auth/ldap/config.html

   1 <?php
   2
   3 // Set to defaults if undefined
   4 if (!isset($config->host_url)) {
   5     $config->host_url = '';
   6 }
   7 if (empty($config->ldapencoding)) {
   8     $config->ldapencoding = 'utf-8';
   9 }
  10 if (!isset($config->contexts)) {
  11     $config->contexts = '';
  12 }
  13 if (!isset($config->user_type)) {
  14     $config->user_type = 'default';
  15 }
  16 if (!isset($config->user_attribute)) {
  17     $config->user_attribute = '';
  18 }
  19 if (!isset($config->search_sub)) {
  20     $config->search_sub = '';
  21 }
  22 if (!isset($config->opt_deref)) {
  23     $config->opt_deref = LDAP_DEREF_NEVER;
  24 }
  25 if (!isset($config->preventpassindb)) {
  26     $config->preventpassindb = 0;
  27 }
  28 if (!isset($config->bind_dn)) {
  29     $config->bind_dn = '';
  30 }
  31 if (!isset($config->bind_pw)) {
  32     $config->bind_pw = '';
  33 }
  34 if (!isset($config->ldap_version)) {
  35     $config->ldap_version = '3';
  36 }
  37 if (!isset($config->objectclass)) {
  38     $config->objectclass = '';
  39 }
  40 if (!isset($config->memberattribute)) {
  41     $config->memberattribute = '';
  42 }
  43 if (!isset($config->memberattribute_isdn)) {
  44     $config->memberattribute_isdn = '';
  45 }
  46 if (!isset($config->creators)) {
  47     $config->creators = '';
  48 }
  49 if (!isset($config->create_context)) {
  50     $config->create_context = '';
  51 }
  52 if (!isset($config->expiration)) {
  53     $config->expiration = '';
  54 }
  55 if (!isset($config->expiration_warning)) {
  56     $config->expiration_warning = '10';
  57 }
  58 if (!isset($config->expireattr)) {
  59     $config->expireattr = '';
  60 }
  61 if (!isset($config->gracelogins)) {
  62     $config->gracelogins = '';
  63 }
  64 if (!isset($config->graceattr)) {
  65     $config->graceattr = '';
  66 }
  67 if (!isset($config->auth_user_create)) {
  68     $config->auth_user_create = '';
  69 }
  70 if (!isset($config->forcechangepassword)) {
  71     $config->forcechangepassword = 0;
  72 }
  73 if (!isset($config->stdchangepassword)) {
  74     $config->stdchangepassword = 0;
  75 }
  76 if (!isset($config->passtype)) {
  77     $config->passtype = 'plaintext';
  78 }
  79 if (!isset($config->changepasswordurl)) {
  80     $config->changepasswordurl = '';
  81 }
  82 if (!isset($config->removeuser)) {
  83     $config->removeuser = AUTH_REMOVEUSER_KEEP;
  84 }
  85 if (!isset($config->ntlmsso_enabled)) {
  86     $config->ntlmsso_enabled = 0;
  87 }
  88 if (!isset($config->ntlmsso_subnet)) {
  89     $config->ntlmsso_subnet = '';
  90 }
  91 if (!isset($config->ntlmsso_ie_fastpath)) {
  92     $config->ntlmsso_ie_fastpath = 0;
  93 }
  94 if (!isset($config->ntlmsso_type)) {
  95     $config->ntlmsso_type = 'ntlm';
  96 }
  97
  98 $yesno = array(get_string('no'), get_string('yes'));
  99
 100 ?>
 101 <table cellspacing="0" cellpadding="5" border="0">
 102 <tr>
 103    <td colspan="2">
 104        <h4><?php print_string('auth_ldap_server_settings', 'auth_ldap') ?></h4>
 105    </td>
 106 </tr>
 107 <tr valign="top" class="required">
 108     <td align="right">
 109         <label for="host_url"><?php print_string('auth_ldap_host_url_key', 'auth_ldap') ?></label>
 110     </td>
 111     <td>
 112         <input name="host_url" id="host_url" type="text" size="30" value="<?php echo $config->host_url?>" />
 113         <?php if (isset($err['host_url'])) { echo $OUTPUT->error_text($err['host_url']); } ?>
 114     </td>
 115     <td>
 116         <?php print_string('auth_ldap_host_url', 'auth_ldap') ?>
 117     </td>
 118 </tr>
 119 <tr valign="top" class="required">
 120     <td align="right">
 121         <label for="menuldap_version"><?php print_string('auth_ldap_version_key', 'auth_ldap') ?></label>
 122     </td>
 123     <td>
 124         <?php
 125            $versions = array();
 126            $versions[2] = '2';
 127            $versions[3] = '3';
 128            echo html_writer::select($versions, 'ldap_version', $config->ldap_version, false);
 129            if (isset($err['ldap_version'])) { echo $OUTPUT->error_text($err['ldap_version']); }
 130         ?>
 131     </td>
 132     <td>
 133         <?php print_string('auth_ldap_version', 'auth_ldap') ?>
 134     </td>
 135 </tr>
 136 <tr valign="top" class="required">
 137     <td align="right">
 138         <label for="ldapencoding"><?php print_string('auth_ldap_ldap_encoding_key', 'auth_ldap') ?></label>
 139     </td>
 140     <td>
 141         <input id="ldapencoding" name="ldapencoding" type="text" value="<?php echo $config->ldapencoding ?>" />
 142         <?php if (isset($err['ldapencoding'])) { echo $OUTPUT->error_text($err['ldapencoding']); } ?>
 143     </td>
 144     <td>
 145         <?php print_string('auth_ldap_ldap_encoding', 'auth_ldap') ?>
 146     </td>
 147 </tr>
 148 <tr>
 149     <td colspan="2">
 150         <h4><?php print_string('auth_ldap_bind_settings', 'auth_ldap') ?></h4>
 151     </td>
 152 </tr>
 153 <tr valign="top" class="required">
 154     <td align="right">
 155         <label for="menupreventpassindb"><?php print_string('auth_ldap_preventpassindb_key', 'auth_ldap') ?></label>
 156     </td>
 157     <td>
 158         <?php echo html_writer::select($yesno, 'preventpassindb', $config->preventpassindb, false); ?>
 159     </td>
 160     <td>
 161         <?php print_string('auth_ldap_preventpassindb', 'auth_ldap') ?>
 162     </td>
 163 </tr>
 164 <tr valign="top" class="required">
 165     <td align="right">
 166         <label for="bind_dn"><?php print_string('auth_ldap_bind_dn_key', 'auth_ldap') ?></label>
 167     </td>
 168     <td>
 169         <input name="bind_dn" id="bind_dn" type="text" size="30" value="<?php echo $config->bind_dn?>" />
 170         <?php if (isset($err['bind_dn'])) { echo $OUTPUT->error_text($err['bind_dn']); } ?>
 171     </td>
 172     <td>
 173         <?php print_string('auth_ldap_bind_dn', 'auth_ldap') ?>
 174     </td>
 175 </tr>
 176 <tr valign="top" class="required">
 177     <td align="right">
 178         <label for="bind_pw"><?php print_string('auth_ldap_bind_pw_key', 'auth_ldap') ?></label>
 179     </td>
 180     <td>
 181         <input name="bind_pw" id="bind_pw" type="password" size="30" value="<?php echo $config->bind_pw?>" />
 182         <?php if (isset($err['bind_pw'])) { echo $OUTPUT->error_text($err['bind_pw']); } ?>
 183     </td>
 184     <td>
 185         <?php print_string('auth_ldap_bind_pw', 'auth_ldap') ?>
 186     </td>
 187 </tr>
 188 <tr>
 189     <td colspan="2">
 190         <h4><?php print_string('auth_ldap_user_settings', 'auth_ldap') ?></h4>
 191     </td>
 192 </tr>
 193 <tr valign="top" class="required">
 194     <td align="right">
 195         <label for="menuuser_type"><?php print_string('auth_ldap_user_type_key', 'auth_ldap') ?></label>
 196     </td>
 197     <td>
 198         <?php
 199             echo html_writer::select(ldap_supported_usertypes(), 'user_type', $config->user_type, false);
 200             if (isset($err['user_type'])) { echo $OUTPUT->error_text($err['user_type']); }
 201         ?>
 202     </td>
 203     <td>
 204         <?php print_string('auth_ldap_user_type', 'auth_ldap') ?>
 205     </td>
 206 </tr>
 207 <tr valign="top" class="required">
 208     <td align="right">
 209         <label for="contexts"><?php print_string('auth_ldap_contexts_key', 'auth_ldap') ?></label>
 210     </td>
 211     <td>
 212         <input name="contexts" id="contexts" type="text" size="30" value="<?php echo $config->contexts?>" />
 213         <?php if (isset($err['contexts'])) { echo $OUTPUT->error_text($err['contexts']); } ?>
 214     </td>
 215     <td>
 216         <?php print_string('auth_ldap_contexts', 'auth_ldap') ?>
 217     </td>
 218 </tr>
 219 <tr valign="top" class="required">
 220     <td align="right">
 221         <label for="menusearch_sub"><?php print_string('auth_ldap_search_sub_key', 'auth_ldap') ?></label>
 222     </td>
 223     <td>
 224         <?php echo html_writer::select($yesno, 'search_sub', $config->search_sub, false); ?>
 225     </td>
 226     <td>
 227         <?php print_string('auth_ldap_search_sub', 'auth_ldap') ?>
 228     </td>
 229 </tr>
 230 <tr valign="top" class="required">
 231     <td align="right">
 232         <label for="menuopt_deref"><?php print_string('auth_ldap_opt_deref_key', 'auth_ldap') ?></label>
 233     </td>
 234     <td>
 235         <?php
 236            $opt_deref = array();
 237            $opt_deref[LDAP_DEREF_NEVER] = get_string('no');
 238            $opt_deref[LDAP_DEREF_ALWAYS] = get_string('yes');
 239            echo html_writer::select($opt_deref, 'opt_deref', $config->opt_deref, false);
 240            if (isset($err['opt_deref'])) { echo $OUTPUT->error_text($err['opt_deref']); }
 241         ?>
 242     </td>
 243     <td>
 244         <?php print_string('auth_ldap_opt_deref', 'auth_ldap') ?>
 245     </td>
 246 </tr>
 247 <tr valign="top" class="required">
 248     <td align="right">
 249         <label for="user_attribute"><?php print_string('auth_ldap_user_attribute_key', 'auth_ldap') ?></label>
 250     </td>
 251     <td>
 252         <input name="user_attribute" id="user_attribute" type="text" size="30" value="<?php echo $config->user_attribute?>" />
 253         <?php if (isset($err['user_attribute'])) { echo $OUTPUT->error_text($err['user_attribute']); } ?>
 254     </td>
 255     <td>
 256         <?php print_string('auth_ldap_user_attribute', 'auth_ldap') ?>
 257     </td>
 258 </tr>
 259 <tr valign="top" class="required">
 260     <td align="right">
 261         <label for="memberattribute"><?php print_string('auth_ldap_memberattribute_key', 'auth_ldap') ?></label>
 262     </td>
 263     <td>
 264         <input name="memberattribute" id="memberattribute" type="text" size="30" value="<?php echo $config->memberattribute?>" />
 265         <?php if (isset($err['memberattribute'])) { echo $OUTPUT->error_text($err['memberattribute']); } ?>
 266     </td>
 267     <td>
 268         <?php print_string('auth_ldap_memberattribute', 'auth_ldap') ?>
 269     </td>
 270 </tr>
 271 <tr valign="top" class="required">
 272     <td align="right">
 273         <label for="memberattribute_isdn"><?php print_string('auth_ldap_memberattribute_isdn_key', 'auth_ldap') ?></label>
 274     </td>
 275     <td>
 276         <input name="memberattribute_isdn" id="memberattribute_isdn" type="text" size="30" value="<?php echo $config->memberattribute_isdn?>" />
 277         <?php if (isset($err['memberattribute_isdn'])) { echo $OUTPUT->error_text($err['memberattribute_isdn']); } ?>
 278     </td>
 279     <td>
 280         <?php print_string('auth_ldap_memberattribute_isdn', 'auth_ldap') ?>
 281     </td>
 282 </tr>
 283 <tr valign="top" class="required">
 284     <td align="right">
 285         <label for="objectclass"><?php print_string('auth_ldap_objectclass_key', 'auth_ldap') ?></label>
 286     </td>
 287     <td>
 288         <input name="objectclass" id="objectclass" type="text" size="30" value="<?php echo $config->objectclass?>" />
 289         <?php if (isset($err['objectclass'])) { echo $OUTPUT->error_text($err['objectclass']); } ?>
 290     </td>
 291     <td>
 292         <?php print_string('auth_ldap_objectclass', 'auth_ldap') ?>
 293     </td>
 294 </tr>
 295 <tr>
 296     <td colspan="2">
 297         <h4><?php print_string('forcechangepassword', 'auth') ?></h4>
 298     </td>
 299 </tr>
 300 <tr valign="top" class="required">
 301     <td align="right" valign="top">
 302         <label for="menuforcechangepassword"><?php print_string('forcechangepassword', 'auth') ?></label>
 303     </td>
 304     <td>
 305         <?php echo html_writer::select($yesno, 'forcechangepassword', $config->forcechangepassword, false); ?>
 306     </td>
 307     <td align="left" valign="top">
 308         <p><?php print_string('forcechangepasswordfirst_help', 'auth') ?></p>
 309     </td>
 310 </tr>
 311 <tr valign="top" class="required">
 312     <td align="right" valign="top">
 313         <label for="menustdchangepassword"><?php print_string('stdchangepassword', 'auth') ?></label>
 314     </td>
 315     <td>
 316         <?php echo html_writer::select($yesno, 'stdchangepassword', $config->stdchangepassword, false); ?>
 317     </td>
 318     <td align="left" valign="top">
 319         <p><?php print_string('stdchangepassword_expl', 'auth') ?></p>
 320         <p><?php print_string('stdchangepassword_explldap', 'auth') ?></p>
 321     </td>
 322 </tr>
 323 <tr valign="top" class="required">
 324     <td align="right">
 325         <label for="menupasstype"><?php print_string('auth_ldap_passtype_key', 'auth_ldap') ?></label>
 326     </td>
 327     <td>
 328         <?php
 329             $passtype = array();
 330             $passtype['plaintext'] = get_string('plaintext', 'auth');
 331             $passtype['md5']       = get_string('md5', 'auth');
 332             $passtype['sha1']      = get_string('sha1', 'auth');
 333             echo html_writer::select($passtype, 'passtype', $config->passtype, false);
 334         ?>
 335     </td>
 336     <td>
 337         <?php print_string('auth_ldap_passtype', 'auth_ldap') ?>
 338     </td>
 339 </tr>
 340 <tr valign="top">
 341     <td align="right">
 342         <label for="changepasswordurl"><?php print_string('auth_ldap_changepasswordurl_key', 'auth_ldap') ?></label>
 343     </td>
 344     <td>
 345         <input name="changepasswordurl" id="changepasswordurl" type="text" value="<?php echo $config->changepasswordurl ?>" />
 346         <?php if (isset($err['changepasswordurl'])) { echo $OUTPUT->error_text($err['changepasswordurl']); } ?>
 347     </td>
 348     <td>
 349         <?php print_string('changepasswordhelp', 'auth') ?>
 350     </td>
 351 </tr>
 352 <tr>
 353     <td colspan="2">
 354         <h4><?php print_string('auth_ldap_passwdexpire_settings', 'auth_ldap') ?></h4>
 355     </td>
 356 </tr>
 357 <tr valign="top" class="required">
 358     <td align="right">
 359         <label for="menuexpiration"><?php print_string('auth_ldap_expiration_key', 'auth_ldap') ?></label>
 360     </td>
 361     <td>
 362         <?php
 363            $expiration = array();
 364            $expiration['0'] = 'no';
 365            $expiration['1'] = 'LDAP';
 366            echo html_writer::select($expiration, 'expiration', $config->expiration, false);
 367            if (isset($err['expiration'])) { echo $OUTPUT->error_text($err['expiration']); }
 368         ?>
 369     </td>
 370     <td>
 371         <?php print_string('auth_ldap_expiration_desc', 'auth_ldap') ?>
 372     </td>
 373 </tr>
 374 <tr valign="top" class="required">
 375     <td align="right">
 376         <label for="expiration_warning"><?php print_string('auth_ldap_expiration_warning_key', 'auth_ldap') ?></label>
 377     </td>
 378     <td>
 379         <input name="expiration_warning" id="expiration_warning" type="text" size="2" value="<?php echo $config->expiration_warning?>" />
 380         <?php if (isset($err['expiration_warning'])) { echo $OUTPUT->error_text($err['expiration_warning']); } ?>
 381     </td>
 382     <td>
 383         <?php print_string('auth_ldap_expiration_warning_desc', 'auth_ldap') ?>
 384     </td>
 385 </tr>
 386 <tr valign="top" class="required">
 387     <td align="right">
 388         <label for="expireattr"><?php print_string('auth_ldap_expireattr_key', 'auth_ldap') ?></label>
 389     </td>
 390     <td>
 391         <input name="expireattr" id="expireattr" type="text" size="30" value="<?php echo $config->expireattr?>" />
 392         <?php if (isset($err['expireattr'])) { echo $OUTPUT->error_text($err['expireattr']); } ?>
 393     </td>
 394     <td>
 395         <?php print_string('auth_ldap_expireattr_desc', 'auth_ldap') ?>
 396     </td>
 397 </tr>
 398 <tr valign="top" class="required">
 399     <td align="right">
 400         <label for="menugracelogins"><?php print_string('auth_ldap_gracelogins_key', 'auth_ldap') ?></label>
 401     </td>
 402     <td>
 403         <?php echo html_writer::select($yesno, 'gracelogins', $config->gracelogins, false); ?>
 404     </td>
 405     <td>
 406         <?php print_string('auth_ldap_gracelogins_desc', 'auth_ldap') ?>
 407     </td>
 408 </tr>
 409 <tr valign="top" class="required">
 410     <td align="right">
 411         <label for="graceattr"><?php print_string('auth_ldap_gracelogin_key', 'auth_ldap') ?></label>
 412     </td>
 413     <td>
 414         <input name="graceattr" id="graceattr" type="text" size="30" value="<?php echo $config->graceattr?>" />
 415         <?php if (isset($err['graceattr'])) { echo $OUTPUT->error_text($err['graceattr']); } ?>
 416     </td>
 417     <td>
 418         <?php print_string('auth_ldap_graceattr_desc', 'auth_ldap') ?>
 419     </td>
 420 </tr>
 421 <tr>
 422     <td colspan="2">
 423         <h4><?php print_string('auth_user_create', 'auth') ?></h4>
 424     </td>
 425 </tr>
 426 <tr valign="top">
 427     <td align="right">
 428         <label for="menuauth_user_create"><?php print_string('auth_ldap_auth_user_create_key', 'auth_ldap') ?></label>
 429     </td>
 430     <td>
 431         <?php echo html_writer::select($yesno, 'auth_user_create', $config->auth_user_create, false); ?>
 432     </td>
 433     <td>
 434         <?php print_string('auth_user_creation', 'auth'); ?>
 435     </td>
 436 </tr>
 437 <tr valign="top" class="required">
 438     <td align="right">
 439         <label for="create_context"><?php print_string('auth_ldap_create_context_key', 'auth_ldap') ?></label>
 440     </td>
 441     <td>
 442         <input name="create_context" id="create_context" type="text" size="30" value="<?php echo $config->create_context?>" />
 443         <?php if (isset($err['create_context'])) { echo $OUTPUT->error_text($err['create_context']); } ?>
 444     </td>
 445     <td>
 446         <?php print_string('auth_ldap_create_context', 'auth_ldap') ?>
 447     </td>
 448 </tr>
 449 <tr>
 450     <td colspan="2">
 451         <h4><?php print_string('coursecreators') ?></h4>
 452     </td>
 453 </tr>
 454 <tr valign="top" class="required">
 455     <td align="right">
 456         <label for="creators"><?php print_string('auth_ldap_creators_key', 'auth_ldap') ?></label>
 457     </td>
 458     <td>
 459         <input name="creators" id="creators" type="text" size="30" value="<?php echo $config->creators?>" />
 460         <?php if (isset($err['creators'])) { echo $OUTPUT->error_text($err['creators']); } ?>
 461     </td>
 462     <td>
 463         <?php print_string('auth_ldap_creators', 'auth_ldap') ?>
 464     </td>
 465 </tr>
 466 <tr>
 467     <td colspan="2">
 468         <h4><?php print_string('auth_sync_script', 'auth') ?></h4>
 469     </td>
 470 </tr>
 471 <tr valign="top">
 472     <td align="right">
 473         <label for="menuremoveuser"><?php print_string('auth_remove_user_key', 'auth') ?></label>
 474     </td>
 475     <td>
 476         <?php
 477             $deleteopt = array();
 478             $deleteopt[AUTH_REMOVEUSER_KEEP] = get_string('auth_remove_keep', 'auth');
 479             $deleteopt[AUTH_REMOVEUSER_SUSPEND] = get_string('auth_remove_suspend', 'auth');
 480             $deleteopt[AUTH_REMOVEUSER_FULLDELETE] = get_string('auth_remove_delete', 'auth');
 481             echo html_writer::select($deleteopt, 'removeuser', $config->removeuser, false);
 482         ?>
 483     </td>
 484     <td>
 485         <?php print_string('auth_remove_user', 'auth') ?>
 486     </td>
 487 </tr>
 488 <tr>
 489     <td colspan="2">
 490         <h4><?php print_string('auth_ntlmsso', 'auth_ldap') ?></h4>
 491     </td>
 492 </tr>
 493 <tr valign="top">
 494     <td align="right">
 495         <label for="menuntlmsso_enabled"><?php print_string('auth_ntlmsso_enabled_key', 'auth_ldap') ?></label>
 496     </td>
 497     <td>
 498         <?php echo html_writer::select($yesno, 'ntlmsso_enabled', $config->ntlmsso_enabled, false); ?>
 499     </td>
 500     <td>
 501         <?php print_string('auth_ntlmsso_enabled', 'auth_ldap') ?>
 502     </td>
 503 </tr>
 504 <tr valign="top">
 505     <td align="right">
 506         <label for="ntlmsso_subnet"><?php print_string('auth_ntlmsso_subnet_key', 'auth_ldap') ?></label>
 507     </td>
 508     <td>
 509         <input name="ntlmsso_subnet" id="ntlmsso_subnet" type="text" size="30" value="<?php p($config->ntlmsso_subnet) ?>" />
 510     </td>
 511     <td>
 512         <?php print_string('auth_ntlmsso_subnet', 'auth_ldap') ?>
 513     </td>
 514 </tr>
 515 <tr valign="top">
 516     <td align="right">
 517         <label for="menuntlmsso_ie_fastpath"><?php print_string('auth_ntlmsso_ie_fastpath_key', 'auth_ldap') ?></label>
 518     </td>
 519     <td>
 520         <?php echo html_writer::select($yesno, 'ntlmsso_ie_fastpath', $config->ntlmsso_ie_fastpath, false); ?>
 521     </td>
 522     <td>
 523     <?php print_string('auth_ntlmsso_ie_fastpath', 'auth_ldap') ?>
 524     </td>
 525 </tr>
 526 <tr valign="top">
 527     <td align="right">
 528         <label for="menuntlmsso_type"><?php print_string('auth_ntlmsso_type_key', 'auth_ldap')?></label>
 529     </td>
 530     <td>
 531         <?php
 532             $types = array();
 533             $types['ntlm'] = 'NTLM';
 534             $types['kerberos'] = 'Kerberos';
 535             echo html_writer::select($types, 'ntlmsso_type', $config->ntlmsso_type, false);
 536         ?>
 537     </td>
 538     <td>
 539         <?php print_string('auth_ntlmsso_type','auth_ldap') ?>
 540     </td>
 541 </tr>
 542 <?php
 543 $help  = get_string('auth_ldapextrafields', 'auth_ldap');
 544 $help .= get_string('auth_updatelocal_expl', 'auth');
 545 $help .= get_string('auth_fieldlock_expl', 'auth');
 546 $help .= get_string('auth_updateremote_expl', 'auth');
 547 $help .= '<hr />';
 548 $help .= get_string('auth_updateremote_ldap', 'auth');
 549
 550 print_auth_lock_options('ldap', $user_fields, $help, true, true);
 551 ?>
 552 </table>