Merge remote-tracking branch 'eole/master' into develop

Merge branch '2.8.0/master'
set correct openldap conf
2020-12-18 16:53:36 +01:00 · 2020-12-16 10:31:04 +01:00 · 2020-12-16 10:30:33 +01:00 · 2020-12-14 14:04:43 +01:00 · 2020-12-14 14:04:09 +01:00 · 2020-12-14 10:25:37 +01:00
15 changed files with 169 additions and 63 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,4 @@
+# Backup and swap files
+*~
+*#
+*.swp
--- a/6
+++ b/6
@ -3,9 +3,9 @@
 ################################

 SOURCE=eole-lemonldap
-VERSION=2.8.0
-EOLE_VERSION=2.8
-EOLE_RELEASE=2.8.0
+VERSION=0.1
+EOLE_VERSION=2.7
+EOLE_RELEASE=2.7.2
 PKGAPPS=non
 #FLASK_MODULE=<APPLICATION>

--- a/README.md
+++ b/README.md
@ -4,6 +4,27 @@ LemonLDAP::NG EOLE integration

 ## Howto

+### Repository configuration
+
+* Add the lemonldap-ng deb respository we need the last version of LemonLDAP.
+
+GenConfig -> Mode Expert -> Dépôts tiers -> Libellé du dépôt
+
+#### LemonLDAP::NG repository (if you use EOLE 2.7.2 this is not needed anymore)
+ 
+* deb     https://lemonldap-ng.org/deb stable main
+* deb-src https://lemonldap-ng.org/deb stable main
+* Key URL : https://lemonldap-ng.org/_media/rpm-gpg-key-ow2 
+
+#### Cadoles Repository
+* deb [ arch=all  ] https://vulcain.cadoles.com 2.7.2-dev main
+* Key URL : https://vulcain.cadoles.com/cadoles.gpg
+
+### Install packages
+
+apt update
+apt install eole-lemonldap
+
 ### Configure LemonLDAP in GenConfig

 * Enable lemonldap in "Services" tab
--- a/dicos/70_lemonldap_ng.xml
+++ b/dicos/70_lemonldap_ng.xml
@ -2,7 +2,6 @@
 <creole>

    <files>
-
        <file filelist='lemonldap' name='/etc/lemonldap-ng/lemonldap-ng.ini' mkdir='True' rm='True'/>
        <file filelist='lemonldap' name='/var/lib/lemonldap-ng/conf/lmConf-1.json' mkdir='True' rm='True'/>
        <file filelist='lemonldap' name='/etc/default/lemonldap-ng-fastcgi-server' mkdir='True' rm='True'/>
@ -10,12 +9,13 @@
        <file filelist='lemonldap-nginx' name='/etc/lemonldap-ng/manager-nginx.conf' mkdir='True' rm='True'/>
        <file filelist='lemonldap-nginx' name='/etc/lemonldap-ng/handler-nginx.conf' mkdir='True' rm='True'/>
        <file filelist='lemonldap-nginx' name='/etc/lemonldap-ng/portal-nginx.conf' mkdir='True' rm='True'/>
+        <file filelist='lemonldap-nginx' name='/etc/lemonldap-ng/nginx-lmlog.conf' mkdir='True' rm='True'/>

        <file filelist='lemonldap-apache' name='/etc/lemonldap-ng/manager-apache2.X.conf' mkdir='True' rm='True'/>
        <file filelist='lemonldap-apache' name='/etc/lemonldap-ng/handler-apache2.X.conf' mkdir='True' rm='True'/>
        <file filelist='lemonldap-apache' name='/etc/lemonldap-ng/portal-apache2.X.conf' mkdir='True' rm='True'/>

-        <service>lemonldap-ng-fastcgi-server</service>
+        <service servicelist="sllemon">lemonldap-ng-fastcgi-server</service>

        <service method='apache' servicelist='lemonldap-apache'>manager-apache2</service>
        <service method='apache' servicelist='lemonldap-apache'>portal-apache2</service>
@ -28,6 +28,14 @@
    </files>

    <variables>
+        <family name='eole-sso'>
+            <variable name='eolesso_cas_folder' redefine="True" exists='True'>
+                <value>/cas</value>
+            </variable>
+            <variable name='eolesso_port' redefine="True" exists='True'>
+                <value>443</value>
+            </variable>
+        </family>
        <family name='Services'>
            <variable name='activerLemon' type='oui/non' description="Activer LemonLDAP::NG">
                <value>non</value>
@ -40,6 +48,10 @@
            <variable name='authWebName' type='string' description="Nom DNS du service d'authentification LemonLDAP-NG"/>
            <variable name='reloadWebName' type='string' description="Nom DNS du service Reload de LemonLDAP-NG" mode="expert"/>

+	    <variable name='lemon_user_db' type='string' description="Backend pour les comptes utilisateurs" mode="expert">
+                <value>LDAP</value>
+            </variable>
+
            <variable name='ldapScheme' type='string' description="Protocole LDAP à utiliser" mandatory='True'/>
            <variable name='ldapServer' type='string' description="Adresse du Serveur LDAP utilisé par LemonLDAP::NG" mandatory="True"/>
            <variable name='ldapServerPort' type='number' description="Port d'écoute du LDAP utilisé par LemonLDAP::NG" mandatory='True'/>
@ -47,11 +59,18 @@
            <variable name='ldapBindUserDN' type='string' description="Utilisateur de connection à l'annuaire" mandatory="True"/>
            <variable name='ldapBindUserPassword' type='password' description="Mot de passe de l'utilisateur de connection à l'annuaire" mandatory="True"/>
            <variable name="samlOrganizationName" type='string' description="Nom de l'organisation SAML" mode='expert'/>
+            <variable name='lmldapverify' type='oui/non' description="Vérifier les certificats SSL du serveur LDAP">
+                <value>oui</value>
+            </variable>

            <variable name="lemonproc" type='number' description="Nombre de processus dédié à Lemon (équivalent au nombre de processeurs)" mandatory="True">
                <value>4</value>
            </variable>

+            <variable name="lm_loglevel" type='string' description="Verbosité des journaux" mode='expert'>
+                <value>info</value>
+            </variable>
+
            <variable name="lemonAdmin" type='string' description="LemonLDAP Administrator username" mode='expert'>
                <value>admin</value>
            </variable>
@ -74,7 +93,19 @@
            <variable name='llCheckLogins' type='oui/non' description="Permettre aux utilisateurs d'afficher l'historique de connection">
                <value>non</value>
            </variable>
-            <variable name='llResetPassword' type='oui/non' description="Permettre aux utilisateurs de réinitialiser leurs mots de passe">
+            <variable name='llResetPassword' type='oui/non' description="Permettre aux utilisateurs de réinitialiser leurs mots de passe par mail">
+                <value>oui</value>
+            </variable>
+            <variable name='llChangePassword' type='oui/non' description="Permettre aux utilisateurs de changer leurs mots de passe depuis LemonLDAP">
+                <value>oui</value>
+            </variable>
+            <variable name='llADPasswordMaxAge' type='number' description="Durée de vie des mots de passe (en secondes)" mode='expert'>
+                <value>5184000</value>
+            </variable>
+            <variable name='llADPasswordExpireWarn' type='number' description="Délai avant affichage d'un message d'alerte sur l'expiration du mot de passe (en secondes)">
+                <value>3456000</value>
+            </variable>
+            <variable name='llResetExpiredPassword' type='oui/non' description="Autoriser le renouvellement des mots de passe expirés">
                <value>oui</value>
            </variable>
            <variable name='llResetUrl' type='string' description="Adresse de l'application pour réinitialiser leurs mots de passe" />
@ -118,20 +149,34 @@
            <param>['ldaps','ldap']</param>
        </check>

-        <check name="valid_enum" target="llRegisterDB">
-            <param>['LDAP','Demo','Custom']</param>
+        <check name="valid_enum" target="lemon_user_db">
+            <param>['LDAP','AD']</param>
        </check>

+        <check name='valid_enum' target="lm_loglevel">
+            <param>['info','notice','warn','error','debug']</param>
+        </check>
+
+        <check name="valid_enum" target="llRegisterDB">
+            <param>['LDAP','AD','Demo','Custom']</param>
+        </check>
        <group master="casAttribute">
            <slave>casLDAPAttribute</slave>
        </group>

+        <condition name='disabled_if_not_in' source='lemon_user_db'>
+            <param>AD</param>
+            <target type='variable'>llADPasswordMaxAge</target>
+            <target type='variable'>llADPasswordExpireWarn</target>
+        </condition>
+
        <condition name='disabled_if_in' source='activerLemon'>
            <param>non</param>
            <target type='filelist'>lemonldap</target>
            <target type='filelist'>lemonldap-nginx</target>
            <target type='filelist'>lemonldap-apache</target>
            <target type='servicelist'>lemonldap-apache</target>
+            <target type='servicelist'>sllemon</target>
            <target type='family'>LemonLDAP</target>
            <target type='service_accesslist'>saLemon</target>
        </condition>
@ -158,6 +203,7 @@
        <condition name='disabled_if_in' source='llResetPassword'>
            <param>non</param>
            <target type='variable'>llResetUrl</target>
+            <target type='variable'>llResetExpiredPassword</target>
        </condition>
        <check name='valid_enum' target='llSkin'>
            <param>['bootstrap','dark','impact','pastel']</param>
--- a/dicos/71_lemonldap_ng_scribe.xml
+++ b/dicos/71_lemonldap_ng_scribe.xml
@ -6,20 +6,12 @@
    <variables>

        <family name='eole sso'>
-            <variable name='eolesso_adresse'  description="Nom de domaine du serveur d'authentification SSO" redefine="True" exists='True' />
-            <variable name='ldap_tls' redefine="True" exists='True' />
-	    <variable name='eolesso_cas_folder' redefine="True" exists='True'>
-		    <value>cas</value>
-	    </variable>
-	    <variable name='eolesso_port' redefine="True" exists='True'>
-		    <value>443</value>
-	    </variable>
+            <variable name='eolesso_adresse' description="Nom de domaine du serveur d'authentification SSO" redefine="True" exists='True' />
        </family>

    </variables>

    <constraints>
-
        <fill name='calc_multi_condition' target='activer_sso'>
            <param>oui</param>
            <param type='eole' name='condition_1'>activerLemon</param>
@ -32,12 +24,6 @@
            <target type='variable'>activer_sso</target>
        </condition>

-        <auto name='calc_multi_condition' target='ldapScheme'>
-            <param>oui</param>
-            <param type='eole' name='condition_1'>ldap_tls</param>
-            <param name='match'>ldaps</param>
-            <param name='default_mismatch'>ldap</param>
-        </auto>

        <fill name='calc_val_first_value' target='eolesso_adresse'>
            <param type='eole' optional='True' hidden='False'>authWebName</param>
@ -50,6 +36,13 @@
            <target type='variable'>eolesso_adresse</target>
        </condition>

+        <auto name='calc_multi_condition' target='ldapScheme'>
+            <param>oui</param>
+            <param type='eole' name='condition_1'>ldap_tls</param>
+            <param name='match'>ldaps</param>
+            <param name='default_mismatch'>ldap</param>
+        </auto>
+
        <auto name='calc_val' target='ldapServer'>
            <param type='eole'>adresse_ip_ldap</param>
        </auto>
@ -58,16 +51,22 @@
            <param type='eole'>ldap_port</param>
        </auto>

+        <auto name='calc_val' target='lemon_user_db'>
+            <param>LDAP</param>
+        </auto>
+
+        <auto name='calc_val' target='llRegisterDB'>
+            <param>LDAP</param>
+        </auto>
        <auto name='calc_val' target='ldapUserBaseDN'>
            <param type='eole'>ldap_base_dn</param>
        </auto>
-
        <auto name='calc_val' target='ldapBindUserDN'>
            <param type='eole'>ldap_reader</param>
        </auto>

        <auto name='calc_val' target='ldapBindUserPassword'>
-            <param type='eole'>ldap_reader_passfile</param>
+	        <param type='eole'>ldap_reader_passfile</param>
        </auto>

        <auto name='calc_val' target='casFolder'>
@ -78,4 +77,4 @@

    <help />

-</creole>
+</creole>
--- a/postservice/99-lemonldap-ng
+++ b/postservice/99-lemonldap-ng
@ -1,6 +1,12 @@
 #!/bin/bash

-[ "$(CreoleGet activerLemon non)" = 'oui' ] || exit 0
+
+[[ $(CreoleGet activerLemon non) == "non" ]] && exit 0
+
+# Updating Configuration cache
+
+cmd="/usr/share/lemonldap-ng/bin/lemonldap-ng-cli update-cache"
+opt="update-cache"

 # Updating Configuration cache
 /usr/share/lemonldap-ng/bin/lemonldap-ng-cli update-cache 2>&1
--- a/tmpl/handler-apache2.X.conf
+++ b/tmpl/handler-apache2.X.conf
@ -29,6 +29,17 @@ ErrorDocument 503 https://%%authWebName/lmerror/503
 <VirtualHost %%adresse_ip_eth0:443>
    ServerName %%reloadWebName

+    SSLEngine on
+    SSLCertificateFile   %%server_cert
+    SSLCertificateKeyFile %%server_key
+    SSLCertificateChainFile /etc/ssl/certs/ca_local.crt
+    SSLProtocol all -SSLv3 -SSLv2
+    SSLProxyEngine on
+
+    LogLevel %%lm_loglevel
+
+    ErrorLog /var/log/apache2/handler_error.log
+    CustomLog /var/log/apache2/handler_access.log common
    # Configuration reload mechanism (only 1 per physical server is
    # needed): choose your URL to avoid restarting Apache when
    # configuration change
--- a/tmpl/handler-nginx.conf
+++ b/tmpl/handler-nginx.conf
@ -23,8 +23,7 @@ server {
 }

 server {
-  listen 443;
-  ssl on;
+  listen 443 ssl;
 %if %%cert_type == "letsencrypt"
  ssl_certificate %%le_config_dir/live/%%managerWebName/cert.pem;
  ssl_certificate_key %%le_config_dir/live/%%managerWebName/privkey.pem;
@ -62,7 +61,7 @@ server {
    deny all;

    # Uncomment this if you use https only
-    #add_header Strict-Transport-Security "max-age=15768000";
+    add_header Strict-Transport-Security "max-age=15768000";
  }

 }
--- a/tmpl/lemonldap-ng.ini
+++ b/tmpl/lemonldap-ng.ini
@ -36,7 +36,7 @@
 ;
 ; 1 - Defined logging level
 ;   Set here one of error, warn, notice, info or debug
-logLevel     = debug
+logLevel     = %%lm_loglevel
 ; Note that this has no effect for Apache2 logging: Apache LogLevel is used
 ; instead
 ;
@ -65,9 +65,9 @@ logLevel     = debug
 ; 2.1 - Using Syslog
 ;
 ;   For Syslog logging, you can also overwrite facilities. Default values:
-;logger             = Lemonldap::NG::Common::Logger::Syslog
-;syslogFacility     = daemon
-;userSyslogFacility = auth
+logger             = Lemonldap::NG::Common::Logger::Syslog
+syslogFacility     = daemon
+userSyslogFacility = auth
 ;
 ; 2.2 - Using Log4perl
 ;
@ -197,11 +197,11 @@ portalSkin = %%llSkin
 ; Modules displayed
 ;portalDisplayLogout = 1
 portalDisplayResetPassword = %%boolean[%%llResetPassword]
-;portalDisplayChangePassword = 1
+portalDisplayChangePassword = %%boolean[%%llChangePassword]
 ;portalDisplayAppslist = 1
 ;portalDisplayLoginHistory = 1
 ; Require the old password when changing password
-;portalRequireOldPassword = 1
+portalRequireOldPassword = %%boolean[%%llChangePassword]
 ; Attribute displayed as connected user
 ;portalUserAttr = mail
 ; Old menu HTML code
--- a/tmpl/lmConf-1.json
+++ b/tmpl/lmConf-1.json
@ -13,8 +13,10 @@
 %silent %%exported_vars.sort()
 %silent %%cas_attributes.sort()
 {
-    "ADPwdExpireWarning": 0,
-    "ADPwdMaxAge": 0,
+%if %%lemon_user_db == "AD"
+    "ADPwdExpireWarning": %%llADPasswordExpireWarn,
+    "ADPwdMaxAge": %%llADPasswordMaxAge,
+%end if
    "CAS_authnLevel": 1,
    "CAS_pgtFile": "/tmp/pgt.txt",
    "CAS_proxiedServices": {},
@ -85,7 +87,7 @@
    },
    "authChoiceModules": {},
    "authChoiceParam": "lmAuth",
-    "authentication": "LDAP",
+    "authentication": "%%lemon_user_db",
    "browserIdAuthnLevel": 1,
    "captchaStorage": "Apache::Session::File",
    "captchaStorageOptions": {
@ -152,10 +154,24 @@
    "issuerDBSAMLRule": 1,
    "jsRedirect": 0,
    "key": "e\"bTCt3*eU9^\\V%b",
+%if %%llResetPassword == "oui"
+  %if %%llResetExpiredPassword == "oui"
+    %if %%lemon_user_db == "AD"
+    "ldapPpolicyControl": 0,
+    %else
+    "ldapPpolicyControl": 1,
+    %end if
+    "ldapAllowResetExpiredPassword": 1,
+    "ldapChangePasswordAsUser": 1,
+  %else
+    "ldapPpolicyControl": 0,
    "ldapAllowResetExpiredPassword": 0,
+    "ldapChangePasswordAsUser": 1,
+  %end if
+%end if
    "ldapAuthnLevel": 2,
+    "ldapSearchDeref": "find",
    "ldapBase": "%%ldapUserBaseDN",
-    "ldapChangePasswordAsUser": 0,
    "ldapExportedVars": {
        "cn": "cn",
        "mail": "mail",
@ -170,9 +186,15 @@
    "ldapPasswordResetAttribute": "pwdReset",
    "ldapPasswordResetAttributeValue": "TRUE",
    "ldapPort": "%%ldapServerPort",
-    "ldapPpolicyControl": 0,
    "ldapPwdEnc": "utf-8",
    "ldapServer": "%%ldapScheme://%%ldapServer",
+%if %%ldapScheme == "ldaps"
+   %if %%lmldapverify == "oui"
+    "ldapVerify": "required",
+   %else
+    "ldapVerify": "none",
+   %end if
+%end if
    "ldapSetPassword": 0,
    "ldapTimeout": 120,
    "ldapUsePasswordResetAttribute": 1,
@ -205,7 +227,7 @@
    "mailTimeout": 0,
 %if %%llResetPassword == "oui"
    %if %%is_empty(%%llResetUrl)
-    "mailUrl": "https://%%authWebName/mail.pl",
+    "mailUrl": "https://%%authWebName/resetpwd",
    %else
    "mailUrl": "%%llResetUrl",
    %end if
@ -244,7 +266,7 @@
    "openIdSreg_fullname": "cn",
    "openIdSreg_nickname": "uid",
    "openIdSreg_timezone": "_timezone",
-    "passwordDB": "LDAP",
+    "passwordDB": "%%lemon_user_db",
    "persistentStorage": "Apache::Session::File",
    "persistentStorageOptions": {
        "Directory": "/var/lib/lemonldap-ng/psessions",
@ -254,7 +276,7 @@
    "portalAntiFrame": 1,
    "portalCheckLogins": %%boolean[%%llCheckLogins],
    "portalDisplayAppslist": 1,
-    "portalDisplayChangePassword": "$_auth =~ /^(LDAP|DBI|Demo)$/",
+    "portalDisplayChangePassword": "$_auth =~ /^(AD|LDAP|DBI|Demo)$/",
    "portalDisplayLoginHistory": 1,
    "portalDisplayLogout": 1,
    "portalDisplayRegister": 1,
@ -364,7 +386,7 @@
    "useRedirectOnForbidden": 0,
    "useSafeJail": 1,
    "userControl": "^[\\w\\.\\-@]+$",
-    "userDB": "LDAP",
+    "userDB": "%%lemon_user_db",
    "vhostOptions": {
        "%%managerWebName": {
            "vhostHttps": "1"
--- a/tmpl/manager-apache2.X.conf
+++ b/tmpl/manager-apache2.X.conf
@ -13,13 +13,13 @@
 <VirtualHost %%adresse_ip_eth0:443>
    ServerName %%managerWebName
    SSLEngine on
-    SSLCertificateFile    /etc/ssl/certs/eole.crt
-    SSLCertificateKeyFile /etc/ssl/private/eole.key
+    SSLCertificateFile    %%server_cert
+    SSLCertificateKeyFile %%server_key
    SSLCertificateChainFile /etc/ssl/certs/ca_local.crt
    SSLProtocol all -SSLv3 -SSLv2
    SSLProxyEngine on

-    LogLevel info
+    LogLevel %%lm_loglevel
    ErrorLog /var/log/apache2/manager_error.log
    CustomLog /var/log/apache2/manager_access.log common

--- a/tmpl/manager-nginx.conf
+++ b/tmpl/manager-nginx.conf
@ -5,8 +5,7 @@ server {
 }

 server {
-  listen 443;
-  ssl on;
+  listen 443 ssl;
  %if %%cert_type == "letsencrypt"
  ssl_certificate %%le_config_dir/live/%%managerWebName/cert.pem;
  ssl_certificate_key %%le_config_dir/live/%%managerWebName/privkey.pem;
@ -70,8 +69,8 @@ server {

  # DEBIAN
  # If install was made with USEDEBIANLIBS (official releases), uncomment this
-  #location /javascript/ {
-  #  alias /usr/share/javascript/;
-  #}
+  location /javascript/ {
+    alias /usr/share/javascript/;
+  }

 }
--- a/tmpl/nginx-lmlog.conf
+++ b/tmpl/nginx-lmlog.conf
@ -1,3 +1,3 @@
-log_format lm_combined '$remote_addr - $lmremote_user [$time_local] '
+log_format lm_app '$remote_addr - $upstream_http_lm_remote_user [$time_local] '
 	'"$request" $status $body_bytes_sent '
-	'"$http_referer" "$http_user_agent"';
+	'"$http_referer" "$http_user_agent" $upstream_http_lm_remote_custom';
--- a/tmpl/portal-apache2.X.conf
+++ b/tmpl/portal-apache2.X.conf
@ -13,13 +13,13 @@
 <VirtualHost %%adresse_ip_eth0:443>
    ServerName %%authWebName
    SSLEngine on
-    SSLCertificateFile    /etc/ssl/certs/eole.crt
-    SSLCertificateKeyFile /etc/ssl/private/eole.key
+    SSLCertificateFile    %%server_cert
+    SSLCertificateKeyFile %%server_key
    SSLCertificateChainFile /etc/ssl/certs/ca_local.crt
    SSLProtocol all -SSLv3 -SSLv2
    SSLProxyEngine on

-    LogLevel info
+    LogLevel %%lm_loglevel
    ErrorLog /var/log/apache2/portal_error.log
    CustomLog /var/log/apache2/portal_access.log common

--- a/tmpl/portal-nginx.conf
+++ b/tmpl/portal-nginx.conf
@ -15,8 +15,7 @@ server {
 }

 server {
-  listen 443;
-  ssl on;
+  listen 443 ssl;
 %if %%cert_type == "letsencrypt"
  ssl_certificate %%le_config_dir/live/%%authWebName/cert.pem;
  ssl_certificate_key %%le_config_dir/live/%%authWebName/privkey.pem;
@ -83,7 +82,7 @@ server {

  # DEBIAN
  # If install was made with USEDEBIANLIBS (official releases), uncomment this
-  #location /javascript/ {
-  #  alias /usr/share/javascript/;
-  #}
+  location /javascript/ {
+    alias /usr/share/javascript/;
+  }
 }
Author	SHA1	Message	Date
Philippe Caseiro	cc9a5e20ce	Merge remote-tracking branch 'eole/master' into develop	2020-12-18 16:53:36 +01:00
Matthieu Lamalle	5512f64aab	Merge branch '2.8.0/master'	2020-12-16 10:31:04 +01:00
Matthieu Lamalle	569e0caab8	set correct openldap conf	2020-12-16 10:30:33 +01:00
Matthieu Lamalle	bb18f68a54	Merge branch '2.8.0/master'	2020-12-14 14:04:43 +01:00
Matthieu Lamalle	20e382934c	set default openldap	2020-12-14 14:04:09 +01:00
Matthieu Lamalle	cf5d9485ca	Merge branch '2.8.0/master'	2020-12-14 10:25:37 +01:00
Matthieu Lamalle	cf82616454	correction on condition	2020-12-14 10:24:17 +01:00
Philippe Caseiro	e423388795	Merge branch '2.8.0/master'	2020-12-11 09:26:06 +01:00
Philippe Caseiro	e810740ba9	Adding AD password warning support	2020-12-11 09:25:41 +01:00
Philippe Caseiro	140cc084a3	Merge branch '2.8.0/master'	2020-12-09 17:17:56 +01:00
Philippe Caseiro	3753625b20	Updating nginx configuration for 2.8	2020-12-09 17:17:30 +01:00
Philippe Caseiro	df5dabbcf4	Merge branch '2.8.0/master'	2020-12-09 16:48:35 +01:00
Philippe Caseiro	47e822f9b9	Updating lmlog file for nginx mode	2020-12-09 16:48:14 +01:00
Philippe Caseiro	87818bd6f0	Activer la possibilité de changer son mot de passe depuis LemonLDAP ref #31347	2020-12-07 16:07:34 +01:00
Philippe Caseiro	fe8722e776	Activer la possibilité de changer son mot de passe depuis LemonLDAP ref #31347	2020-12-07 16:06:55 +01:00
Philippe Caseiro	200c9c41e9	Using Active Directory (samba4) instead of OpenLDAP Moving to Active Directory the actual auth LDAP server The password is updated in the Samba4 directory so we need to use this one and not the OpenLDAP one	2020-12-03 16:52:33 +01:00
Philippe Caseiro	bf94e74916	Using Active Directory (samba4) instead of OpenLDAP Moving to Active Directory the actual auth LDAP server The password is updated in the Samba4 directory so we need to use this one and not the OpenLDAP one	2020-12-03 16:50:55 +01:00
Philippe Caseiro	0f3ff07b5f	Merge last evolutions from master branch	2020-12-02 10:20:42 +01:00
Philippe Caseiro	63bf3c9f98	UserBaseDN and BaseDN is not the same thing We need to use the user base dn	2020-11-26 17:13:37 +01:00
Philippe Caseiro	03a00fb7ce	Cleanup ldap_tls redefine	2020-11-26 16:58:32 +01:00
Philippe Caseiro	52e5c433eb	Enable option for SSL verify	2020-11-26 16:53:02 +01:00
Philippe Caseiro	d1ad6aeb25	Fix lm_loglevel	2020-11-26 14:09:15 +01:00
Philippe Caseiro	815fca0e82	Merge branch 'master' of https://dev-eole.ac-dijon.fr/git/eole-lemonldap-ng	2020-11-26 13:49:34 +01:00
Philippe Caseiro	8ec486eafc	Adding syslog configuration	2020-11-26 13:48:14 +01:00
Philippe Caseiro	4af11f3d28	Cleanup dico and support for loglevel	2020-11-26 13:47:47 +01:00
Philippe Caseiro	8af3ee655f	Cleanup dico	2020-11-26 13:43:33 +01:00
Philippe Caseiro	5d4e572967	Fixing log format	2020-11-26 13:21:49 +01:00
Philippe Caseiro	15da7394f3	Make eole-lemonldap-ng compatible with eolebase	2020-11-24 15:47:38 +01:00
vfebvre	536da57382	parent `d08c965ee8` author vfebvre <vfebvre@cadoles.com> 1599144265 +0200 committer Philippe Caseiro <pcaseiro@cadoles.com> 1606220045 +0100 Corrections diverses	2020-11-24 15:47:38 +01:00
Joël Cuissinat	d08c965ee8	Merge branch '2.8.0/master'	2020-11-16 15:46:53 +01:00
Daniel Dehennin	f2e6a3afe0	Merge branch '2.8.0/master' into master	2020-10-16 09:52:25 +02:00
Daniel Dehennin	2700a5d440	Prepare version 2.8.1 * Makefile: Mise à jour de la version. Mise à jour de la release. * .gitignore: règles minimale pour les fichiers de sauvegarde des éditeurs.	2020-10-15 09:34:31 +02:00
vfebvre	ad9059bfae	passage en 2.7.2	2020-09-03 16:44:25 +02:00