ldap_NS.pl

#!/usr/bin/perl -T

#
use strict;
use warnings FATAL => 'all';
use diagnostics;

use Data::Dumper;
use Config::IniFiles;
use File::Basename;

use Net::LDAP;

use CGI;
use CGI::Ajax;
use CGI::Cookie;
use CGI::FormBuilder;
use CGI::Session::ID::md5;
use CGI::Session qw/-ip_match/;
use CGI::Untaint;
use HTML::Template;

use Crypt::CBC;
use Crypt::Blowfish;
use Crypt::SmbHash;
use MIME::Base64;
use DateTime;

use lib ( new Config::IniFiles( -file => "/opt/etc/ini/global.ini" )->val( 'APPLICATION', 'LIBRARY' ) );

use SNET::access;
use SNET::common;
use SNET::html;
use SNET::ActiveDirectory;
use SNET::LdapNS qw(:all);

use Net::LDAP::Constant qw(
  LDAP_CONTROL_PASSWORDPOLICY
  LDAP_PP_PASSWORD_EXPIRED
  LDAP_PP_ACCOUNT_LOCKED
  LDAP_PP_CHANGE_AFTER_RESET
);

use SNET::Magic::MagicHash;

my $ldap_snmc;

my $homepage    = '/cgi-bin/auth/ldap_NS.pl';
my $sessiondir  = '/var/tmp/www-data/ldapns';
my $templatedir = '/opt/auth/cgi-bin/templates';

my ( $cgi, $params, $error, $message, $sid, $session, $key );
my ( $connected, $isAdmin, $userMustChange, $audit_user );
my $debug;

my $LOGIN;
my ( $TAB_HOME, $INFO, $PASSWD, $EXPIRED );
my ( $TAB_USERS, $USERINFOS, $DELUSER, $ADDUSER, $ADDUSERPROFILE, $MODUSER, $RESET );
my ( $TAB_GROUPS, $GROUPINFOS,  $DELGROUP,  $ADDGROUP,  $MODGROUP );
my ( $TAB_POLICY, $POLICYINFOS, $DELPOLICY, $ADDPOLICY, $MODPOLICY );

sub reconnect_ldap_snmc;
sub refresh_posixGroups;
sub refresh_userInfos;
sub reset_tab_actions;
sub display_passwd;

# used by check_remote_infos
my $authorized_ip = [qw(158.167.133.90 158.166.133.90 158.166.133.6 158.167.133.6 158.166.164.6 158.167.134.6 10.219.40.120 10.215.40.120)];