/**
* objects_to_delete($delip,$childauDN,$cchild_array)
* Liefert die durch eine Rücknahme einer IP Delegierung betroffenen Host/DHCP-Objekte der Child-AU
* und Child-Child-AUs in einem Array. Dieses enthaelt fuer jedes Objekt dessen Distinguished Name,
* dessen IP Adresse(n)/Range(s) und den Distinguished Name der AU der das Objekt angehoert. Parameter
* die fuer die Funktionen delete_ip_host(), delete_ip_range() Benoetigt werden.
*
* @param string delip IP Bereich der geloescht wird
* @param string childauDN Distinguished Name des untergeordneten (Child) LDAP AU-Objektes
* @param array cchild_array Array von allen Child-Child-AUs (jedes Item enthaelt DN und MaxIPBlock)
*
* @return array objects_to_delete Array aller betroffenen Objekte (DN, IP, auDN)
*
* @author Tarik Gasmi
*/
function objects_to_delete($delip, $childauDN, $cchild_array)
{
global $ds, $suffix, $ldapError;
# Hosts von child-AU, child-child-AU
$chosts = get_hosts($childauDN, array("dn", "ipaddress"));
# print_r($chosts);printf("<br><br>");
$cchosts = array();
foreach ($cchild_array as $item) {
$cchostsitem = get_hosts($item['dn'], array("dn", "ipaddress"));
foreach ($cchostsitem as $item2) {
$cchosts[] = $item2;
}
}
$chosts = array_merge($chosts, $cchosts);
# print_r($chosts);printf("<br><br>");
# Subnets von child-AU, child-child-AU
$csubnets = get_subnets($childauDN, array("cn"));
# print_r($csubnets);printf("<br><br>");
$ccsubnets = array();
foreach ($cchild_array as $item) {
$ccsubnetsitem = get_dhcppools($item['dn'], array("dn", "dhcprange"));
foreach ($ccsubnetsitem as $item2) {
$ccsubnets[] = $item2;
}
}
$csubnets = array_merge($csubnets, $ccsubnets);
# print_r($csubnets);printf("<br><br>");
# Pools von child-AU, child-child-AU
$cpools = get_dhcppools($childauDN, array("dn", "dhcprange"));
# print_r($csubnets);printf("<br><br>");
$ccpools = array();
foreach ($cchild_array as $item) {
$ccpoolsitem = get_dhcppools($item['dn'], array("dn", "dhcprange"));
foreach ($ccpoolsitem as $item2) {
$ccpools[] = $item2;
}
}
$cpools = array_merge($cpools, $ccpools);
# print_r($csubnets);printf("<br><br>");
# Zu loeschende Hosts bestimmen
$chosts_todo = array();
foreach ($delip as $delipitem) {
if (count($chosts) != 0) {
foreach ($chosts as $item) {
if (count($item['ipaddress']) > 1) {
foreach ($item['ipaddress'] as $item2) {
if (intersect_ipranges($delipitem, $item2) != false) {
$chosts_todo[] = array('dn' => $item['dn'], 'ip' => $item['ipaddress'], 'auDN' => $item['auDN']);
}
}
} elseif (count($item['ipaddress']) == 1) {
if (intersect_ipranges($delipitem, $item['ipaddress']) != false) {
$chosts_todo[] = array('dn' => $item['dn'], 'ip' => $item['ipaddress'], 'auDN' => $item['auDN']);
}
}
}
}
}
# print_r($chosts_todo);printf("<br><br>");
# Zu loeschende Subnets bestimmen, und wie IP Range anzupassen ist
$csubnets_todo = array();
foreach ($delip as $delipitem) {
if (count($csubnets) != 0) {
foreach ($csubnets as $item) {
$subnetip = $item['cn'] . "_" . $item['cn'];
# print_r(intersect_ipranges($delipitem,$subnetip));
if (intersect_ipranges($delipitem, $subnetip) != false) {
$csubnets_todo[] = array('dn' => $item['dn'], 'ip' => $subnetip, 'auDN' => $item['auDN']);
}
}
}
}
# print_r($csubnets_todo);printf("<br><br>");
# Zu loeschende Pools bestimmen, und wie IP Range anzupassen ist
$cpools_todo = array();
foreach ($delip as $delipitem) {
if (count($cpools) != 0) {
foreach ($cpools as $item) {
if (count($item['dhcprange']) > 1) {
foreach ($item['dhcprange'] as $item2) {
# print_r(intersect_ipranges($delipitem,$item2));
if (intersect_ipranges($delipitem, $item2) != false) {
$cpools_todo[] = array('dn' => $item['dn'], 'delrange' => $item2['dhcprange'], 'auDN' => $item['auDN']);
}
}
} elseif (count($item['dhcprange']) == 1) {
# print_r(intersect_ipranges($delipitem,$item['dhcprange']));
if (intersect_ipranges($delipitem, $item['dhcprange']) != false) {
$cpools_todo[] = array('dn' => $item['dn'], 'delrange' => $item['dhcprange'], 'auDN' => $item['auDN']);
}
}
}
}
}
# print_r($csubnets_todo);printf("<br><br>");
$objects_to_delete = array('hostips' => $chosts_todo, 'subnetips' => $csubnets_todo, 'dhcpranges' => $cpools_todo);
return $objects_to_delete;
}
function delete_childau($childDN, $childou, $delmodus)
{
global $ds, $suffix, $auDN, $domDN, $assocdom, $ldapError;
if ($delmodus == "integrate") {
# Associated DNS Domain integrieren
$childdc = get_domain_data($childDN, array("dn", "associatedname"));
print_r($childdc);
echo "<br>";
# wenn einzige AU dann einfach in Parentdomain aufnehmen und betroffene Einträge löschen
if (count($childdc[0]['associatedname']) == 1) {
echo "einzige AU<br>";
# dc Childs verschieben
$dcchilds = get_dc_childs($childdc[0]['dn'], array("dn", "dc"));
# print_r($dcchilds); echo "<br>";
if (count($dcchilds) != 0) {
foreach ($dcchilds as $dcc) {
# print_r($dcc['dn']); echo " >> "; print_r("dc=".$dcc['dc'].",".$domDN); echo "<br>";
if (move_subtree($dcc['dn'], "dc=" . $dcc['dc'] . "," . $domDN)) {
$newdom = $dcc['dc'] . "." . $assocdom;
#print_r($newdom); echo "<br><br>";
dive_into_dctree_adapt("dc=" . $dcc['dc'] . "," . $domDN, $newdom);
}
}
}
# alten dc-Knoten löschen
dive_into_tree_del($childdc[0]['dn'], "");
}
# wenn noch andere AUs in der Domain, dann nur betroffene Einträge entfernen
if (count($childdc[0]['associatedname']) > 1) {
echo "mehrere AUs<br>";
# ChildAU-Rollen unterhalb dc-Knoten löschen (nur diese)(oder übernehmen: MA zu HA, HA zu HA)
$roles = get_roles($childDN);
#print_r($roles); echo "<br>";
# was ist wenn rollen nur noch ein member haben ... fehler
if (count($roles['MainAdmin']) != 0) {
$mainadmins = $roles['MainAdmin'];
for ($i = 0; $i < count($mainadmins); $i++) {
$entryRoleMain['member'][$i] = $mainadmins[$i];
}
#print_r($entryRoleHost); echo "<br>";
$resultMA = ldap_mod_del($ds, "cn=MainAdmin,cn=roles," . $childdc[0]['dn'], $entryRoleMain);
}
if (count($roles['HostAdmin']) != 0) {
$hostadmins = $roles['HostAdmin'];
for ($i = 0; $i < count($hostadmins); $i++) {
$entryRoleHost['member'][$i] = $hostadmins[$i];
}
#print_r($entryRoleHost); echo "<br>";
$resultHA = ldap_mod_del($ds, "cn=HostAdmin,cn=roles," . $childdc[0]['dn'], $entryRoleHost);
}
if (count($roles['ZoneAdmin']) != 0) {
$zoneadmins = $roles['ZoneAdmin'];
for ($i = 0; $i < count($zoneadmins); $i++) {
$entryRoleZone['member'][$i] = $zoneadmins[$i];
}
$resultZA = ldap_mod_del($ds, "cn=ZoneAdmin,cn=roles," . $childdc[0]['dn'], $entryRoleZone);
}
$entrydel['associatedname'] = $childDN;
# print_r($entrydel); echo "<br>";
ldap_mod_del($ds, $childdc[0]['dn'], $entrydel);
$zentries = get_zone_entries_assocname($childdc[0]['dn'], array("dn"), $childDN);
# print_r($zentries); echo "<br>";
foreach ($zentries as $ze) {
# print_r($ze['dn']); echo "<br>";
ldap_delete($ds, $ze['dn']);
}
}
# Rechner (mit IP) + dranhängende MCs, PXEs verschieben
$hosts = get_hosts($childDN, array("dn", "hostname"));
if (count($hosts) != 0) {
foreach ($hosts as $host) {
# print_r($host['dn']); echo "<br>";
# print_r($host['hostname']); echo "<br>";
# print_r("hostname=".$host['hostname']."-int-".$childou.",cn=computers,".$auDN); echo "<br><br>";
if (move_subtree($host['dn'], "hostname=" . $host['hostname'] . "-ex-" . $childou . ",cn=computers," . $auDN)) {
$newhostDN = "hostname=" . $host['hostname'] . "-ex-" . $childou . ",cn=computers," . $auDN;
$dhcp = get_node_data($newhostDN, array("dhcphlpcont"));
# print_r($dhcp); echo "<br>";
if ($dhcp['dhcphlpcont'] != "") {
$entrydel['dhcphlpcont'] = array();
$entrydel['objectclass'] = "dhcpHost";
# print_r($dhcphlpcont);
ldap_mod_del($ds, $newhostDN, $entrydel);
}
}
}
}
# DHCP Objekte IP Ranges löschen
$subnets = get_subnets($childDN, array("dn"));
# print_r($subnets); echo "<br>";
if (count($subnets) != 0) {
foreach ($subnets as $subnet) {
# print_r($subnet['dn']); echo "<br>";
delete_ip_dhcprange($subnet['dn'], $childDN);
}
}
# DHCP Pools auch noch
# Freie IP Bereiche zurücknehmen
$fipb_array = get_freeipblocks_au($childDN);
# print_r($fipb_array); echo "<br>";
# print_r(count($fipb_array)); echo "<br>";
if (count($fipb_array) == 1 && $fipb_array[0] != "") {
$entry_ipblock['freeipblock'] = $fipb_array[0];
# print_r($entry_ipblock); echo "<br>";
ldap_mod_add($ds, $auDN, $entry_ipblock);
}
if (count($fipb_array) > 1) {
foreach ($fipb_array as $fipb) {
$entry_ipblock['FreeIPBlock'][] = $fipb;
# print_r($entry_ipblock); echo "<br>";
ldap_mod_add($ds, $auDN, $entry_ipblock);
}
}
merge_ipranges($auDN);
# Verschieben der Childs an neue Stelle
$child_childs = get_childau($childDN, array("dn", "ou"));
# print_r($child_childs); echo "<br>";
if (count($child_childs) != 0) {
foreach ($child_childs as $cc) {
$child_childDN = $cc['dn'];
$newccDN = "ou=" . $cc['ou'] . "," . $auDN;
# print_r($child_childDN); echo " >> ";
# print_r($newccDN); echo "<br>";
if (move_subtree($child_childDN, $newccDN)) {
adjust_dn_entries($child_childDN, $newccDN);
}
}
}
# Löschen des AU Knotens
dive_into_tree_del($childDN, "");
$mesg = "<br>Erfolgreich gelöscht mit Integration<br>";
return $mesg;
}
if ($delmodus == "complete") {
# IP Bereiche zurück
# DNS Teilbaum Objekte löschen
# alles rekursive löschen
/*if (dive_into_tree_del($dcDN,"")){
$delentry ['objectclass'] = "domainrelatedobject";
$delentry ['associateddomain'] = $domsuffix;
#print_r($delentry); echo "<br>";
$delresult = ldap_mod_del($ds,$childDN,$delentry);
if ($delresult){
$mesg = "Domain komplett gelöscht<br>";
}else{$mesg = "Fehler! ldap_mod_del<br>";}
}else{$mesg = "Fehler! dive_into_tree_del<br>";}
*/
$mesg = "Komplettes löschen mometan noch nicht unterstützt.<br>\n\t\t\t\t\tNur eine Ebene mit Integration ...<br>";
return $mesg;
}
}