From: paca70 Date: Fri, 24 Sep 2004 07:14:44 +0000 (+0000) Subject: Added easy interface to specify ldap-attribute types and objectclasses. X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=ad95a28f2b61a097d2355268b392d5051c6d4ea4;p=moodle.git Added easy interface to specify ldap-attribute types and objectclasses. Just select ldap-server type and you are done. Old variables can still be used to override builtin settings. TRANSLATORS NOTICE: Some ldap-fields are now optional! --- diff --git a/lang/en/auth.php b/lang/en/auth.php index 58082e7b6e..e6b8e69986 100644 --- a/lang/en/auth.php +++ b/lang/en/auth.php @@ -1,7 +1,9 @@ -external database fields that you specify here.

If you leave these blank, then defaults will be used.

In either case, the user will be able to edit all of these fields after they log in.'; $string['auth_dbfieldpass'] = 'Name of the field containing passwords'; @@ -18,40 +20,39 @@ $string['auth_editlock'] = 'Lock value'; $string['auth_editlock_expl'] = '

Lock value: If enabled, will prevent Moodle users and admins from editing the field directly. Use this option if you are maintaining this data in the external auth system.

'; $string['auth_emaildescription'] = 'Email confirmation is the default authentication method. When the user signs up, choosing their own new username and password, a confirmation email is sent to the user\'s email address. This email contains a secure link to a page where the user can confirm their account. Future logins just check the username and password against the stored values in the Moodle database.'; $string['auth_emailtitle'] = 'Email-based authentication'; -$string['auth_fctitle'] = 'Use a FirstClass server'; +$string['auth_fccreators'] = 'List of groups whose members are allowed to create new courses. Separate multiple groups with \';\'. Names must be spelled exactly as on FirstClass server. System is case-sensitive.'; $string['auth_fcdescription'] = 'This method uses a FisrtClass server to check whether a given username and password is valid.'; -$string['auth_fchost'] = 'The FirstClass server address. Use the IP number or DNS name.'; $string['auth_fcfppport'] = 'Server port (3333 is the most common)'; -$string['auth_fcuserid'] = "Userid for FirstClass account with privilege 'Subadministrator' set."; +$string['auth_fchost'] = 'The FirstClass server address. Use the IP number or DNS name.'; $string['auth_fcpasswd'] = 'Password for the account above.'; -$string['auth_fccreators'] = "List of groups whose members are allowed to create new courses. Separate multiple groups with ';'. Names must be spelled exactly as on FirstClass server. System is case-sensitive."; +$string['auth_fctitle'] = 'Use a FirstClass server'; +$string['auth_fcuserid'] = 'Userid for FirstClass account with privilege \'Subadministrator\' set.'; $string['auth_imapdescription'] = 'This method uses an IMAP server to check whether a given username and password is valid.'; $string['auth_imaphost'] = 'The IMAP server address. Use the IP number, not DNS name.'; $string['auth_imapport'] = 'IMAP server port number. Usually this is 143 or 993.'; $string['auth_imaptitle'] = 'Use an IMAP server'; $string['auth_imaptype'] = 'The IMAP server type. IMAP servers can have different types of authentication and negotiation.'; -$string['auth_ldap_passwdexpire_settings'] = 'LDAP password expiration settings.'; -$string['auth_ldap_expiration_desc'] = 'Select No to disable expired password checking or LDAP to read passwordexpiration time directly from LDAP.Remeber to fill attribute name ldap_expireattr'; -$string['auth_ldap_expireattr_desc'] = 'Ldap-attribute what stores password expiration time asswordAxpirationTime'; -$string['auth_ldap_gracelogins_desc'] = 'Enable LDAP gracelogin support. After password has expired user can login until gracelogin count is 0. Enabling this setting displays grace login message if password is exprired.'; -$string['auth_ldap_graceattr_desc'] = 'LDAP gracelogin attribute'; -$string['auth_ldap_server_settings'] = 'LDAP server settings'; -$string['auth_ldap_bind_settings'] = 'Bind settings'; -$string['auth_ldap_user_settings'] = 'User lookup settings'; -$string['auth_ldap_login_settings'] = 'Login settings'; -$string['auth_common_settings'] = 'Common settings'; -$string['auth_data_mapping'] = 'Data mapping'; $string['auth_ldap_bind_dn'] = 'If you want to use bind-user to search users, specify it here. Someting like \'cn=ldapuser,ou=public,o=org\''; $string['auth_ldap_bind_pw'] = 'Password for bind-user.'; +$string['auth_ldap_bind_settings'] = 'Bind settings'; $string['auth_ldap_contexts'] = 'List of contexts where users are located. Separate different contexts with \';\'. For example: \'ou=users,o=org; ou=others,o=org\''; -$string['auth_ldap_create_context'] = 'If you enable user creation with email confirmation, specify the context where users are created. This context should be different from other users to prevent security issues. You don\'t need to add this context to ldap_context-variable, Moodle will search for users from this context automatically.
Note! You have to modify function auth_user_create() in file auth/ldap/lib.phpi to make usercreation work'; +$string['auth_ldap_create_context'] = 'If you enable user creation with email confirmation, specify the context where users are created. This context should be different from other users to prevent security issues. You don\'t need to add this context to ldap_context-variable, Moodle will search for users from this context automatically.
Note! You have to modify function auth_user_create() in file auth/ldap/lib.php to make user creation work'; $string['auth_ldap_creators'] = 'List of groups whose members are allowed to create new courses. Separate multiple groups with \';\'. Usually something like \'cn=teachers,ou=staff,o=myorg\''; +$string['auth_ldap_expiration_desc'] = 'Select No to disable expired password checking or LDAP to read passwordexpiration time directly from LDAP.Remeber to fill attribute name ldap_expireattr'; +$string['auth_ldap_expireattr_desc'] = 'Optional: overrides ldap-attribute what stores password expiration time asswordAxpirationTime'; +$string['auth_ldap_graceattr_desc'] = 'Optional: Overrides gracelogin attribute'; +$string['auth_ldap_gracelogins_desc'] = 'Enable LDAP gracelogin support. After password has expired user can login until gracelogin count is 0. Enabling this setting displays grace login message if password is exprired.'; $string['auth_ldap_host_url'] = 'Specify LDAP host in URL-form like \'ldap://ldap.myorg.com/\' or \'ldaps://ldap.myorg.com/\' Separate multipleservers with \';\' to get failover support. '; -$string['auth_ldap_memberattribute'] = 'Specify user member attribute, when users belongs to a group. Usually \'member\''; -$string['auth_ldap_search_sub'] = 'Put value <> 0 if you like to search users from subcontexts.'; -$string['auth_ldap_update_userinfo'] = 'Update user information (firstname, lastname, address..) from LDAP to Moodle. Look at /auth/ldap/attr_mappings.php for mapping information'; -$string['auth_ldap_user_attribute'] = 'The attribute used to name/search users. Usually \'cn\'.'; -$string['auth_ldap_objectclass'] = 'The filter used to name/search users. Usually you will set it to something like objectClass=posixAccount . Defaults to objectClass=* what will return all objects from LDAP.'; +$string['auth_ldap_login_settings'] = 'Login settings'; +$string['auth_ldap_memberattribute'] = 'Optional: Overrides user member attribute, when users belongs to a group. Usually \'member\''; +$string['auth_ldap_objectclass'] = 'Optional: Overrides objectClass used to name/search users on ldap_user_type. Usually you dont need to chage this.'; +$string['auth_ldap_passwdexpire_settings'] = 'LDAP password expiration settings.'; +$string['auth_ldap_search_sub'] = 'Put value <> 0 if you like to search users from subcontexts.'; +$string['auth_ldap_server_settings'] = 'LDAP server settings'; +$string['auth_ldap_update_userinfo'] = 'Update user information (firstname, lastname, address..) from LDAP to Moodle. Specify \"Data mapping\" settings as you need.'; +$string['auth_ldap_user_attribute'] = 'Optional: Overrides the attribute used to name/search users. Usually \'cn\'.'; +$string['auth_ldap_user_settings'] = 'User lookup settings'; +$string['auth_ldap_user_type'] = 'Select how users are stored in LDAP. This setting also specifies how login expiration, grace logins and user creation will work. '; $string['auth_ldap_version'] = 'The version of the LDAP protocol your server is using.'; $string['auth_ldapdescription'] = 'This method provides authentication against an external LDAP server. @@ -73,27 +74,31 @@ $string['auth_nntpport'] = 'Server port (119 is the most common)'; $string['auth_nntptitle'] = 'Use an NNTP server'; $string['auth_nonedescription'] = 'Users can sign in and create valid accounts immediately, with no authentication against an external server and no confirmation via email. Be careful using this option - think of the security and administration problems this could cause.'; $string['auth_nonetitle'] = 'No authentication'; -$string['auth_pamtitle'] = 'PAM (Pluggable Authentication Modules)'; $string['auth_pamdescription'] = 'This method uses PAM to access the native usernames on this server. You have to install PHP4 PAM Authentication in order to use this module.'; +$string['auth_pamtitle'] = 'PAM (Pluggable Authentication Modules)'; $string['auth_pop3description'] = 'This method uses a POP3 server to check whether a given username and password is valid.'; $string['auth_pop3host'] = 'The POP3 server address. Use the IP number, not DNS name.'; $string['auth_pop3mailbox'] = 'Name of the mailbox to attempt a connection with. (usually INBOX)'; $string['auth_pop3port'] = 'Server port (110 is the most common, 995 is common for SSL)'; $string['auth_pop3title'] = 'Use a POP3 server'; $string['auth_pop3type'] = 'Server type. If your server uses certificate security, choose pop3cert.'; -$string['auth_user_create'] = 'Enable user creation'; -$string['auth_user_creation'] = 'New (anonymous) users can create user accounts on the external authentication source and confirmed via email. If you enable this , remember to also configure module-specific options for user creation.'; -$string['auth_usernameexists'] = 'Selected username already exists. Please choose a new one.'; $string['auth_updatelocal'] = 'Update local data'; $string['auth_updatelocal_expl'] = '

Update local data: If enabled, the field will be updated (from external auth) every time the user logs in or there is a user synchronization. Fields set to update locally should be locked.

'; $string['auth_updateremote'] = 'Update external data'; $string['auth_updateremote_expl'] = '

Update external data: If enabled, the external auth will be updated when the user record is updated. Fields should be unlocked to allow edits.

'; $string['auth_updateremote_ldap'] = '

Note: Updating external LDAP data requires that you set binddn and bindpw to a bind-user with editing privileges to all the user records. It currently does not preserve multi-valued attributes, and will remove extra values on update.

'; +$string['auth_user_create'] = 'Enable user creation'; +$string['auth_user_creation'] = 'New (anonymous) users can create user accounts on the external authentication source and confirmed via email. If you enable this , remember to also configure module-specific options for user creation.'; +$string['auth_usernameexists'] = 'Selected username already exists. Please choose a new one.'; $string['authenticationoptions'] = 'Authentication options'; $string['authinstructions'] = 'Here you can provide instructions for your users, so they know which username and password they should be using. The text you enter here will appear on the login page. If you leave this blank then no instructions will be printed.'; $string['changepassword'] = 'Change password URL'; $string['changepasswordhelp'] = 'Here you can specify a location at which your users can recover or change their username/password if they\'ve forgotten it. This will be provided to users as a button on the login page and their user page. if you leave this blank the button will not be printed.'; $string['chooseauthmethod'] = 'Choose an authentication method: '; +$string['forcechangepassword'] = 'Force change password'; +$string['forcechangepassword_help'] = 'Force users to change password on their next login to Moodle.'; +$string['forcechangepasswordfirst_help'] = 'Force users to change password on their first login to Moodle.'; +$string['guestloginbutton'] = 'Guest login button'; $string['instructions'] = 'Instructions'; $string['md5'] = 'MD5 encryption'; $string['plaintext'] = 'Plain text'; @@ -101,8 +106,5 @@ $string['showguestlogin'] = 'You can hide or show the guest login button on the $string['stdchangepassword'] = 'Use standard Change Password Page'; $string['stdchangepassword_expl'] = 'If the external authentication system allows password changes through Moodle, switch this to Yes. This setting overrides \'Change Password URL\'.'; $string['stdchangepassword_explldap'] = 'NOTE: It is recommended that you use LDAP over an SSL encrypted tunnel (ldaps://) if the LDAP server is remote.'; -$string['forcechangepassword'] = 'Force change password'; -$string['forcechangepassword_help'] = 'Force users to change password on their next login to Moodle.';$string['guestloginbutton'] = 'Guest login button'; -$string['forcechangepasswordfirst_help'] = 'Force users to change password on their first login to Moodle.';$string['guestloginbutton'] = 'Guest login button'; ?>