mirror of
https://github.com/moodle/moodle.git
synced 2025-01-19 06:18:28 +01:00
e47863e840
There is at least one LDAP server (Sun Directory Server) that doesn't support Paged Results extension, even if it supports LDAP version 3. So checking just for LDAP version is not enough. If possible, we check the supportedControl attribute of the LDAP rootDSE and see if the paged results control is available. This needs an LDAP connection, which might not be possible to establish before we configure some essential LDAP settings (server, bind user, password, etc.). Thus we try to establish the connection and check the supportedControl attribute. But if we fail, we perform only basic checks that are less accurate and err on the side of cautiousness.
665 lines
24 KiB
HTML
665 lines
24 KiB
HTML
<?php
|
|
|
|
// Set to defaults if undefined
|
|
if (!isset($config->host_url)) {
|
|
$config->host_url = '';
|
|
}
|
|
if (!isset($config->start_tls)) {
|
|
$config->start_tls = false;
|
|
}
|
|
if (empty($config->ldapencoding)) {
|
|
$config->ldapencoding = 'utf-8';
|
|
}
|
|
if (!isset($config->pagesize)) {
|
|
$config->pagesize = LDAP_DEFAULT_PAGESIZE;
|
|
}
|
|
if (!isset($config->contexts)) {
|
|
$config->contexts = '';
|
|
}
|
|
if (!isset($config->user_type)) {
|
|
$config->user_type = 'default';
|
|
}
|
|
if (!isset($config->user_attribute)) {
|
|
$config->user_attribute = '';
|
|
}
|
|
if (!isset($config->suspended_attribute)) {
|
|
$config->suspended_attribute = '';
|
|
}
|
|
if (!isset($config->sync_suspended)) {
|
|
$config->sync_suspended = '';
|
|
}
|
|
if (!isset($config->search_sub)) {
|
|
$config->search_sub = '';
|
|
}
|
|
if (!isset($config->opt_deref)) {
|
|
$config->opt_deref = LDAP_DEREF_NEVER;
|
|
}
|
|
if (!isset($config->preventpassindb)) {
|
|
$config->preventpassindb = 0;
|
|
}
|
|
if (!isset($config->bind_dn)) {
|
|
$config->bind_dn = '';
|
|
}
|
|
if (!isset($config->bind_pw)) {
|
|
$config->bind_pw = '';
|
|
}
|
|
if (!isset($config->ldap_version)) {
|
|
$config->ldap_version = '3';
|
|
}
|
|
if (!isset($config->objectclass)) {
|
|
$config->objectclass = '';
|
|
}
|
|
if (!isset($config->memberattribute)) {
|
|
$config->memberattribute = '';
|
|
}
|
|
if (!isset($config->memberattribute_isdn)) {
|
|
$config->memberattribute_isdn = '';
|
|
}
|
|
if (!isset($config->creators)) {
|
|
$config->creators = '';
|
|
}
|
|
if (!isset($config->create_context)) {
|
|
$config->create_context = '';
|
|
}
|
|
if (!isset($config->expiration)) {
|
|
$config->expiration = '';
|
|
}
|
|
if (!isset($config->expiration_warning)) {
|
|
$config->expiration_warning = '10';
|
|
}
|
|
if (!isset($config->expireattr)) {
|
|
$config->expireattr = '';
|
|
}
|
|
if (!isset($config->gracelogins)) {
|
|
$config->gracelogins = '';
|
|
}
|
|
if (!isset($config->graceattr)) {
|
|
$config->graceattr = '';
|
|
}
|
|
if (!isset($config->auth_user_create)) {
|
|
$config->auth_user_create = '';
|
|
}
|
|
if (!isset($config->forcechangepassword)) {
|
|
$config->forcechangepassword = 0;
|
|
}
|
|
if (!isset($config->stdchangepassword)) {
|
|
$config->stdchangepassword = 0;
|
|
}
|
|
if (!isset($config->passtype)) {
|
|
$config->passtype = 'plaintext';
|
|
}
|
|
if (!isset($config->changepasswordurl)) {
|
|
$config->changepasswordurl = '';
|
|
}
|
|
if (!isset($config->removeuser)) {
|
|
$config->removeuser = AUTH_REMOVEUSER_KEEP;
|
|
}
|
|
if (!isset($config->ntlmsso_enabled)) {
|
|
$config->ntlmsso_enabled = 0;
|
|
}
|
|
if (!isset($config->ntlmsso_subnet)) {
|
|
$config->ntlmsso_subnet = '';
|
|
}
|
|
if (!isset($config->ntlmsso_ie_fastpath)) {
|
|
$config->ntlmsso_ie_fastpath = 0;
|
|
}
|
|
if (!isset($config->ntlmsso_type)) {
|
|
$config->ntlmsso_type = 'ntlm';
|
|
}
|
|
if (!isset($config->ntlmsso_remoteuserformat)) {
|
|
$config->ntlmsso_remoteuserformat = '';
|
|
}
|
|
|
|
$yesno = array(get_string('no'), get_string('yes'));
|
|
|
|
$fastpathoptions = array(AUTH_NTLM_FASTPATH_YESFORM => get_string('auth_ntlmsso_ie_fastpath_yesform', 'auth_ldap'),
|
|
AUTH_NTLM_FASTPATH_YESATTEMPT => get_string('auth_ntlmsso_ie_fastpath_yesattempt', 'auth_ldap'),
|
|
AUTH_NTLM_FASTPATH_ATTEMPT => get_string('auth_ntlmsso_ie_fastpath_attempt', 'auth_ldap'));
|
|
|
|
$disabled = '';
|
|
$pagedresultssupported = false;
|
|
if ($config->host_url !== '') {
|
|
/**
|
|
* We try to connect each and every time we open the config, because we want to set the Page
|
|
* Size setting as enabled or disabled depending on the configured LDAP server supporting
|
|
* pagination or not, and to notify the user about it. If the user changed the LDAP server (or
|
|
* the LDAP protocol version) last time, it might happen that paged results are no longer
|
|
* available and we want to show that to the user the next time she goes to the settings page.
|
|
*/
|
|
try {
|
|
$ldapconn = $this->ldap_connect();
|
|
$pagedresultssupported = ldap_paged_results_supported($config->ldap_version, $ldapconn);
|
|
} catch (Exception $e) {
|
|
// If we couldn't connect and get the supported options, we can only assume we don't support paged results.
|
|
$pagedresultssupported = false;
|
|
}
|
|
}
|
|
/* Make sure we only disable the paged result size setting and show the notification about it if
|
|
* there is a configured server that we tried to contact. Othersiwe, if someone's LDAP server does
|
|
* support paged results, they won't be able to turn it on the first time they set it up (because
|
|
* the field will be disabled).
|
|
*/
|
|
if (($config->host_url !== '') && (!$pagedresultssupported)) {
|
|
$disabled = ' disabled="disabled"';
|
|
echo $OUTPUT->notification(get_string('pagedresultsnotsupp', 'auth_ldap'), \core\output\notification::NOTIFY_INFO);
|
|
}
|
|
|
|
?>
|
|
<table cellspacing="0" cellpadding="5" border="0">
|
|
<tr>
|
|
<td colspan="2">
|
|
<h4><?php print_string('auth_ldap_server_settings', 'auth_ldap') ?></h4>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="host_url"><?php print_string('auth_ldap_host_url_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="host_url" id="host_url" type="text" class="text-ltr" size="30" value="<?php echo $config->host_url?>" />
|
|
<?php if (isset($err['host_url'])) { echo $OUTPUT->error_text($err['host_url']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_host_url', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="ldap_version"><?php print_string('auth_ldap_version_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<?php
|
|
$versions = array();
|
|
$versions[2] = '2';
|
|
$versions[3] = '3';
|
|
echo html_writer::select($versions, 'ldap_version', $config->ldap_version, false);
|
|
if (isset($err['ldap_version'])) { echo $OUTPUT->error_text($err['ldap_version']); }
|
|
?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_version', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top">
|
|
<td align="right">
|
|
<label for="start_tls"><?php print_string('start_tls_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<?php echo html_writer::select($yesno, 'start_tls', $config->start_tls, false); ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('start_tls', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="ldapencoding"><?php print_string('auth_ldap_ldap_encoding_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input id="ldapencoding" name="ldapencoding" type="text" class="text-ltr" value="<?php echo $config->ldapencoding ?>" />
|
|
<?php if (isset($err['ldapencoding'])) { echo $OUTPUT->error_text($err['ldapencoding']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_ldap_encoding', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top">
|
|
<td align="right">
|
|
<label for="pagesize"><?php print_string('pagesize_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input id="pagesize" name="pagesize" type="text" class="text-ltr" value="<?php echo $config->pagesize ?>" <?php echo $disabled ?>/>
|
|
<?php
|
|
if (isset($err['pagesize'])) { echo $OUTPUT->error_text($err['pagesize']); }
|
|
if ($disabled) {
|
|
// Don't loose the page size value (disabled fields are not submitted!)
|
|
?>
|
|
<input id="pagesize" name="pagesize" type="hidden" value="<?php echo $config->pagesize ?>" />
|
|
<?php } ?>
|
|
|
|
</td>
|
|
<td>
|
|
<?php print_string('pagesize', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td colspan="2">
|
|
<h4><?php print_string('auth_ldap_bind_settings', 'auth_ldap') ?></h4>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="menupreventpassindb"><?php print_string('auth_ldap_preventpassindb_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<?php echo html_writer::select($yesno, 'preventpassindb', $config->preventpassindb, false); ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_preventpassindb', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="bind_dn"><?php print_string('auth_ldap_bind_dn_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="bind_dn" id="bind_dn" type="text" class="text-ltr" size="30" value="<?php echo $config->bind_dn?>" />
|
|
<?php if (isset($err['bind_dn'])) { echo $OUTPUT->error_text($err['bind_dn']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_bind_dn', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="bind_pw"><?php print_string('auth_ldap_bind_pw_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="bind_pw" id="bind_pw" type="password" class="text-ltr" size="30" value="<?php echo $config->bind_pw?>" autocomplete="off"/>
|
|
<?php if (isset($err['bind_pw'])) { echo $OUTPUT->error_text($err['bind_pw']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_bind_pw', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td colspan="2">
|
|
<h4><?php print_string('auth_ldap_user_settings', 'auth_ldap') ?></h4>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="menuuser_type"><?php print_string('auth_ldap_user_type_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<?php
|
|
echo html_writer::select(ldap_supported_usertypes(), 'user_type', $config->user_type, false);
|
|
if (isset($err['user_type'])) { echo $OUTPUT->error_text($err['user_type']); }
|
|
?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_user_type', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="contexts"><?php print_string('auth_ldap_contexts_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="contexts" id="contexts" type="text" class="text-ltr" size="30" value="<?php echo $config->contexts?>" />
|
|
<?php if (isset($err['contexts'])) { echo $OUTPUT->error_text($err['contexts']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_contexts', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="menusearch_sub"><?php print_string('auth_ldap_search_sub_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<?php echo html_writer::select($yesno, 'search_sub', $config->search_sub, false); ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_search_sub', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="menuopt_deref"><?php print_string('auth_ldap_opt_deref_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<?php
|
|
$opt_deref = array();
|
|
$opt_deref[LDAP_DEREF_NEVER] = get_string('no');
|
|
$opt_deref[LDAP_DEREF_ALWAYS] = get_string('yes');
|
|
echo html_writer::select($opt_deref, 'opt_deref', $config->opt_deref, false);
|
|
if (isset($err['opt_deref'])) { echo $OUTPUT->error_text($err['opt_deref']); }
|
|
?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_opt_deref', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="user_attribute"><?php print_string('auth_ldap_user_attribute_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="user_attribute" id="user_attribute" type="text" class="text-ltr" size="30" value="<?php echo $config->user_attribute?>" />
|
|
<?php if (isset($err['user_attribute'])) { echo $OUTPUT->error_text($err['user_attribute']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_user_attribute', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="suspended_attribute"><?php print_string('auth_ldap_suspended_attribute_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="suspended_attribute" id="suspended_attribute" type="text" class="text-ltr" size="30" value="<?php echo $config->suspended_attribute?>" />
|
|
<?php if (isset($err['suspended_attribute'])) { echo $OUTPUT->error_text($err['suspended_attribute']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_suspended_attribute', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="memberattribute"><?php print_string('auth_ldap_memberattribute_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="memberattribute" id="memberattribute" type="text" class="text-ltr" size="30" value="<?php echo $config->memberattribute?>" />
|
|
<?php if (isset($err['memberattribute'])) { echo $OUTPUT->error_text($err['memberattribute']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_memberattribute', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="memberattribute_isdn"><?php print_string('auth_ldap_memberattribute_isdn_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="memberattribute_isdn" id="memberattribute_isdn" type="text" class="text-ltr" size="30" value="<?php echo $config->memberattribute_isdn?>" />
|
|
<?php if (isset($err['memberattribute_isdn'])) { echo $OUTPUT->error_text($err['memberattribute_isdn']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_memberattribute_isdn', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="objectclass"><?php print_string('auth_ldap_objectclass_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="objectclass" id="objectclass" type="text" class="text-ltr" size="30" value="<?php echo $config->objectclass?>" />
|
|
<?php if (isset($err['objectclass'])) { echo $OUTPUT->error_text($err['objectclass']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_objectclass', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td colspan="2">
|
|
<h4><?php print_string('forcechangepassword', 'auth') ?></h4>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right" valign="top">
|
|
<label for="menuforcechangepassword"><?php print_string('forcechangepassword', 'auth') ?></label>
|
|
</td>
|
|
<td>
|
|
<?php echo html_writer::select($yesno, 'forcechangepassword', $config->forcechangepassword, false); ?>
|
|
</td>
|
|
<td align="left" valign="top">
|
|
<p><?php print_string('forcechangepasswordfirst_help', 'auth') ?></p>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right" valign="top">
|
|
<label for="menustdchangepassword"><?php print_string('stdchangepassword', 'auth') ?></label>
|
|
</td>
|
|
<td>
|
|
<?php echo html_writer::select($yesno, 'stdchangepassword', $config->stdchangepassword, false); ?>
|
|
</td>
|
|
<td align="left" valign="top">
|
|
<p><?php print_string('stdchangepassword_expl', 'auth') ?></p>
|
|
<p><?php print_string('stdchangepassword_explldap', 'auth') ?></p>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="menupasstype"><?php print_string('auth_ldap_passtype_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<?php
|
|
$passtype = array();
|
|
$passtype['plaintext'] = get_string('plaintext', 'auth');
|
|
$passtype['md5'] = get_string('md5', 'auth');
|
|
$passtype['sha1'] = get_string('sha1', 'auth');
|
|
echo html_writer::select($passtype, 'passtype', $config->passtype, false);
|
|
?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_passtype', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top">
|
|
<td align="right">
|
|
<label for="changepasswordurl"><?php print_string('auth_ldap_changepasswordurl_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="changepasswordurl" id="changepasswordurl" type="text" class="text-ltr" value="<?php echo $config->changepasswordurl ?>" />
|
|
<?php if (isset($err['changepasswordurl'])) { echo $OUTPUT->error_text($err['changepasswordurl']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('changepasswordhelp', 'auth') ?>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td colspan="2">
|
|
<h4><?php print_string('auth_ldap_passwdexpire_settings', 'auth_ldap') ?></h4>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="menuexpiration"><?php print_string('auth_ldap_expiration_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<?php
|
|
$expiration = array();
|
|
$expiration['0'] = 'no';
|
|
$expiration['1'] = 'LDAP';
|
|
echo html_writer::select($expiration, 'expiration', $config->expiration, false);
|
|
if (isset($err['expiration'])) { echo $OUTPUT->error_text($err['expiration']); }
|
|
?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_expiration_desc', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="expiration_warning"><?php print_string('auth_ldap_expiration_warning_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="expiration_warning" id="expiration_warning" type="text" class="text-ltr" size="2" value="<?php echo $config->expiration_warning?>" />
|
|
<?php if (isset($err['expiration_warning'])) { echo $OUTPUT->error_text($err['expiration_warning']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_expiration_warning_desc', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="expireattr"><?php print_string('auth_ldap_expireattr_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="expireattr" id="expireattr" type="text" class="text-ltr" size="30" value="<?php echo $config->expireattr?>" />
|
|
<?php if (isset($err['expireattr'])) { echo $OUTPUT->error_text($err['expireattr']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_expireattr_desc', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="menugracelogins"><?php print_string('auth_ldap_gracelogins_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<?php echo html_writer::select($yesno, 'gracelogins', $config->gracelogins, false); ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_gracelogins_desc', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="graceattr"><?php print_string('auth_ldap_gracelogin_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="graceattr" id="graceattr" type="text" class="text-ltr" size="30" value="<?php echo $config->graceattr?>" />
|
|
<?php if (isset($err['graceattr'])) { echo $OUTPUT->error_text($err['graceattr']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_graceattr_desc', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td colspan="2">
|
|
<h4><?php print_string('auth_user_create', 'auth') ?></h4>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top">
|
|
<td align="right">
|
|
<label for="menuauth_user_create"><?php print_string('auth_ldap_auth_user_create_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<?php echo html_writer::select($yesno, 'auth_user_create', $config->auth_user_create, false); ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_user_creation', 'auth'); ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="create_context"><?php print_string('auth_ldap_create_context_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="create_context" id="create_context" type="text" class="text-ltr" size="30" value="<?php echo $config->create_context?>" />
|
|
<?php if (isset($err['create_context'])) { echo $OUTPUT->error_text($err['create_context']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_create_context', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td colspan="2">
|
|
<h4><?php print_string('coursecreators') ?></h4>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top" class="required">
|
|
<td align="right">
|
|
<label for="creators"><?php print_string('auth_ldap_creators_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="creators" id="creators" type="text" class="text-ltr" size="30" value="<?php echo $config->creators?>" />
|
|
<?php if (isset($err['creators'])) { echo $OUTPUT->error_text($err['creators']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ldap_creators', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td colspan="2">
|
|
<h4><?php print_string('auth_sync_script', 'auth') ?></h4>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top">
|
|
<td align="right">
|
|
<label for="menuremoveuser"><?php print_string('auth_remove_user_key', 'auth') ?></label>
|
|
</td>
|
|
<td>
|
|
<?php
|
|
$deleteopt = array();
|
|
$deleteopt[AUTH_REMOVEUSER_KEEP] = get_string('auth_remove_keep', 'auth');
|
|
$deleteopt[AUTH_REMOVEUSER_SUSPEND] = get_string('auth_remove_suspend', 'auth');
|
|
$deleteopt[AUTH_REMOVEUSER_FULLDELETE] = get_string('auth_remove_delete', 'auth');
|
|
echo html_writer::select($deleteopt, 'removeuser', $config->removeuser, false);
|
|
?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_remove_user', 'auth') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top">
|
|
<td align="right">
|
|
<label for="menusync_suspended"><?php print_string('auth_sync_suspended_key', 'auth') ?></label>
|
|
</td>
|
|
<td>
|
|
<?php echo html_writer::select($yesno, 'sync_suspended', $config->sync_suspended, false); ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_sync_suspended', 'auth'); ?>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td colspan="2">
|
|
<h4><?php print_string('auth_ntlmsso', 'auth_ldap') ?></h4>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top">
|
|
<td align="right">
|
|
<label for="menuntlmsso_enabled"><?php print_string('auth_ntlmsso_enabled_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<?php echo html_writer::select($yesno, 'ntlmsso_enabled', $config->ntlmsso_enabled, false); ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ntlmsso_enabled', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top">
|
|
<td align="right">
|
|
<label for="ntlmsso_subnet"><?php print_string('auth_ntlmsso_subnet_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="ntlmsso_subnet" id="ntlmsso_subnet" type="text" class="text-ltr" size="30" value="<?php p($config->ntlmsso_subnet) ?>" />
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ntlmsso_subnet', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top">
|
|
<td align="right">
|
|
<label for="menuntlmsso_ie_fastpath"><?php print_string('auth_ntlmsso_ie_fastpath_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<?php echo html_writer::select($fastpathoptions, 'ntlmsso_ie_fastpath', $config->ntlmsso_ie_fastpath, false); ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ntlmsso_ie_fastpath', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top">
|
|
<td align="right">
|
|
<label for="menuntlmsso_type"><?php print_string('auth_ntlmsso_type_key', 'auth_ldap')?></label>
|
|
</td>
|
|
<td>
|
|
<?php
|
|
$types = array();
|
|
$types['ntlm'] = 'NTLM';
|
|
$types['kerberos'] = 'Kerberos';
|
|
echo html_writer::select($types, 'ntlmsso_type', $config->ntlmsso_type, false);
|
|
?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ntlmsso_type','auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<tr valign="top">
|
|
<td align="right">
|
|
<label for="ntlmsso_remoteuserformat"><?php print_string('auth_ntlmsso_remoteuserformat_key', 'auth_ldap') ?></label>
|
|
</td>
|
|
<td>
|
|
<input name="ntlmsso_remoteuserformat" id="ntlmsso_remoteuserformat" type="text" class="text-ltr" size="30" value="<?php echo $config->ntlmsso_remoteuserformat?>" />
|
|
<?php if (isset($err['ntlmsso_remoteuserformat'])) { echo $OUTPUT->error_text($err['ntlmsso_remoteuserformat']); } ?>
|
|
</td>
|
|
<td>
|
|
<?php print_string('auth_ntlmsso_remoteuserformat', 'auth_ldap') ?>
|
|
</td>
|
|
</tr>
|
|
<?php
|
|
$help = get_string('auth_ldapextrafields', 'auth_ldap');
|
|
$help .= get_string('auth_updatelocal_expl', 'auth');
|
|
$help .= get_string('auth_fieldlock_expl', 'auth');
|
|
$help .= get_string('auth_updateremote_expl', 'auth');
|
|
$help .= '<hr />';
|
|
$help .= get_string('auth_updateremote_ldap', 'auth');
|
|
|
|
print_auth_lock_options($this->authtype, $user_fields, $help, true, true, $this->get_custom_user_profile_fields());
|
|
?>
|
|
</table>
|