Module: check_mk
Branch: master
Commit: a478d4c3dea327cc7415c89f3ddf2f9bc9772245
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=a478d4c3dea327…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Wed Nov 21 12:09:16 2012 +0100
ldap: Improved ldap configuration a bit
---
web/plugins/userdb/ldap.py | 24 +++++++++++++++++-------
web/plugins/wato/check_mk_configuration.py | 9 ++++-----
2 files changed, 21 insertions(+), 12 deletions(-)
diff --git a/web/plugins/userdb/ldap.py b/web/plugins/userdb/ldap.py
index 5f40e38..fce0856 100644
--- a/web/plugins/userdb/ldap.py
+++ b/web/plugins/userdb/ldap.py
@@ -294,14 +294,19 @@ def ldap_attribute_plugins_elements():
for key, plugin in items:
if 'parameters' not in plugin:
param = []
+ elements.append((key, FixedValue(
+ title = plugin['title'],
+ help = plugin['help'],
+ value = None,
+ totext = 'no_param_txt' in plugin and
plugin['no_param_txt'] \
+ or _('This synchronization plugin has no
parameters.'),
+ )))
else:
- param = plugin['parameters']
-
- elements.append((key, Dictionary(
- title = plugin['title'],
- help = plugin['help'],
- elements = param,
- )))
+ elements.append((key, Dictionary(
+ title = plugin['title'],
+ help = plugin['help'],
+ elements = plugin['parameters'],
+ )))
return elements
# Returns a list of all needed LDAP attributes of all enabled plugins
@@ -335,6 +340,7 @@ ldap_attribute_plugins['email'] = {
'convert': ldap_convert_mail,
# User-Attributes to be written by this plugin and will be locked in WATO
'lock_attributes': [ 'email' ],
+ 'no_param_txt': _('Synchronize the "mail" attribute of
LDAP users into Check_MK.'),
}
ldap_attribute_plugins['alias'] = {
@@ -443,6 +449,7 @@ ldap_attribute_plugins['groups_to_contactgroups'] = {
'contactgroup must match the common name of the LDAP group.'),
'convert': ldap_convert_groups_to_contactgroups,
'lock_attributes': ['contactgroups'],
+ 'no_param_txt': _('Add user to all contactgroups where the common name
matches the group name.'),
}
def ldap_convert_groups_to_roles(params, user_id, ldap_user, user):
@@ -592,8 +599,11 @@ def ldap_page():
last_sync_time = 0
if last_sync_time + config.ldap_cache_livetime > time.time():
+ html.log('no sync needed (%d > %d)' % (last_sync_time +
config.ldap_cache_livetime, time.time()))
return # No action needed, cache is recent enough
+ html.log('sync needed (%d <= %d)' % (last_sync_time +
config.ldap_cache_livetime, time.time()))
+
# ok, cache is too old. Act!
ldap_sync(False, None)
diff --git a/web/plugins/wato/check_mk_configuration.py
b/web/plugins/wato/check_mk_configuration.py
index a9daf3d..9e070c6 100644
--- a/web/plugins/wato/check_mk_configuration.py
+++ b/web/plugins/wato/check_mk_configuration.py
@@ -318,12 +318,11 @@ register_configvar(group,
value = True,
totext = _("Encrypt the network connection using SSL."),
)),
- ("version", Integer(
+ ("version", DropdownChoice(
title = _("LDAP Version"),
help = _("Select the LDAP version the LDAP server is serving. Most
modern "
"servers use LDAP version 3."),
- minvalue = 1,
- maxvalue = 3,
+ choices = [ (2, "2"), (3, "3") ],
default_value = 3,
)),
("type", DropdownChoice(
@@ -398,11 +397,11 @@ register_configvar(group,
default_value = lambda: userdb.ldap_filter('users', False),
)),
("user_id", TextAscii(
- title = _("User-ID"),
+ title = _("User-ID Attrubute"),
help = _("The attribute used to identify the individual users. It
must have "
"unique values to make an user identifyable by the value
of this "
"attribute."),
- default_value = lambda: userdb.ldap_attr('user_id', False),
+ default_value = lambda: userdb.ldap_attr('user_id'),
)),
],
optional_keys = ['scope', 'filter', 'user_id'],