The backend has supported the 'mode' parameter for quite a while,
however it has not yet been exposed in the GUI, contrary to PMG
and PBS.
The benefit of 'mode' is that it supports LDAP, LDAPS and LDAP via
STARTTLS, compared to just LDAP/LDAPS for the 'secure' parameter.
The modified AuthEdit{LDAP,AD} panel will now automatically migrate
to the new paramter by hooking into onGetValues/onSetValues.
Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
...when editing LDAP realm sync settings and only a single property is
empty and thus to be deleted (e.g. values.delete = "filter").
If `delete` is a simple string and not an array,
`PVE.Utils.delete_if_default` simply creates a comma-separated list,
(e.g. value.delete = "filter,sync-attributes").
When the properties from the other panel are evaluated and added to the
the `delete` property, comma-separated list format is not considered,
leading to a final value for `delete` that could look like this:
value.delete = {
"server2",
"comment",
"filter,sync-attributes"
}
This commit fixes this by splitting `delete` in case it is a string.
Reported-by: Friedrich Weber <f.weber@proxmox.com>
Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
Tested-by: Friedrich Weber <f.weber@proxmox.com>
and label it correctly. The 'Properties' option was mislabeled,
it means 'remove vanished fields from synced users', not 'remove
fields from vanished users'.
So don't couple that with the 'Entries' option, and update the label
to convey the right meaning.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Use fieldsets, which are just way nicer for grouping these things.
Disable the "remove properties" checkbox if we'd remove the whole
user anyway.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
in default sync options and the sync window. We do this by exposing
the individual flags as checkboxes. We get the mapped value from the
backend so we do not have to handle 'old' values here.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
we cannot pass 'delete' on create api call, and we have to make
sure that 'default_opts' and 'sync_attributes' are alwyas available,
since they are used in onGetValues
(they were only created during setValues, which is not called
when adding a new realm)
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
this modifies AuthEditBase so that if there is a sync inputpanel specified,
we display it in a second tab (we need to modify the bodyPadding here,
else the whole window has too much padding)
we use the same panel for both ldap/ad, since the most options behave
the same (except for user_attribute, but the default for AD is
sAMAccount which i think is good enough for now, users can still
override it in the cli)
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
similar to storage/Base.js so that we have the different
RealmTypes in different inputpanels
this will come in handy when we define sync options
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
