8ad27efffa7a5c4bc91ed747d8f0b1515ddcad14
[moodle.git] / auth / ldap / config.html
1 <?php
3 // Set to defaults if undefined
4 if (!isset($config->host_url)) {
5     $config->host_url = '';
6 }
7 if (empty($config->ldapencoding)) {
8     $config->ldapencoding = 'utf-8';
9 }
10 if (!isset($config->contexts)) {
11     $config->contexts = '';
12 }
13 if (!isset($config->user_type)) {
14     $config->user_type = 'default';
15 }
16 if (!isset($config->user_attribute)) {
17     $config->user_attribute = '';
18 }
19 if (!isset($config->search_sub)) {
20     $config->search_sub = '';
21 }
22 if (!isset($config->opt_deref)) {
23     $config->opt_deref = LDAP_DEREF_NEVER;
24 }
25 if (!isset($config->preventpassindb)) {
26     $config->preventpassindb = 0;
27 }
28 if (!isset($config->bind_dn)) {
29     $config->bind_dn = '';
30 }
31 if (!isset($config->bind_pw)) {
32     $config->bind_pw = '';
33 }
34 if (!isset($config->ldap_version)) {
35     $config->ldap_version = '3';
36 }
37 if (!isset($config->objectclass)) {
38     $config->objectclass = '';
39 }
40 if (!isset($config->memberattribute)) {
41     $config->memberattribute = '';
42 }
43 if (!isset($config->memberattribute_isdn)) {
44     $config->memberattribute_isdn = '';
45 }
46 if (!isset($config->creators)) {
47     $config->creators = '';
48 }
49 if (!isset($config->create_context)) {
50     $config->create_context = '';
51 }
52 if (!isset($config->expiration)) {
53     $config->expiration = '';
54 }
55 if (!isset($config->expiration_warning)) {
56     $config->expiration_warning = '10';
57 }
58 if (!isset($config->expireattr)) {
59     $config->expireattr = '';
60 }
61 if (!isset($config->gracelogins)) {
62     $config->gracelogins = '';
63 }
64 if (!isset($config->graceattr)) {
65     $config->graceattr = '';
66 }
67 if (!isset($config->auth_user_create)) {
68     $config->auth_user_create = '';
69 }
70 if (!isset($config->forcechangepassword)) {
71     $config->forcechangepassword = 0;
72 }
73 if (!isset($config->stdchangepassword)) {
74     $config->stdchangepassword = 0;
75 }
76 if (!isset($config->passtype)) {
77     $config->passtype = 'plaintext';
78 }
79 if (!isset($config->changepasswordurl)) {
80     $config->changepasswordurl = '';
81 }
82 if (!isset($config->removeuser)) {
83     $config->removeuser = AUTH_REMOVEUSER_KEEP;
84 }
85 if (!isset($config->ntlmsso_enabled)) {
86     $config->ntlmsso_enabled = 0;
87 }
88 if (!isset($config->ntlmsso_subnet)) {
89     $config->ntlmsso_subnet = '';
90 }
91 if (!isset($config->ntlmsso_ie_fastpath)) {
92     $config->ntlmsso_ie_fastpath = 0;
93 }
94 if (!isset($config->ntlmsso_type)) {
95     $config->ntlmsso_type = 'ntlm';
96 }
98 $yesno = array(get_string('no'), get_string('yes'));
100 ?>
101 <table cellspacing="0" cellpadding="5" border="0">
102 <tr>
103    <td colspan="2">
104        <h4><?php print_string('auth_ldap_server_settings', 'auth_ldap') ?></h4>
105    </td>
106 </tr>
107 <tr valign="top" class="required">
108     <td align="right">
109         <label for="host_url"><?php print_string('auth_ldap_host_url_key', 'auth_ldap') ?></label>
110     </td>
111     <td>
112         <input name="host_url" id="host_url" type="text" size="30" value="<?php echo $config->host_url?>" />
113         <?php if (isset($err['host_url'])) { echo $OUTPUT->error_text($err['host_url']); } ?>
114     </td>
115     <td>
116         <?php print_string('auth_ldap_host_url', 'auth_ldap') ?>
117     </td>
118 </tr>
119 <tr valign="top" class="required">
120     <td align="right">
121         <label for="menuldap_version"><?php print_string('auth_ldap_version_key', 'auth_ldap') ?></label>
122     </td>
123     <td>
124         <?php
125            $versions = array();
126            $versions[2] = '2';
127            $versions[3] = '3';
128            echo html_writer::select($versions, 'ldap_version', $config->ldap_version, false);
129            if (isset($err['ldap_version'])) { echo $OUTPUT->error_text($err['ldap_version']); }
130         ?>
131     </td>
132     <td>
133         <?php print_string('auth_ldap_version', 'auth_ldap') ?>
134     </td>
135 </tr>
136 <tr valign="top" class="required">
137     <td align="right">
138         <label for="ldapencoding"><?php print_string('auth_ldap_ldap_encoding_key', 'auth_ldap') ?></label>
139     </td>
140     <td>
141         <input id="ldapencoding" name="ldapencoding" type="text" value="<?php echo $config->ldapencoding ?>" />
142         <?php if (isset($err['ldapencoding'])) { echo $OUTPUT->error_text($err['ldapencoding']); } ?>
143     </td>
144     <td>
145         <?php print_string('auth_ldap_ldap_encoding', 'auth_ldap') ?>
146     </td>
147 </tr>
148 <tr>
149     <td colspan="2">
150         <h4><?php print_string('auth_ldap_bind_settings', 'auth_ldap') ?></h4>
151     </td>
152 </tr>
153 <tr valign="top" class="required">
154     <td align="right">
155         <label for="menupreventpassindb"><?php print_string('auth_ldap_preventpassindb_key', 'auth_ldap') ?></label>
156     </td>
157     <td>
158         <?php echo html_writer::select($yesno, 'preventpassindb', $config->preventpassindb, false); ?>
159     </td>
160     <td>
161         <?php print_string('auth_ldap_preventpassindb', 'auth_ldap') ?>
162     </td>
163 </tr>
164 <tr valign="top" class="required">
165     <td align="right">
166         <label for="bind_dn"><?php print_string('auth_ldap_bind_dn_key', 'auth_ldap') ?></label>
167     </td>
168     <td>
169         <input name="bind_dn" id="bind_dn" type="text" size="30" value="<?php echo $config->bind_dn?>" />
170         <?php if (isset($err['bind_dn'])) { echo $OUTPUT->error_text($err['bind_dn']); } ?>
171     </td>
172     <td>
173         <?php print_string('auth_ldap_bind_dn', 'auth_ldap') ?>
174     </td>
175 </tr>
176 <tr valign="top" class="required">
177     <td align="right">
178         <label for="bind_pw"><?php print_string('auth_ldap_bind_pw_key', 'auth_ldap') ?></label>
179     </td>
180     <td>
181         <input name="bind_pw" id="bind_pw" type="password" size="30" value="<?php echo $config->bind_pw?>" />
182         <?php if (isset($err['bind_pw'])) { echo $OUTPUT->error_text($err['bind_pw']); } ?>
183     </td>
184     <td>
185         <?php print_string('auth_ldap_bind_pw', 'auth_ldap') ?>
186     </td>
187 </tr>
188 <tr>
189     <td colspan="2">
190         <h4><?php print_string('auth_ldap_user_settings', 'auth_ldap') ?></h4>
191     </td>
192 </tr>
193 <tr valign="top" class="required">
194     <td align="right">
195         <label for="menuuser_type"><?php print_string('auth_ldap_user_type_key', 'auth_ldap') ?></label>
196     </td>
197     <td>
198         <?php
199             echo html_writer::select(ldap_supported_usertypes(), 'user_type', $config->user_type, false);
200             if (isset($err['user_type'])) { echo $OUTPUT->error_text($err['user_type']); }
201         ?>
202     </td>
203     <td>
204         <?php print_string('auth_ldap_user_type', 'auth_ldap') ?>
205     </td>
206 </tr>
207 <tr valign="top" class="required">
208     <td align="right">
209         <label for="contexts"><?php print_string('auth_ldap_contexts_key', 'auth_ldap') ?></label>
210     </td>
211     <td>
212         <input name="contexts" id="contexts" type="text" size="30" value="<?php echo $config->contexts?>" />
213         <?php if (isset($err['contexts'])) { echo $OUTPUT->error_text($err['contexts']); } ?>
214     </td>
215     <td>
216         <?php print_string('auth_ldap_contexts', 'auth_ldap') ?>
217     </td>
218 </tr>
219 <tr valign="top" class="required">
220     <td align="right">
221         <label for="menusearch_sub"><?php print_string('auth_ldap_search_sub_key', 'auth_ldap') ?></label>
222     </td>
223     <td>
224         <?php echo html_writer::select($yesno, 'search_sub', $config->search_sub, false); ?>
225     </td>
226     <td>
227         <?php print_string('auth_ldap_search_sub', 'auth_ldap') ?>
228     </td>
229 </tr>
230 <tr valign="top" class="required">
231     <td align="right">
232         <label for="menuopt_deref"><?php print_string('auth_ldap_opt_deref_key', 'auth_ldap') ?></label>
233     </td>
234     <td>
235         <?php
236            $opt_deref = array();
237            $opt_deref[LDAP_DEREF_NEVER] = get_string('no');
238            $opt_deref[LDAP_DEREF_ALWAYS] = get_string('yes');
239            echo html_writer::select($opt_deref, 'opt_deref', $config->opt_deref, false);
240            if (isset($err['opt_deref'])) { echo $OUTPUT->error_text($err['opt_deref']); }
241         ?>
242     </td>
243     <td>
244         <?php print_string('auth_ldap_opt_deref', 'auth_ldap') ?>
245     </td>
246 </tr>
247 <tr valign="top" class="required">
248     <td align="right">
249         <label for="user_attribute"><?php print_string('auth_ldap_user_attribute_key', 'auth_ldap') ?></label>
250     </td>
251     <td>
252         <input name="user_attribute" id="user_attribute" type="text" size="30" value="<?php echo $config->user_attribute?>" />
253         <?php if (isset($err['user_attribute'])) { echo $OUTPUT->error_text($err['user_attribute']); } ?>
254     </td>
255     <td>
256         <?php print_string('auth_ldap_user_attribute', 'auth_ldap') ?>
257     </td>
258 </tr>
259 <tr valign="top" class="required">
260     <td align="right">
261         <label for="memberattribute"><?php print_string('auth_ldap_memberattribute_key', 'auth_ldap') ?></label>
262     </td>
263     <td>
264         <input name="memberattribute" id="memberattribute" type="text" size="30" value="<?php echo $config->memberattribute?>" />
265         <?php if (isset($err['memberattribute'])) { echo $OUTPUT->error_text($err['memberattribute']); } ?>
266     </td>
267     <td>
268         <?php print_string('auth_ldap_memberattribute', 'auth_ldap') ?>
269     </td>
270 </tr>
271 <tr valign="top" class="required">
272     <td align="right">
273         <label for="memberattribute_isdn"><?php print_string('auth_ldap_memberattribute_isdn_key', 'auth_ldap') ?></label>
274     </td>
275     <td>
276         <input name="memberattribute_isdn" id="memberattribute_isdn" type="text" size="30" value="<?php echo $config->memberattribute_isdn?>" />
277         <?php if (isset($err['memberattribute_isdn'])) { echo $OUTPUT->error_text($err['memberattribute_isdn']); } ?>
278     </td>
279     <td>
280         <?php print_string('auth_ldap_memberattribute_isdn', 'auth_ldap') ?>
281     </td>
282 </tr>
283 <tr valign="top" class="required">
284     <td align="right">
285         <label for="objectclass"><?php print_string('auth_ldap_objectclass_key', 'auth_ldap') ?></label>
286     </td>
287     <td>
288         <input name="objectclass" id="objectclass" type="text" size="30" value="<?php echo $config->objectclass?>" />
289         <?php if (isset($err['objectclass'])) { echo $OUTPUT->error_text($err['objectclass']); } ?>
290     </td>
291     <td>
292         <?php print_string('auth_ldap_objectclass', 'auth_ldap') ?>
293     </td>
294 </tr>
295 <tr>
296     <td colspan="2">
297         <h4><?php print_string('forcechangepassword', 'auth') ?></h4>
298     </td>
299 </tr>
300 <tr valign="top" class="required">
301     <td align="right" valign="top">
302         <label for="menuforcechangepassword"><?php print_string('forcechangepassword', 'auth') ?></label>
303     </td>
304     <td>
305         <?php echo html_writer::select($yesno, 'forcechangepassword', $config->forcechangepassword, false); ?>
306     </td>
307     <td align="left" valign="top">
308         <p><?php print_string('forcechangepasswordfirst_help', 'auth') ?></p>
309     </td>
310 </tr>
311 <tr valign="top" class="required">
312     <td align="right" valign="top">
313         <label for="menustdchangepassword"><?php print_string('stdchangepassword', 'auth') ?></label>
314     </td>
315     <td>
316         <?php echo html_writer::select($yesno, 'stdchangepassword', $config->stdchangepassword, false); ?>
317     </td>
318     <td align="left" valign="top">
319         <p><?php print_string('stdchangepassword_expl', 'auth') ?></p>
320         <p><?php print_string('stdchangepassword_explldap', 'auth') ?></p>
321     </td>
322 </tr>
323 <tr valign="top" class="required">
324     <td align="right">
325         <label for="menupasstype"><?php print_string('auth_ldap_passtype_key', 'auth_ldap') ?></label>
326     </td>
327     <td>
328         <?php
329             $passtype = array();
330             $passtype['plaintext'] = get_string('plaintext', 'auth');
331             $passtype['md5']       = get_string('md5', 'auth');
332             $passtype['sha1']      = get_string('sha1', 'auth');
333             echo html_writer::select($passtype, 'passtype', $config->passtype, false);
334         ?>
335     </td>
336     <td>
337         <?php print_string('auth_ldap_passtype', 'auth_ldap') ?>
338     </td>
339 </tr>
340 <tr valign="top">
341     <td align="right">
342         <label for="changepasswordurl"><?php print_string('auth_ldap_changepasswordurl_key', 'auth_ldap') ?></label>
343     </td>
344     <td>
345         <input name="changepasswordurl" id="changepasswordurl" type="text" value="<?php echo $config->changepasswordurl ?>" />
346         <?php if (isset($err['changepasswordurl'])) { echo $OUTPUT->error_text($err['changepasswordurl']); } ?>
347     </td>
348     <td>
349         <?php print_string('changepasswordhelp', 'auth') ?>
350     </td>
351 </tr>
352 <tr>
353     <td colspan="2">
354         <h4><?php print_string('auth_ldap_passwdexpire_settings', 'auth_ldap') ?></h4>
355     </td>
356 </tr>
357 <tr valign="top" class="required">
358     <td align="right">
359         <label for="menuexpiration"><?php print_string('auth_ldap_expiration_key', 'auth_ldap') ?></label>
360     </td>
361     <td>
362         <?php
363            $expiration = array();
364            $expiration['0'] = 'no';
365            $expiration['1'] = 'LDAP';
366            echo html_writer::select($expiration, 'expiration', $config->expiration, false);
367            if (isset($err['expiration'])) { echo $OUTPUT->error_text($err['expiration']); }
368         ?>
369     </td>
370     <td>
371         <?php print_string('auth_ldap_expiration_desc', 'auth_ldap') ?>
372     </td>
373 </tr>
374 <tr valign="top" class="required">
375     <td align="right">
376         <label for="expiration_warning"><?php print_string('auth_ldap_expiration_warning_key', 'auth_ldap') ?></label>
377     </td>
378     <td>
379         <input name="expiration_warning" id="expiration_warning" type="text" size="2" value="<?php echo $config->expiration_warning?>" />
380         <?php if (isset($err['expiration_warning'])) { echo $OUTPUT->error_text($err['expiration_warning']); } ?>
381     </td>
382     <td>
383         <?php print_string('auth_ldap_expiration_warning_desc', 'auth_ldap') ?>
384     </td>
385 </tr>
386 <tr valign="top" class="required">
387     <td align="right">
388         <label for="expireattr"><?php print_string('auth_ldap_expireattr_key', 'auth_ldap') ?></label>
389     </td>
390     <td>
391         <input name="expireattr" id="expireattr" type="text" size="30" value="<?php echo $config->expireattr?>" />
392         <?php if (isset($err['expireattr'])) { echo $OUTPUT->error_text($err['expireattr']); } ?>
393     </td>
394     <td>
395         <?php print_string('auth_ldap_expireattr_desc', 'auth_ldap') ?>
396     </td>
397 </tr>
398 <tr valign="top" class="required">
399     <td align="right">
400         <label for="menugracelogins"><?php print_string('auth_ldap_gracelogins_key', 'auth_ldap') ?></label>
401     </td>
402     <td>
403         <?php echo html_writer::select($yesno, 'gracelogins', $config->gracelogins, false); ?>
404     </td>
405     <td>
406         <?php print_string('auth_ldap_gracelogins_desc', 'auth_ldap') ?>
407     </td>
408 </tr>
409 <tr valign="top" class="required">
410     <td align="right">
411         <label for="graceattr"><?php print_string('auth_ldap_gracelogin_key', 'auth_ldap') ?></label>
412     </td>
413     <td>
414         <input name="graceattr" id="graceattr" type="text" size="30" value="<?php echo $config->graceattr?>" />
415         <?php if (isset($err['graceattr'])) { echo $OUTPUT->error_text($err['graceattr']); } ?>
416     </td>
417     <td>
418         <?php print_string('auth_ldap_graceattr_desc', 'auth_ldap') ?>
419     </td>
420 </tr>
421 <tr>
422     <td colspan="2">
423         <h4><?php print_string('auth_user_create', 'auth') ?></h4>
424     </td>
425 </tr>
426 <tr valign="top">
427     <td align="right">
428         <label for="menuauth_user_create"><?php print_string('auth_ldap_auth_user_create_key', 'auth_ldap') ?></label>
429     </td>
430     <td>
431         <?php echo html_writer::select($yesno, 'auth_user_create', $config->auth_user_create, false); ?>
432     </td>
433     <td>
434         <?php print_string('auth_user_creation', 'auth'); ?>
435     </td>
436 </tr>
437 <tr valign="top" class="required">
438     <td align="right">
439         <label for="create_context"><?php print_string('auth_ldap_create_context_key', 'auth_ldap') ?></label>
440     </td>
441     <td>
442         <input name="create_context" id="create_context" type="text" size="30" value="<?php echo $config->create_context?>" />
443         <?php if (isset($err['create_context'])) { echo $OUTPUT->error_text($err['create_context']); } ?>
444     </td>
445     <td>
446         <?php print_string('auth_ldap_create_context', 'auth_ldap') ?>
447     </td>
448 </tr>
449 <tr>
450     <td colspan="2">
451         <h4><?php print_string('coursecreators') ?></h4>
452     </td>
453 </tr>
454 <tr valign="top" class="required">
455     <td align="right">
456         <label for="creators"><?php print_string('auth_ldap_creators_key', 'auth_ldap') ?></label>
457     </td>
458     <td>
459         <input name="creators" id="creators" type="text" size="30" value="<?php echo $config->creators?>" />
460         <?php if (isset($err['creators'])) { echo $OUTPUT->error_text($err['creators']); } ?>
461     </td>
462     <td>
463         <?php print_string('auth_ldap_creators', 'auth_ldap') ?>
464     </td>
465 </tr>
466 <tr>
467     <td colspan="2">
468         <h4><?php print_string('auth_sync_script', 'auth') ?></h4>
469     </td>
470 </tr>
471 <tr valign="top">
472     <td align="right">
473         <label for="menuremoveuser"><?php print_string('auth_remove_user_key', 'auth') ?></label>
474     </td>
475     <td>
476         <?php
477             $deleteopt = array();
478             $deleteopt[AUTH_REMOVEUSER_KEEP] = get_string('auth_remove_keep', 'auth');
479             $deleteopt[AUTH_REMOVEUSER_SUSPEND] = get_string('auth_remove_suspend', 'auth');
480             $deleteopt[AUTH_REMOVEUSER_FULLDELETE] = get_string('auth_remove_delete', 'auth');
481             echo html_writer::select($deleteopt, 'removeuser', $config->removeuser, false);
482         ?>
483     </td>
484     <td>
485         <?php print_string('auth_remove_user', 'auth') ?>
486     </td>
487 </tr>
488 <tr>
489     <td colspan="2">
490         <h4><?php print_string('auth_ntlmsso', 'auth_ldap') ?></h4>
491     </td>
492 </tr>
493 <tr valign="top">
494     <td align="right">
495         <label for="menuntlmsso_enabled"><?php print_string('auth_ntlmsso_enabled_key', 'auth_ldap') ?></label>
496     </td>
497     <td>
498         <?php echo html_writer::select($yesno, 'ntlmsso_enabled', $config->ntlmsso_enabled, false); ?>
499     </td>
500     <td>
501         <?php print_string('auth_ntlmsso_enabled', 'auth_ldap') ?>
502     </td>
503 </tr>
504 <tr valign="top">
505     <td align="right">
506         <label for="ntlmsso_subnet"><?php print_string('auth_ntlmsso_subnet_key', 'auth_ldap') ?></label>
507     </td>
508     <td>
509         <input name="ntlmsso_subnet" id="ntlmsso_subnet" type="text" size="30" value="<?php p($config->ntlmsso_subnet) ?>" />
510     </td>
511     <td>
512         <?php print_string('auth_ntlmsso_subnet', 'auth_ldap') ?>
513     </td>
514 </tr>
515 <tr valign="top">
516     <td align="right">
517         <label for="menuntlmsso_ie_fastpath"><?php print_string('auth_ntlmsso_ie_fastpath_key', 'auth_ldap') ?></label>
518     </td>
519     <td>
520         <?php echo html_writer::select($yesno, 'ntlmsso_ie_fastpath', $config->ntlmsso_ie_fastpath, false); ?>
521     </td>
522     <td>
523     <?php print_string('auth_ntlmsso_ie_fastpath', 'auth_ldap') ?>
524     </td>
525 </tr>
526 <tr valign="top">
527     <td align="right">
528         <label for="menuntlmsso_type"><?php print_string('auth_ntlmsso_type_key', 'auth_ldap')?></label>
529     </td>
530     <td>
531         <?php
532             $types = array();
533             $types['ntlm'] = 'NTLM';
534             $types['kerberos'] = 'Kerberos';
535             echo html_writer::select($types, 'ntlmsso_type', $config->ntlmsso_type, false);
536         ?>
537     </td>
538     <td>
539         <?php print_string('auth_ntlmsso_type','auth_ldap') ?>
540     </td>
541 </tr>
542 <?php
543 $help  = get_string('auth_ldapextrafields', 'auth_ldap');
544 $help .= get_string('auth_updatelocal_expl', 'auth');
545 $help .= get_string('auth_fieldlock_expl', 'auth');
546 $help .= get_string('auth_updateremote_expl', 'auth');
547 $help .= '<hr />';
548 $help .= get_string('auth_updateremote_ldap', 'auth');
550 print_auth_lock_options($this->authtype, $user_fields, $help, true, true);
551 ?>
552 </table>