echo "\tsetadlogin username password domain\n";
echo "\tsetclientgroup groupname - change the group membership requirements for client's with AD\n";
echo "\tsetadmingroup groupname - change the group membership requirements for admin's with AD\n";
- echo "\tprovision username [HOTP|TOTP] [KEY]- provision the user \"username\"\n";
+ echo "\tprovisiontoken username [HOTP|TOTP] [KEY] - provision the user \"username\"\n";
+ echo "\tassign username tokenid - assign a hardware token to a user\n";
+ echo "\taddtoken token_name token_key token_type - adds a hardware token to the DB\n";
+ echo "\tgethwtokens - gets a list of hardware tokens by token_name\n";
echo "\tgetusers [admin|client] [part-of-username] [yes] - get user list with admin or client group, part of a username and return only those with tokens (yes)\n";
echo "\tdeleteuser username - deletes the key for the specified user\n";
echo "\n";
echo "Resetting AD admin group details failed\n";
}
break;
- case "provision":
+ case "assign":
$username = $argv[2];
+ $tokenid = $argv[3];
+ $ret = $myga->MSG_ASSIGN_TOKEN($username, $tokenid);
+ break;
+ case "gethwtokens":
+ $ret = $myga->MSG_GET_HARDWARE();
+ foreach($ret as $tok) {
+ echo "Token, ".$tok["name"]." is of type ".$tok["type"]."\n";
+ }
+ break;
+ case "addtoken":
+ $tokenid = $argv[2];
+ $tokenkey = $argv[3];
+ $tokentype = $argv[4];
+ $ret = $myga->MSG_ADD_HARDWARE($tokenid, $tokenkey, $tokentype);
+ break;
+ case "provisiontoken":
+ $username = $argv[2];
+ $ttype = "";
+ $tkey = "";
+ if(isset($argv[3])) $ttype = $argv[3];
+ if(isset($argv[4])) $tkey = $argv[4];
+ $ret = $myga->MSG_PROVISION_USER($username, $ttype, $tkey);
break;
case "getusers":
$group = "client";
if(isset($argv[3])) $partof = $argv[3];
if(isset($argv[4])) $onlytokens = $argv[4];
$ret = $myga->MSG_GET_USERS($group, $partof, $onlytokens);
- foreach($ret as $user => $real) {
- echo "$real ($user)\n";
+ foreach($ret as $key => $val) {
+ $real = $val["realname"];
+ $user = $val["username"];
+ $hastok = "";
+ if($val["hastoken"]) {
+ $hastok = " * ";
+ }
+ echo "$hastok$real ($user)\n";
}
break;
case "deleteuser":