_("Your account"))); dual_begin(array()); print("

" . _("Home") . " / " . _("Your account") . "

\n"); print("

" . _("You have not authenticated yourself to the system yet with your") . " " . _("username") . " " . _("and") . " " . _("password") . ". " . _("You will not be able to use this section of the website without authenticating yourself first. So, please continue and login using the form on the right hand side.") . "

\n"); dual_middle(array()); show_account_details(array()); dual_end(array()); generic_footer(array()); exit; } generic_header(array("title" => _("Administration Section"))); single_begin(array()); print("

" . _("Home") . " / " . _("Administration Section") . "

\n"); $winbind_serverstring = ""; $winbind_workgroup = ""; $winbind_enabled = false; $winbind_uid_begin = 10000; $winbind_uid_end = 20000; $winbind_gid_begin = 10000; $winbind_gid_end = 20000; $winbind_pdc = ""; $winbind_admin_username = ""; $winbind_admin_password = ""; function smb_startelement($parser, $name, $attrs) { global $winbind_serverstring, $winbind_workgroup; global $winbind_enabled, $winbind_uid_begin, $winbind_uid_end, $winbind_gid_begin, $winbind_gid_end; global $winbind_pdc, $winbind_admin_username, $winbind_admin_password; if ($name == "SERVERSTRING") $winbind_serverstring = $attrs["VALUE"]; else if ($name == "WORKGROUP") $winbind_workgroup = $attrs["VALUE"]; else if ($name == "WINBIND") { $winbind_enabled = ($attrs["ENABLED"] == "on"); $winbind_uid_begin = $attrs["UIDBEGIN"]; $winbind_uid_end = $attrs["UIDEND"]; $winbind_gid_begin = $attrs["GIDBEGIN"]; $winbind_gid_end = $attrs["GIDEND"]; $winbind_pdc = $attrs["PDC"]; $winbind_admin_username = $attrs["ADMINUSERNAME"]; $winbind_admin_password = $attrs["ADMINPASSWORD"]; } } function smb_endelement($parser, $name) { } $smb_parser = xml_parser_create(); xml_set_element_handler($smb_parser, "smb_startelement", "smb_endelement"); $smb_fp = fopen("/opt/openfiler/etc/smb_settings.xml", "r"); while ($smb_data = fread($smb_fp, 4096)) xml_parse($smb_parser, $smb_data, feof($smb_fp)); fclose($smb_fp); xml_parser_free($smb_parser); if (count($HTTP_POST_VARS) > 0) { $authconfigcommand = "/usr/bin/sudo /usr/sbin/authconfig --kickstart"; if (strlen($HTTP_POST_VARS["usecache"]) > 0) { if (strcasecmp($HTTP_POST_VARS["usecache"], "on") == 0) $authconfigcommand .= " --enablecache"; } else $authconfigcommand .= " --disablecache"; if (strlen($HTTP_POST_VARS["usenis"]) > 0) { if (strcasecmp($HTTP_POST_VARS["usenis"], "on") == 0) $authconfigcommand .= " --enablenis --nisdomain=\"" . $HTTP_POST_VARS["nisdomain"] . "\" --nisserver=\"" . $HTTP_POST_VARS["nisserver"] . "\""; } else $authconfigcommand .= " --disablenis"; if (strlen($HTTP_POST_VARS["useldap"]) > 0) { if (strcasecmp($HTTP_POST_VARS["useldap"], "on") == 0) $authconfigcommand .= " --enableldap --ldapserver=\"" . $HTTP_POST_VARS["ldapserver"] . "\" --ldapbasedn=\"" . $HTTP_POST_VARS["ldapbasedn"] . "\""; } else $authconfigcommand .= " --disableldap"; if (strlen($HTTP_POST_VARS["ldaptls"]) > 0) { if (strcasecmp($HTTP_POST_VARS["ldaptls"], "on") == 0) $authconfigcommand .= " --enableldaptls"; } else $authconfigcommand .= " --disableldaptls"; if (strlen($HTTP_POST_VARS["useldapauth"]) > 0) { if (strcasecmp($HTTP_POST_VARS["useldapauth"], "on") == 0) $authconfigcommand .= " --enableldapauth"; } else $authconfigcommand .= " --disableldapauth"; if (strlen($HTTP_POST_VARS["usehesiod"]) > 0) { if (strcasecmp($HTTP_POST_VARS["usehesiod"], "on") == 0) $authconfigcommand .= " --enablehesiod --hesiodlhs=\"" . $HTTP_POST_VARS["hesiodlhs"] . "\" --hesiodrhs=\"" . $HTTP_POST_VARS["hesiodrhs"] . "\""; } else $authconfigcommand .= " --disablehesiod"; if (strlen($HTTP_POST_VARS["useshadow"]) > 0) { if (strcasecmp($HTTP_POST_VARS["useshadow"], "on") == 0) $authconfigcommand .= " --enableshadow"; } else $authconfigcommand .= " --disableshadow"; if (strlen($HTTP_POST_VARS["usemd5"]) > 0) { if (strcasecmp($HTTP_POST_VARS["usemd5"], "on") == 0) $authconfigcommand .= " --enablemd5"; } else $authconfigcommand .= " --disablemd5"; if (strlen($HTTP_POST_VARS["usekerberos"]) > 0) { if (strcasecmp($HTTP_POST_VARS["usekerberos"], "on") == 0) $authconfigcommand .= " --enablekrb5 --krb5realm=\"" . $HTTP_POST_VARS["krbrealm"] . "\" --krb5kdc=\"" . $HTTP_POST_VARS["krbkdc"] . "\" --krb5adminserver=\"" . $HTTP_POST_VARS["krbadminserver"] . "\""; } else $authconfigcommand .= " --disablekrb5"; if (strlen($HTTP_POST_VARS["usesmb"]) > 0) { if (strcasecmp($HTTP_POST_VARS["usesmb"], "on") == 0) $authconfigcommand .= " --enablesmbauth --smbworkgroup=\"" . $HTTP_POST_VARS["smbworkgroup"] . "\" --smbservers=\"" . $HTTP_POST_VARS["smbservers"] . "\""; } else $authconfigcommand .= " --disablesmbauth"; exec($authconfigcommand); $fp = popen("/usr/bin/sudo /usr/bin/tee /opt/openfiler/etc/smb_settings.xml", "w"); fputs($fp, "\n"); fputs($fp, "\n"); fputs($fp, "\t\n"); fputs($fp, "\t\n"); fputs($fp, "\t\n"); fputs($fp, "\n"); pclose($fp); if ($usewinbind == "on") { $nsswitch_data = file("/etc/nsswitch.conf"); $fp = popen("/usr/bin/sudo /usr/bin/tee /etc/nsswitch.conf", "w"); for ($i = 0; $i < count($nsswitch_data); $i++) { if (((strncmp($nsswitch_data[$i], "passwd:", 7) == 0) || (strncmp($nsswitch_data[$i], "shadow:", 7) == 0) || (strncmp($nsswitch_data[$i], "group:", 6) == 0)) && (!strstr($nsswitch_data[$i], "winbind"))) fputs($fp, substr($nsswitch_data[$i], 0, strlen($nsswitch_data[$i]) - 1) . " winbind\n"); else fputs($fp, $nsswitch_data[$i]); } pclose($fp); $fp = popen("/usr/bin/sudo /usr/bin/tee /etc/pam.d/system-auth", "w"); fputs($fp, "#%PAM-1.0\n"); fputs($fp, "# This file is auto-generated.\n"); fputs($fp, "# User changes will be destroyed the next time authconfig is run.\n"); fputs($fp, "auth required /lib/security/pam_env.so\n"); fputs($fp, "auth sufficient /lib/security/pam_unix.so likeauth nullok\n"); fputs($fp, "auth sufficient /lib/security/pam_winbind.so\n"); fputs($fp, "auth required /lib/security/pam_deny.so\n"); fputs($fp, "\n"); fputs($fp, "account required /lib/security/pam_unix.so\n"); fputs($fp, "account required /lib/security/pam_winbind.so\n"); fputs($fp, "\n"); fputs($fp, "password required /lib/security/pam_cracklib.so retry=3 type=\n"); fputs($fp, "password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow\n"); fputs($fp, "password required /lib/security/pam_deny.so\n"); fputs($fp, "\n"); fputs($fp, "session required /lib/security/pam_limits.so\n"); fputs($fp, "session required /lib/security/pam_unix.so\n"); fputs($fp, "\n"); pclose($fp); exec("/usr/bin/sudo /usr/bin/smbpasswd -j " . $winbindworkgroup . " -r " . $winbindpdc . " -U " . $winbindadminusername . " " . $winbindadminpassword); } else { $fp = popen("/usr/bin/sudo /usr/bin/tee /etc/pam.d/system-auth", "w"); fputs($fp, "#%PAM-1.0\n"); fputs($fp, "# This file is auto-generated.\n"); fputs($fp, "# User changes will be destroyed the next time authconfig is run.\n"); fputs($fp, "auth required /lib/security/pam_env.so\n"); fputs($fp, "auth sufficient /lib/security/pam_unix.so likeauth nullok\n"); fputs($fp, "auth required /lib/security/pam_deny.so\n"); fputs($fp, "\n"); fputs($fp, "account required /lib/security/pam_unix.so\n"); fputs($fp, "\n"); fputs($fp, "password required /lib/security/pam_cracklib.so retry=3 type=\n"); fputs($fp, "password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow\n"); fputs($fp, "password required /lib/security/pam_deny.so\n"); fputs($fp, "\n"); fputs($fp, "session required /lib/security/pam_limits.so\n"); fputs($fp, "session required /lib/security/pam_unix.so\n"); fputs($fp, "\n"); pclose($fp); } apply_configuration(); if ($usewinbind == "on") { exec("/usr/bin/sudo /sbin/chkconfig winbind on"); exec("/usr/bin/sudo /sbin/service winbind restart"); } else { exec("/usr/bin/sudo /sbin/chkconfig winbind off"); exec("/usr/bin/sudo /sbin/service winbind stop"); } exec("/usr/bin/sudo /sbin/service nscd restart"); // exec("/usr/bin/sudo /sbin/service openfiler reload"); header("Location: ./"); exit; } ?>

Welcome Administrator. The following are various system information and preferences, arranged into tabs. Please click on a tab to open up that category.

User Information Configuration

/> Cache Information

/> Use NIS

Domain:
Server:

/> Use LDAP

/> Use TLS
Server:
Base DN:

/> Use Winbind

UID range:		to:
GID range:		to:
PDC host:
Administrator username:
Administrator password:
Please note that if you use Winbind, you will have to enter a valid workgroup in the SMB Settings section for Winbind to function properly.

/> Use Hesiod

LHS:
RHS:

Authentication Configuration

/> Use Shadow Passwords

/> Use MD5 Passwords

/> Use LDAP Authentication

/> Use TLS
Server:
Base DN:

/> Use Kerberos 5

Realm:
KDC:
Admin Server:

/> Use SMB Authentication

Workgroup:
Servers: