdlastset and we get password expiration time in Microsoft's
// time units. Because maxpwd age is negative we need to subtract it.
$pwdExpire = bcsub($pwdLastSet, $maxPwdAge);
// Convert MS's time to Unix time
$status['expiryts'] = bcsub(bcdiv($pwdExpire, '10000000'), '11644473600');
$status['expiryformat'] = date('Y-m-d H:i:s', bcsub(bcdiv($pwdExpire, '10000000'), '11644473600'));
return $status;
}
/**
* Modify a user
*
* @param string $username The username to query
* @param array $attributes The attributes to modify. Note if you set the enabled attribute you must not specify any other attributes
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return bool
*/
public function modify($username, $attributes, $isGUID = false)
{
if ($username === NULL) { return "Missing compulsory field [username]"; }
if (array_key_exists("password", $attributes) && !$this->adldap->getUseSSL() && !$this->adldap->getUseTLS()) {
throw new adLDAPException('SSL/TLS must be configured on your webserver and enabled in the class to set passwords.');
}
// Find the dn of the user
$userDn = $this->dn($username, $isGUID);
if ($userDn === false) {
return false;
}
// Translate the update to the LDAP schema
$mod = $this->adldap->adldap_schema($attributes);
// Check to see if this is an enabled status update
if (!$mod && !array_key_exists("enabled", $attributes)){
return false;
}
// Set the account control attribute (only if specified)
if (array_key_exists("enabled", $attributes)){
if ($attributes["enabled"]){
$controlOptions = array("NORMAL_ACCOUNT");
}
else {
$controlOptions = array("NORMAL_ACCOUNT", "ACCOUNTDISABLE");
}
$mod["userAccountControl"][0] = $this->accountControl($controlOptions);
}
// Do the update
$result = @ldap_modify($this->adldap->getLdapConnection(), $userDn, $mod);
if ($result == false) {
return false;
}
return true;
}
/**
* Disable a user account
*
* @param string $username The username to disable
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return bool
*/
public function disable($username, $isGUID = false)
{
if ($username === NULL) { return "Missing compulsory field [username]"; }
$attributes = array("enabled" => 0);
$result = $this->modify($username, $attributes, $isGUID);
if ($result == false) { return false; }
return true;
}
/**
* Enable a user account
*
* @param string $username The username to enable
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return bool
*/
public function enable($username, $isGUID = false)
{
if ($username === NULL) { return "Missing compulsory field [username]"; }
$attributes = array("enabled" => 1);
$result = $this->modify($username, $attributes, $isGUID);
if ($result == false) { return false; }
return true;
}
/**
* Set the password of a user - This must be performed over SSL
*
* @param string $username The username to modify
* @param string $password The new password
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return bool
*/
public function password($username, $password, $isGUID = false)
{
if ($username === NULL) { return false; }
if ($password === NULL) { return false; }
if (!$this->adldap->getLdapBind()) { return false; }
if (!$this->adldap->getUseSSL() && !$this->adldap->getUseTLS()) {
throw new adLDAPException('SSL must be configured on your webserver and enabled in the class to set passwords.');
}
$userDn = $this->dn($username, $isGUID);
if ($userDn === false) {
return false;
}
$add=array();
$add["unicodePwd"][0] = $this->encodePassword($password);
$result = @ldap_mod_replace($this->adldap->getLdapConnection(), $userDn, $add);
if ($result === false){
$err = ldap_errno($this->adldap->getLdapConnection());
if ($err) {
$msg = 'Error ' . $err . ': ' . ldap_err2str($err) . '.';
if($err == 53) {
$msg .= ' Your password might not match the password policy.';
}
throw new adLDAPException($msg);
}
else {
return false;
}
}
return true;
}
/**
* Encode a password for transmission over LDAP
*
* @param string $password The password to encode
* @return string
*/
public function encodePassword($password)
{
$password="\"".$password."\"";
$encoded="";
for ($i=0; $i <strlen($password); $i++){ $encoded.="{$password{$i}}\000"; }
return $encoded;
}
/**
* Obtain the user's distinguished name based on their userid
*
*
* @param string $username The username
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return string
*/
public function dn($username, $isGUID=false)
{
$user = $this->info($username, array("cn"), $isGUID);
if ($user[0]["dn"] === NULL) {
return false;
}
$userDn = $user[0]["dn"];
return $userDn;
}
/**
* Return a list of all users in AD
*
* @param bool $includeDescription Return a description of the user
* @param string $search Search parameter
* @param bool $sorted Sort the user accounts
* @return array
*/
public function all($includeDescription = false, $search = "*", $sorted = true)
{
if (!$this->adldap->getLdapBind()) { return false; }
// Perform the search and grab all their details
$filter = "(&(objectClass=user)(samaccounttype=" . adLDAP::ADLDAP_NORMAL_ACCOUNT .")(objectCategory=person)(cn=" . $search . "))";
$fields = array("samaccountname","displayname");
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
$usersArray = array();
for ($i=0; $i<$entries["count"]; $i++){
if ($includeDescription && strlen($entries[$i]["displayname"][0])>0){
$usersArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["displayname"][0];
} elseif ($includeDescription){
$usersArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["samaccountname"][0];
} else {
array_push($usersArray, $entries[$i]["samaccountname"][0]);
}
}
if ($sorted) {
asort($usersArray);
}
return $usersArray;
}
/**
* Converts a username (samAccountName) to a GUID
*
* @param string $username The username to query
* @return string
*/
public function usernameToGuid($username)
{
if (!$this->adldap->getLdapBind()){ return false; }
if ($username === null){ return "Missing compulsory field [username]"; }
$filter = "samaccountname=" . $username;
$fields = array("objectGUID");
$sr = @ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
if (ldap_count_entries($this->adldap->getLdapConnection(), $sr) > 0) {
$entry = @ldap_first_entry($this->adldap->getLdapConnection(), $sr);
$guid = @ldap_get_values_len($this->adldap->getLdapConnection(), $entry, 'objectGUID');
$strGUID = $this->adldap->utilities()->binaryToText($guid[0]);
return $strGUID;
}
return false;
}
/**
* Return a list of all users in AD that have a specific value in a field
*
* @param bool $includeDescription Return a description of the user
* @param string $searchField Field to search search for
* @param string $searchFilter Value to search for in the specified field
* @param bool $sorted Sort the user accounts
* @return array
*/
public function find($includeDescription = false, $searchField = false, $searchFilter = false, $sorted = true){
if (!$this->adldap->getLdapBind()){ return false; }
// Perform the search and grab all their details
$searchParams = "";
if ($searchField) {
$searchParams = "(" . $searchField . "=" . $searchFilter . ")";
}
$filter = "(&(objectClass=user)(samaccounttype=" . adLDAP::ADLDAP_NORMAL_ACCOUNT .")(objectCategory=person)" . $searchParams . ")";
$fields = array("samaccountname","displayname");
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
$usersArray = array();
for ($i=0; $i < $entries["count"]; $i++) {
if ($includeDescription && strlen($entries[$i]["displayname"][0]) > 0) {
$usersArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["displayname"][0];
}
else if ($includeDescription) {
$usersArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["samaccountname"][0];
}
else {
array_push($usersArray, $entries[$i]["samaccountname"][0]);
}
}
if ($sorted){
asort($usersArray);
}
return ($usersArray);
}
/**
* Move a user account to a different OU
*
* @param string $username The username to move (please be careful here!)
* @param array $container The container or containers to move the user to (please be careful here!).
* accepts containers in 1. parent 2. child order
* @return array
*/
public function move($username, $container)
{
if (!$this->adldap->getLdapBind()) { return false; }
if ($username === null) { return "Missing compulsory field [username]"; }
if ($container === null) { return "Missing compulsory field [container]"; }
if (!is_array($container)) { return "Container must be an array"; }
$userInfo = $this->info($username, array("*"));
$dn = $userInfo[0]['distinguishedname'][0];
$newRDn = "cn=" . $username;
$container = array_reverse($container);
$newContainer = "ou=" . implode(",ou=",$container);
$newBaseDn = strtolower($newContainer) . "," . $this->adldap->getBaseDn();
$result = @ldap_rename($this->adldap->getLdapConnection(), $dn, $newRDn, $newBaseDn, true);
if ($result !== true) {
return false;
}
return true;
}
/**
* Get the last logon time of any user as a Unix timestamp
*
* @param string $username
* @return long $unixTimestamp
*/
public function getLastLogon($username) {
if (!$this->adldap->getLdapBind()) { return false; }
if ($username === null) { return "Missing compulsory field [username]"; }
$userInfo = $this->info($username, array("lastLogonTimestamp"));
$lastLogon = adLDAPUtils::convertWindowsTimeToUnixTime($userInfo[0]['lastLogonTimestamp'][0]);
return $lastLogon;
}
}
?>

268
content/lib/plugins/authad/adLDAP/classes/adLDAPUtils.php Normal file
View File

@@ -0,0 +1,268 @@
<?php
/**
* PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
* Version 4.0.4
*
* PHP Version 5 with SSL and LDAP support
*
* Written by Scott Barnett, Richard Hyland
* email: scott@wiggumworld.com, adldap@richardhyland.com
* http://adldap.sourceforge.net/
*
* Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
*
* We'd appreciate any improvements or additions to be submitted back
* to benefit the entire community :)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* @category ToolsAndUtilities
* @package adLDAP
* @subpackage Utils
* @author Scott Barnett, Richard Hyland
* @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
* @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
* @revision $Revision: 97 $
* @version 4.0.4
* @link http://adldap.sourceforge.net/
*/
require_once(dirname(__FILE__) . '/../adLDAP.php');
/**
* UTILITY FUNCTIONS
*/
class adLDAPUtils {
const ADLDAP_VERSION = '4.0.4';
/**
* The current adLDAP connection via dependency injection
*
* @var adLDAP
*/
protected $adldap;
public function __construct(adLDAP $adldap) {
$this->adldap = $adldap;
}
/**
* Take an LDAP query and return the nice names, without all the LDAP prefixes (eg. CN, DN)
*
* @param array $groups
* @return array
*/
public function niceNames($groups)
{
$groupArray = array();
for ($i=0; $i<$groups["count"]; $i++){ // For each group
$line = $groups[$i];
if (strlen($line)>0) {
// More presumptions, they're all prefixed with CN=
// so we ditch the first three characters and the group
// name goes up to the first comma
$bits=explode(",", $line);
$groupArray[] = substr($bits[0], 3, (strlen($bits[0])-3));
}
}
return $groupArray;
}
/**
* Escape characters for use in an ldap_create function
*
* @param string $str
* @return string
*/
public function escapeCharacters($str) {
$str = str_replace(",", "\,", $str);
return $str;
}
/**
* Escape strings for the use in LDAP filters
*
* DEVELOPERS SHOULD BE DOING PROPER FILTERING IF THEY'RE ACCEPTING USER INPUT
* Ported from Perl's Net::LDAP::Util escape_filter_value
*
* @param string $str The string the parse
* @author Port by Andreas Gohr <andi@splitbrain.org>
* @return string
*/
public function ldapSlashes($str) {
// see https://github.com/adldap/adLDAP/issues/22
return preg_replace_callback(
'/([\x00-\x1F\*\(\)\\\\])/',
function ($matches) {
return "\\".join("", unpack("H2", $matches[1]));
},
$str
);
}
/**
* Converts a string GUID to a hexdecimal value so it can be queried
*
* @param string $strGUID A string representation of a GUID
* @return string
*/
public function strGuidToHex($strGUID)
{
$strGUID = str_replace('-', '', $strGUID);
$octet_str = '\\' . substr($strGUID, 6, 2);
$octet_str .= '\\' . substr($strGUID, 4, 2);
$octet_str .= '\\' . substr($strGUID, 2, 2);
$octet_str .= '\\' . substr($strGUID, 0, 2);
$octet_str .= '\\' . substr($strGUID, 10, 2);
$octet_str .= '\\' . substr($strGUID, 8, 2);
$octet_str .= '\\' . substr($strGUID, 14, 2);
$octet_str .= '\\' . substr($strGUID, 12, 2);
//$octet_str .= '\\' . substr($strGUID, 16, strlen($strGUID));
for ($i=16; $i<=(strlen($strGUID)-2); $i++) {
if (($i % 2) == 0) {
$octet_str .= '\\' . substr($strGUID, $i, 2);
}
}
return $octet_str;
}
/**
* Convert a binary SID to a text SID
*
* @param string $binsid A Binary SID
* @return string
*/
public function getTextSID($binsid) {
$hex_sid = bin2hex($binsid);
$rev = hexdec(substr($hex_sid, 0, 2));
$subcount = hexdec(substr($hex_sid, 2, 2));
$auth = hexdec(substr($hex_sid, 4, 12));
$result = "$rev-$auth";
for ($x=0;$x < $subcount; $x++) {
$subauth[$x] =
hexdec($this->littleEndian(substr($hex_sid, 16 + ($x * 8), 8)));
$result .= "-" . $subauth[$x];
}
// Cheat by tacking on the S-
return 'S-' . $result;
}
/**
* Converts a little-endian hex number to one that hexdec() can convert
*
* @param string $hex A hex code
* @return string
*/
public function littleEndian($hex)
{
$result = '';
for ($x = strlen($hex) - 2; $x >= 0; $x = $x - 2) {
$result .= substr($hex, $x, 2);
}
return $result;
}
/**
* Converts a binary attribute to a string
*
* @param string $bin A binary LDAP attribute
* @return string
*/
public function binaryToText($bin)
{
$hex_guid = bin2hex($bin);
$hex_guid_to_guid_str = '';
for($k = 1; $k <= 4; ++$k) {
$hex_guid_to_guid_str .= substr($hex_guid, 8 - 2 * $k, 2);
}
$hex_guid_to_guid_str .= '-';
for($k = 1; $k <= 2; ++$k) {
$hex_guid_to_guid_str .= substr($hex_guid, 12 - 2 * $k, 2);
}
$hex_guid_to_guid_str .= '-';
for($k = 1; $k <= 2; ++$k) {
$hex_guid_to_guid_str .= substr($hex_guid, 16 - 2 * $k, 2);
}
$hex_guid_to_guid_str .= '-' . substr($hex_guid, 16, 4);
$hex_guid_to_guid_str .= '-' . substr($hex_guid, 20);
return strtoupper($hex_guid_to_guid_str);
}
/**
* Converts a binary GUID to a string GUID
*
* @param string $binaryGuid The binary GUID attribute to convert
* @return string
*/
public function decodeGuid($binaryGuid)
{
if ($binaryGuid === null){ return "Missing compulsory field [binaryGuid]"; }
$strGUID = $this->binaryToText($binaryGuid);
return $strGUID;
}
/**
* Convert a boolean value to a string
* You should never need to call this yourself
*
* @param bool $bool Boolean value
* @return string
*/
public function boolToStr($bool)
{
return ($bool) ? 'TRUE' : 'FALSE';
}
/**
* Convert 8bit characters e.g. accented characters to UTF8 encoded characters
*/
public function encode8Bit(&$item, $key) {
$encode = false;
if (is_string($item)) {
for ($i=0; $i<strlen($item); $i++) {
if (ord($item[$i]) >> 7) {
$encode = true;
}
}
}
if ($encode === true && $key != 'password') {
$item = utf8_encode($item);
}
}
/**
* Get the current class version number
*
* @return string
*/
public function getVersion() {
return self::ADLDAP_VERSION;
}
/**
* Round a Windows timestamp down to seconds and remove the seconds between 1601-01-01 and 1970-01-01
*
* @param long $windowsTime
* @return long $unixTime
*/
public static function convertWindowsTimeToUnixTime($windowsTime) {
$unixTime = round($windowsTime / 10000000) - 11644477200;
return $unixTime;
}
}
?>

137
content/lib/plugins/authad/adLDAP/collections/adLDAPCollection.php Normal file
View File

@@ -0,0 +1,137 @@
<?php
/**
* PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
* Version 4.0.4
*
* PHP Version 5 with SSL and LDAP support
*
* Written by Scott Barnett, Richard Hyland
* email: scott@wiggumworld.com, adldap@richardhyland.com
* http://adldap.sourceforge.net/
*
* Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
*
* We'd appreciate any improvements or additions to be submitted back
* to benefit the entire community :)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* @category ToolsAndUtilities
* @package adLDAP
* @subpackage Collection
* @author Scott Barnett, Richard Hyland
* @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
* @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
* @revision $Revision: 97 $
* @version 4.0.4
* @link http://adldap.sourceforge.net/
*/
abstract class adLDAPCollection
{
/**
* The current adLDAP connection via dependency injection
*
* @var adLDAP
*/
protected $adldap;
/**
* The current object being modifed / called
*
* @var mixed
*/
protected $currentObject;
/**
* The raw info array from Active Directory
*
* @var array
*/
protected $info;
public function __construct($info, adLDAP $adldap)
{
$this->setInfo($info);
$this->adldap = $adldap;
}
/**
* Set the raw info array from Active Directory
*
* @param array $info
*/
public function setInfo(array $info)
{
if ($this->info && sizeof($info) >= 1) {
unset($this->info);
}
$this->info = $info;
}
/**
* Magic get method to retrieve data from the raw array in a formatted way
*
* @param string $attribute
* @return mixed
*/
public function __get($attribute)
{
if (isset($this->info[0]) && is_array($this->info[0])) {
foreach ($this->info[0] as $keyAttr => $valueAttr) {
if (strtolower($keyAttr) == strtolower($attribute)) {
if ($this->info[0][strtolower($attribute)]['count'] == 1) {
return $this->info[0][strtolower($attribute)][0];
}
else {
$array = array();
foreach ($this->info[0][strtolower($attribute)] as $key => $value) {
if ((string)$key != 'count') {
$array[$key] = $value;
}
}
return $array;
}
}
}
}
else {
return NULL;
}
}
/**
* Magic set method to update an attribute
*
* @param string $attribute
* @param string $value
* @return bool
*/
abstract public function __set($attribute, $value);
/**
* Magic isset method to check for the existence of an attribute
*
* @param string $attribute
* @return bool
*/
public function __isset($attribute) {
if (isset($this->info[0]) && is_array($this->info[0])) {
foreach ($this->info[0] as $keyAttr => $valueAttr) {
if (strtolower($keyAttr) == strtolower($attribute)) {
return true;
}
}
}
return false;
}
}
?>

46
content/lib/plugins/authad/adLDAP/collections/adLDAPComputerCollection.php Normal file
View File

@@ -0,0 +1,46 @@
<?php
/**
* PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
* Version 4.0.4
*
* PHP Version 5 with SSL and LDAP support
*
* Written by Scott Barnett, Richard Hyland
* email: scott@wiggumworld.com, adldap@richardhyland.com
* http://adldap.sourceforge.net/
*
* Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
*
* We'd appreciate any improvements or additions to be submitted back
* to benefit the entire community :)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* @category ToolsAndUtilities
* @package adLDAP
* @subpackage ComputerCollection
* @author Scott Barnett, Richard Hyland
* @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
* @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
* @revision $Revision: 97 $
* @version 4.0.4
* @link http://adldap.sourceforge.net/
*/
class adLDAPComputerCollection extends adLDAPCollection
{
public function __set($attribute, $value)
{
}
}
?>

46
content/lib/plugins/authad/adLDAP/collections/adLDAPContactCollection.php Normal file
View File

@@ -0,0 +1,46 @@
<?php
/**
* PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
* Version 4.0.4
*
* PHP Version 5 with SSL and LDAP support
*
* Written by Scott Barnett, Richard Hyland
* email: scott@wiggumworld.com, adldap@richardhyland.com
* http://adldap.sourceforge.net/
*
* Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
*
* We'd appreciate any improvements or additions to be submitted back
* to benefit the entire community :)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* @category ToolsAndUtilities
* @package adLDAP
* @subpackage ContactCollection
* @author Scott Barnett, Richard Hyland
* @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
* @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
* @revision $Revision: 97 $
* @version 4.0.4
* @link http://adldap.sourceforge.net/
*/
class adLDAPContactCollection extends adLDAPCollection
{
public function __set($attribute, $value)
{
}
}
?>

46
content/lib/plugins/authad/adLDAP/collections/adLDAPGroupCollection.php Normal file
View File

@@ -0,0 +1,46 @@
<?php
/**
* PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
* Version 4.0.4
*
* PHP Version 5 with SSL and LDAP support
*
* Written by Scott Barnett, Richard Hyland
* email: scott@wiggumworld.com, adldap@richardhyland.com
* http://adldap.sourceforge.net/
*
* Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
*
* We'd appreciate any improvements or additions to be submitted back
* to benefit the entire community :)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* @category ToolsAndUtilities
* @package adLDAP
* @subpackage GroupCollection
* @author Scott Barnett, Richard Hyland
* @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
* @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
* @revision $Revision: 97 $
* @version 4.0.4
* @link http://adldap.sourceforge.net/
*/
class adLDAPGroupCollection extends adLDAPCollection
{
public function __set($attribute, $value)
{
}
}
?>

46
content/lib/plugins/authad/adLDAP/collections/adLDAPUserCollection.php Normal file
View File

@@ -0,0 +1,46 @@
<?php
/**
* PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY
* Version 4.0.4
*
* PHP Version 5 with SSL and LDAP support
*
* Written by Scott Barnett, Richard Hyland
* email: scott@wiggumworld.com, adldap@richardhyland.com
* http://adldap.sourceforge.net/
*
* Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
*
* We'd appreciate any improvements or additions to be submitted back
* to benefit the entire community :)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* @category ToolsAndUtilities
* @package adLDAP
* @subpackage UserCollection
* @author Scott Barnett, Richard Hyland
* @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
* @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
* @revision $Revision: 97 $
* @version 4.0.4
* @link http://adldap.sourceforge.net/
*/
class adLDAPUserCollection extends adLDAPCollection
{
public function __set($attribute, $value)
{
}
}
?>

786
content/lib/plugins/authad/auth.php Normal file
View File

@@ -0,0 +1,786 @@
<?php
/**
* Active Directory authentication backend for DokuWiki
*
* This makes authentication with a Active Directory server much easier
* than when using the normal LDAP backend by utilizing the adLDAP library
*
* Usage:
* Set DokuWiki's local.protected.php auth setting to read
*
* $conf['authtype'] = 'authad';
*
* $conf['plugin']['authad']['account_suffix'] = '@my.domain.org';
* $conf['plugin']['authad']['base_dn'] = 'DC=my,DC=domain,DC=org';
* $conf['plugin']['authad']['domain_controllers'] = 'srv1.domain.org,srv2.domain.org';
*
* //optional:
* $conf['plugin']['authad']['sso'] = 1;
* $conf['plugin']['authad']['admin_username'] = 'root';
* $conf['plugin']['authad']['admin_password'] = 'pass';
* $conf['plugin']['authad']['real_primarygroup'] = 1;
* $conf['plugin']['authad']['use_ssl'] = 1;
* $conf['plugin']['authad']['use_tls'] = 1;
* $conf['plugin']['authad']['debug'] = 1;
* // warn user about expiring password this many days in advance:
* $conf['plugin']['authad']['expirywarn'] = 5;
*
* // get additional information to the userinfo array
* // add a list of comma separated ldap contact fields.
* $conf['plugin']['authad']['additional'] = 'field1,field2';
*
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
* @author James Van Lommel <jamesvl@gmail.com>
* @link http://www.nosq.com/blog/2005/08/ldap-activedirectory-and-dokuwiki/
* @author Andreas Gohr <andi@splitbrain.org>
* @author Jan Schumann <js@schumann-it.com>
*/
class auth_plugin_authad extends DokuWiki_Auth_Plugin
{
/**
* @var array hold connection data for a specific AD domain
*/
protected $opts = array();
/**
* @var array open connections for each AD domain, as adLDAP objects
*/
protected $adldap = array();
/**
* @var bool message state
*/
protected $msgshown = false;
/**
* @var array user listing cache
*/
protected $users = array();
/**
* @var array filter patterns for listing users
*/
protected $pattern = array();
protected $grpsusers = array();
/**
* Constructor
*/
public function __construct()
{
global $INPUT;
parent::__construct();
require_once(DOKU_PLUGIN.'authad/adLDAP/adLDAP.php');
require_once(DOKU_PLUGIN.'authad/adLDAP/classes/adLDAPUtils.php');
// we load the config early to modify it a bit here
$this->loadConfig();
// additional information fields
if (isset($this->conf['additional'])) {
$this->conf['additional'] = str_replace(' ', '', $this->conf['additional']);
$this->conf['additional'] = explode(',', $this->conf['additional']);
} else $this->conf['additional'] = array();
// ldap extension is needed
if (!function_exists('ldap_connect')) {
if ($this->conf['debug'])
msg("AD Auth: PHP LDAP extension not found.", -1);
$this->success = false;
return;
}
// Prepare SSO
if (!empty($_SERVER['REMOTE_USER'])) {
// make sure the right encoding is used
if ($this->getConf('sso_charset')) {
$_SERVER['REMOTE_USER'] = iconv($this->getConf('sso_charset'), 'UTF-8', $_SERVER['REMOTE_USER']);
} elseif (!\dokuwiki\Utf8\Clean::isUtf8($_SERVER['REMOTE_USER'])) {
$_SERVER['REMOTE_USER'] = utf8_encode($_SERVER['REMOTE_USER']);
}
// trust the incoming user
if ($this->conf['sso']) {
$_SERVER['REMOTE_USER'] = $this->cleanUser($_SERVER['REMOTE_USER']);
// we need to simulate a login
if (empty($_COOKIE[DOKU_COOKIE])) {
$INPUT->set('u', $_SERVER['REMOTE_USER']);
$INPUT->set('p', 'sso_only');
}
}
}
// other can do's are changed in $this->_loadServerConfig() base on domain setup
$this->cando['modName'] = (bool)$this->conf['update_name'];
$this->cando['modMail'] = (bool)$this->conf['update_mail'];
$this->cando['getUserCount'] = true;
}
/**
* Load domain config on capability check
*
* @param string $cap
* @return bool
*/
public function canDo($cap)
{
//capabilities depend on config, which may change depending on domain
$domain = $this->getUserDomain($_SERVER['REMOTE_USER']);
$this->loadServerConfig($domain);
return parent::canDo($cap);
}
/**
* Check user+password [required auth function]
*
* Checks if the given user exists and the given
* plaintext password is correct by trying to bind
* to the LDAP server
*
* @author James Van Lommel <james@nosq.com>
* @param string $user
* @param string $pass
* @return bool
*/
public function checkPass($user, $pass)
{
if ($_SERVER['REMOTE_USER'] &&
$_SERVER['REMOTE_USER'] == $user &&
$this->conf['sso']
) return true;
$adldap = $this->initAdLdap($this->getUserDomain($user));
if (!$adldap) return false;
try {
return $adldap->authenticate($this->getUserName($user), $pass);
} catch (adLDAPException $e) {
// shouldn't really happen
return false;
}
}
/**
* Return user info [required auth function]
*
* Returns info about the given user needs to contain
* at least these fields:
*
* name string full name of the user
* mail string email address of the user
* grps array list of groups the user is in
*
* This AD specific function returns the following
* addional fields:
*
* dn string distinguished name (DN)
* uid string samaccountname
* lastpwd int timestamp of the date when the password was set
* expires true if the password expires
* expiresin int seconds until the password expires
* any fields specified in the 'additional' config option
*
* @author James Van Lommel <james@nosq.com>
* @param string $user
* @param bool $requireGroups (optional) - ignored, groups are always supplied by this plugin
* @return array
*/
public function getUserData($user, $requireGroups = true)
{
global $conf;
global $lang;
global $ID;
$adldap = $this->initAdLdap($this->getUserDomain($user));
if (!$adldap) return array();
if ($user == '') return array();
$fields = array('mail', 'displayname', 'samaccountname', 'lastpwd', 'pwdlastset', 'useraccountcontrol');
// add additional fields to read
$fields = array_merge($fields, $this->conf['additional']);
$fields = array_unique($fields);
$fields = array_filter($fields);
//get info for given user
$result = $adldap->user()->info($this->getUserName($user), $fields);
if ($result == false) {
return array();
}
//general user info
$info = array();
$info['name'] = $result[0]['displayname'][0];
$info['mail'] = $result[0]['mail'][0];
$info['uid'] = $result[0]['samaccountname'][0];
$info['dn'] = $result[0]['dn'];
//last password set (Windows counts from January 1st 1601)
$info['lastpwd'] = $result[0]['pwdlastset'][0] / 10000000 - 11644473600;
//will it expire?
$info['expires'] = !($result[0]['useraccountcontrol'][0] & 0x10000); //ADS_UF_DONT_EXPIRE_PASSWD
// additional information
foreach ($this->conf['additional'] as $field) {
if (isset($result[0][strtolower($field)])) {
$info[$field] = $result[0][strtolower($field)][0];
}
}
// handle ActiveDirectory memberOf
$info['grps'] = $adldap->user()->groups($this->getUserName($user), (bool) $this->opts['recursive_groups']);
if (is_array($info['grps'])) {
foreach ($info['grps'] as $ndx => $group) {
$info['grps'][$ndx] = $this->cleanGroup($group);
}
}
// always add the default group to the list of groups
if (!is_array($info['grps']) || !in_array($conf['defaultgroup'], $info['grps'])) {
$info['grps'][] = $conf['defaultgroup'];
}
// add the user's domain to the groups
$domain = $this->getUserDomain($user);
if ($domain && !in_array("domain-$domain", (array) $info['grps'])) {
$info['grps'][] = $this->cleanGroup("domain-$domain");
}
// check expiry time
if ($info['expires'] && $this->conf['expirywarn']) {
try {
$expiry = $adldap->user()->passwordExpiry($user);
if (is_array($expiry)) {
$info['expiresat'] = $expiry['expiryts'];
$info['expiresin'] = round(($info['expiresat'] - time())/(24*60*60));
// if this is the current user, warn him (once per request only)
if (($_SERVER['REMOTE_USER'] == $user) &&
($info['expiresin'] <= $this->conf['expirywarn']) &&
!$this->msgshown
) {
$msg = sprintf($this->getLang('authpwdexpire'), $info['expiresin']);
if ($this->canDo('modPass')) {
$url = wl($ID, array('do'=> 'profile'));
$msg .= ' <a href="'.$url.'">'.$lang['btn_profile'].'</a>';
}
msg($msg);
$this->msgshown = true;
}
}
} catch (adLDAPException $e) {
// ignore. should usually not happen
}
}
return $info;
}
/**
* Make AD group names usable by DokuWiki.
*
* Removes backslashes ('\'), pound signs ('#'), and converts spaces to underscores.
*
* @author James Van Lommel (jamesvl@gmail.com)
* @param string $group
* @return string
*/
public function cleanGroup($group)
{
$group = str_replace('\\', '', $group);
$group = str_replace('#', '', $group);
$group = preg_replace('[\s]', '_', $group);
$group = \dokuwiki\Utf8\PhpString::strtolower(trim($group));
return $group;
}
/**
* Sanitize user names
*
* Normalizes domain parts, does not modify the user name itself (unlike cleanGroup)
*
* @author Andreas Gohr <gohr@cosmocode.de>
* @param string $user
* @return string
*/
public function cleanUser($user)
{
$domain = '';
// get NTLM or Kerberos domain part
list($dom, $user) = explode('\\', $user, 2);
if (!$user) $user = $dom;
if ($dom) $domain = $dom;
list($user, $dom) = explode('@', $user, 2);
if ($dom) $domain = $dom;
// clean up both
$domain = \dokuwiki\Utf8\PhpString::strtolower(trim($domain));
$user = \dokuwiki\Utf8\PhpString::strtolower(trim($user));
// is this a known, valid domain or do we work without account suffix? if not discard
if (!is_array($this->conf[$domain]) && $this->conf['account_suffix'] !== '') {
$domain = '';
}
// reattach domain
if ($domain) $user = "$user@$domain";
return $user;
}
/**
* Most values in LDAP are case-insensitive
*
* @return bool
*/
public function isCaseSensitive()
{
return false;
}
/**
* Create a Search-String useable by adLDAPUsers::all($includeDescription = false, $search = "*", $sorted = true)
*
* @param array $filter
* @return string
*/
protected function constructSearchString($filter)
{
if (!$filter) {
return '*';
}
$adldapUtils = new adLDAPUtils($this->initAdLdap(null));
$result = '*';
if (isset($filter['name'])) {
$result .= ')(displayname=*' . $adldapUtils->ldapSlashes($filter['name']) . '*';
unset($filter['name']);
}
if (isset($filter['user'])) {
$result .= ')(samAccountName=*' . $adldapUtils->ldapSlashes($filter['user']) . '*';
unset($filter['user']);
}
if (isset($filter['mail'])) {
$result .= ')(mail=*' . $adldapUtils->ldapSlashes($filter['mail']) . '*';
unset($filter['mail']);
}
return $result;
}
/**
* Return a count of the number of user which meet $filter criteria
*
* @param array $filter $filter array of field/pattern pairs, empty array for no filter
* @return int number of users
*/
public function getUserCount($filter = array())
{
$adldap = $this->initAdLdap(null);
if (!$adldap) {
dbglog("authad/auth.php getUserCount(): _adldap not set.");
return -1;
}
if ($filter == array()) {
$result = $adldap->user()->all();
} else {
$searchString = $this->constructSearchString($filter);
$result = $adldap->user()->all(false, $searchString);
if (isset($filter['grps'])) {
$this->users = array_fill_keys($result, false);
/** @var admin_plugin_usermanager $usermanager */
$usermanager = plugin_load("admin", "usermanager", false);
$usermanager->setLastdisabled(true);
if (!isset($this->grpsusers[$this->filterToString($filter)])) {
$this->fillGroupUserArray($filter, $usermanager->getStart() + 3*$usermanager->getPagesize());
} elseif (count($this->grpsusers[$this->filterToString($filter)]) <
$usermanager->getStart() + 3*$usermanager->getPagesize()
) {
$this->fillGroupUserArray(
$filter,
$usermanager->getStart() +
3*$usermanager->getPagesize() -
count($this->grpsusers[$this->filterToString($filter)])
);
}
$result = $this->grpsusers[$this->filterToString($filter)];
} else {
/** @var admin_plugin_usermanager $usermanager */
$usermanager = plugin_load("admin", "usermanager", false);
$usermanager->setLastdisabled(false);
}
}
if (!$result) {
return 0;
}
return count($result);
}
/**
*
* create a unique string for each filter used with a group
*
* @param array $filter
* @return string
*/
protected function filterToString($filter)
{
$result = '';
if (isset($filter['user'])) {
$result .= 'user-' . $filter['user'];
}
if (isset($filter['name'])) {
$result .= 'name-' . $filter['name'];
}
if (isset($filter['mail'])) {
$result .= 'mail-' . $filter['mail'];
}
if (isset($filter['grps'])) {
$result .= 'grps-' . $filter['grps'];
}
return $result;
}
/**
* Create an array of $numberOfAdds users passing a certain $filter, including belonging
* to a certain group and save them to a object-wide array. If the array
* already exists try to add $numberOfAdds further users to it.
*
* @param array $filter
* @param int $numberOfAdds additional number of users requested
* @return int number of Users actually add to Array
*/
protected function fillGroupUserArray($filter, $numberOfAdds)
{
if (isset($this->grpsusers[$this->filterToString($filter)])) {
$actualstart = count($this->grpsusers[$this->filterToString($filter)]);
} else {
$this->grpsusers[$this->filterToString($filter)] = [];
$actualstart = 0;
}
$i=0;
$count = 0;
$this->constructPattern($filter);
foreach ($this->users as $user => &$info) {
if ($i++ < $actualstart) {
continue;
}
if ($info === false) {
$info = $this->getUserData($user);
}
if ($this->filter($user, $info)) {
$this->grpsusers[$this->filterToString($filter)][$user] = $info;
if (($numberOfAdds > 0) && (++$count >= $numberOfAdds)) break;
}
}
return $count;
}
/**
* Bulk retrieval of user data
*
* @author Dominik Eckelmann <dokuwiki@cosmocode.de>
*
* @param int $start index of first user to be returned
* @param int $limit max number of users to be returned
* @param array $filter array of field/pattern pairs, null for no filter
* @return array userinfo (refer getUserData for internal userinfo details)
*/
public function retrieveUsers($start = 0, $limit = 0, $filter = array())
{
$adldap = $this->initAdLdap(null);
if (!$adldap) return array();
//if (!$this->users) {
//get info for given user
$result = $adldap->user()->all(false, $this->constructSearchString($filter));
if (!$result) return array();
$this->users = array_fill_keys($result, false);
//}
$i = 0;
$count = 0;
$result = array();
if (!isset($filter['grps'])) {
/** @var admin_plugin_usermanager $usermanager */
$usermanager = plugin_load("admin", "usermanager", false);
$usermanager->setLastdisabled(false);
$this->constructPattern($filter);
foreach ($this->users as $user => &$info) {
if ($i++ < $start) {
continue;
}
if ($info === false) {
$info = $this->getUserData($user);
}
$result[$user] = $info;
if (($limit > 0) && (++$count >= $limit)) break;
}
} else {
/** @var admin_plugin_usermanager $usermanager */
$usermanager = plugin_load("admin", "usermanager", false);
$usermanager->setLastdisabled(true);
if (!isset($this->grpsusers[$this->filterToString($filter)]) ||
count($this->grpsusers[$this->filterToString($filter)]) < ($start+$limit)
) {
if(!isset($this->grpsusers[$this->filterToString($filter)])) {
$this->grpsusers[$this->filterToString($filter)] = [];
}
$this->fillGroupUserArray(
$filter,
$start+$limit - count($this->grpsusers[$this->filterToString($filter)]) +1
);
}
if (!$this->grpsusers[$this->filterToString($filter)]) return array();
foreach ($this->grpsusers[$this->filterToString($filter)] as $user => &$info) {
if ($i++ < $start) {
continue;
}
$result[$user] = $info;
if (($limit > 0) && (++$count >= $limit)) break;
}
}
return $result;
}
/**
* Modify user data
*
* @param string $user nick of the user to be changed
* @param array $changes array of field/value pairs to be changed
* @return bool
*/
public function modifyUser($user, $changes)
{
$return = true;
$adldap = $this->initAdLdap($this->getUserDomain($user));
if (!$adldap) {
msg($this->getLang('connectfail'), -1);
return false;
}
// password changing
if (isset($changes['pass'])) {
try {
$return = $adldap->user()->password($this->getUserName($user), $changes['pass']);
} catch (adLDAPException $e) {
if ($this->conf['debug']) msg('AD Auth: '.$e->getMessage(), -1);
$return = false;
}
if (!$return) msg($this->getLang('passchangefail'), -1);
}
// changing user data
$adchanges = array();
if (isset($changes['name'])) {
// get first and last name
$parts = explode(' ', $changes['name']);
$adchanges['surname'] = array_pop($parts);
$adchanges['firstname'] = join(' ', $parts);
$adchanges['display_name'] = $changes['name'];
}
if (isset($changes['mail'])) {
$adchanges['email'] = $changes['mail'];
}
if (count($adchanges)) {
try {
$return = $return & $adldap->user()->modify($this->getUserName($user), $adchanges);
} catch (adLDAPException $e) {
if ($this->conf['debug']) msg('AD Auth: '.$e->getMessage(), -1);
$return = false;
}
if (!$return) msg($this->getLang('userchangefail'), -1);
}
return $return;
}
/**
* Initialize the AdLDAP library and connect to the server
*
* When you pass null as domain, it will reuse any existing domain.
* Eg. the one of the logged in user. It falls back to the default
* domain if no current one is available.
*
* @param string|null $domain The AD domain to use
* @return adLDAP|bool true if a connection was established
*/
protected function initAdLdap($domain)
{
if (is_null($domain) && is_array($this->opts)) {
$domain = $this->opts['domain'];
}
$this->opts = $this->loadServerConfig((string) $domain);
if (isset($this->adldap[$domain])) return $this->adldap[$domain];
// connect
try {
$this->adldap[$domain] = new adLDAP($this->opts);
return $this->adldap[$domain];
} catch (Exception $e) {
if ($this->conf['debug']) {
msg('AD Auth: '.$e->getMessage(), -1);
}
$this->success = false;
$this->adldap[$domain] = null;
}
return false;
}
/**
* Get the domain part from a user
*
* @param string $user
* @return string
*/
public function getUserDomain($user)
{
list(, $domain) = explode('@', $user, 2);
return $domain;
}
/**
* Get the user part from a user
*
* When an account suffix is set, we strip the domain part from the user
*
* @param string $user
* @return string
*/
public function getUserName($user)
{
if ($this->conf['account_suffix'] !== '') {
list($user) = explode('@', $user, 2);
}
return $user;
}
/**
* Fetch the configuration for the given AD domain
*
* @param string $domain current AD domain
* @return array
*/
protected function loadServerConfig($domain)
{
// prepare adLDAP standard configuration
$opts = $this->conf;
$opts['domain'] = $domain;
// add possible domain specific configuration
if ($domain && is_array($this->conf[$domain])) foreach ($this->conf[$domain] as $key => $val) {
$opts[$key] = $val;
}
// handle multiple AD servers
$opts['domain_controllers'] = explode(',', $opts['domain_controllers']);
$opts['domain_controllers'] = array_map('trim', $opts['domain_controllers']);
$opts['domain_controllers'] = array_filter($opts['domain_controllers']);
// compatibility with old option name
if (empty($opts['admin_username']) && !empty($opts['ad_username'])) {
$opts['admin_username'] = $opts['ad_username'];
}
if (empty($opts['admin_password']) && !empty($opts['ad_password'])) {
$opts['admin_password'] = $opts['ad_password'];
}
$opts['admin_password'] = conf_decodeString($opts['admin_password']); // deobfuscate
// we can change the password if SSL is set
if ($opts['use_ssl'] || $opts['use_tls']) {
$this->cando['modPass'] = true;
} else {
$this->cando['modPass'] = false;
}
// adLDAP expects empty user/pass as NULL, we're less strict FS#2781
if (empty($opts['admin_username'])) $opts['admin_username'] = null;
if (empty($opts['admin_password'])) $opts['admin_password'] = null;
// user listing needs admin priviledges
if (!empty($opts['admin_username']) && !empty($opts['admin_password'])) {
$this->cando['getUsers'] = true;
} else {
$this->cando['getUsers'] = false;
}
return $opts;
}
/**
* Returns a list of configured domains
*
* The default domain has an empty string as key
*
* @return array associative array(key => domain)
*/
public function getConfiguredDomains()
{
$domains = array();
if (empty($this->conf['account_suffix'])) return $domains; // not configured yet
// add default domain, using the name from account suffix
$domains[''] = ltrim($this->conf['account_suffix'], '@');
// find additional domains
foreach ($this->conf as $key => $val) {
if (is_array($val) && isset($val['account_suffix'])) {
$domains[$key] = ltrim($val['account_suffix'], '@');
}
}
ksort($domains);
return $domains;
}
/**
* Check provided user and userinfo for matching patterns
*
* The patterns are set up with $this->_constructPattern()
*
* @author Chris Smith <chris@jalakai.co.uk>
*
* @param string $user
* @param array $info
* @return bool
*/
protected function filter($user, $info)
{
foreach ($this->pattern as $item => $pattern) {
if ($item == 'user') {
if (!preg_match($pattern, $user)) return false;
} elseif ($item == 'grps') {
if (!count(preg_grep($pattern, $info['grps']))) return false;
} else {
if (!preg_match($pattern, $info[$item])) return false;
}
}
return true;
}
/**
* Create a pattern for $this->_filter()
*
* @author Chris Smith <chris@jalakai.co.uk>
*
* @param array $filter
*/
protected function constructPattern($filter)
{
$this->pattern = array();
foreach ($filter as $item => $pattern) {
$this->pattern[$item] = '/'.str_replace('/', '\/', $pattern).'/i'; // allow regex characters
}
}
}

18
content/lib/plugins/authad/conf/default.php Normal file
View File

@@ -0,0 +1,18 @@
<?php
$conf['account_suffix'] = '';
$conf['base_dn'] = '';
$conf['domain_controllers'] = '';
$conf['sso'] = 0;
$conf['sso_charset'] = '';
$conf['admin_username'] = '';
$conf['admin_password'] = '';
$conf['real_primarygroup'] = 0;
$conf['use_ssl'] = 0;
$conf['use_tls'] = 0;
$conf['debug'] = 0;
$conf['expirywarn'] = 0;
$conf['additional'] = '';
$conf['update_name'] = 0;
$conf['update_mail'] = 0;
$conf['recursive_groups'] = 0;

18
content/lib/plugins/authad/conf/metadata.php Normal file
View File

@@ -0,0 +1,18 @@
<?php
$meta['account_suffix'] = array('string','_caution' => 'danger');
$meta['base_dn'] = array('string','_caution' => 'danger');
$meta['domain_controllers'] = array('string','_caution' => 'danger');
$meta['sso'] = array('onoff','_caution' => 'danger');
$meta['sso_charset'] = array('string','_caution' => 'danger');
$meta['admin_username'] = array('string','_caution' => 'danger');
$meta['admin_password'] = array('password','_caution' => 'danger','_code' => 'base64');
$meta['real_primarygroup'] = array('onoff','_caution' => 'danger');
$meta['use_ssl'] = array('onoff','_caution' => 'danger');
$meta['use_tls'] = array('onoff','_caution' => 'danger');
$meta['debug'] = array('onoff','_caution' => 'security');
$meta['expirywarn'] = array('numeric', '_min'=>0,'_caution' => 'danger');
$meta['additional'] = array('string','_caution' => 'danger');
$meta['update_name'] = array('onoff','_caution' => 'danger');
$meta['update_mail'] = array('onoff','_caution' => 'danger');
$meta['recursive_groups'] = array('onoff','_caution' => 'danger');

13
content/lib/plugins/authad/lang/ar/lang.php Normal file
View File

@@ -0,0 +1,13 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Khalid <khalid.aljahil@gmail.com>
* @author Mohamed Belhsine <b.mohamed897@gmail.com>
* @author Usama Akkad <uahello@gmail.com>
*/
$lang['domain'] = 'مجال تسجيل الدخول';
$lang['authpwdexpire'] = 'ستنتهي صلاحية كلمة السر في %d . عليك بتغييرها سريعا.';
$lang['passchangefail'] = 'فشل تغيير كلمة المرور. قد يكون السبب عدم موافاة شروط كلمة المرور.';
$lang['connectfail'] = 'فشل الاتصال بخادم Active Directory';

15
content/lib/plugins/authad/lang/ar/settings.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Khalid <khalid.aljahil@gmail.com>
* @author alhajr <alhajr300@gmail.com>
*/
$lang['account_suffix'] = 'لاحقة الحساب الخاص بك. على سبيل المثال. <code>@my.domain.org</code>';
$lang['domain_controllers'] = 'قائمة مفصولة بفواصل من وحدات التحكم بالمجال. على سبيل المثال. <code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_password'] = 'كلمة المرور للمستخدم أعلاه.';
$lang['sso'] = 'استخدام Kerberos أم NTLM لتسجيل الدخول الموحد؟';
$lang['real_primarygroup'] = 'ينبغي أن تحل المجموعة الأساسية الحقيقية بدلاً من افتراض "Domain Users" (أبطأ).';
$lang['use_ssl'] = 'استخدام الاتصال المشفر (SSL)؟ في حال استخدامه الرجاء عدم تفعيل (TLS) أسفله.';
$lang['expirywarn'] = 'عدد الأيام المقدمة لتحذير المستخدم حول كلمة مرور منتهية الصلاحية. (0) للتعطيل.';

8
content/lib/plugins/authad/lang/bg/lang.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Kiril <neohidra@gmail.com>
*/
$lang['authpwdexpire'] = 'Срока на паролата ви ще изтече след %d дни. Препоръчително е да я смените по-скоро.';

19
content/lib/plugins/authad/lang/bg/settings.php Normal file
View File

@@ -0,0 +1,19 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Kiril <neohidra@gmail.com>
*/
$lang['account_suffix'] = 'Наставка на акаунта Ви. Например <code>@някакъв.домейн.org</code>';
$lang['base_dn'] = 'Вашият основен DN. Например <code>DC=моят,DC=домейн,DC=org</code>';
$lang['domain_controllers'] = 'Domain controller списък, разделете сървърите със запетая. Например <code>сървър1.домейн.org,сървър2.домейн.org</code>';
$lang['admin_username'] = 'Привилегирован Active Directory потребител с достъп до данните на останалите потребители. Не е задължително, но е необходимо за някои функционалности като изпращането на имейл за абонаменти.';
$lang['admin_password'] = 'Паролата на горния потребител.';
$lang['sso'] = 'Да се ползва ли еднократно вписване чрез Kerberos или NTLM?';
$lang['real_primarygroup'] = 'Да се извлича ли истинската група вместо да се предполага "Domain Users" (по-бавно)';
$lang['use_ssl'] = 'Ползване на SSL свързаност? Не отбелязвайте TLS (по-долу) ако включите опцията.';
$lang['use_tls'] = 'Ползване на TLS свързаност? Не отбелязвайте SSL (по-горе) ако включите опцията.';
$lang['debug'] = 'Показване на допълнителна debug информация при грешка?';
$lang['expirywarn'] = 'Предупреждаване на потребителите Х дни преди изтичане валидността на паролата им. Въведете 0 за изключване.';
$lang['additional'] = 'Списък с допълнителни AD атрибути за извличане от потребителските данни (разделяйте ги със запетая). Ползва се от няколко приставки.';

14
content/lib/plugins/authad/lang/ca/lang.php Normal file
View File

@@ -0,0 +1,14 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Daniel López Prat <daniel@6temes.cat>
* @author Pauet <pauet@gmx.com>
* @author controlonline.net <controlonline.net@gmail.com>
*/
$lang['domain'] = 'Logo Domini';
$lang['authpwdexpire'] = 'La vostra contrasenya caducarà en %d dies, l\'hauríeu de canviar aviat.';
$lang['passchangefail'] = 'Ha fallat el canviar el password. Es possible que no s\'hagi complert la política de passwords';
$lang['userchangefail'] = 'Ha fallat el canvi d\'atributs. Pot ser no tinguis compte amb permisos per fer canvis.';
$lang['connectfail'] = 'Ha fallat la connexió amb servidor l\'Active Directory.';

20
content/lib/plugins/authad/lang/ca/settings.php Normal file
View File

@@ -0,0 +1,20 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Adolfo Jayme Barrientos <fito@libreoffice.org>
* @author controlonline.net <controlonline.net@gmail.com>
* @author Àngel Pérez Beroy <aperezberoy@gmail.com>
* @author David Surroca <david.tb303@gmail.com>
*/
$lang['account_suffix'] = 'El teu nom de compte. Ej.<code>@my.domain.org</code>';
$lang['base_dn'] = 'Nom base DN. Ej. <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = 'Llista separada per coma dels controladors de domini. Ej.<code>DC=my,DC=domain,DC=org</code>';
$lang['admin_username'] = 'Un usuari de Directori Actiu autoritzat a accedir a les dades de tots els usuaris. Opcional, però necessari per a certes accions, com enviar correus per subscripció.';
$lang['admin_password'] = 'La contrasenya de l\'usuari referit abans.
';
$lang['sso'] = 'S\'hauria de fer servir Kerberos o NTLM per inici de sessió únic?';
$lang['debug'] = 'Mostrar informació addicional de depuració en cas d\'error?';
$lang['expirywarn'] = 'Dies per endavant en avisar l\'usuari sobre la caducitat de la contrasenya. 0 per desactivar.';
$lang['update_mail'] = 'Permetre els usuaris actualitzar la seva adreça de correu electrònic?';

13
content/lib/plugins/authad/lang/cs/lang.php Normal file
View File

@@ -0,0 +1,13 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Jaroslav Lichtblau <jlichtblau@seznam.cz>
* @author Miroslav Svoboda <msv@email.cz>
*/
$lang['domain'] = 'Přihlašovací doména';
$lang['authpwdexpire'] = 'Platnost vašeho hesla vyprší za %d dní, měli byste ho změnit co nejdříve.';
$lang['passchangefail'] = 'Změna hesla selhala. Možná nebyla dodržena pravidla pro jejich tvorbu?';
$lang['userchangefail'] = 'Změna atributů uživatele selhala. Možná nemá váš účet dostatečná oprávnění pro provádění změn. ';
$lang['connectfail'] = 'Připojení k serveru Active Directory selhalo.';

27
content/lib/plugins/authad/lang/cs/settings.php Normal file
View File

@@ -0,0 +1,27 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Robert Surý <rsurycz@seznam.cz>
* @author mkucera66 <mkucera66@seznam.cz>
* @author Jaroslav Lichtblau <jlichtblau@seznam.cz>
* @author Daniel Slováček <danslo@danslo.cz>
* @author Martin Růžička <martinr@post.cz>
*/
$lang['account_suffix'] = 'Přípona vašeho účtu, tj. <code>@moje.domena.org</code>';
$lang['base_dn'] = 'Vaše doménové jméno DN. tj. <code>DC=moje,DC=domena,DC=org</code>';
$lang['domain_controllers'] = 'Seznam čárkou oddělených kontrolérů, tj. <code>srv1.domena.org,srv2.domena.org</code>';
$lang['admin_username'] = 'Privilegovaný uživatel Active Directory s přístupem ke všem datům. Volitelně, ale nutné pro určité akce typu zasílání mailů.';
$lang['admin_password'] = 'Heslo uživatele výše';
$lang['sso'] = 'Chcete přihlašování Single-Sign-On pomocí jádra Kerberos nebo NTLM ( autentizační protokol obvyklý ve Windows)?';
$lang['sso_charset'] = 'Znaková sada kterou bude webserverem přenášeno uživatelské jméno pro Kerberos nebo NTLM. Prázdné pro UTF-8 nebo latin-1. Vyžaduje rozšíření iconv.';
$lang['real_primarygroup'] = 'Má být zjištěna primární skupina namísto vyhodnocení hodnoty "doménoví uživatelé" (pomalejší)';
$lang['use_ssl'] = 'Použít spojení SSL? Pokud ano, nevyužívejte TLS níže.';
$lang['use_tls'] = 'Použít spojení TLS? Pokud ano, nevyužívejte SSL výše.';
$lang['debug'] = 'Zobrazit dodatečné debugovací výstupy při chybách?';
$lang['expirywarn'] = 'Dny mezi varováním o vypršení hesla uživatele a jeho vypršením. 0 značí vypnuto.';
$lang['additional'] = 'Čárkou oddělený seznam dodatečných atributů získávaných z uživatelských dat. Využito některými pluginy.';
$lang['update_name'] = 'Povolit uživatelům upravit jejich AD zobrazované jméno?';
$lang['update_mail'] = 'Povolit uživatelům upravit svou emailovou adresu?';
$lang['recursive_groups'] = 'Vyřešte vnořené skupiny do jejich příslušných členů (pomalejší).';

16
content/lib/plugins/authad/lang/cy/lang.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
/**
* Welsh language file for addomain plugin
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Andreas Gohr <gohr@cosmocode.de>
* @author Alan Davies <ben.brynsadler@gmail.com>
*/
$lang['domain'] = 'Parth Mewngofnodi';
$lang['authpwdexpire'] = 'Bydd eich cyfrinair yn dod i ben mewn %d diwrnod, dylech chi ei newid e\'n fuan.';
$lang['passchangefail'] = 'Methodd newid y cyfrinair. Posib roedd y cyfrinair yn annilys?';
$lang['userchangefail'] = 'Methodd newid priodoleddau defnyddiwr. Posib \'sdim hawliau \'da chi i wneud newidiadau?';
$lang['connectfail'] = 'Methodd y cysylltiad i weinydd yr Active Directory.';
//Setup VIM: ex: et ts=4 :

15
content/lib/plugins/authad/lang/cy/settings.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
$lang['account_suffix'] = 'Olddodiad eich cyfrif. Ee. <code>@my.domain.org</code>';
$lang['base_dn'] = 'Sail eich DN. Eg. <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = 'Rhestr gwahanwyd gan goma o reolwyr Parth. Ee. <code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_username'] = 'Defnyddiwr Active Directory breintiedig gyda mynediad i ddata pob defnyddiwr arall. Yn opsiynol, ond yn hanfodol ar gyfer gweithredoedd penodol fel anfon ebyst tanysgrifio.';
$lang['admin_password'] = 'Cyfrinair y defnyddiwr uchod.';
$lang['sso'] = 'A ddylai Mewngofnodi-Unigol gan Kerberos neu NTLM gael ei ddefnyddio?';
$lang['sso_charset'] = 'Y set nod mae\'ch gweinydd gwe yn pasio defnyddair Kerberos neu NTLM ynddi. Gwag ar gyfer UTF-8 neu latin-1. Bydd angen estyniad iconv.';
$lang['real_primarygroup'] = 'Os ydy\'r prif grŵp real yn cael ei hadfer yn hytrach na thybio "Defnyddwyr Parth" (arafach).';
$lang['use_ssl'] = 'Defnyddio cysylltiad SSL? Os ydych chi\'n defnyddio hwn, peidiwch â galluogi TLS isod.';
$lang['use_tls'] = 'Defnyddio cysylltiad TLS? Os ydych chi\'n defnyddio hwn, peidiwch â galluogi SSL uchod.';
$lang['debug'] = 'Dangos allbwn dadfygio ychwanegol ar wallau?';
$lang['expirywarn'] = 'Diwrnodau o flaen llaw i rybuddio defnyddwyr o ran cyfrinair yn dod i ben. 0 i analluogi.';
$lang['additional'] = 'Rhestr a wahanwyd gan goma o briodoleddau AD ychwanegol i nôl o ddata defnyddiwr. Defnyddiwyd gan rai ategion.';

13
content/lib/plugins/authad/lang/da/lang.php Normal file
View File

@@ -0,0 +1,13 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Jacob Palm <mail@jacobpalm.dk>
* @author Mikael Lyngvig <mikael@lyngvig.org>
*/
$lang['domain'] = 'Logondomæne';
$lang['authpwdexpire'] = 'Din adgangskode vil udløbe om %d dage, du bør ændre den snart.';
$lang['passchangefail'] = 'Kunne ikke skifte adgangskoden. Måske blev adgangskodepolitikken ikke opfyldt?';
$lang['userchangefail'] = 'Kunne ikke ændre brugerkontoen. Din konto har muligvis ikke rettigheder til at lave ændringer.';
$lang['connectfail'] = 'Kunne ikke forbinde til Active Directory serveren.';

25
content/lib/plugins/authad/lang/da/settings.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Jacob Palm <jacobpalmdk@icloud.com>
* @author Soren Birk <soer9648@hotmail.com>
* @author Jens Hyllegaard <jens.hyllegaard@gmail.com>
*/
$lang['account_suffix'] = 'Dit konto suffiks. F.eks. <code>@mit.domæne.dk</code>';
$lang['base_dn'] = 'Dit grund DN. F.eks. <code>DC=mit,DC=domæne,DC=dk</code>';
$lang['domain_controllers'] = 'En kommasepareret liste over domænecontrollere. F.eks. <code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_username'] = 'En privilegeret Active Directory bruger med adgang til alle andre brugeres data. Valgfri, men skal bruges til forskellige handlinger såsom at sende abonnement e-mails.';
$lang['admin_password'] = 'Adgangskoden til den ovenstående brugerkonto.';
$lang['sso'] = 'Skal der benyttes Single-Sign-On via Kerberos eller NTLM?';
$lang['sso_charset'] = 'Tegnsættet din webserver leverer Kerberos eller NTLM brugernavnet i. Efterlad blank for UTF-8 eller latin-1. Kræver iconv udvidelsen.';
$lang['real_primarygroup'] = 'Bør den korrekte primære gruppe findes i stedet for at antage "Domain Users" (langsommere)';
$lang['use_ssl'] = 'Benyt SSL forbindelse? Hvis ja, vælg ikke TLS herunder.';
$lang['use_tls'] = 'Benyt TLS forbindelse? Hvis ja, vælg ikke SSL herover.';
$lang['debug'] = 'Vis yderligere debug output ved fejl?';
$lang['expirywarn'] = 'Dage før udløb af adgangskode brugere skal advares. Angiv 0 for at deaktivere notifikation.';
$lang['additional'] = 'En kommasepareret liste over yderligere AD attributter der skal hentes fra brugerdata. Brug af nogen udvidelser.';
$lang['update_name'] = 'Tillad at brugere opdaterer deres visningnavn i AD?';
$lang['update_mail'] = 'Tillad at brugere opdaterer deres e-mail adresse?';
$lang['recursive_groups'] = 'Opslå nedarvede grupper til deres individuelle medlemmer (langsommere)';

13
content/lib/plugins/authad/lang/de-informal/lang.php Normal file
View File

@@ -0,0 +1,13 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Andreas Gohr <gohr@cosmocode.de>
* @author rnck <dokuwiki@rnck.de>
*/
$lang['domain'] = 'Login Domäne';
$lang['authpwdexpire'] = 'Dein Passwort läuft in %d Tag(en) ab. Du solltest es es frühzeitig ändern.';
$lang['passchangefail'] = 'Das Passwort konnte nicht geändert werden. Eventuell wurde die Passwort-Richtlinie nicht eingehalten.';
$lang['userchangefail'] = 'Nutzerattribute konnten nicht geändert werden. Möglicherweise hat Dein Account nicht die erforderlichen Berechtigungen.';
$lang['connectfail'] = 'Verbindung zum Active Directory Server fehlgeschlagen.';

26
content/lib/plugins/authad/lang/de-informal/settings.php Normal file
View File

@@ -0,0 +1,26 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Frank Loizzi <contact@software.bacal.de>
* @author Matthias Schulte <dokuwiki@lupo49.de>
* @author Volker Bödker <volker@boedker.de>
* @author rnck <dokuwiki@rnck.de>
* @author Felix <j.felix@mueller-donath.de>
*/
$lang['account_suffix'] = 'Dein Account-Suffix. Z.B. <code>@my.domain.org</code>';
$lang['base_dn'] = 'Dein Base-DN. Z.B. <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = 'Eine Komma-separierte Liste von Domänen-Controllern. Z.B. <code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_username'] = 'Ein privilegierter Active Directory-Benutzer mit Zugriff zu allen anderen Benutzerdaten. Optional, aber wird benötigt für Aktionen wie z. B. dass Senden von Benachrichtigungs-Mails.';
$lang['admin_password'] = 'Das Passwort des obigen Benutzers.';
$lang['sso'] = 'Soll Single-Sign-On via Kerberos oder NTLM benutzt werden?';
$lang['sso_charset'] = 'Der Zeichensatz in dem Kerberos oder NTLM den Usernamen übergibt. Leer lassen für UTF-8 oder latin-1. Erfordert die Erweiterung iconv.';
$lang['real_primarygroup'] = 'Soll die echte primäre Gruppe aufgelöst werden anstelle der Annahme "Domain Users" (langsamer)';
$lang['use_ssl'] = 'SSL-Verbindung benutzen? Falls ja, TLS unterhalb nicht aktivieren.';
$lang['use_tls'] = 'TLS-Verbindung benutzen? Falls ja, SSL oberhalb nicht aktivieren.';
$lang['debug'] = 'Zusätzliche Debug-Informationen bei Fehlern anzeigen?';
$lang['expirywarn'] = 'Tage im Voraus um Benutzer über ablaufende Passwörter zu informieren. 0 zum Ausschalten.';
$lang['additional'] = 'Eine Komma-separierte Liste von zusätzlichen AD-Attributen, die von den Benutzerobjekten abgefragt werden. Wird von einigen Plugins benutzt.';
$lang['update_name'] = 'Nutzern erlauben ihren AD Anzeigenamen zu aktualisieren?';
$lang['update_mail'] = 'Nutzern erlauben ihre E-Mail-Adresse zu aktualisieren?';

14
content/lib/plugins/authad/lang/de/lang.php Normal file
View File

@@ -0,0 +1,14 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Andreas Gohr <gohr@cosmocode.de>
* @author Philip Knack <p.knack@stollfuss.de>
* @author Uwe Benzelrath <uwebenzelrath@gmail.com>
*/
$lang['domain'] = 'Anmelde-Domäne';
$lang['authpwdexpire'] = 'Ihr Passwort läuft in %d Tag(en) ab. Sie sollten es frühzeitig ändern.';
$lang['passchangefail'] = 'Kennwortänderung fehlgeschlagen. Entspricht das Kennwort der Richtlinie?';
$lang['userchangefail'] = 'Änderung der Nutzerattribute fehlgeschlagen. Möglicherweise hat ihr Benutzerkonto nicht die nötigen Rechte um diese Änderungen durchzuführen';
$lang['connectfail'] = 'Verbindung zum Active Directory Server fehlgeschlagen.';

28
content/lib/plugins/authad/lang/de/settings.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author C!own77 <clown77@posteo.de>
* @author Frank Loizzi <contact@software.bacal.de>
* @author Matthias Schulte <dokuwiki@lupo49.de>
* @author Ben Fey <benedikt.fey@beck-heun.de>
* @author Jonas Gröger <jonas.groeger@gmail.com>
* @author Carsten Perthel <carsten@cpesoft.com>
*/
$lang['account_suffix'] = 'Ihr Account-Suffix. Z. B. <code>@my.domain.org</code>';
$lang['base_dn'] = 'Ihr Base-DN. Z. B. <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = 'Eine Komma-separierte Liste von Domänen-Controllern. Z. B. <code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_username'] = 'Ein priviligierter Active Directory-Benutzer mit Zugriff zu allen anderen Benutzerdaten. Optional, aber wird benötigt für Aktionen wie z. B. dass Senden von Benachrichtigungs-Mails.';
$lang['admin_password'] = 'Das Passwort des obigen Benutzers.';
$lang['sso'] = 'Soll Single-Sign-On via Kerberos oder NTLM benutzt werden?';
$lang['sso_charset'] = 'Der Zeichensatz, mit dem der Server den Kerberos- oder NTLM-Benutzernamen versendet. Leer lassen für UTF-8 oder latin-1. Benötigt die iconv-Erweiterung.';
$lang['real_primarygroup'] = 'Soll die echte primäre Gruppe aufgelöst werden anstelle der Annahme "Domain Users" (langsamer)';
$lang['use_ssl'] = 'SSL-Verbindung benutzen? Falls ja, TLS unterhalb nicht aktivieren.';
$lang['use_tls'] = 'TLS-Verbindung benutzen? Falls ja, SSL oberhalb nicht aktivieren.';
$lang['debug'] = 'Zusätzliche Debug-Informationen bei Fehlern anzeigen?';
$lang['expirywarn'] = 'Tage im Voraus um Benutzer über ablaufende Passwörter zu informieren. 0 zum Ausschalten.';
$lang['additional'] = 'Eine Komma-separierte Liste von zusätzlichen AD-Attributen, die von den Benutzerobjekten abgefragt werden. Wird von einigen Plugins benutzt.';
$lang['update_name'] = 'Benutzern erlauben, ihren AD Anzeige-Namen zu ändern?';
$lang['update_mail'] = 'Benutzern erlauben, ihre E-Mail-Adresse zu ändern?';
$lang['recursive_groups'] = 'Auflösen verschachtelter Gruppen für ihre jeweiligen Mitglieder (langsamer).';

13
content/lib/plugins/authad/lang/el/lang.php Normal file
View File

@@ -0,0 +1,13 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Katerina Katapodi <extragold1234@hotmail.com>
* @author Vasileios Karavasilis <vasileioskaravasilis@gmail.com>
*/
$lang['domain'] = 'Logon Domain';
$lang['authpwdexpire'] = 'Ο κωδικός πρόσβασης θα λήξει σε %d ημέρες. Προτείνουμε να τον αλλάξετε σύντομα.';
$lang['passchangefail'] = 'Ο κωδικός πρόσβασης δεν μπόρεσε να αλλάξει. Μήπως δεν ακολουθήθηκαν οι κατάλληλες οδηγίες της πολιτικής κωδικού πρόσβασης?';
$lang['userchangefail'] = 'Αποτυχία αλλαγής των στοιχείων του χρήστη. Μπορεί ο λογαριασμός σας να μην έχει άδεια να κάνει αλλαγές. ';
$lang['connectfail'] = 'Δεν μπόρεσε να συνδέσει στον διακομιστή Active Directory (Ενεργή Λίστα διευθύνσεων).';

24
content/lib/plugins/authad/lang/el/settings.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Aikaterini Katapodi <extragold1234@hotmail.com>
* @author chris taklis <ctaklis@gmail.com>
*/
$lang['account_suffix'] = 'Το πρόσημο του λογαριασμού σας. Π.χ <code>@my.domain.org</code>';
$lang['base_dn'] = 'Το βασικό σας DN. Eg. <code>DC=my,DC=domain,DC=org</code> ';
$lang['domain_controllers'] = 'Μία λίστα χωρισμένη με κόμμα, των ελεγκτών του Domain. Π.χ. <code>srv1.domain.org,srv2.domain.org</code> ';
$lang['admin_username'] = 'Ένας προνομιούχος χρήστης της Ενεργούς Λίστας Διευθύνσεων με πρόσβαση στα δεδομένα άλλων χρηστών. Προαιρετικό, αλλά χρειάζεται για ορισμένες ενέργειες όπως αποστολή ηλεκτρονικών μηνυμάτων εγγραφής. ';
$lang['admin_password'] = 'Ο κωδικός του παραπάνω χρήστη.';
$lang['sso'] = 'Πρέπει να χρησιμοποιηθεί το Single-Sign-On μέσω Kerberos ή το NTLM ? ';
$lang['sso_charset'] = 'To \'\'charset\'\' που ο διακομιστής ιστοσελίδας σας θα περάσει το Kerberos ή το όνομα χρήστη NTLM . Είναι άδειο για το UTF-8 η το λατινικό -1. Χρειάζεται την προέκταση inconv. ';
$lang['real_primarygroup'] = 'Πρέπει να ισχύσει η βασική ομάδα αντί να ληφθεί υπόψη το \'\'Domain Users\'\' (πιο αργό).';
$lang['use_ssl'] = 'Να γίνει χρήση της σύνδεσης SSL? Αν χρησιμοποιείται μην ενεργοποιείστε το TLS πιο κάτω. ';
$lang['use_tls'] = 'Να γίνει σύνδεση του TLS?Αν ήδη χρησιμοποιείται, μην ενεργοποιείστε το SSL πιο πάνω. ';
$lang['debug'] = 'Να προβληθεί το επιπλέον σύστημα ανίχνευσης λαθών ?';
$lang['expirywarn'] = 'Πρέπει να προειδοποιηθεί ο χρήστης πριν λίγες ημέρες για την λήξη του κωδικού πρόσβασης. 0 για να απενεργοποιείστε.';
$lang['additional'] = 'Μία λίστα που χωρίζεται με κόμμα, με AD επιπλέον ιδιότητες για να φέρουν στοιχεία από τον χρήστη. Χρησιμοποιείται από κάποια επιπρόσθετα.';
$lang['update_name'] = 'Να επιτρέπεται στους χρήστες να ενημερώνουν το AD όνομα τους που προβάλλεται?';
$lang['update_mail'] = 'Να επιτρέπεται στους χρήστες να ενημερώνουν την διεύθυνση ηλεκτρονικού τους ταχυδρομείου?';
$lang['recursive_groups'] = 'Να γίνεται καταχώρηση των μελών των ομάδων?';

15
content/lib/plugins/authad/lang/en/lang.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
/**
* English language file for addomain plugin
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Andreas Gohr <gohr@cosmocode.de>
*/
$lang['domain'] = 'Logon Domain';
$lang['authpwdexpire'] = 'Your password will expire in %d days, you should change it soon.';
$lang['passchangefail'] = 'Failed to change the password. Maybe the password policy was not met?';
$lang['userchangefail'] = 'Failed to change user attributes. Maybe your account does not have permissions to make changes?';
$lang['connectfail'] = 'Failed to connect to Active Directory server.';
//Setup VIM: ex: et ts=4 :

18
content/lib/plugins/authad/lang/en/settings.php Normal file
View File

@@ -0,0 +1,18 @@
<?php
$lang['account_suffix'] = 'Your account suffix. Eg. <code>@my.domain.org</code>';
$lang['base_dn'] = 'Your base DN. Eg. <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = 'A comma separated list of Domain controllers. Eg. <code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_username'] = 'A privileged Active Directory user with access to all other user\'s data. Optional, but needed for certain actions like sending subscription mails.';
$lang['admin_password'] = 'The password of the above user.';
$lang['sso'] = 'Should Single-Sign-On via Kerberos or NTLM be used?';
$lang['sso_charset'] = 'The charset your webserver will pass the Kerberos or NTLM username in. Empty for UTF-8 or latin-1. Requires the iconv extension.';
$lang['real_primarygroup'] = 'Should the real primary group be resolved instead of assuming "Domain Users" (slower).';
$lang['use_ssl'] = 'Use SSL connection? If used, do not enable TLS below.';
$lang['use_tls'] = 'Use TLS connection? If used, do not enable SSL above.';
$lang['debug'] = 'Display additional debugging output on errors?';
$lang['expirywarn'] = 'Days in advance to warn user about expiring password. 0 to disable.';
$lang['additional'] = 'A comma separated list of additional AD attributes to fetch from user data. Used by some plugins.';
$lang['update_name'] = 'Allow users to update their AD display name?';
$lang['update_mail'] = 'Allow users to update their email address?';
$lang['recursive_groups'] = 'Resolve nested groups to their respective members (slower).';

11
content/lib/plugins/authad/lang/eo/lang.php Normal file
View File

@@ -0,0 +1,11 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Florian <florianmail55@gmail.com>
* @author Robert Bogenschneider <bogi@uea.org>
*/
$lang['domain'] = 'Ensaluta domajno';
$lang['authpwdexpire'] = 'Via pasvorto malvalidos post %d tagoj, prefere ŝanĝu ĝin baldaũ.';
$lang['connectfail'] = 'Malsukcesis konekti al Aktivan Dosierumon servilo.';

22
content/lib/plugins/authad/lang/eo/settings.php Normal file
View File

@@ -0,0 +1,22 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Florian <florianmail55@gmail.com>
* @author Robert Bogenschneider <bogi@uea.org>
*/
$lang['account_suffix'] = 'Via konto-aldonaĵo, ekz. <code>@mia.domajno.lando</code>';
$lang['base_dn'] = 'Via baza DN, ekz. <code>DC=mia,DC=domajno,DC=lando</code>';
$lang['domain_controllers'] = 'Komodisigita listo de domajno-serviloj, ekz. <code>srv1.domajno.lando,srv2.domajno.lando</code>';
$lang['admin_username'] = 'Privilegiita Aktiv-Dosieruja uzanto kun aliro al ĉiuj uzantaj datumoj. Libervole, sed necesa por iuj agadoj kiel sendi abonan retpoŝton.';
$lang['admin_password'] = 'La pasvorto de tiu uzanto.';
$lang['sso'] = 'Ĉu uzi Sola Aliro tra Kerberos aŭ NTLM?';
$lang['sso_charset'] = 'Per kiu karaktraro via retservilo pludonas uzantonomojn al Kerberos aŭ NTLM? Malplena por UTF-8 aŭ latin-1. Bezonas iconv-aldonaĵon.';
$lang['real_primarygroup'] = 'Ĉu trovi la veran ĉefan grupon anstataŭ supozi "Domajnuzantoj" (pli malrapida)?';
$lang['use_ssl'] = 'Ĉu uzi SSL-konekton? Se jes, ne aktivigu TLS sube.';
$lang['use_tls'] = 'Ĉu uzi TLS-konekton? Se jes, ne aktivigu SSL supre.';
$lang['debug'] = 'Ĉu montri aldonajn informojn dum eraroj?';
$lang['expirywarn'] = 'Tagoj da antaŭaverto pri malvalidiĝonta pasvorto. 0 por malebligi.';
$lang['additional'] = 'Komodisigita listo de aldonaj AD-atributoj por preni el uzantaj datumoj. Uzita de iuj kromaĵoj.';
$lang['update_mail'] = 'Ĉu permesi uzantoj ĝisdatigi siajn retardesojn?';

15
content/lib/plugins/authad/lang/es/lang.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Juan De La Cruz <juann.dlc@gmail.com>
* @author Gerardo Zamudio <gerardo@gerardozamudio.net>
* @author Mauricio Segura <maose38@yahoo.es>
* @author Romano <romanocl@outlook.com>
*/
$lang['domain'] = 'Dominio de inicio';
$lang['authpwdexpire'] = 'Su contraseña caducara en %d días, debería cambiarla lo antes posible';
$lang['passchangefail'] = 'Error al cambiar la contraseña. ¿Tal vez no se cumplió la directiva de contraseñas?';
$lang['userchangefail'] = 'Falló al intentar modificar los atributos del usuario. Puede ser que su cuenta no tiene permisos para realizar cambios?';
$lang['connectfail'] = 'Error al conectar con el servidor de Active Directory.';

28
content/lib/plugins/authad/lang/es/settings.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Liliana <lilianasaidon@gmail.com>
* @author monica <may.dorado@gmail.com>
* @author Antonio Bueno <atnbueno@gmail.com>
* @author Juan De La Cruz <juann.dlc@gmail.com>
* @author Eloy <ej.perezgomez@gmail.com>
* @author David Roy <davidroyapp@gmail.com>
*/
$lang['account_suffix'] = 'Su cuenta, sufijo. Ejem. <code> @ my.domain.org </code>';
$lang['base_dn'] = 'Su base DN. Ejem. <code>DC=my,DC=dominio,DC=org</code>';
$lang['domain_controllers'] = 'Una lista separada por coma de los controladores de dominios. Ejem. <code>srv1.dominio.org,srv2.dominio.org</code>';
$lang['admin_username'] = 'Un usuario con privilegios de Active Directory con acceso a los datos de cualquier otro usuario. Opcional, pero es necesario para determinadas acciones como el envío de suscripciones de correos electrónicos.';
$lang['admin_password'] = 'La contraseña del usuario anterior.';
$lang['sso'] = 'En caso de inicio de sesión usará ¿Kerberos o NTLM?';
$lang['sso_charset'] = 'La codificación con que tu servidor web pasará el nombre de usuario Kerberos o NTLM. Si es UTF-8 o latin-1 dejar en blanco. Requiere la extensión iconv.';
$lang['real_primarygroup'] = 'Resolver el grupo primario real en vez de asumir "Domain Users" (más lento)';
$lang['use_ssl'] = '¿Usar conexión SSL? Si se usa, no habilitar TLS abajo.';
$lang['use_tls'] = '¿Usar conexión TLS? Si se usa, no habilitar SSL arriba.';
$lang['debug'] = 'Mostrar información adicional de depuración sobre los errores?';
$lang['expirywarn'] = 'Días por adelantado para avisar al usuario de que contraseña expirará. 0 para deshabilitar.';
$lang['additional'] = 'Una lista separada por comas de atributos AD adicionales a obtener de los datos de usuario. Usado por algunos plugins.';
$lang['update_name'] = '¿Permitir a los usuarios actualizar su nombre de AD?';
$lang['update_mail'] = '¿Permitir a los usuarios actualizar su email?';
$lang['recursive_groups'] = 'Restituir los grupos anidados a sus respectivos miembros (más lento)';

8
content/lib/plugins/authad/lang/et/lang.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Janar Leas <janar.leas@eesti.ee>
*/
$lang['authpwdexpire'] = 'Sinu salasõna aegub %d päeva pärast, võiksid seda peatselt muuta.';

10
content/lib/plugins/authad/lang/eu/lang.php Normal file
View File

@@ -0,0 +1,10 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Zigor Astarbe <astarbe@gmail.com>
* @author Osoitz <oelkoro@gmail.com>
*/
$lang['authpwdexpire'] = 'Zure pasahitza %d egun barru iraungiko da, laster aldatu beharko zenuke.';
$lang['connectfail'] = 'Huts egin du Active Directory zerbitzarira konektatzean';

13
content/lib/plugins/authad/lang/eu/settings.php Normal file
View File

@@ -0,0 +1,13 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Osoitz <oelkoro@gmail.com>
*/
$lang['account_suffix'] = 'Zure kontuaren atzizkia. Esaterako <code>@niredomeinua.eus</code>';
$lang['admin_password'] = 'Goiko erabiltzailearen pasahitza';
$lang['use_ssl'] = 'SSL konexioa darabilzu? Hala bada, ez gaitu TLS behean.';
$lang['use_tls'] = 'Erabili TLS konexioa? Erabiltzekotan, ez gaitu SSL goian.';
$lang['expirywarn'] = 'Pasahitza iraungitzear dagoela abisatzeko aurretia egunetan. 0 desgaitzeko.';
$lang['update_mail'] = 'Baimendu erabiltzaileei bere email helbidea eguneratzea?';

14
content/lib/plugins/authad/lang/fa/lang.php Normal file
View File

@@ -0,0 +1,14 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Hamid <zarrabi@sharif.edu>
* @author Milad DZand <M.DastanZand@gmail.com>
* @author Mohmmad Razavi <sepent@gmail.com>
*/
$lang['domain'] = 'دامنه‌ی ورود';
$lang['authpwdexpire'] = 'کلمه عبور شما در %d روز منقضی خواهد شد ، شما باید آن را زود تغییر دهید';
$lang['passchangefail'] = 'تغیر رمزعبور با خطا مواجه شد. شاید سیاستهای مربوط به گذاشتن نام کاربری درست رعایت نشده است.';
$lang['userchangefail'] = 'تغییر ویژگی‌های کابر با خطا مواجه شد. شاید حساب کاربری شما مجاز به انجام این تغییرات نیست.';
$lang['connectfail'] = 'ارتباط با سرور Active Directory با خطا مواجه شد.';

24
content/lib/plugins/authad/lang/fa/settings.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Omid Hezaveh <hezpublic@gmail.com>
* @author Mohmmad Razavi <sepent@gmail.com>
* @author Masoud Sadrnezhaad <masoud@sadrnezhaad.ir>
*/
$lang['account_suffix'] = 'پسوند حساب کاربری شما. به عنوان مثال <code>@my.domain.org</code>';
$lang['base_dn'] = 'DN پایه شما. به عنوان مثال <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = 'لیست کنترل کننده‌های دامنه که با کاما ازهم جدا شده اند. به عنوان مثال <code>srv1.domain.org,srv2.domain.org</code';
$lang['admin_username'] = 'کاربر دارای دسترسی Active Directory که دارای دسترسی به تمام اطلاعات کاربران است. اختیاریست ولی برای برخی فعالیت‌ها مثل ایمیل‌های عضویت لازم است.';
$lang['admin_password'] = 'رمز کاربر بالایی ';
$lang['sso'] = 'آیا Single-Sign-On از طریق Kerberos یا NTLM استفاده شود؟';
$lang['sso_charset'] = 'کدبندی نویسه‌ای که وب‌سرورتان نام کاربری NTLM یا Kerberos را به آن منتقل می‌کند. برای انتخاب UTF-8 یا latin-1 خالی بگذارید. لازم است که افزونهٔ iconv نصب باشد.';
$lang['real_primarygroup'] = 'باید گروه اصلی به جای "دامنهٔ کاربران" برگردد. (کندتر)';
$lang['use_ssl'] = 'از اس‌اس‌ال استفاده می‌کنید؟ در این صورت تی‌ال‌اس را در پایین فعال نکنید. ';
$lang['use_tls'] = 'از تی‌ال‌اس استفاده می‌کنید؟ در این صورت اس‌اس‌ال را در بالا فعال نکنید. ';
$lang['debug'] = 'داده‌های اضافی خروجی دیباگ در هنگام بروز خطا نمایش داده شود؟';
$lang['expirywarn'] = 'تعداد روزهایی که پس گذشتن آن برای تغییر رمزعبور به شما هشدار داده شود. باری غیرفعال سازی از مقدار 0 استفاده کنید.';
$lang['additional'] = 'لیست صفات اضافی AD برای گرفتن از اطلاعات کاربر که توسط برخی از افزونه‌ها استفاده می‌شود. با کاما جدا شود.';
$lang['update_name'] = 'به کاربران اجازهٔ به روزرسانی نام AD داده شود؟';
$lang['update_mail'] = 'به کاربران اجازهٔ به روزرسانی ایمیلشان داده شود؟';

8
content/lib/plugins/authad/lang/fi/lang.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Jussi Takala <jussi.takala@live.fi>
*/
$lang['authpwdexpire'] = 'Salasanasi vanhenee %d pv:n päästä, vaihda salasanasi pikaisesti.';

9
content/lib/plugins/authad/lang/fi/settings.php Normal file
View File

@@ -0,0 +1,9 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Otto Vainio <otto@valjakko.net>
*/
$lang['debug'] = 'Näytä lisää debug-koodia virheistä?';
$lang['expirywarn'] = 'Montako päivää etukäteen varoitetaan salasanan vanhenemissta. 0 poistaa.';

15
content/lib/plugins/authad/lang/fr/lang.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author ggallon <gwenael.gallon@mac.com>
* @author Yannick Aure <yannick.aure@gmail.com>
* @author Pietroni <pietroni@informatique.univ-paris-diderot.fr>
* @author Schplurtz le Déboulonné <Schplurtz@laposte.net>
*/
$lang['domain'] = 'Domaine de connexion';
$lang['authpwdexpire'] = 'Votre mot de passe expirera dans %d jours, vous devriez le changer bientôt.';
$lang['passchangefail'] = 'Impossible de changer le mot de passe. Il est possible que les règles de sécurité des mots de passe n\'aient pas été respectées.';
$lang['userchangefail'] = 'Impossible de modifier les attributs de l\'utilisateur. Votre compte n\'a peut-être pas les permissions d\'effectuer des changements.';
$lang['connectfail'] = 'Impossible de se connecter au serveur Active Directory.';

25
content/lib/plugins/authad/lang/fr/settings.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Schplurtz le Déboulonné <schplurtz@laposte.net>
* @author Bruno Veilleux <bruno.vey@gmail.com>
* @author Momo50 <c.brothelande@gmail.com>
*/
$lang['account_suffix'] = 'Le suffixe de votre compte. Ex.: <code>@mon.domaine.org</code>';
$lang['base_dn'] = 'Votre nom de domaine de base. <code>DC=mon,DC=domaine,DC=org</code>';
$lang['domain_controllers'] = 'Une liste de contrôleurs de domaine séparés par des virgules. Ex.: <code>srv1.domaine.org,srv2.domaine.org</code>';
$lang['admin_username'] = 'Un utilisateur Active Directory avec accès aux données de tous les autres utilisateurs. Facultatif, mais nécessaire pour certaines actions telles que l\'envoi de courriels d\'abonnement.';
$lang['admin_password'] = 'Le mot de passe de l\'utilisateur ci-dessus.';
$lang['sso'] = 'Est-ce que l\'authentification unique (Single-Sign-On) par Kerberos ou NTLM doit être utilisée?';
$lang['sso_charset'] = 'Le jeu de caractères de votre serveur web va passer le nom d\'utilisateur Kerberos ou NTLM. Vide pour UTF-8 ou latin-1. Nécessite l\'extension iconv.';
$lang['real_primarygroup'] = 'Est-ce que le véritable groupe principal doit être résolu au lieu de présumer "Domain Users" (plus lent)?';
$lang['use_ssl'] = 'Utiliser une connexion SSL? Si utilisée, n\'activez pas TLS ci-dessous.';
$lang['use_tls'] = 'Utiliser une connexion TLS? Si utilisée, n\'activez pas SSL ci-dessus.';
$lang['debug'] = 'Afficher des informations de débogage supplémentaires pour les erreurs?';
$lang['expirywarn'] = 'Jours d\'avance pour l\'avertissement envoyé aux utilisateurs lorsque leur mot de passe va expirer. 0 pour désactiver.';
$lang['additional'] = 'Une liste séparée par des virgules d\'attributs AD supplémentaires à récupérer dans les données utilisateur. Utilisée par certains modules.';
$lang['update_name'] = 'Autoriser les utilisateurs à modifier leur nom affiché de l\'AD ?';
$lang['update_mail'] = 'Autoriser les utilisateurs à modifier leur adresse de courriel ?';
$lang['recursive_groups'] = 'Résoudre les groupes imbriqués à leur membres respectifs (plus lent).';

8
content/lib/plugins/authad/lang/gl/lang.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Rodrigo Rega <rodrigorega@gmail.com>
*/
$lang['authpwdexpire'] = 'A túa contrasinal expirará en %d días, deberías cambiala pronto.';

10
content/lib/plugins/authad/lang/he/lang.php Normal file
View File

@@ -0,0 +1,10 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author tomer <tomercarolldergicz@gmail.com>
* @author Menashe Tomer <menashesite@gmail.com>
*/
$lang['authpwdexpire'] = 'הסיסמה שלך תפוג ב %d ימים, אתה צריך לשנות את זה בקרוב.';
$lang['passchangefail'] = 'שגיאה בשינוי סיסמה. האם הסיסמה תואמת למדיניות המערכת?';

8
content/lib/plugins/authad/lang/he/settings.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Menashe Tomer <menashesite@gmail.com>
*/
$lang['admin_password'] = 'סיסמת המשתמש המוזכן';

12
content/lib/plugins/authad/lang/hr/lang.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Davor Turkalj <turki.bsc@gmail.com>
*/
$lang['domain'] = 'Domena za prijavu';
$lang['authpwdexpire'] = 'Vaša lozinka će isteći za %d dana, trebate ju promijeniti.';
$lang['passchangefail'] = 'Ne mogu izmijeniti lozinku. Možda nije zadovoljen set pravila za lozinke?';
$lang['userchangefail'] = 'Greška pri promjeni atributa korisnika. Možda Vaš korisnik nema autorizacije da bi radio promjene?';
$lang['connectfail'] = 'Ne mogu se povezati s Active Directory poslužiteljem.';

22
content/lib/plugins/authad/lang/hr/settings.php Normal file
View File

@@ -0,0 +1,22 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Davor Turkalj <turki.bsc@gmail.com>
*/
$lang['account_suffix'] = 'Vaš sufiks korisničkog imena. Npr. <code>@my.domain.org</code>';
$lang['base_dn'] = 'Vaš bazni DN. Npr. <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = 'Zarezom odvojena lista domenskih kontrolera. Npr. <code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_username'] = 'Privilegirani korisnik Active Directory-a s pristupom svim korisničkim podacima. Opcionalno, ali potrebno za određene akcije kao što je slanje pretplatničkih poruka.';
$lang['admin_password'] = 'Lozinka gore navedenoga korisnika.';
$lang['sso'] = 'Da li će Single-Sign-On prijava biti korištena preko Kerberosa ili NTLM-a?';
$lang['sso_charset'] = 'Znakovni set koji će se koristiti Kerberos ili NTLM pri slanju imena korisnika. Prazno za UTF-8 ili latin-1. Zahtjeva iconv ekstenziju.';
$lang['real_primarygroup'] = 'Da li da se razluči stvarna primarna grupa umjesto pretpostavke da je to "Domain Users" (sporije !).';
$lang['use_ssl'] = 'Koristi SSL vezu? Ako da, dolje ne koristi TLS!';
$lang['use_tls'] = 'Koristi TLS vezu? Ako da, gore ne koristi SSL!';
$lang['debug'] = 'Prikaži dodatni debug ispis u slučaju greške? ';
$lang['expirywarn'] = 'Upozori korisnike o isteku lozinke ovoliko dana. 0 za onemogućavanje. ';
$lang['additional'] = 'Zarezom odvojena lista dodatnih AD atributa koji se dohvaćaju iz korisničkih podataka. Koristi se u nekim dodatcima (plugin).';
$lang['update_name'] = 'Omogućiti korisnicima da izmjene svoje ime u AD-u?';
$lang['update_mail'] = 'Omogućiti korisnicima da izmjene svoju email adresu?';

11
content/lib/plugins/authad/lang/hu/lang.php Normal file
View File

@@ -0,0 +1,11 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Marton Sebok <sebokmarton@gmail.com>
*/
$lang['domain'] = 'Bejelentkezési tartomány';
$lang['authpwdexpire'] = 'A jelszavad %d nap múlva lejár, hamarosan meg kell változtatnod.';
$lang['passchangefail'] = 'A jelszó megváltoztatása sikertelen. Lehet, hogy nem felel meg a jelszóházirendnek?';
$lang['connectfail'] = 'A csatlakozás az Active Directory szerverhez sikertelen.';

21
content/lib/plugins/authad/lang/hu/settings.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Marton Sebok <sebokmarton@gmail.com>
* @author Marina Vladi <deldadam@gmail.com>
*/
$lang['account_suffix'] = 'Felhasználói azonosító végződése, pl. <code>@my.domain.org</code>.';
$lang['base_dn'] = 'Bázis DN, pl. <code>DC=my,DC=domain,DC=org</code>.';
$lang['domain_controllers'] = 'Tartománykezelők listája vesszővel elválasztva, pl. <code>srv1.domain.org,srv2.domain.org</code>.';
$lang['admin_username'] = 'Privilegizált AD felhasználó, aki az összes feéhasználó adatait elérheti. Elhagyható, de bizonyos funkciókhoz, például a feliratkozási e-mailek kiküldéséhez szükséges.';
$lang['admin_password'] = 'Ehhez tartozó jelszó.';
$lang['sso'] = 'Kerberos egyszeri bejelentkezés vagy NTLM használata?';
$lang['sso_charset'] = 'A webkiszolgáló karakterkészlete megfelel a Kerberos- és NTLM-felhasználóneveknek. Üres UTF-8 és Latin-1-hez. Szükséges az iconv bővítmény.';
$lang['real_primarygroup'] = 'A valódi elsődleges csoport feloldása a "Tartományfelhasználók" csoport használata helyett? (lassabb)';
$lang['use_ssl'] = 'SSL használata? Ha használjuk, tiltsuk le a TLS-t!';
$lang['use_tls'] = 'TLS használata? Ha használjuk, tiltsuk le az SSL-t!';
$lang['debug'] = 'További hibakeresési üzenetek megjelenítése hiba esetén';
$lang['expirywarn'] = 'Felhasználók értesítése ennyi nappal a jelszavuk lejárata előtt. 0 a funkció kikapcsolásához.';
$lang['additional'] = 'Vesszővel elválasztott lista a további AD attribútumok lekéréséhez. Néhány bővítmény használhatja.';

13
content/lib/plugins/authad/lang/it/lang.php Normal file
View File

@@ -0,0 +1,13 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Matteo Pasotti <matteo@xquiet.eu>
* @author Torpedo <dgtorpedo@gmail.com>
*/
$lang['domain'] = 'Dominio di accesso';
$lang['authpwdexpire'] = 'La tua password scadrà in %d giorni, dovresti cambiarla quanto prima.';
$lang['passchangefail'] = 'Cambio password fallito. Forse non sono state rispettate le regole adottate per le password';
$lang['userchangefail'] = 'Cambio attributi utente fallito. Forse il tuo account non ha i permessi per eseguire delle modifiche?';
$lang['connectfail'] = 'Connessione fallita al server Active Directory';

25
content/lib/plugins/authad/lang/it/settings.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Roberto Bellingeri <bellingeri@netguru.it>
* @author Edmondo Di Tucci <snarchio@gmail.com>
* @author Torpedo <dgtorpedo@gmail.com>
*/
$lang['account_suffix'] = 'Il suffisso del tuo account. Eg. <code>@my.domain.org</code>';
$lang['base_dn'] = 'Il tuo DN. base Eg. <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = 'Elenco separato da virgole di Domain Controllers. Eg. <code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_username'] = 'Utente privilegiato di Active Directory con accesso ai dati di tutti gli utenti. Opzionale ma necessario per alcune attività come mandare email di iscrizione.';
$lang['admin_password'] = 'La password dell\'utente soprascritto.';
$lang['sso'] = 'Deve essere usato Single-Sign-On via Kerberos oppure NTLM?';
$lang['sso_charset'] = 'Il set di caratteri che il tuo web server passera nel nome utente Kerberos o NTLM. Lasciare vuoto per UTF-8 p latin-1. Richiesta estensione iconv. ';
$lang['real_primarygroup'] = 'Se il vero gruppo primario dovesse essere risolo invece di assumere "Domain Users" (lento).';
$lang['use_ssl'] = 'Usare la connessione SSL? Se usata, non abilitare TSL qui sotto.';
$lang['use_tls'] = 'Usare la connessione TSL? Se usata, non abilitare SSL qui sopra.';
$lang['debug'] = 'Visualizzare output addizionale di debug per gli errori?';
$lang['expirywarn'] = 'Giorni di preavviso per la scadenza della password dell\'utente. 0 per disabilitare.';
$lang['additional'] = 'Valori separati da virgola di attributi AD addizionali da caricare dai dati utente. Usato da alcuni plugin.';
$lang['update_name'] = 'Permettere agli utenti di aggiornare il loro nome AD visualizzato? ';
$lang['update_mail'] = 'Permettere agli utenti di aggiornare il loro indirizzo e-mail?';
$lang['recursive_groups'] = 'Risolvi i gruppi nidificati ai rispettivi membri (più lento).';

15
content/lib/plugins/authad/lang/ja/lang.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author PzF_X <jp_minecraft@yahoo.co.jp>
* @author Osaka <mr.osaka@gmail.com>
* @author Ikuo Obataya <i.obataya@gmail.com>
* @author Hideaki SAWADA <chuno@live.jp>
*/
$lang['domain'] = 'ログオン時のドメイン';
$lang['authpwdexpire'] = 'あなたのパスワードは、あと%d日で有効期限が切れます。パスワードを変更してください。';
$lang['passchangefail'] = 'パスワードを変更できませんでした。パスワードのルールに合わなかったのかもしれません。';
$lang['userchangefail'] = 'ユーザー属性を変更できませんでした。おそらく、変更権限のないアカウントです。';
$lang['connectfail'] = 'Active Directoryサーバーに接続できませんでした。';

26
content/lib/plugins/authad/lang/ja/settings.php Normal file
View File

@@ -0,0 +1,26 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author HokkaidoPerson <dosankomali@yahoo.co.jp>
* @author Satoshi Sahara <sahara.satoshi@gmail.com>
* @author Hideaki SAWADA <chuno@live.jp>
* @author PzF_X <jp_minecraft@yahoo.co.jp>
*/
$lang['account_suffix'] = 'アカウントの接尾語(例:<code>@my.domain.org</code>';
$lang['base_dn'] = 'ベースDN<code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = 'ドメインコントローラのカンマ区切り一覧(例:<code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_username'] = '全ユーザーデータへのアクセス権のある特権Active Directoryユーザー任意ですが、メール通知の登録等の特定の動作に必要となります。';
$lang['admin_password'] = '上記ユーザーのパスワード';
$lang['sso'] = 'Kerberos か NTLM を使ったシングルサインオンSSOをしますか';
$lang['sso_charset'] = 'サーバーは空のUTF-8かLatin-1でKerberosかNTLMユーザネームを送信します。iconv拡張モジュールが必要です。';
$lang['real_primarygroup'] = '"Domain Users" を仮定する代わりに本当のプライマリグループを解決する(低速)';
$lang['use_ssl'] = 'SSL接続を使用する使用する場合、下のTLSを有効にしないでください。';
$lang['use_tls'] = 'TLS接続を使用する使用する場合、上のSSLを有効にしないでください。';
$lang['debug'] = 'エラー時に追加のデバッグ出力を表示する';
$lang['expirywarn'] = '何日前からパスワードの有効期限をユーザーに警告するか0 の場合は無効)';
$lang['additional'] = 'ユーザデータから取得する追加AD属性のカンマ区切り一覧一部プラグインが使用します。';
$lang['update_name'] = 'ユーザー自身にAD表示名の変更を許可する';
$lang['update_mail'] = 'ユーザー自身にメールアドレスの変更を許可する';
$lang['recursive_groups'] = 'それぞれのメンバーについて入れ子のグループを解決する(動作が遅くなります)';

8
content/lib/plugins/authad/lang/ka/lang.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Luka Lejava <luka.lejava@gmail.com>
*/
$lang['authpwdexpire'] = 'თქვენს პაროლს ვადა გაუვა %d დღეში, მალე შეცვლა მოგიწევთ.';

13
content/lib/plugins/authad/lang/ko/lang.php Normal file
View File

@@ -0,0 +1,13 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Myeongjin <aranet100@gmail.com>
* @author Erial <erial2@gmail.com>
*/
$lang['domain'] = '로그온 도메인';
$lang['authpwdexpire'] = '비밀번호를 바꾼지 %d일이 지났으며, 비밀번호를 곧 바꿔야 합니다.';
$lang['passchangefail'] = '비밀번호를 바꾸는 데 실패했습니다. 비밀번호 정책을 따르지 않은 건 아닐까요?';
$lang['userchangefail'] = '사용자 특성을 바꾸는 데 실패했습니다. 당신의 계정에 바꿀 권한이 없는 건 아닐까요?';
$lang['connectfail'] = 'Active Directory 서버에 연결하는 데 실패했습니다.';

23
content/lib/plugins/authad/lang/ko/settings.php Normal file
View File

@@ -0,0 +1,23 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Myeongjin <aranet100@gmail.com>
* @author Garam <rowain8@gmail.com>
*/
$lang['account_suffix'] = '계정 접미어. 예를 들어 <code>@my.domain.org</code>';
$lang['base_dn'] = '기본 DN. 예를 들어 <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = '도메인 컨트롤러의 쉼표로 구분한 목록. 예를 들어 <code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_username'] = '다른 모든 사용자의 데이터에 접근할 수 있는 권한이 있는 Active Directory 사용자. 선택적이지만 구독 메일을 보내는 등의 특정 작업에 필요합니다.';
$lang['admin_password'] = '위 사용자의 비밀번호.';
$lang['sso'] = 'Kerberos나 NTLM을 통해 Single-Sign-On을 사용해야 합니까?';
$lang['sso_charset'] = '당신의 웹서버의 문자집합은 Kerberos나 NTLM 사용자 이름으로 전달됩니다. UTF-8이나 라린-1이 비어 있습니다. icov 확장 기능이 필요합니다.';
$lang['real_primarygroup'] = '실제 기본 그룹은 "도메인 사용자"를 가정하는 대신 해결될 것입니다. (느림)';
$lang['use_ssl'] = 'SSL 연결을 사용합니까? 사용한다면 아래 TLS을 활성화하지 마세요.';
$lang['use_tls'] = 'TLS 연결을 사용합니까? 사용한다면 위 SSL을 활성화하지 마세요.';
$lang['debug'] = '오류에 대한 추가적인 디버그 정보를 보이겠습니까?';
$lang['expirywarn'] = '미리 비밀번호 만료를 사용자에게 경고할 날짜. 0일 경우 비활성화합니다.';
$lang['additional'] = '사용자 데이터에서 가져올 추가적인 AD 속성의 쉼표로 구분한 목록. 일부 플러그인이 사용합니다.';
$lang['update_name'] = '사용자가 자신의 AD 표시 이름을 업데이트할 수 있도록 하겠습니까?';
$lang['update_mail'] = '사용자가 자신의 이메일 주소를 업데이트할 수 있도록 하겠습니까?';

13
content/lib/plugins/authad/lang/lv/lang.php Normal file
View File

@@ -0,0 +1,13 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Oskars Pakers <oskars.pakers@gmail.com>
* @author Aivars Miška <allefm@gmail.com>
*/
$lang['domain'] = 'Iežurnālēšanās domēns';
$lang['authpwdexpire'] = 'Tavai parolei pēc %d dienām biegsies termiņš, tā drīzumā jānomaina.';
$lang['passchangefail'] = 'Neizdevās nomainīt paroli. Varbūt parole neatbilst noteikumiem?';
$lang['userchangefail'] = 'Neizdevās labot lietotāju. Varbūt jūsu kontam nav nepieciešamās atļaujas?';
$lang['connectfail'] = 'Neizdevās savienotes ar aktīvās direktorijas serveri.';

13
content/lib/plugins/authad/lang/lv/settings.php Normal file
View File

@@ -0,0 +1,13 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Oskars Pakers <oskars.pakers@gmail.com>
* @author Aivars Miška <allefm@gmail.com>
*/
$lang['account_suffix'] = 'Jūsu konta sufikss. Piemēram, <code>@my.domain.org</code>';
$lang['base_dn'] = 'Jūsu bāzes DN. Piemēram, <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = 'Ar komatiem atdalīts domēna kontroleru saraksts. Piemēram, <code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_password'] = 'Minētā lietotāja parole.';
$lang['expirywarn'] = 'Cik dienas iepriekš brīdināt lietotāju par paroles termiņa beigām. Ierakstīt 0, lai atspējotu.';

15
content/lib/plugins/authad/lang/nl/lang.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Rene <wllywlnt@yahoo.com>
* @author Dion Nicolaas <dion@nicolaas.net>
* @author Hugo Smet <hugo.smet@scarlet.be>
* @author Wesley de Weerd <wesleytiel@gmail.com>
*/
$lang['domain'] = 'Inlog Domein';
$lang['authpwdexpire'] = 'Je wachtwoord verloopt in %d dagen, je moet het binnenkort veranderen';
$lang['passchangefail'] = 'Wijziging van het paswoord is mislukt. Wellicht beantwoord het paswoord niet aan de voorwaarden. ';
$lang['userchangefail'] = 'Kan gebruiker attributen veranderen . Misschien heeft uw account geen rechten om wijzigingen aan te brengen?';
$lang['connectfail'] = 'Connectie met Active Directory server mislukt.';

25
content/lib/plugins/authad/lang/nl/settings.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Gerrit Uitslag <klapinklapin@gmail.com>
* @author Remon <no@email.local>
* @author Sjoerd <sjoerd@sjomar.eu>
*/
$lang['account_suffix'] = 'Je account domeinnaam. Bijv <code>@mijn.domein.org</code>';
$lang['base_dn'] = 'Je basis DN. Bijv. <code>DC=mijn,DC=domein,DC=org</code>';
$lang['domain_controllers'] = 'Eeen kommagescheiden lijst van domeinservers. Bijv. <code>srv1.domein.org,srv2.domein.org</code>';
$lang['admin_username'] = 'Een geprivilegeerde Active Directory gebruiker die bij alle gebruikersgegevens kan komen. Dit is optioneel maar kan nodig zijn voor bepaalde acties, zoals het versturen van abonnementsmailtjes.';
$lang['admin_password'] = 'Het wachtwoord van bovenstaande gebruiker.';
$lang['sso'] = 'Wordt voor Single-Sign-on Kerberos of NTLM gebruikt?';
$lang['sso_charset'] = 'Het tekenset waarin je webserver de Kerberos of NTLM gebruikersnaam doorsturen. Leeglaten voor UTF-8 of latin-1. Vereist de iconv extensie.';
$lang['real_primarygroup'] = 'Moet de echte primaire groep worden opgezocht in plaats van het aannemen van "Domeingebruikers" (langzamer)';
$lang['use_ssl'] = 'SSL verbinding gebruiken? Zo ja, activeer dan niet de TLS optie hieronder.';
$lang['use_tls'] = 'TLS verbinding gebruiken? Zo ja, activeer dan niet de SSL verbinding hierboven.';
$lang['debug'] = 'Aanvullende debug informatie tonen bij fouten?';
$lang['expirywarn'] = 'Waarschuwingstermijn voor vervallen wachtwoord. 0 om te deactiveren.';
$lang['additional'] = 'Een kommagescheiden lijst van extra AD attributen van de gebruiker. Wordt gebruikt door sommige plugins.';
$lang['update_name'] = 'Sta gebruikers toe om hun getoonde AD naam bij te werken';
$lang['update_mail'] = 'Sta gebruikers toe hun email adres bij te werken';
$lang['recursive_groups'] = 'Zoek voor de geneste groepen hun respectievelijke leden op (langzamer).';

16
content/lib/plugins/authad/lang/no/lang.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Patrick <spill.p@hotmail.com>
* @author Thomas Juberg <Thomas.Juberg@Gmail.com>
* @author Danny Buckhof <daniel.raknes@hotmail.no>
* @author Patrick Sletvold <patricksletvold@hotmail.com>
* @author Arne Hanssen <arnehans@getmail.no>
*/
$lang['domain'] = 'Loggpå-domene';
$lang['authpwdexpire'] = 'Ditt passord går ut om %d dager, du bør endre det snarest.';
$lang['passchangefail'] = 'Feil ved endring av passord. Det kan være at passordet ikke er i tråd med passordpolicyen ';
$lang['userchangefail'] = 'Klarte ikke å endre brukerattributter. Kanskje gar ikke kontoen din rettigheter til å gjøre endringer?';
$lang['connectfail'] = 'Feil ved kontakt med Active Directory serveren.';

26
content/lib/plugins/authad/lang/no/settings.php Normal file
View File

@@ -0,0 +1,26 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Christopher Schive <chschive@frisurf.no>
* @author Patrick <spill.p@hotmail.com>
* @author Danny Buckhof <daniel.raknes@hotmail.no>
* @author Patrick Sletvold <patricksletvold@hotmail.com>
* @author Arne Hanssen <arnehans@getmail.no>
*/
$lang['account_suffix'] = 'Ditt konto-suffiks F. Eks. <code>@my.domain.org</code>';
$lang['base_dn'] = 'Din rot-DN. F.eks. <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = 'En kommaseparert liste over domenekontrollere. Eks. <code>srv1.domene.org,srv2.domene.org</code>';
$lang['admin_username'] = 'En «Active Directory»-bruker med tilgang til alle andre brukeres data. Valgfritt, men nødvendig for visse handlinger f.eks. for utsendelse av e-poster til abonnenter.';
$lang['admin_password'] = 'Passordet til brukeren over.';
$lang['sso'] = 'Skal engangspålogging via Kerberos eller NTLM bli brukt?';
$lang['sso_charset'] = 'Tegnsettet din web-server vil bruke for ditt Kerberos- eller NTLM-brukernavn. La stå tomt for UTF-8 eller ISO Latin-1. Avhengig av utvidelsen iconv.';
$lang['real_primarygroup'] = 'Skal en finne den virkelige gruppen i stedet for å anta at dette er "domene-brukere" (tregere).';
$lang['use_ssl'] = 'Bruk SSL tilknytning? Hvis denne brukes, ikke aktiver TLS nedenfor.';
$lang['use_tls'] = 'Bruk TLS tilknytning? Hvis denne brukes, ikke aktiver SSL over.';
$lang['debug'] = 'Ved feil, vise tilleggsinformasjon for feilsøking?';
$lang['expirywarn'] = 'Antall dager på forhånd brukeren varsles om at passordet utgår. 0 for å deaktivere.';
$lang['additional'] = 'En kommaseparert liste med AD-attributter som skal hentes fra brukerdata. Blir brukt av enkelte programtillegg.';
$lang['update_name'] = 'Tillate at brukere endrer AD-visningsnavnet sitt?';
$lang['update_mail'] = 'Tillate at brukere endrer e-postadressen sin?';

13
content/lib/plugins/authad/lang/pl/lang.php Normal file
View File

@@ -0,0 +1,13 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Wojciech Lichota <wojciech@lichota.pl>
* @author Aoi Karasu <aoikarasu@gmail.com>
*/
$lang['domain'] = 'Domena logowania';
$lang['authpwdexpire'] = 'Twoje hasło wygaśnie za %d dni. Należy je zmienić w krótkim czasie.';
$lang['passchangefail'] = 'Nie udało się zmienić hasła. Możliwe, że zasady dotyczące haseł nie zostały spełnione.';
$lang['userchangefail'] = 'Nie udało się zmienić atrybutów użytkownika. Możliwe, że twoje konto nie ma uprawnień do wprowadzania zmian.';
$lang['connectfail'] = 'Nie można połączyć się z serwerem Active Directory.';

32
content/lib/plugins/authad/lang/pl/settings.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Bartek S <sadupl@gmail.com>
* @author Przemek <p_kudriawcew@o2.pl>
* @author Wojciech Lichota <wojciech@lichota.pl>
* @author Max <maxrb146@gmail.com>
* @author Tomasz Bosak <bosak.tomasz@gmail.com>
* @author Paweł Jan Czochański <czochanski@gmail.com>
* @author Mati <mackosa@wp.pl>
* @author Maciej Helt <geraldziu@gmail.com>
* @author Kris Charatonik <krishary@gmail.com>
*/
$lang['account_suffix'] = 'Przyrostek twojej nazwy konta np. <code>@my.domain.org</code>';
$lang['base_dn'] = 'Twoje bazowe DN. Na przykład: <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = 'Podzielona przecinkami lista kontrolerów domen np. <code>srv1.domena.pl,srv2.domena.pl</code>';
$lang['admin_username'] = 'Uprawniony użytkownik katalogu Active Directory z dostępem do danych wszystkich użytkowników.
Opcjonalne, ale wymagane dla niektórych akcji np. wysyłania emailowych subskrypcji.';
$lang['admin_password'] = 'Hasło dla powyższego użytkownika.';
$lang['sso'] = 'Czy pojedyncze logowanie powinno korzystać z Kerberos czy NTML?';
$lang['sso_charset'] = 'Kodowanie znaków wykorzystywane do przesyłania nazwy użytkownika dla Kerberos lub NTLM. Pozostaw puste dla UTF-8 lub latin-1. Wymaga rozszerzenia iconv.';
$lang['real_primarygroup'] = 'Czy prawdziwa grupa podstawowa powinna zostać pobrana, zamiast przyjmowania domyślnej wartości "Domain Users" (wolniej).';
$lang['use_ssl'] = 'Użyć połączenie SSL? Jeśli tak to nie aktywuj TLS poniżej.';
$lang['use_tls'] = 'Użyć połączenie TLS? Jeśli tak to nie aktywuj SSL powyżej.';
$lang['debug'] = 'Wyświetlać dodatkowe informacje do debugowania w przypadku błędów?';
$lang['expirywarn'] = 'Dni poprzedzających powiadomienie użytkownika o wygasającym haśle. 0 aby wyłączyć.';
$lang['additional'] = 'Oddzielona przecinkami lista dodatkowych atrybutów AD do pobrania z danych użytkownika. Używane przez niektóre wtyczki.';
$lang['update_name'] = 'Zezwól użytkownikom na uaktualnianie nazwy wyświetlanej w AD?';
$lang['update_mail'] = 'Zezwól użytkownikom na uaktualnianie ich adresu email?';
$lang['recursive_groups'] = 'Rozpatrz grupy zagnieżdżone dla odpowiednich członków (wolniej).';

14
content/lib/plugins/authad/lang/pt-br/lang.php Normal file
View File

@@ -0,0 +1,14 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Felipe Castro <fefcas@gmail.com>
* @author Frederico Gonçalves Guimarães <frederico@teia.bio.br>
* @author Guilherme Cardoso <guicardoso@gmail.com>
*/
$lang['domain'] = 'Domínio de "Logon"';
$lang['authpwdexpire'] = 'Sua senha vai expirar em %d dias. Você deve mudá-la assim que for possível.';
$lang['passchangefail'] = 'Não foi possível alterar a senha. Pode ser algum conflito com a política de senhas.';
$lang['userchangefail'] = 'Falha ao mudar os atributos do usuário. Talvez a sua conta não tenha permissões para fazer mudanças.';
$lang['connectfail'] = 'Não foi possível conectar ao servidor Active Directory.';

26
content/lib/plugins/authad/lang/pt-br/settings.php Normal file
View File

@@ -0,0 +1,26 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Frederico Gonçalves Guimarães <frederico@teia.bio.br>
* @author Victor Westmann <victor.westmann@gmail.com>
* @author Juliano Marconi Lanigra <juliano.marconi@gmail.com>
* @author Viliam Dias <viliamjr@gmail.com>
*/
$lang['account_suffix'] = 'Sufixo de sua conta. Eg. <code>@meu.domínio.org</code>';
$lang['base_dn'] = 'Sua base DN. Eg. <code>DC=meu,DC=domínio,DC=org</code>';
$lang['domain_controllers'] = 'Uma lista de controles de domínios separada por vírgulas. Eg. <code>srv1.domínio.org,srv2.domínio.org</code>';
$lang['admin_username'] = 'Um usuário do Active Directory com privilégios para acessar os dados de todos os outros usuários. Opcional, mas necessário para realizar certas ações, tais como enviar mensagens de assinatura.';
$lang['admin_password'] = 'A senha do usuário acima.';
$lang['sso'] = 'Usar Single-Sign-On através do Kerberos ou NTLM?';
$lang['sso_charset'] = 'A codificação de caracteres que seu servidor web passará o nome de usuário Kerberos ou NTLM. Vazio para UTF-8 ou latin-1. Requere a extensão iconv.';
$lang['real_primarygroup'] = 'O grupo primário real deve ser resolvido ao invés de assumirmos como "Usuários do Domínio" (mais lento)';
$lang['use_ssl'] = 'Usar conexão SSL? Se usar, não habilitar TLS abaixo.';
$lang['use_tls'] = 'Usar conexão TLS? se usar, não habilitar SSL acima.';
$lang['debug'] = 'Mostrar saída adicional de depuração em mensagens de erros?';
$lang['expirywarn'] = 'Dias com antecedência para avisar o usuário de uma senha que vai expirar. 0 para desabilitar.';
$lang['additional'] = 'Uma lista separada de vírgulas de atributos adicionais AD para pegar dados de usuários. Usados por alguns plugins.';
$lang['update_name'] = 'Permitir aos usuários que atualizem seus nomes de exibição AD?';
$lang['update_mail'] = 'Permitir aos usuários que atualizem seu endereço de e-mail?';
$lang['recursive_groups'] = 'Resolver grupos aninhados para seus respectivos membros (mais lento).';

16
content/lib/plugins/authad/lang/pt/lang.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Paulo Schopf <pschopf@gmail.com>
* @author Maykon Oliveira <maykonoliveira850@gmail.com>
* @author Paulo Silva <paulotsilva@yahoo.com>
* @author André Neves <drakferion@gmail.com>
* @author Paulo Carmino <contato@paulocarmino.com>
*/
$lang['domain'] = 'Domínio de Login';
$lang['authpwdexpire'] = 'A sua senha expira dentro de %d dias, deve mudá-la em breve.';
$lang['passchangefail'] = 'Falha ao alterar a senha. Tente prosseguir com uma senha mais segura.';
$lang['userchangefail'] = 'Não foi possível alterar os atributos do usuário. Talvez sua conta não tenha permissões para fazer alterações?';
$lang['connectfail'] = 'Falha ao conectar com o servidor Active Directory.';

29
content/lib/plugins/authad/lang/pt/settings.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Paulo Schopf <pschopf@gmail.com>
* @author Maykon Oliveira <maykonoliveira850@gmail.com>
* @author André Neves <drakferion@gmail.com>
* @author Murilo <muriloricci@hotmail.com>
* @author Paulo Silva <paulotsilva@yahoo.com>
* @author Guido Salatino <guidorafael23@gmail.com>
* @author Guilherme Sá <guilherme.sa@hotmail.com>
*/
$lang['account_suffix'] = 'O sufixo da sua conta. Por exemplo, <code>@my.domain.org</code>';
$lang['base_dn'] = 'Sua base DN. Eg. <code> DC=meu, DC=dominio, DC=org </code>';
$lang['domain_controllers'] = 'Uma lista separada por vírgulas de Controladores de Domínio (AD DC). Ex.: <code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_username'] = 'Um usuário com privilégios no Active Directory que tenha acesso aos dados de todos os outros usuários. Opcional, mas necessário para certas ações como enviar e-mails de subscrição.';
$lang['admin_password'] = 'A senha para o usuário acima.';
$lang['sso'] = 'Deve ser usado o Single-Sign-On via Kerberos ou NTLM?';
$lang['sso_charset'] = 'O charset do seu servidor web vai passar o nome de usuário Kerberos ou NTLM vazio para UTF-8 ou latin-1. Requer a extensão iconv.';
$lang['real_primarygroup'] = 'O grupo primário deveria ser resolvido ao invés de assumir "Usuários de Domínio" (mais lento).';
$lang['use_ssl'] = 'Usar conexão SSL? Se usada, não ative a TLS abaixo.';
$lang['use_tls'] = 'Usar conexão TLS? Se usada, não ative SSL abaixo.';
$lang['debug'] = 'Deve-se mostrar saída adicional de depuração de erros?';
$lang['expirywarn'] = 'Número de dias de avanço para avisar o utilizador da expiração da senha. 0 para desativar.';
$lang['additional'] = 'Uma lista separada por vírgula de atributos adicionais de AD para buscar a partir de dados do usuário. Usado por alguns plugins.';
$lang['update_name'] = 'Permitir que os usuários atualizem seu nome de exibição do AD?';
$lang['update_mail'] = 'Permitir que usuários atualizem seus endereços de e-mail?';
$lang['recursive_groups'] = 'Resolve grupos aninhados para seus respectivos membros (mais lento).';

11
content/lib/plugins/authad/lang/ro/lang.php Normal file
View File

@@ -0,0 +1,11 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Razvan Deaconescu <razvan.deaconescu@cs.pub.ro>
* @author Adrian Vesa <adrianvesa@dotwikis.com>
*/
$lang['authpwdexpire'] = 'Parola va expira în %d zile, ar trebui să o schimbi în curând.';
$lang['passchangefail'] = 'Parola nu a putu fi schimbata. Poate politica pentru parole nu a fost indeplinita ?';
$lang['userchangefail'] = 'Nu am putu schimba atributiile pentru acest utilizator. Poate nu ai permisiunea sa faci aceste schimbari ?';

8
content/lib/plugins/authad/lang/ro/settings.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Victor <kvp@live.com>
*/
$lang['admin_password'] = 'Parola utilizatorului de mai sus.';

15
content/lib/plugins/authad/lang/ru/lang.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Yuriy Skalko <yuriy.skalko@gmail.com>
* @author Aleksandr Selivanov <alexgearbox@yandex.ru>
* @author Takumo <9206984@mail.ru>
* @author dimsharav <dimsharav@gmail.com>
*/
$lang['domain'] = 'Домен';
$lang['authpwdexpire'] = 'Действие вашего пароля истекает через %d дней. Вы должны изменить его как можно скорее.';
$lang['passchangefail'] = 'Не удалось изменить пароль. Возможно, он не соответствует требованиям к паролю.';
$lang['userchangefail'] = 'Ошибка при изменении атрибутов пользователя. Возможно, у Вашей учетной записи недостаточно прав?';
$lang['connectfail'] = 'Невозможно соединиться с сервером Active Directory.';

32
content/lib/plugins/authad/lang/ru/settings.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Alexander Kh. <001.arx@gmail.com>
* @author Yuriy Skalko <yuriy.skalko@gmail.com>
* @author Ivan I. Udovichenko (sendtome@mymailbox.pp.ua)
* @author Aleksandr Selivanov <alexgearbox@gmail.com>
* @author Artur <ncuxxx@gmail.com>
* @author Erli Moen <evseev.jr@gmail.com>
* @author Владимир <id37736@yandex.ru>
* @author Type-kun <workwork-1@yandex.ru>
* @author Vitaly Filatenko <kot@hacktest.net>
* @author Radimir <radimir.shevchenko@gmail.com>
*/
$lang['account_suffix'] = 'Суффикс вашего аккаунта. Например, <code>@my.domain.org</code>';
$lang['base_dn'] = 'Ваш базовый DN. Например: <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = 'Список контроллеров домена, разделённых запятой. Например:<code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_username'] = 'Привилегированный пользователь Active Directory с доступом ко всем остальным пользовательским данным. Необязательно, однако необходимо для определённых действий вроде отправки почтовой подписки.';
$lang['admin_password'] = 'Пароль для указанного пользователя.';
$lang['sso'] = 'Использовать SSO (Single-Sign-On) через Kerberos или NTLM?';
$lang['sso_charset'] = 'Кодировка, в которой веб-сервер передаёт имя пользователя Kerberos или NTLM. Для UTF-8 или latin-1 остаётся пустым. Требует расширение iconv.';
$lang['real_primarygroup'] = 'Должна ли использоваться настоящая первичная группа вместо “Domain Users” (медленнее).';
$lang['use_ssl'] = 'Использовать SSL? Если да, то не включайте TLS.';
$lang['use_tls'] = 'Использовать TLS? Если да, то не включайте SSL.';
$lang['debug'] = 'Выводить дополнительную информацию при ошибках?';
$lang['expirywarn'] = 'За сколько дней нужно предупреждать пользователя о необходимости изменить пароль? Для отключения укажите 0 (ноль).';
$lang['additional'] = 'Дополнительные AD-атрибуты, разделённые запятой, для выборки из данных пользователя. Используется некоторыми плагинами.';
$lang['update_name'] = 'Разрешить пользователям редактировать свое AD-имя?';
$lang['update_mail'] = 'Разрешить пользователям редактировать свой электронный адрес?';
$lang['recursive_groups'] = 'Разрешить вложенные группы их соответствующим членам.';

12
content/lib/plugins/authad/lang/sk/lang.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Martin Michalek <michalek.dev@gmail.com>
*/
$lang['domain'] = 'Prihlasovacia doména';
$lang['authpwdexpire'] = 'Platnosť hesla vyprší za %d dní, mali by ste ho zmeniť čo najskôr.';
$lang['passchangefail'] = 'Nepodarilo sa zmeniť heslo. Možno neboli splnené podmienky';
$lang['userchangefail'] = 'Nepodarilo sa zmeniť atribúty používateľa. Možno tvoj účet nemá oprávnenia na vykonanie týchto zmien?';
$lang['connectfail'] = 'Nepodarilo sa pripojiť na Active Directory server.';

22
content/lib/plugins/authad/lang/sk/settings.php Normal file
View File

@@ -0,0 +1,22 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Martin Michalek <michalek.dev@gmail.com>
*/
$lang['account_suffix'] = 'Prípona používateľského účtu. Napr. <code>@my.domain.org</code>';
$lang['base_dn'] = 'Vaše base DN. Napr. <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = 'Zoznam doménových radičov oddelených čiarkou. Napr. <code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_username'] = 'Privilegovaný používateľ Active Directory s prístupom ku všetkým dátam ostatných používateľov. Nepovinné nastavenie, ale potrebné pre určité akcie ako napríklad zasielanie mailov o zmenách.';
$lang['admin_password'] = 'Heslo vyššie uvedeného používateľa.';
$lang['sso'] = 'Použiť Single-Sign-On cez Kerberos alebo NTLM?';
$lang['sso_charset'] = 'Znaková sada, v ktorej bude webserver prenášať meno Kerberos or NTLM používateľa. Prázne pole znamená UTF-8 alebo latin-1. Vyžaduje iconv rozšírenie.';
$lang['real_primarygroup'] = 'Použiť skutočnú primárnu skupinu používateľa namiesto "Doménoví používatelia" (pomalšie).';
$lang['use_ssl'] = 'Použiť SSL pripojenie? Ak áno, nepovoľte TLS nižšie.';
$lang['use_tls'] = 'Použiť TLS pripojenie? Ak áno, nepovoľte SSL vyššie.';
$lang['debug'] = 'Zobraziť dodatočné ladiace informácie pri chybe?';
$lang['expirywarn'] = 'Počet dní pred uplynutím platnosti hesla, počas ktorých používateľ dostáva upozornenie. 0 deaktivuje túto voľbu.';
$lang['additional'] = 'Zoznam dodatočných AD atribútov oddelených čiarkou získaných z údajov používateľa. Používané niektorými pluginmi.';
$lang['update_name'] = 'Povoliť používateľom zmenu ich zobrazovaného mena v AD?';
$lang['update_mail'] = 'Povoliť používateľom zmenu ich emailovej adresy?';

8
content/lib/plugins/authad/lang/sl/lang.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author matej <mateju@svn.gnome.org>
*/
$lang['authpwdexpire'] = 'Geslo bo poteklo v %d dneh. Priporočljivo ga je zamenjati.';

11
content/lib/plugins/authad/lang/sl/settings.php Normal file
View File

@@ -0,0 +1,11 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author matej <mateju@svn.gnome.org>
* @author Jernej Vidmar <jernej.vidmar@vidmarboehm.com>
*/
$lang['admin_password'] = 'Geslo zgoraj omenjenega uporabnika';
$lang['use_tls'] = 'Uporabi TLS povezavo? Če da, ne vključi SSL povezave zgoraj.';
$lang['debug'] = 'Ali naj bodo prikazane dodatne podrobnosti napak?';

12
content/lib/plugins/authad/lang/sr/lang.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Марко М. Костић <marko.m.kostic@gmail.com>
*/
$lang['domain'] = 'Домен пријаве';
$lang['authpwdexpire'] = 'Ваша лозинка ће истећи за %d дан(а), требало би да је промените ускоро.';
$lang['passchangefail'] = 'Нисам успео да променим лозинку. Можда нису испоштована правила за промену лозинке.';
$lang['userchangefail'] = 'Нисам успео да променим корисничке особине. Можда ваш налог нема довољно овлашћења за прављење измена?';
$lang['connectfail'] = 'Нисам успео да се повежем на Active Directory сервер.';

24
content/lib/plugins/authad/lang/sr/settings.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Milan Oparnica <milan.opa@gmail.com>
* @author Марко М. Костић <marko.m.kostic@gmail.com>
*/
$lang['account_suffix'] = 'Суфикс на вашем налогу. Нпр.: <code>@moj.domen.rs</code>';
$lang['base_dn'] = 'Ваше основно име домена. Нпр.: <code>DC=moj,DC=domen,DC=org</code>';
$lang['domain_controllers'] = 'Списак доменских контролера, одвојених зарезима. Нпр.: <code>srv1.domen.org,srv2.domen.org</code>';
$lang['admin_username'] = 'Повлашћени Active Directory корисник са приступом подацима свих корисника. Изборно али је потребно за одређене радње као што је слање мејлова о претплаћивању.';
$lang['admin_password'] = 'Лозинка за корисника изнад.';
$lang['sso'] = 'Да ли треба да се користи Single-Sign-On преко Кербероса или NTLM-а?';
$lang['sso_charset'] = 'Znakovni kod u kom će vaš webserver proslediti Kerberos ili NTLM serveru vaše ime. Ostavite prazno za UTF-8 ili latin-1. Zahteva iconv ekstenziju.';
$lang['real_primarygroup'] = 'Da li treba razrešiti pravu primarnu grupu ili pretpostaviti grupu "Domain Users" (sporije)';
$lang['use_ssl'] = 'Користити SSL везу? Ако се користи, не омогућујте TLS испод.';
$lang['use_tls'] = 'Користити TLS везу? Ако се користи, не омогућујте SSL испод.';
$lang['debug'] = 'Приказати додатан излаз за поправљање грешака код настанка грешака?';
$lang['expirywarn'] = 'Дана унапред за које треба упозорити корисника на истицање лозинке. 0 за искључивање.';
$lang['additional'] = 'Spisak dodatni AD atributa, razdvojen zarezima, koje treba preuzeti iz korisničkih podataka. Koristi se u nekim dodacima (plugin).';
$lang['update_name'] = 'Дозволити корисницима да ажурирају њихово AD приказно име?';
$lang['update_mail'] = 'Дозволити корисницима да ажурирају њихове мејл адрсе?';
$lang['recursive_groups'] = 'Razrešenje ugnježdenih grupa do nivoa pripadajućih članova (sporije)';

13
content/lib/plugins/authad/lang/sv/lang.php Normal file
View File

@@ -0,0 +1,13 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Tor Härnqvist <tor@harnqvist.se>
* @author Smorkster Andersson smorkster@gmail.com
*/
$lang['domain'] = 'Inloggningsdomän';
$lang['authpwdexpire'] = 'Ditt lösenord kommer att bli ogiltigt om %d dagar, du bör ändra det snart.';
$lang['passchangefail'] = 'Kunde inte ändra lösenord. Kanske var inte lösenordspolicyn uppfylld?';
$lang['userchangefail'] = 'Kunde inte ändra användaregenskaper. Kanske har ditt konto inte behörighet att göra ändringar?';
$lang['connectfail'] = 'Kunde inte ansluta till Active Directory-server.';

20
content/lib/plugins/authad/lang/sv/settings.php Normal file
View File

@@ -0,0 +1,20 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Tor Härnqvist <tor@harnqvist.se>
* @author Smorkster Andersson smorkster@gmail.com
*/
$lang['account_suffix'] = 'Ditt konto suffix. T.ex. <code>min.domän.org</code>';
$lang['base_dn'] = 'Din bas-DN. T ex <code>DC=min,DC=domän,DC=org</code>';
$lang['domain_controllers'] = 'En kommaseparerad lista av Domain controllers. T ex <code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_password'] = 'Lösenord för användare ovan.';
$lang['sso'] = 'Ska Single-Sign-On via Kerberos eller NTLM användas?';
$lang['use_ssl'] = 'Använda SSL anslutning? Om använd, möjliggör inte TLS nedan.';
$lang['use_tls'] = 'Använda TLS anslutning? Om använd, möjliggör inte SSL ovan.';
$lang['debug'] = 'Visa utökad avlusningsinformation för fel?';
$lang['expirywarn'] = 'Antakl dagar i förväg att varna användare om utgående lösenord. 0 för att inaktivera.';
$lang['additional'] = 'En komma-separerad lista på extra AT-attibut att hämta från användardata. Används av vissa plugin.';
$lang['update_name'] = 'Tillåt användare att uppdatera deras AD-visningsnamn?';
$lang['update_mail'] = 'Tillåt användare att uppdatera deras e-postadresser?';

12
content/lib/plugins/authad/lang/tr/lang.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author mahir <mahirtakak@gmail.com>
* @author farukerdemoncel <farukerdemoncel@gmail.com>
*/
$lang['domain'] = 'Oturum alanadı';
$lang['authpwdexpire'] = 'Şifreniz %d gün sonra geçersiz hale gelecek, yakın bir zamanda değiştirmelisiniz.';
$lang['passchangefail'] = 'Şifre değiştirilemedi. Şifre gereklilikleri yerine getirilmemiş olabilir mi?';
$lang['connectfail'] = 'Active Directory sunucusuna bağlanılamadı';

12
content/lib/plugins/authad/lang/tr/settings.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Hakan <hakandursun2009@gmail.com>
* @author mahir <mahirtakak@gmail.com>
*/
$lang['admin_password'] = 'Yukarıdaki kullanıcının şifresi.';
$lang['debug'] = 'Hatalarda ek hata ayıklama çıktısı gösterilsin mi?';
$lang['update_name'] = 'Kullanıcıların AD görünen adlarını güncellemelerine izin verilsin mi?';
$lang['update_mail'] = 'Kullanıcıların e-posta adresini güncellemelerine izin verilsin mi?';

14
content/lib/plugins/authad/lang/uk/lang.php Normal file
View File

@@ -0,0 +1,14 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Олексій <alexey.furashev@gmail.com>
* @author Vitaly <vitaly.balashov@smuzzy.com.ua>
* @author Nina Zolotova <nina-z@i.ua>
*/
$lang['domain'] = 'Домен';
$lang['authpwdexpire'] = 'Дія вашого паролю завершится через %d днів, вам необхідно змінити його щонайвшидше.';
$lang['passchangefail'] = 'Не вдалося змінити пароль. Можливо, політика пароля не була застосована?';
$lang['userchangefail'] = 'Не вийшло змінити атрибути користувача. Можливо, у вашого акаунту немає дозволу на внесення змін?';
$lang['connectfail'] = 'Не вийшло з\'єднатися с сервером Active Directory.';

19
content/lib/plugins/authad/lang/uk/settings.php Normal file
View File

@@ -0,0 +1,19 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author velmyshanovnyi <velmyshanovnyi@gmail.com>
* @author Oleksii <alexey.furashev@gmail.com>
* @author Nina Zolotova <nina-z@i.ua>
*/
$lang['account_suffix'] = 'Суфікс вашого облікового запису. Щось на шквалт: <code>@my.domain.org</code>';
$lang['base_dn'] = 'Ваш DN. Щось на шквалт: <code>DC=my,DC=domain,DC=org</code>';
$lang['admin_password'] = 'Пароль вказаного користувача.';
$lang['sso'] = 'Чи потрібно використовувати Single-Sign-On через Kerberos чи NTLM?';
$lang['use_ssl'] = 'Використовуєте SSL-з\'єднання? Якщо так, не вмикайте TLS нижче.';
$lang['use_tls'] = 'Використовуєте TLS-з\'єднання? Якщо так, не вмикайте SSL нижче.';
$lang['debug'] = 'Показати додаткові відомості щодо помилок?';
$lang['expirywarn'] = 'Кількість днів за яких попереджати про закінчення дії пароля користувача. 0 - не попереджати.';
$lang['update_name'] = 'Дозволити користувачам оновлювати ім\'я AD, яке відображається?';
$lang['update_mail'] = 'Дозволити користувачам оновлювати їх адреси електронної пошлти?';

12
content/lib/plugins/authad/lang/vi/lang.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Thien Hau <thienhau.9a14@gmail.com>
*/
$lang['domain'] = 'Đăng nhập tên miền';
$lang['authpwdexpire'] = 'Mật khẩu của bạn sẽ hết hạn sau %d ngày, bạn nên thay đổi sớm.';
$lang['passchangefail'] = 'Không thể thay đổi mật khẩu. Có lẽ chưa đáp ứng được chính sách mật khẩu?';
$lang['userchangefail'] = 'Không thể thay đổi thuộc tính thành viên. Có lẽ tài khoản của bạn không có quyền thực hiện thay đổi?';
$lang['connectfail'] = 'Không thể kết nối với máy chủ Active Directory.';

23
content/lib/plugins/authad/lang/vi/settings.php Normal file
View File

@@ -0,0 +1,23 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author Thien Hau <thienhau.9a14@gmail.com>
*/
$lang['account_suffix'] = 'Hậu tố tài khoản của bạn. VD. <code>@my.domain.org</code>';
$lang['base_dn'] = 'DN cơ sở của bạn. VD. <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = 'Một danh sách các bộ điều khiển miền được phân tách bằng dấu phẩy. VD. <code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_username'] = 'Thành viên Active Directory đặc quyền có quyền truy cập vào tất cả dữ liệu của thành viên khác. Tùy chọn, nhưng cần thiết cho một số hành động nhất định như gửi thư đăng ký.';
$lang['admin_password'] = 'Mật khẩu của thành viên trên.';
$lang['sso'] = 'Nên đăng nhập một lần qua Kerberos hoặc NTLM?';
$lang['sso_charset'] = 'Bộ ký tự máy chủ web của bạn sẽ chuyển tên người dùng Kerberos hoặc NTLM. Để trống cho UTF-8 hoặc latin-1. Yêu cầu phần mở rộng iconv.';
$lang['real_primarygroup'] = 'Nên giải quyết nhóm chính thực sự thay vì giả sử "Tên miền thành viên" (chậm hơn).';
$lang['use_ssl'] = 'Sử dụng kết nối SSL? Nếu được sử dụng, không kích hoạt TLS bên dưới.';
$lang['use_tls'] = 'Sử dụng kết nối TLS? Nếu được sử dụng, không kích hoạt SSL ở trên.';
$lang['debug'] = 'Hiển thị đầu ra gỡ lỗi bổ sung về lỗi?';
$lang['expirywarn'] = 'Báo trước ngày để cảnh báo thành viên về việc hết hạn mật khẩu. Đặt thành 0 để vô hiệu hóa.';
$lang['additional'] = 'Một danh sách được phân tách bằng dấu phẩy của các thuộc tính AD bổ sung để tìm nạp dữ liệu thành viên. Được sử dụng bởi một số plugin.';
$lang['update_name'] = 'Cho phép thành viên cập nhật tên hiển thị AD?';
$lang['update_mail'] = 'Cho phép thành viên cập nhật địa chỉ thư điện tử?';
$lang['recursive_groups'] = 'Giải quyết những nhóm lồng nhau cho các thành viên tương ứng (chậm hơn).';

10
content/lib/plugins/authad/lang/zh-tw/lang.php Normal file
View File

@@ -0,0 +1,10 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author June-Hao Hou <junehao@gmail.com>
* @author syaoranhinata@gmail.com
*/
$lang['domain'] = '登入網域';
$lang['authpwdexpire'] = '您的密碼將在 %d 天內到期,請馬上更換新密碼。';

21
content/lib/plugins/authad/lang/zh-tw/settings.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author syaoranhinata@gmail.com
* @author June-Hao Hou <junehao@gmail.com>
*/
$lang['account_suffix'] = '您的帳號後綴。如: <code>@my.domain.org</code>';
$lang['base_dn'] = '您的基本識別名。如: <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = '以逗號分隔的域名控制器列表。如: <code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_username'] = 'Active Directory 的特權使用者,可以查看所有使用者的數據。(非必要,但對發送訂閱郵件等活動來說,這是必須的。)';
$lang['admin_password'] = '上述使用者的密碼。';
$lang['sso'] = '是否使用 Kerberos 或 NTLM 的單一登入系統 (Single-Sign-On)';
$lang['sso_charset'] = '你的網站伺服器傳遞 Kerberos 或 NTML 帳號名稱所用的語系編碼。空白表示 UTF-8 或 latin-1。此設定需要用到 iconv 套件。';
$lang['real_primarygroup'] = '是否視作真正的主要群組,而不是假設為網域使用者 (比較慢)';
$lang['use_ssl'] = '使用 SSL 連接嗎?如果要使用,請不要啟用下方的 TLS。';
$lang['use_tls'] = '使用 TLS 連接嗎?如果要使用,請不要啟用上方的 SSL。';
$lang['debug'] = '有錯誤時,顯示額外除錯資訊嗎?';
$lang['expirywarn'] = '提前多少天警告使用者密碼即將到期。輸入0表示停用。';
$lang['additional'] = '從使用者數據中取得額外 AD 屬性列表,以供某些附加元件使用。列表以逗號分隔。';

14
content/lib/plugins/authad/lang/zh/lang.php Normal file
View File

@@ -0,0 +1,14 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author lainme <lainme993@gmail.com>
* @author Errol <errol@hotmail.com>
* @author phy25 <git@phy25.com>
*/
$lang['domain'] = '登录域';
$lang['authpwdexpire'] = '您的密码将在 %d 天内过期,请尽快更改。';
$lang['passchangefail'] = '密码更改失败。是不是密码规则不符合?';
$lang['userchangefail'] = '更改用户属性失败。或许您的帐号没有做此更改的权限?';
$lang['connectfail'] = '无法连接到Active Directory服务器。';

27
content/lib/plugins/authad/lang/zh/settings.php Normal file
View File

@@ -0,0 +1,27 @@
<?php
/**
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
*
* @author HaoNan <haonan@zhuoming.info>
* @author lainme <lainme993@gmail.com>
* @author oott123 <ip.192.168.1.1@qq.com>
* @author JellyChen <451453325@qq.com>
* @author 高博 <bobnemo1983@gmail.com>
*/
$lang['account_suffix'] = '您的账户后缀。例如 <code>@my.domain.org</code>';
$lang['base_dn'] = '您的基本分辨名。例如 <code>DC=my,DC=domain,DC=org</code>';
$lang['domain_controllers'] = '逗号分隔的域名控制器列表。例如 <code>srv1.domain.org,srv2.domain.org</code>';
$lang['admin_username'] = '一个活动目录的特权用户,可以查看其他所有用户的数据。可选,但对某些活动例如发送订阅邮件是必须的。';
$lang['admin_password'] = '上述用户的密码。';
$lang['sso'] = '是否使用经由 Kerberos 和 NTLM 的 Single-Sign-On';
$lang['sso_charset'] = '服务器传入 Kerberos 或者 NTLM 用户名的编码。留空为 UTF-8 或 latin-1 。此功能需要服务器支持iconv扩展。';
$lang['real_primarygroup'] = ' 是否解析真实的主要组,而不是假设为“域用户” (较慢)';
$lang['use_ssl'] = '使用 SSL 连接?如果是,不要激活下面的 TLS。';
$lang['use_tls'] = '使用 TLS 连接?如果是 ,不要激活上面的 SSL。';
$lang['debug'] = '有错误时显示额外的调试信息?';
$lang['expirywarn'] = '提前多少天警告用户密码即将到期。0 则禁用。';
$lang['additional'] = '需要从用户数据中获取的额外 AD 属性的列表,以逗号分隔。用于某些插件。';
$lang['update_name'] = '允许用户更新其AD显示名称';
$lang['update_mail'] = '是否允许用户更新他们的电子邮件地址?';
$lang['recursive_groups'] = '将嵌套组拆分为各自的成员(较慢)';

7
content/lib/plugins/authad/plugin.info.txt Normal file
View File

@@ -0,0 +1,7 @@
base authad
author Andreas Gohr
email andi@splitbrain.org
date 2015-07-13
name Active Directory Auth Plugin
desc Provides user authentication against a Microsoft Active Directory
url http://www.dokuwiki.org/plugin:authad