diff --git a/client/WEB-INF/classes/resources/messages.properties b/client/WEB-INF/classes/resources/messages.properties
index 492b46ee8b4..49e8b50386e 100644
--- a/client/WEB-INF/classes/resources/messages.properties
+++ b/client/WEB-INF/classes/resources/messages.properties
@@ -2133,6 +2133,10 @@ label.every=Every
label.day=Day
label.of.month=of month
label.add.private.gateway=Add Private Gateway
+label.link.domain.to.ldap=Link Domain to LDAP
+message.link.domain.to.ldap=Enable autosync for this domain in LDAP
+label.ldap.link.type=Type
+label.account.type=Account Type
message.desc.created.ssh.key.pair=Created a SSH Key Pair.
message.please.confirm.remove.ssh.key.pair=Please confirm that you want to remove this SSH Key Pair
message.password.has.been.reset.to=Password has been reset to
diff --git a/setup/db/db/schema-452to460.sql b/setup/db/db/schema-452to460.sql
index bf0c5c5e3ae..3ca066015f4 100644
--- a/setup/db/db/schema-452to460.sql
+++ b/setup/db/db/schema-452to460.sql
@@ -406,7 +406,7 @@ CREATE TABLE `cloud`.`ldap_trust_map` (
`name` varchar(255) NOT NULL,
`account_type` int(1) unsigned NOT NULL,
PRIMARY KEY (`id`),
- UNIQUE KEY `uk_ldap_trust_map__domain_id` (`id`),
+ UNIQUE KEY `uk_ldap_trust_map__domain_id` (`domain_id`),
KEY `fk_ldap_trust_map__domain_id` (`domain_id`),
CONSTRAINT `fk_ldap_trust_map__domain_id` FOREIGN KEY (`domain_id`) REFERENCES `domain` (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
diff --git a/ui/css/cloudstack3.css b/ui/css/cloudstack3.css
index 60ac9ca4d64..e7c93be3b6b 100644
--- a/ui/css/cloudstack3.css
+++ b/ui/css/cloudstack3.css
@@ -12851,6 +12851,14 @@ div.ui-dialog div.autoscaler div.field-group div.form-container form div.form-it
background-position: -230px -677px;
}
+.linktoldap .icon {
+ background-position: -197px -65px;
+}
+
+.linktoldap:hover .icon {
+ background-position: -197px -647px;
+}
+
.label-hovered {
cursor: pointer;
color: #0000FF !important;
diff --git a/ui/dictionary2.jsp b/ui/dictionary2.jsp
index d415266bce6..66faa0d0619 100644
--- a/ui/dictionary2.jsp
+++ b/ui/dictionary2.jsp
@@ -1066,6 +1066,10 @@ under the License.
'label.ovm3.vip': '',
'label.local.file': '',
'label.local.storage.enabled.system.vms': '',
+'label.link.domain.to.ldap': '',
+'message.link.domain.to.ldap': '',
+'label.ldap.link.type': '',
+'label.account.type': ''
'label.create.ssh.key.pair': '',
'label.fingerprint': '',
'label.host.tag': '',
diff --git a/ui/scripts/docs.js b/ui/scripts/docs.js
index 809c398cd2f..ed6ab0c938c 100755
--- a/ui/scripts/docs.js
+++ b/ui/scripts/docs.js
@@ -1317,5 +1317,16 @@ cloudStack.docs = {
helpOvm3Vip: {
desc: 'The VIP used by the pool and cluster',
externalLink: ''
+ },
+ helpLdapGroupName: {
+ desc: 'Fully qualified name of OU/GROUP in LDAP',
+ externalLink: ''
+ },
+ helpLdapGroupType: {
+ desc: 'Type of LDAP name provided. Can be either GROUP/OU',
+ externalLink: ''
+ },
+ helpLdapLinkDomainAdmin: {
+ desc: 'domain admin of the linked domain. Specify a username in GROUP/OU of LDAP'
}
};
diff --git a/ui/scripts/domains.js b/ui/scripts/domains.js
index 7f8220e7c0c..dcec93d53f4 100644
--- a/ui/scripts/domains.js
+++ b/ui/scripts/domains.js
@@ -313,6 +313,109 @@
}
},
+ linktoldap: {
+ label: 'label.link.domain.to.ldap',
+
+ action: function(args) {
+ var data = {
+ domainid: args.context.domains[0].id,
+ type: args.data.type,
+ name: args.data.name,
+ accounttype: args.data.accounttype
+ };
+
+ if (args.data.admin != null && args.data.admin.length > 0) {
+ $.extend(data, {
+ admin: args.data.admin
+ });
+ }
+
+ $.ajax({
+ url: createURL('linkDomainToLdap'),
+ data: data,
+ success: function(json) {
+ var item = json.linkdomaintoldapresponse.LinkDomainToLdap.domainid;
+ args.response.success({
+ data: item
+ });
+ },
+ error: function(XMLHttpResponse) {
+ var errorMsg = parseXMLHttpResponse(XMLHttpResponse);
+ args.response.error(errorMsg);
+ }
+ });
+ },
+
+ messages: {
+ notification: function(args) {
+ return 'label.link.domain.to.ldap';
+ }
+ },
+
+ createForm: {
+ title: 'label.link.domain.to.ldap',
+ desc: 'message.link.domain.to.ldap',
+ fields: {
+ type: {
+ label: 'label.ldap.link.type',
+ docID: 'helpLdapGroupType',
+ validation: {
+ required: true
+ },
+ select: function(args) {
+ var items = [];
+ items.push({
+ id: "GROUP",
+ description: "GROUP"
+ }); //regular-user
+ items.push({
+ id: "OU",
+ description: "OU"
+ }); //root-admin
+ args.response.success({
+ data: items
+ });
+ }
+ },
+ name: {
+ label: 'label.name',
+ docID: 'helpLdapGroupName',
+ validation: {
+ required: true
+ }
+ },
+ accounttype: {
+ label: 'label.account.type',
+ docID: 'helpAccountType',
+ validation: {
+ required: true
+ },
+ select: function(args) {
+ var items = [];
+ items.push({
+ id: 0,
+ description: "Normal User"
+ }); //regular-user
+ items.push({
+ id: 2,
+ description: "Domain Admin"
+ }); //root-admin
+ args.response.success({
+ data: items
+ });
+ }
+ },
+ admin: {
+ label: 'label.domain.admin',
+ docID: 'helpLdapLinkDomainAdmin',
+ validation: {
+ required: false
+ }
+ }
+ }
+ }
+ },
+
updateResourceCount: {
label: 'label.action.update.resource.count',
messages: {
@@ -652,6 +755,9 @@
if (jsonObj.level != 0) { //ROOT domain (whose level is 0) is not allowed to delete
allowedActions.push("delete");
}
+ if(isLdapEnabled()) {
+ allowedActions.push("linktoldap")
+ }
} else if (isDomainAdmin()) {
if (args.context.domains[0].id != g_domainid) {
allowedActions.push("edit"); //merge updateResourceLimit into edit