PHP application to manage a QmailLDAP server etc
PHP JavaScript HTML CSS Perl Shell Other
Switch branches/tags
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
debian
demo
doc
images
include
jscalendar
schemas
scripts
tables
tmp
tools
translations
validateEmailFormat-1.0
.cvsignore
.gitignore
.version
.version.old
CHANGES
DEBUGGING.txt
INSTALL
Makefile
README
TODO
WARNING.txt
bind9_add.php
bind9_del.php
bind9_edit_attributes.php
config_detail.php
config_edit_attribute.php
config_ldap.php
config_ldaptest.php
config_ppolicy_add.php
config_radius_add.php
config_template_add.php
config_template_del.php
control.php
control_add_server.php
control_cat.php
control_del.php
control_detail.php
control_edit_attribute.php
dhcp3_add.php
dhcp3_del.php
dhcp3_edit_attributes.php
domain_add.php
domain_add_form.php
domain_del.php
domain_detail.php
domain_edit_attributes.php
dump_object.php
ezmlm.php
ezmlm_add.php
ezmlm_del.php
ezmlm_detail.php
ezmlm_edit_attribute.php
header.html
home.php
host_add.php
host_copy.php
host_del.php
host_detail.php
host_edit_attribute.php
host_modify.php
index.php
index2.php
left-base.php
left-control.php
left-ezmlm.php
left-head.html
left-trailer.html
left.php
search.php
status_ldap.php
sudo_add.php
sudo_detail.php
sudo_modify.php
trailer.html
unit_add.php
unit_del.php
user_add.php
user_add_attribute.php
user_add_missing_attributes.php
user_del.php
user_del_attribute.php
user_detail.php
user_edit_attribute.php
user_search.php
user_sendmail.php
websrv_add.php
websrv_edit_attributes.php

README

This is called phpQLAdmin because originally this software was written
by adfinis GmbH (Bern, Switzerland) - http://adfinis-sygroup.ch/ and
was intended to only manage mail information in use by QmailLDAP -
http://www.lifewithqmail.org/ldap/.

I started writing patches and additions to this in 2001/2002, but at
the at the end of October 2002, I took it over officially becaue they
had no real interest in it and my intention with where this could go
where to big for them.


It now manages most IT services needed, all configured and stored in
an LDAP server - only OpenLDAP have been verified to work, but it
should be possible to configure it to be used with any LDAP server due
to it's modular and highly configurable design.

It now (as of 2013) supports the following services:

   * DNS zones (Bind9 tested and verified)
   * Mailinglists (ezmlm)
   * Apache virtual hosts configuration
   * SimScan (anti virus/spam)
   * Host ACL (allowing/disallowing users
     from certain hosts), sudo, automount
   * Sudo information
   * Automount information
   * RADIUS data
   * Samba shares and access
   * DHCP3 'shares'

   * UNIX user information
     Information such as shell, homedirectory, gecos - first and last
     name and it also supports full user information such as role and/or
     organization, title, telephone and address information including
     the possibility to have a photo stored on the user(s) if this is
     needed/wanted.

   * Access Control Information
     This is access rules stored in the database object itself).

   * User templates
     Controlling how/what a 'user' is to phpQLAdmin can be defined by
     creating a global User Template, where objectclass are selected
     (and any attribues required - MUST is highlighted and required when
     creating a user using that template) and encryption scheme. Then to
     create a user, one only selects that template, and all required
     options are asked for in the Create User link.

   * Password policies
     This is an OpenLDAP overlay to make sure that passwords (and the
     corresponding LDAP authentication) conform to a certain rule/standard
     set (length, strenght, expiration, history etc).

   * Mailserver information (QmailLDAP/Controls)
     Due to it's original intention to be a tool for QmailLDAP, with
     my own patch (QmailLDAP/Controls) to have the qmail control information
     in LDAP as well, phpQLAdmin naturally gives you the oppurtunity to manage
     that from the same tool as well.

   * OpenLDAP cn=config backend manager
     Currently (Feb 2013), one can only VIEW the information, but editing
     will require more work before it can be officially released. It is
     however already possible to view the LDAP access logs (and search within
     them!), view the LDAP schema information (matching rules, attributes and
     objectclasses etc) in a simple and easy to understand format. It (phpQLAdmin)
     can also give you LDAP status information (such as version, startup time,
     uptime and a range of LDAP connection information, including number of binds,
     adds, deletes, searches etc, etc).


Defaults (for users and branches) could be set globaly or for
individual branch(es). Such defaults includes base homedirectory,
automatic username and email generation (when creating a user), quota,
password scheme, minimum UID/GID number, maximum allowed
users/mailinglists allowed in branch, default user template, how to
generate a username/mail address within the branch/globaly etc.


Since this is (was) a (intended) to be a tool for an ISP or larger
organization, distributing access (allowing certain users more or less
access) globally, branch wise or on individuall user(s) is
possible. For example, one could give one user access to only modify
one branch ("it's branch"), not seeing any other. In this branch they
could have full access, or limited access (such as access to the DNS
information, mailinglists and/or the apache virtual hosts). This is of
course more of interessts in ISPs, where one customer can give one (or
more) employees full access to the company branch, but although this
was phpQLAdmins original purpose, I have personaly deployed it in
smaller organizations with only a handfull users, only managing the
UNIX information.



As stated above, phpQLAdmin is fully customizable and modular -
enabling or disabling a module is a simple click-an-icon in the global
configuration page. However, a special schema needs to be loaded,
access controls needs to be tailored somewhat (more so if this will be
an ISP tool with distributed access) and  User templates and/or
password policies needs to be created and default information needs to
be defined, so it's not something done on a coffey break.

phpQLAdmin is also fully localized, meaning that you can have it in
any language you like, if English or Brazilian Portuguese (might be
behind in translation) is not your fortee.

It can be somewhat cumbersome to setup to fully utilize all it's
functionality. Unfortunatly, documentation is somewhat lacking, but
enouch information is there to be able to set it up for basic use
within minutes. To fully utilize ALL it's functioanlity and strength
require a little more knowledge but most info should be in the
documentation.  I hope. If not, "ask and it will be reveiled" :)


I will be more than happy/willing to accept patches, improvenments
(especially regarding the documentation and/or setup examples) and/or
wish lists. If you like to contribute code, just fork the phpQLAdmin
repository on github and then send me a Pull Request when you have
something to share and I will be (very!) happy to take a look at it.

Although, at times there is long between updates or commits, this in
no way means the project is dead! It just means that I have not had
any bugs or wishlists to fix...


/Turbo Fredriksson