Merge branch 'master' into dist/envole/6/master
This commit is contained in:
commit
d69e869c10
|
@ -86,16 +86,16 @@
|
||||||
|
|
||||||
<variable type='oui/non' name='ninegate_ssosynchrogroup' description="Générer automatiquement les groupes en fonction d'un attribut SSO"><value>oui</value></variable>
|
<variable type='oui/non' name='ninegate_ssosynchrogroup' description="Générer automatiquement les groupes en fonction d'un attribut SSO"><value>oui</value></variable>
|
||||||
<variable type='string' name='ninegate_ssoreqgroup' description="Attribut SSO associé à la notion de groupe" mandatory='True'><value>user_groups</value></variable>
|
<variable type='string' name='ninegate_ssoreqgroup' description="Attribut SSO associé à la notion de groupe" mandatory='True'><value>user_groups</value></variable>
|
||||||
<variable type='oui/non' name='ninegate_ssosynchroitem' description="Associer automatiquement les items en fonction d'un attribut SSO"><value>non</value></variable>
|
|
||||||
<variable type='string' name='ninegate_ssoreqitem' description="Attribut SSO associé à la notion d'item" mandatory='True'><value></value></variable>
|
|
||||||
|
|
||||||
<variable type='oui/non' name='ninegate_syncldap' description="Synchroniser Ninegate vers votre Annuaire CadolesLDAP"><value>non</value></variable>
|
<variable type='oui/non' name='ninegate_syncldap' description="Synchroniser Ninegate vers votre Annuaire CadolesLDAP"><value>non</value></variable>
|
||||||
<variable type='string' name='ninegate_ldaptemplate' description="Modèle d'annuaire"><value>scribe</value></variable>
|
<variable type='string' name='ninegate_ldaptemplate' description="Modèle d'annuaire"><value>scribe</value></variable>
|
||||||
<variable type='oui/non' name='ninegate_scribegroup' description="Considérer les classes/options comme des groupes de travail"><value>oui</value></variable>
|
<variable type='oui/non' name='ninegate_scribegroup' description="Considérer les classes/options comme des groupes de travail"><value>oui</value></variable>
|
||||||
<variable type='string' name='ninegate_scribemaster' description="Placer les professeurs comme manager des groupes classes/options"><value>oui</value></variable>
|
<variable type='oui/non' name='ninegate_scribemaster' description="Placer les professeurs comme manager des groupes classes/options"><value>oui</value></variable>
|
||||||
<variable type='string' name='ninegate_openldapreqniveau01' description="Lors de l'initalisation de Ninegate requete LDAP utilisateur de votre premier Niveau01" mandatory='True'><value>(uid=*)</value></variable>
|
<variable type='string' name='ninegate_openldapreqniveau01' description="Lors de l'initalisation de Ninegate requete LDAP utilisateur de votre premier Niveau01" mandatory='True'><value>(uid=*)</value></variable>
|
||||||
<variable type='oui/non' name='ninegate_openldapsynchrogroup' description="Générer automatiquement les groupes en fonction de votre annuaire"><value>oui</value></variable>
|
<variable type='oui/non' name='ninegate_openldapsynchrogroup' description="Générer automatiquement les groupes en fonction de votre annuaire"><value>oui</value></variable>
|
||||||
<variable type='string' name='ninegate_openldapreqgroup' description="Générer automatiquement les groupes en fonction de votre annuaire" mandatory='True'><value>(objectClass=posixGroup)</value></variable>
|
<variable type='string' name='ninegate_openldapreqgroup' description="Générer automatiquement les groupes en fonction de votre annuaire" mandatory='True'><value>(objectClass=posixGroup)</value></variable>
|
||||||
|
<variable type='string' name='ninegate_openldapsubbranchgroup' description="Rechercher les groupes dans la sous-branche" mandatory='False' />
|
||||||
|
<variable type='string' name='ninegate_openldapsubbranchuser' description="Rechercher les utilisateurs dans la sous-branche" mandatory='False' />
|
||||||
|
|
||||||
<variable type='string' name='ninegate_pwdadmin' description="Mot de passe du compte admin durant l'instance (idem valeur Cadoles ldap)" mandatory='True'><value></value></variable>
|
<variable type='string' name='ninegate_pwdadmin' description="Mot de passe du compte admin durant l'instance (idem valeur Cadoles ldap)" mandatory='True'><value></value></variable>
|
||||||
<variable type='string' name='ninegate_organization' description="Nom de l'organisation principale (idem valeur Cadoles ldap)" mandatory='True'><value></value></variable>
|
<variable type='string' name='ninegate_organization' description="Nom de l'organisation principale (idem valeur Cadoles ldap)" mandatory='True'><value></value></variable>
|
||||||
|
@ -433,8 +433,6 @@
|
||||||
|
|
||||||
<target type='variable'>ninegate_ssosynchrogroup</target>
|
<target type='variable'>ninegate_ssosynchrogroup</target>
|
||||||
<target type='variable'>ninegate_ssoreqgroup</target>
|
<target type='variable'>ninegate_ssoreqgroup</target>
|
||||||
<target type='variable'>ninegate_ssosynchroitem</target>
|
|
||||||
<target type='variable'>ninegate_ssoreqitem</target>
|
|
||||||
|
|
||||||
<target type='variable'>ninegate_syncldap</target>
|
<target type='variable'>ninegate_syncldap</target>
|
||||||
<target type='variable'>ninegate_ldaptemplate</target>
|
<target type='variable'>ninegate_ldaptemplate</target>
|
||||||
|
@ -443,6 +441,8 @@
|
||||||
<target type='variable'>ninegate_openldapreqniveau01</target>
|
<target type='variable'>ninegate_openldapreqniveau01</target>
|
||||||
<target type='variable'>ninegate_openldapsynchrogroup</target>
|
<target type='variable'>ninegate_openldapsynchrogroup</target>
|
||||||
<target type='variable'>ninegate_openldapreqgroup</target>
|
<target type='variable'>ninegate_openldapreqgroup</target>
|
||||||
|
<target type='variable'>ninegate_openldapsubbranchgroup</target>
|
||||||
|
<target type='variable'>ninegate_openldapsubbranchuser</target>
|
||||||
|
|
||||||
<target type='variable'>ninegate_pwdadmin</target>
|
<target type='variable'>ninegate_pwdadmin</target>
|
||||||
<target type='variable'>ninegate_organization</target>
|
<target type='variable'>ninegate_organization</target>
|
||||||
|
@ -528,8 +528,6 @@
|
||||||
|
|
||||||
<target type='variable'>ninegate_ssosynchrogroup</target>
|
<target type='variable'>ninegate_ssosynchrogroup</target>
|
||||||
<target type='variable'>ninegate_ssoreqgroup</target>
|
<target type='variable'>ninegate_ssoreqgroup</target>
|
||||||
<target type='variable'>ninegate_ssosynchroitem</target>
|
|
||||||
<target type='variable'>ninegate_ssoreqitem</target>
|
|
||||||
</condition>
|
</condition>
|
||||||
|
|
||||||
<condition name='hidden_if_in' source='ninegate_syncldap'>
|
<condition name='hidden_if_in' source='ninegate_syncldap'>
|
||||||
|
@ -597,13 +595,6 @@
|
||||||
<target type='variable'>ninegate_ssoreqgroup</target>
|
<target type='variable'>ninegate_ssoreqgroup</target>
|
||||||
</condition>
|
</condition>
|
||||||
|
|
||||||
<!-- AFFICHAGE EN FONCTION DE SSO SYNCHRO ITEM -->
|
|
||||||
<condition name='hidden_if_in' source='ninegate_ssosynchroitem'>
|
|
||||||
<param>non</param>
|
|
||||||
|
|
||||||
<target type='variable'>ninegate_ssoreqitem</target>
|
|
||||||
</condition>
|
|
||||||
|
|
||||||
<!-- AFFICHAGE EN FONCTION DE CADOLESLDAP -->
|
<!-- AFFICHAGE EN FONCTION DE CADOLESLDAP -->
|
||||||
<fill name='calc_val' target='ninegate_pwdadmin'>
|
<fill name='calc_val' target='ninegate_pwdadmin'>
|
||||||
<param type='eole' hidden='False'>cadolesldap_pwdadmin</param>
|
<param type='eole' hidden='False'>cadolesldap_pwdadmin</param>
|
||||||
|
@ -648,6 +639,8 @@
|
||||||
<target type='variable'>ninegate_openldapreqniveau01</target>
|
<target type='variable'>ninegate_openldapreqniveau01</target>
|
||||||
<target type='variable'>ninegate_openldapsynchrogroup</target>
|
<target type='variable'>ninegate_openldapsynchrogroup</target>
|
||||||
<target type='variable'>ninegate_openldapreqgroup</target>
|
<target type='variable'>ninegate_openldapreqgroup</target>
|
||||||
|
<target type='variable'>ninegate_openldapsubbranchgroup</target>
|
||||||
|
<target type='variable'>ninegate_openldapsubbranchuser</target>
|
||||||
</condition>
|
</condition>
|
||||||
|
|
||||||
<!-- AFFICHAGE EN FONCTION DU LDAP SYNCHRO GROUP -->
|
<!-- AFFICHAGE EN FONCTION DU LDAP SYNCHRO GROUP -->
|
||||||
|
|
|
@ -0,0 +1,20 @@
|
||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
<creole>
|
||||||
|
<variables>
|
||||||
|
<family name='annuaire'>
|
||||||
|
<variable type='string' name='ldap_writer' description="Utilisateur d'écriture des comptes LDAP" exists='False'>
|
||||||
|
cn=admin,o=gouv,c=fr
|
||||||
|
</variable>
|
||||||
|
</family>
|
||||||
|
</variables>
|
||||||
|
|
||||||
|
<constraints>
|
||||||
|
<fill name='concat' target='ldap_writer'>
|
||||||
|
<param>cn=admin,</param>
|
||||||
|
<param type='eole'>ldap_base_dn</param>
|
||||||
|
</fill>
|
||||||
|
</constraints>
|
||||||
|
|
||||||
|
<help>
|
||||||
|
</help>
|
||||||
|
</creole>
|
|
@ -36,6 +36,8 @@ class SynchroCommand extends Command
|
||||||
private $rootlog;
|
private $rootlog;
|
||||||
private $ldap;
|
private $ldap;
|
||||||
private $ldap_basedn;
|
private $ldap_basedn;
|
||||||
|
private $ldap_baseuser;
|
||||||
|
private $ldap_basegroup;
|
||||||
|
|
||||||
protected function configure()
|
protected function configure()
|
||||||
{
|
{
|
||||||
|
@ -94,18 +96,23 @@ class SynchroCommand extends Command
|
||||||
$this->writeln('=====================================================');
|
$this->writeln('=====================================================');
|
||||||
|
|
||||||
|
|
||||||
$this->ldap_basedn = $this->container->getParameter('ldap_basedn');
|
$this->ldap_basedn = $this->container->getParameter('ldap_basedn');
|
||||||
$ldap_template = $this->container->getParameter('ldap_template');
|
$this->ldap_baseuser = $this->container->getParameter('ldap_baseuser');
|
||||||
$ldap_username = $this->container->getParameter('ldap_username');
|
$this->ldap_basegroup = $this->container->getParameter('ldap_basegroup');
|
||||||
$ldap_firstname = $this->container->getParameter('ldap_firstname');
|
|
||||||
$ldap_lastname = $this->container->getParameter('ldap_lastname');
|
$ldap_username = strtolower($this->container->getParameter('ldap_username'));
|
||||||
$ldap_email = $this->container->getParameter('ldap_email');
|
$ldap_firstname = strtolower($this->container->getParameter('ldap_firstname'));
|
||||||
$ldap_usersadmin = $this->container->getParameter('ldap_usersadmin');
|
$ldap_lastname = strtolower($this->container->getParameter('ldap_lastname'));
|
||||||
$scribe_group = $this->container->getParameter('scribe_group');
|
$ldap_email = strtolower($this->container->getParameter('ldap_email'));
|
||||||
$scribe_master = $this->container->getParameter('scribe_master');
|
$ldap_member = strtolower($this->container->getParameter('ldap_member'));
|
||||||
$fieldstoread = array($ldap_username,$ldap_firstname,$ldap_lastname,$ldap_email);
|
$scribe_group = strtolower($this->container->getParameter('scribe_group'));
|
||||||
$ldapusers = array();
|
|
||||||
$ldapmails = array();
|
$ldap_template = $this->container->getParameter('ldap_template');
|
||||||
|
$ldap_usersadmin = $this->container->getParameter('ldap_usersadmin');
|
||||||
|
$scribe_master = strtolower($this->container->getParameter('scribe_master'));
|
||||||
|
$fieldstoread = array($ldap_username,$ldap_firstname,$ldap_lastname,$ldap_email);
|
||||||
|
$ldapusers = array();
|
||||||
|
$ldapmails = array();
|
||||||
|
|
||||||
if($ldap_template=="scribe") {
|
if($ldap_template=="scribe") {
|
||||||
$this->writeln('');
|
$this->writeln('');
|
||||||
|
@ -179,7 +186,7 @@ class SynchroCommand extends Command
|
||||||
$this->writeln('');
|
$this->writeln('');
|
||||||
$this->writeln('== GROUPES ==========================================');
|
$this->writeln('== GROUPES ==========================================');
|
||||||
|
|
||||||
$results = $this->ldap->search($this->container->getParameter('openldapreqgroup'), ['cn','description','gidNumber'], $this->ldap_basedn);
|
$results = $this->ldap->search($this->container->getParameter('openldapreqgroup'), ['cn','description','gidNumber'], $this->ldap_basegroup);
|
||||||
foreach($results as $result) {
|
foreach($results as $result) {
|
||||||
$cn=$result["cn"];
|
$cn=$result["cn"];
|
||||||
$ldapfilter="(&".$this->container->getParameter('openldapreqgroup')."(cn=$cn))";
|
$ldapfilter="(&".$this->container->getParameter('openldapreqgroup')."(cn=$cn))";
|
||||||
|
@ -209,7 +216,7 @@ class SynchroCommand extends Command
|
||||||
// On execute le filtre d'appartenance à ce niveau
|
// On execute le filtre d'appartenance à ce niveau
|
||||||
$this->writeln("== Récupération des utilisateurs de l'annuaire");
|
$this->writeln("== Récupération des utilisateurs de l'annuaire");
|
||||||
$niveau01=$this->em->getRepository('CadolesCoreBundle:Niveau01')->find($data["id"]);
|
$niveau01=$this->em->getRepository('CadolesCoreBundle:Niveau01')->find($data["id"]);
|
||||||
$results = $this->ldap->search($niveau01->getLdapfilter(), $fieldstoread, $this->ldap_basedn);
|
$results = $this->ldap->search($niveau01->getLdapfilter(), $fieldstoread, $this->ldap_baseuser);
|
||||||
$nbuserstotal=count($results);
|
$nbuserstotal=count($results);
|
||||||
|
|
||||||
// Pour chaque utilisateur ldap
|
// Pour chaque utilisateur ldap
|
||||||
|
@ -229,6 +236,7 @@ class SynchroCommand extends Command
|
||||||
$result[$ldap_username]=utf8_encode($result[$ldap_username]);
|
$result[$ldap_username]=utf8_encode($result[$ldap_username]);
|
||||||
if(!isset($result[$ldap_lastname])) $result[$ldap_lastname] = "";
|
if(!isset($result[$ldap_lastname])) $result[$ldap_lastname] = "";
|
||||||
if(!isset($result[$ldap_firstname])) $result[$ldap_firstname] = "";
|
if(!isset($result[$ldap_firstname])) $result[$ldap_firstname] = "";
|
||||||
|
|
||||||
if(!array_key_exists($ldap_email,$result)) {
|
if(!array_key_exists($ldap_email,$result)) {
|
||||||
$this->writelnred(" - Création dans Bundle impossible >> ".$result[$ldap_username]." sans email");
|
$this->writelnred(" - Création dans Bundle impossible >> ".$result[$ldap_username]." sans email");
|
||||||
continue;
|
continue;
|
||||||
|
@ -306,18 +314,29 @@ class SynchroCommand extends Command
|
||||||
$this->writeln('== '.$group->getLabel());
|
$this->writeln('== '.$group->getLabel());
|
||||||
|
|
||||||
if(!is_null($ldapfilter)) {
|
if(!is_null($ldapfilter)) {
|
||||||
$results = $this->ldap->search($ldapfilter,[$ldap_username,"memberuid"] , $this->ldap_basedn);
|
$results = $this->ldap->search($ldapfilter,[$ldap_username,$ldap_member] , $this->ldap_basedn);
|
||||||
|
|
||||||
foreach($results as $result) {
|
foreach($results as $result) {
|
||||||
if(isset($result["memberuid"])) {
|
|
||||||
|
|
||||||
|
if(isset($result[$ldap_member])) {
|
||||||
// Si memberid est un tableau il y a plusieur user dedans
|
// Si memberid est un tableau il y a plusieur user dedans
|
||||||
if(is_array($result["memberuid"])) {
|
if(is_array($result[$ldap_member])) {
|
||||||
foreach($result["memberuid"] as $key => $value) {
|
foreach($result[$ldap_member] as $key => $value) {
|
||||||
if(is_int($key)) {
|
if(is_int($key)) {
|
||||||
$user=$this->em->getRepository('CadolesCoreBundle:User')->findOneBy(array('username' => $value));
|
$username=$value;
|
||||||
|
|
||||||
|
// si le username forme un DN, il faut récupérer juste la première entrée
|
||||||
|
$tmp=explode(",",$username);
|
||||||
|
if(is_array($tmp)&&count($tmp)>1) {
|
||||||
|
$tmp=explode("=",$tmp[0]);
|
||||||
|
$username=$tmp[1];
|
||||||
|
}
|
||||||
|
|
||||||
|
$user=$this->em->getRepository('CadolesCoreBundle:User')->findOneBy(array('username' => $username));
|
||||||
if($user) {
|
if($user) {
|
||||||
array_push($ldapusersgroup,$value);
|
array_push($ldapusersgroup,$username);
|
||||||
$this->writeln(" - Rattacher >> ".$value);
|
$this->writeln(" - Rattacher >> ".$username);
|
||||||
if(!$simulate) $this->addtoGroup($user,$group);
|
if(!$simulate) $this->addtoGroup($user,$group);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -325,10 +344,19 @@ class SynchroCommand extends Command
|
||||||
}
|
}
|
||||||
// sinon m'a qu'un seul uid
|
// sinon m'a qu'un seul uid
|
||||||
else {
|
else {
|
||||||
$user=$this->em->getRepository('CadolesCoreBundle:User')->findOneBy(array('username' => $result["memberuid"]));
|
$username=$result[$ldap_member];
|
||||||
|
|
||||||
|
// si le username forme un DN, il faut récupérer juste la première entrée
|
||||||
|
$tmp=explode(",",$username);
|
||||||
|
if(is_array($tmp)&&count($tmp)>1) {
|
||||||
|
$tmp=explode("=",$tmp[0]);
|
||||||
|
$username=$tmp[1];
|
||||||
|
}
|
||||||
|
|
||||||
|
$user=$this->em->getRepository('CadolesCoreBundle:User')->findOneBy(array('username' => $username));
|
||||||
if($user) {
|
if($user) {
|
||||||
array_push($ldapusersgroup,$result["memberuid"]);
|
array_push($ldapusersgroup,$username);
|
||||||
$this->writeln(" - Rattacher >> ".$result["memberuid"]);
|
$this->writeln(" - Rattacher >> ".$username);
|
||||||
if(!$simulate) $this->addtoGroup($user,$group);
|
if(!$simulate) $this->addtoGroup($user,$group);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -106,6 +106,7 @@ services:
|
||||||
arguments:
|
arguments:
|
||||||
- %ldap_host%
|
- %ldap_host%
|
||||||
- %ldap_port%
|
- %ldap_port%
|
||||||
|
- %ldap_tls%
|
||||||
calls:
|
calls:
|
||||||
- [setUser, ["%ldap_user%"]]
|
- [setUser, ["%ldap_user%"]]
|
||||||
- [setPassword, ["%ldap_password%"]]
|
- [setPassword, ["%ldap_password%"]]
|
||||||
|
|
|
@ -13,6 +13,7 @@ class ldapService
|
||||||
|
|
||||||
protected $host;
|
protected $host;
|
||||||
protected $port;
|
protected $port;
|
||||||
|
protected $tls;
|
||||||
protected $baseDN;
|
protected $baseDN;
|
||||||
protected $baseUser;
|
protected $baseUser;
|
||||||
protected $baseNiveau01;
|
protected $baseNiveau01;
|
||||||
|
@ -24,10 +25,11 @@ class ldapService
|
||||||
private $connection = null;
|
private $connection = null;
|
||||||
private $ldapSync = false;
|
private $ldapSync = false;
|
||||||
|
|
||||||
public function __construct($host, $port)
|
public function __construct($host, $port, $tls)
|
||||||
{
|
{
|
||||||
$this->host = $host;
|
$this->host = $host;
|
||||||
$this->port = $port;
|
$this->port = $port;
|
||||||
|
$this->tls = $tls;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function isEnabled() {
|
public function isEnabled() {
|
||||||
|
@ -39,8 +41,11 @@ class ldapService
|
||||||
return $this->connection;
|
return $this->connection;
|
||||||
} else {
|
} else {
|
||||||
$ldapConn = ldap_connect($this->host, $this->port);
|
$ldapConn = ldap_connect($this->host, $this->port);
|
||||||
|
|
||||||
if($ldapConn){
|
if($ldapConn){
|
||||||
ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
|
ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||||
|
if($this->tls) ldap_start_tls($ldapConn);
|
||||||
|
|
||||||
if(ldap_bind( $ldapConn, $this->user, $this->password)){
|
if(ldap_bind( $ldapConn, $this->user, $this->password)){
|
||||||
$this->connection = $ldapConn;
|
$this->connection = $ldapConn;
|
||||||
return $this->connection;
|
return $this->connection;
|
||||||
|
|
|
@ -1,8 +1,5 @@
|
||||||
# This file is auto-generated during the composer install
|
# This file is auto-generated during the composer install
|
||||||
parameters:
|
parameters:
|
||||||
# Certaines trace seront visible via un passage à true de fgdebug
|
|
||||||
fgdebug: false
|
|
||||||
|
|
||||||
# Determine qui est le maitre de l'identitité = SQL / LDAP / SSO
|
# Determine qui est le maitre de l'identitité = SQL / LDAP / SSO
|
||||||
# Si SQL cela veut dire que c'est l'applicatif qui gère les utilisateurs
|
# Si SQL cela veut dire que c'est l'applicatif qui gère les utilisateurs
|
||||||
# Sinon la source est externe soit via un annuaire soit via des attributs venant d'un SSO
|
# Sinon la source est externe soit via un annuaire soit via des attributs venant d'un SSO
|
||||||
|
@ -118,16 +115,25 @@ parameters:
|
||||||
%end if
|
%end if
|
||||||
|
|
||||||
# Information de base de l'annuaire
|
# Information de base de l'annuaire
|
||||||
ldap_host: %%adresse_ip_ldap
|
ldap_host: ldap://%%adresse_ip_ldap
|
||||||
ldap_port: %%ldap_port
|
ldap_port: %%ldap_port
|
||||||
|
%if %%getVar("ldap_tls","non") == "oui"
|
||||||
|
ldap_tls: true
|
||||||
|
%else
|
||||||
|
ldap_tls: false
|
||||||
|
%end if
|
||||||
%if %%getVar("activer_admin_passfile", 'non') == "oui"
|
%if %%getVar("activer_admin_passfile", 'non') == "oui"
|
||||||
|
%if %%getVar("ldap_writer", '') == ""
|
||||||
ldap_user: cn=admin,o=gouv,c=fr
|
ldap_user: cn=admin,o=gouv,c=fr
|
||||||
|
%else
|
||||||
|
ldap_user: %%ldap_writer
|
||||||
|
%end if
|
||||||
ldap_password: %%pwdreader("",%%ldap_admin_passfile)
|
ldap_password: %%pwdreader("",%%ldap_admin_passfile)
|
||||||
%else
|
%else
|
||||||
ldap_user: %%ldap_reader
|
ldap_user: %%ldap_reader
|
||||||
ldap_password: %%pwdreader("",%%ldap_reader_passfile)
|
ldap_password: %%pwdreader("",%%ldap_reader_passfile)
|
||||||
%end if
|
%end if
|
||||||
ldap_basedn: o=gouv,c=fr
|
ldap_basedn: %%ldap_base_dn
|
||||||
|
|
||||||
# Mise en page
|
# Mise en page
|
||||||
weburl: %%web_url
|
weburl: %%web_url
|
||||||
|
@ -162,15 +168,28 @@ parameters:
|
||||||
%end if
|
%end if
|
||||||
|
|
||||||
%if %%getVar("ninegate_test_conf_ldap", 'non') == "oui"
|
%if %%getVar("ninegate_test_conf_ldap", 'non') == "oui"
|
||||||
ldap_baseuser: ou=users,ou=%%ninegate_organization,o=gouv,c=fr
|
ldap_baseuser: ou=users,ou=%%ninegate_organization,%%ldap_base_dn
|
||||||
ldap_baseniveau01: ou=%%ninegate_niveau01branche,ou=%%ninegate_organization,o=gouv,c=fr
|
ldap_baseniveau01: ou=%%ninegate_niveau01branche,ou=%%ninegate_organization,%%ldap_base_dn
|
||||||
ldap_baseniveau02: ou=%%ninegate_niveau02branche,ou=%%ninegate_organization,o=gouv,c=fr
|
ldap_baseniveau02: ou=%%ninegate_niveau02branche,ou=%%ninegate_organization,%%ldap_base_dn
|
||||||
ldap_basegroup: ou=groups,ou=%%ninegate_organization,o=gouv,c=fr
|
ldap_basegroup: ou=groups,ou=%%ninegate_organization,%%ldap_base_dn
|
||||||
|
%else if %%getVar("ninegate_ldaptemplate", 'open') == "open"
|
||||||
|
%if not %%is_empty(%%ninegate_openldapsubbranchuser)
|
||||||
|
ldap_baseuser: %%ninegate_openldapsubbranchuser
|
||||||
|
%else
|
||||||
|
ldap_baseuser: %%ldap_base_dn
|
||||||
|
%end if
|
||||||
|
ldap_baseniveau01: %%ldap_base_dn
|
||||||
|
ldap_baseniveau02: %%ldap_base_dn
|
||||||
|
%if not %%is_empty(%%ninegate_openldapsubbranchgroup)
|
||||||
|
ldap_basegroup: %%ninegate_openldapsubbranchgroup
|
||||||
|
%else
|
||||||
|
ldap_basegroup: %%ldap_base_dn
|
||||||
|
%end if
|
||||||
%else
|
%else
|
||||||
ldap_baseuser:
|
ldap_baseuser: %%ldap_base_dn
|
||||||
ldap_baseniveau01:
|
ldap_baseniveau01: %%ldap_base_dn
|
||||||
ldap_baseniveau02:
|
ldap_baseniveau02: %%ldap_base_dn
|
||||||
ldap_basegroup:
|
ldap_basegroup: %%ldap_base_dn
|
||||||
%end if
|
%end if
|
||||||
|
|
||||||
# Si masteridentity est à LDAP = quel est le modele d'organisation
|
# Si masteridentity est à LDAP = quel est le modele d'organisation
|
||||||
|
@ -183,10 +202,11 @@ parameters:
|
||||||
%end if
|
%end if
|
||||||
|
|
||||||
# Si masteridentity est à LDAP = quel champs sont à récupérer = faudrait templetiser dans genconfig
|
# Si masteridentity est à LDAP = quel champs sont à récupérer = faudrait templetiser dans genconfig
|
||||||
ldap_username: uid
|
ldap_username: %%ldap_match_attribute
|
||||||
ldap_firstname: givenname
|
ldap_firstname: givenname
|
||||||
ldap_lastname: sn
|
ldap_lastname: sn
|
||||||
ldap_email: mail
|
ldap_email: %%ldap_fill_mail
|
||||||
|
ldap_member: %%ldap_member_group_attribute
|
||||||
%if %%getVar("activer_addadmin", 'non') == "oui"
|
%if %%getVar("activer_addadmin", 'non') == "oui"
|
||||||
ldap_usersadmin: [admin,%%uid_addadmin]
|
ldap_usersadmin: [admin,%%uid_addadmin]
|
||||||
%else
|
%else
|
||||||
|
@ -472,7 +492,7 @@ parameters:
|
||||||
|
|
||||||
# Si mode_auth = CAS
|
# Si mode_auth = CAS
|
||||||
cas_host: %%eolesso_adresse
|
cas_host: %%eolesso_adresse
|
||||||
cas_path: %%getVar("eolesso_cas_folder", '')
|
cas_path: %%eolesso_cas_folder
|
||||||
cas_port: %%eolesso_port
|
cas_port: %%eolesso_port
|
||||||
|
|
||||||
# Si mode_aut = SAML
|
# Si mode_aut = SAML
|
||||||
|
@ -495,18 +515,10 @@ parameters:
|
||||||
ssosynchrogroup: true
|
ssosynchrogroup: true
|
||||||
user_attr_cas_group: %%ninegate_ssoreqgroup
|
user_attr_cas_group: %%ninegate_ssoreqgroup
|
||||||
%else
|
%else
|
||||||
ssosynchrogroup: false
|
ssosynchrogroup: fase
|
||||||
user_attr_cas_group:
|
user_attr_cas_group:
|
||||||
%end if
|
%end if
|
||||||
|
|
||||||
%if %%getVar("ninegate_ssosynchroitem", 'non') == "oui"
|
|
||||||
ssosynchroitem: true
|
|
||||||
user_attr_cas_item: %%ninegate_ssoreqitem
|
|
||||||
%else
|
|
||||||
ssosynchroitem: false
|
|
||||||
user_attr_cas_item:
|
|
||||||
%end if
|
|
||||||
|
|
||||||
%if %%is_defined("ninegate_smtpport")
|
%if %%is_defined("ninegate_smtpport")
|
||||||
mailer_port: '%%ninegate_smtpport'
|
mailer_port: '%%ninegate_smtpport'
|
||||||
mailer_encryption: %%ninegate_smtpencryption
|
mailer_encryption: %%ninegate_smtpencryption
|
||||||
|
@ -542,7 +554,6 @@ doctrine:
|
||||||
CadolesCronBundle: ~
|
CadolesCronBundle: ~
|
||||||
CadolesPortalBundle: ~
|
CadolesPortalBundle: ~
|
||||||
CadolesWebsocketBundle: ~
|
CadolesWebsocketBundle: ~
|
||||||
CadolesEdispatcherBundle: ~
|
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue