--- loncom/interface/domainprefs.pm	2016/12/05 00:51:53	1.284
+++ loncom/interface/domainprefs.pm	2017/07/18 16:03:08	1.302
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Handler to set domain-wide configuration settings
 #
-# $Id: domainprefs.pm,v 1.284 2016/12/05 00:51:53 raeburn Exp $
+# $Id: domainprefs.pm,v 1.302 2017/07/18 16:03:08 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -19,14 +19,15 @@
 #
 # You should have received a copy of the GNU General Public License
 # along with LON-CAPA; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA#
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+#
 # /home/httpd/html/adm/gpl.txt
 #
 # http://www.lon-capa.org/
 #
 #
 ###############################################################
-##############################################################
+###############################################################
 
 =pod
 
@@ -219,6 +220,19 @@ sub handler {
                 'coursedefaults','usersessions','loadbalancing',
                 'requestauthor','selfenrollment','inststatus',
                 'ltitools','ssl','trust'],$dom);
+    if (ref($domconfig{'ltitools'}) eq 'HASH') {
+        my %encconfig =
+            &Apache::lonnet::get_dom('encconfig',['ltitools'],$dom);
+        if (ref($encconfig{'ltitools'}) eq 'HASH') {
+            foreach my $id (keys(%{$domconfig{'ltitools'}})) {
+                if (ref($domconfig{'ltitools'}{$id}) eq 'HASH') {
+                    foreach my $item ('key','secret') {
+                        $domconfig{'ltitools'}{$id}{$item} = $encconfig{'ltitools'}{$id}{$item};
+                    }
+                }
+            }
+        }
+    }
     my @prefs_order = ('rolecolors','login','defaults','quotas','autoenroll',
                        'autoupdate','autocreate','directorysrch','contacts',
                        'usercreation','selfcreation','usermodification','scantron',
@@ -264,6 +278,8 @@ sub handler {
                       help => 'Domain_Configuration_LangTZAuth',
                       header => [{col1 => 'Setting',
                                   col2 => 'Value'},
+                                 {col1 => 'Internal Authentication',
+                                  col2 => 'Value'},
                                  {col1 => 'Institutional user types',
                                   col2 => 'Assignable to e-mail usernames'}],
                       print => \&print_defaults,
@@ -317,10 +333,14 @@ sub handler {
                     modify => \&modify_directorysrch,
                   },
         'contacts' =>
-                  { text => 'Contact Information',
+                  { text => 'E-mail addresses and helpform',
                     help => 'Domain_Configuration_Contact_Info',
-                    header => [{col1 => 'Setting',
-                                col2 => 'Value',}],
+                    header => [{col1 => 'Default e-mail addresses',
+                                col2 => 'Value',},
+                               {col1 => 'Recipient(s) for notifications',
+                                col2 => 'Value',},
+                               {col1 => 'Ask helpdesk form settings',
+                                col2 => 'Value',},],
                     print => \&print_contacts,
                     modify => \&modify_contacts,
                   },
@@ -481,7 +501,7 @@ sub handler {
                  },
         'ltitools' => 
                  {text => 'External Tools (LTI)',
-                  help => 'Domain_configuration_LTI_Tools',
+                  help => 'Domain_Configuration_LTI_Tools',
                   header => [{col1 => 'Setting',
                               col2 => 'Value',}],
                   print => \&print_ltitools,
@@ -494,6 +514,8 @@ sub handler {
                               col2 => 'Certificate Status'},
                              {col1 => 'Connections to other servers',
                               col2 => 'Rules'},
+                             {col1 => 'Connections from other servers',
+                              col2 => 'Rules'},
                              {col1 => "Replicating domain's published content",
                               col2 => 'Rules'}],
                   print => \&print_ssl,
@@ -576,6 +598,9 @@ $javascript_validations
 $coursebrowserjs
 END
         }
+        if (grep(/^contacts$/,@actions)) {
+            $js .= &contacts_javascript();
+        }
         &Apache::lonconfigsettings::display_settings($r,$dom,$phase,$context,\@prefs_order,\%prefs,\%domconfig,$confname,$js);
     } else {
 # check if domconfig user exists for the domain.
@@ -665,7 +690,7 @@ sub process_changes {
     } elsif ($action eq 'autocreate') {
         $output = &modify_autocreate($dom,%domconfig);
     } elsif ($action eq 'directorysrch') {
-        $output = &modify_directorysrch($dom,%domconfig);
+        $output = &modify_directorysrch($dom,$lastactref,%domconfig);
     } elsif ($action eq 'usercreation') {
         $output = &modify_usercreation($dom,%domconfig);
     } elsif ($action eq 'selfcreation') {
@@ -687,7 +712,7 @@ sub process_changes {
     } elsif ($action eq 'requestauthor') {
         $output = &modify_quotas($r,$dom,$action,$lastactref,%domconfig);
     } elsif ($action eq 'helpsettings') {
-        $output = &modify_helpsettings($r,$dom,$confname,%domconfig);
+        $output = &modify_helpsettings($r,$dom,$confname,$lastactref,%domconfig);
     } elsif ($action eq 'coursedefaults') {
         $output = &modify_coursedefaults($dom,$lastactref,%domconfig);
     } elsif ($action eq 'selfenrollment') {
@@ -766,7 +791,8 @@ sub print_config_box {
         if (($action eq 'autoupdate') || ($action eq 'usercreation') || ($action eq 'selfcreation') ||
             ($action eq 'usermodification') || ($action eq 'defaults') || ($action eq 'coursedefaults') ||
             ($action eq 'selfenrollment') || ($action eq 'usersessions') || ($action eq 'ssl') ||
-            ($action eq 'directorysrch') || ($action eq 'trust') || ($action eq 'helpsettings')) {
+            ($action eq 'directorysrch') || ($action eq 'trust') || ($action eq 'helpsettings') ||
+            ($action eq 'contacts')) {
             $output .= $item->{'print'}->('top',$dom,$settings,\$rowtotal);
         } elsif ($action eq 'coursecategories') {
             $output .= $item->{'print'}->('top',$dom,$item,$settings,\$rowtotal);
@@ -797,7 +823,7 @@ sub print_config_box {
         if (($action eq 'autoupdate') || ($action eq 'usercreation') ||
             ($action eq 'selfcreation') || ($action eq 'selfenrollment') ||
             ($action eq 'usersessions') || ($action eq 'coursecategories') || 
-            ($action eq 'ssl') || ($action eq 'trust')) {
+            ($action eq 'trust') || ($action eq 'contacts') || ($action eq 'defaults')) {
             if ($action eq 'coursecategories') {
                 $output .= &print_coursecategories('middle',$dom,$item,$settings,\$rowtotal);
                 $colspan = ' colspan="2"';
@@ -857,6 +883,28 @@ sub print_config_box {
                  ($action eq 'defaults') || ($action eq 'directorysrch') ||
                  ($action eq 'helpsettings')) {
             $output .= $item->{'print'}->('bottom',$dom,$settings,\$rowtotal);
+        } elsif ($action eq 'ssl') {
+            $output .= $item->{'print'}->('connto',$dom,$settings,\$rowtotal).'
+            </table>
+          </td>
+         </tr>
+         <tr>
+           <td>
+            <table class="LC_nested">
+             <tr class="LC_info_row">
+              <td class="LC_left_item"'.$colspan.'>'.&mt($item->{'header'}->[2]->{'col1'}).'</td>
+              <td class="LC_right_item"'.$colspan.'>'.&mt($item->{'header'}->[2]->{'col2'}).'</td></tr>'.
+                           $item->{'print'}->('connfrom',$dom,$settings,\$rowtotal).'
+            </table>
+          </td>
+         </tr>
+         <tr>
+           <td>
+            <table class="LC_nested">
+             <tr class="LC_info_row">
+              <td class="LC_left_item"'.$colspan.'>'.&mt($item->{'header'}->[3]->{'col1'}).'</td>
+              <td class="LC_right_item"'.$colspan.'>'.&mt($item->{'header'}->[3]->{'col2'}).'</td></tr>'.
+                           $item->{'print'}->('bottom',$dom,$settings,\$rowtotal);
         } elsif ($action eq 'login') {
             if ($numheaders == 4) {
                 $output .= &print_login('page',$dom,$confname,$phase,$settings,\$rowtotal).'
@@ -1013,8 +1061,8 @@ sub print_config_box {
         if ($action eq 'quotas') {
             $output .= &print_quotas($dom,$settings,\$rowtotal,$action);
         } elsif (($action eq 'autoenroll') || ($action eq 'autocreate') || 
-                 ($action eq 'contacts') || ($action eq 'serverstatuses') || 
-                 ($action eq 'loadbalancing') || ($action eq 'ltitools')) {
+                 ($action eq 'serverstatuses') || ($action eq 'loadbalancing') || 
+                 ($action eq 'ltitools')) {
             $output .= $item->{'print'}->($dom,$settings,\$rowtotal);
         } elsif ($action eq 'scantron') {
             $output .= &print_scantronformat($r,$dom,$confname,$settings,\$rowtotal);
@@ -2944,107 +2992,259 @@ sub print_directorysrch {
 }
 
 sub print_contacts {
-    my ($dom,$settings,$rowtotal) = @_;
+    my ($position,$dom,$settings,$rowtotal) = @_;
     my $datatable;
     my @contacts = ('adminemail','supportemail');
-    my (%checked,%to,%otheremails,%bccemails);
-    my @mailings = ('errormail','packagesmail','lonstatusmail','helpdeskmail',
-                    'requestsmail','updatesmail','idconflictsmail');
-    foreach my $type (@mailings) {
-        $otheremails{$type} = '';
-    }
-    $bccemails{'helpdeskmail'} = '';
-    if (ref($settings) eq 'HASH') {
-        foreach my $item (@contacts) {
-            if (exists($settings->{$item})) {
-                $to{$item} = $settings->{$item};
+    my (%checked,%to,%otheremails,%bccemails,%includestr,%includeloc,%currfield,
+        $maxsize,$fields,$fieldtitles,$fieldoptions,$possoptions,@mailings);
+    if ($position eq 'top') {
+        if (ref($settings) eq 'HASH') {
+            foreach my $item (@contacts) {
+                if (exists($settings->{$item})) {
+                    $to{$item} = $settings->{$item};
+                }
             }
         }
+    } elsif ($position eq 'middle') {
+        @mailings = ('errormail','packagesmail','lonstatusmail','requestsmail',
+                     'updatesmail','idconflictsmail');
         foreach my $type (@mailings) {
-            if (exists($settings->{$type})) {
-                if (ref($settings->{$type}) eq 'HASH') {
-                    foreach my $item (@contacts) {
-                        if ($settings->{$type}{$item}) {
-                            $checked{$type}{$item} = ' checked="checked" ';
+            $otheremails{$type} = '';
+        }
+    } else {
+        @mailings = ('helpdeskmail','otherdomsmail');
+        foreach my $type (@mailings) {
+            $otheremails{$type} = '';
+        }
+        $bccemails{'helpdeskmail'} = '';
+        $bccemails{'otherdomsmail'} = '';
+        $includestr{'helpdeskmail'} = '';
+        $includestr{'otherdomsmail'} = '';
+        ($fields,$fieldtitles,$fieldoptions,$possoptions) = &helpform_fields();
+    }
+    if (ref($settings) eq 'HASH') {
+        unless ($position eq 'top') {
+            foreach my $type (@mailings) {
+                if (exists($settings->{$type})) {
+                    if (ref($settings->{$type}) eq 'HASH') {
+                        foreach my $item (@contacts) {
+                            if ($settings->{$type}{$item}) {
+                                $checked{$type}{$item} = ' checked="checked" ';
+                            }
+                        }
+                        $otheremails{$type} = $settings->{$type}{'others'};
+                        if (($type eq 'helpdeskmail') || ($type eq 'otherdomsmail')) {
+                            $bccemails{$type} = $settings->{$type}{'bcc'};
+                            if ($settings->{$type}{'include'} ne '') {
+                                ($includeloc{$type},$includestr{$type}) = split(/:/,$settings->{$type}{'include'},2);
+                                $includestr{$type} = &unescape($includestr{$type});
+                            }
                         }
                     }
-                    $otheremails{$type} = $settings->{$type}{'others'};
-                    if ($type eq 'helpdeskmail') {
-                        $bccemails{$type} = $settings->{$type}{'bcc'};
+                } elsif ($type eq 'lonstatusmail') {
+                    $checked{'lonstatusmail'}{'adminemail'} = ' checked="checked" ';
+                }
+            }
+        }
+        if ($position eq 'bottom') {
+            foreach my $type (@mailings) {
+                $bccemails{$type} = $settings->{$type}{'bcc'};
+                if ($settings->{$type}{'include'} ne '') {
+                    ($includeloc{$type},$includestr{$type}) = split(/:/,$settings->{$type}{'include'},2);
+                    $includestr{$type} = &unescape($includestr{$type});
+                }
+            }
+            if (ref($settings->{'helpform'}) eq 'HASH') {
+                if (ref($fields) eq 'ARRAY') {
+                    foreach my $field (@{$fields}) {
+                        $currfield{$field} = $settings->{'helpform'}{$field};
+                    }
+                }
+                if (exists($settings->{'helpform'}{'maxsize'})) {
+                    $maxsize = $settings->{'helpform'}{'maxsize'};
+                } else {
+                    $maxsize = '1.0';
+                }
+            } else {
+                if (ref($fields) eq 'ARRAY') {
+                    foreach my $field (@{$fields}) {
+                        $currfield{$field} = 'yes';
                     }
                 }
-            } elsif ($type eq 'lonstatusmail') {
-                $checked{'lonstatusmail'}{'adminemail'} = ' checked="checked" ';
+                $maxsize = '1.0';
             }
         }
     } else {
-        $to{'supportemail'} = $Apache::lonnet::perlvar{'lonSupportEMail'};
-        $to{'adminemail'} = $Apache::lonnet::perlvar{'lonAdmEMail'};
-        $checked{'errormail'}{'adminemail'} = ' checked="checked" ';
-        $checked{'packagesmail'}{'adminemail'} = ' checked="checked" ';
-        $checked{'helpdeskmail'}{'supportemail'} = ' checked="checked" ';
-        $checked{'lonstatusmail'}{'adminemail'} = ' checked="checked" '; 
-        $checked{'requestsmail'}{'adminemail'} = ' checked="checked" ';
-        $checked{'updatesmail'}{'adminemail'} = ' checked="checked" ';
-        $checked{'idconflictsmail'}{'adminemail'} = ' checked="checked" ';
+        if ($position eq 'top') {
+            $to{'supportemail'} = $Apache::lonnet::perlvar{'lonSupportEMail'};
+            $to{'adminemail'} = $Apache::lonnet::perlvar{'lonAdmEMail'};
+            $checked{'errormail'}{'adminemail'} = ' checked="checked" ';
+            $checked{'packagesmail'}{'adminemail'} = ' checked="checked" ';
+            $checked{'lonstatusmail'}{'adminemail'} = ' checked="checked" ';
+            $checked{'requestsmail'}{'adminemail'} = ' checked="checked" ';
+            $checked{'updatesmail'}{'adminemail'} = ' checked="checked" ';
+            $checked{'idconflictsmail'}{'adminemail'} = ' checked="checked" ';
+        } elsif ($position eq 'bottom') {
+            $checked{'helpdeskmail'}{'supportemail'} = ' checked="checked" ';
+            $checked{'otherdomsmail'}{'supportemail'} = ' checked="checked" ';
+            if (ref($fields) eq 'ARRAY') {
+                foreach my $field (@{$fields}) {
+                    $currfield{$field} = 'yes';
+                }
+            }
+            $maxsize = '1.0';
+        }
     }
     my ($titles,$short_titles) = &contact_titles();
     my $rownum = 0;
     my $css_class;
-    foreach my $item (@contacts) {
-        $css_class = $rownum%2?' class="LC_odd_row"':'';
-        $datatable .= '<tr'.$css_class.'>'. 
-                  '<td><span class="LC_nobreak">'.$titles->{$item}.
-                  '</span></td><td class="LC_right_item">'.
-                  '<input type="text" name="'.$item.'" value="'.
-                  $to{$item}.'" /></td></tr>';
-        $rownum ++;
+    if ($position eq 'top') {
+        foreach my $item (@contacts) {
+            $css_class = $rownum%2?' class="LC_odd_row"':'';
+            $datatable .= '<tr'.$css_class.'>'. 
+                          '<td><span class="LC_nobreak">'.$titles->{$item}.
+                          '</span></td><td class="LC_right_item">'.
+                          '<input type="text" name="'.$item.'" value="'.
+                          $to{$item}.'" /></td></tr>';
+            $rownum ++;
+        }
+    } else {
+        foreach my $type (@mailings) {
+            $css_class = $rownum%2?' class="LC_odd_row"':'';
+            $datatable .= '<tr'.$css_class.'>'.
+                          '<td><span class="LC_nobreak">'.
+                          $titles->{$type}.': </span></td>'.
+                          '<td class="LC_left_item">';
+            if (($type eq 'helpdeskmail') || ($type eq 'otherdomsmail')) {
+                $datatable .= '<fieldset><legend>'.&mt('E-mail recipient(s)').'</legend>';
+            }
+            $datatable .= '<span class="LC_nobreak">';
+            foreach my $item (@contacts) {
+                $datatable .= '<label>'.
+                              '<input type="checkbox" name="'.$type.'"'.
+                              $checked{$type}{$item}.
+                              ' value="'.$item.'" />'.$short_titles->{$item}.
+                              '</label>&nbsp;';
+            }
+            $datatable .= '</span><br />'.&mt('Others').':&nbsp;&nbsp;'.
+                          '<input type="text" name="'.$type.'_others" '.
+                          'value="'.$otheremails{$type}.'"  />';
+            my %locchecked;
+            if (($type eq 'helpdeskmail') || ($type eq 'otherdomsmail')) {
+                foreach my $loc ('s','b') {
+                    if ($includeloc{$type} eq $loc) {
+                        $locchecked{$loc} = ' checked="checked"';
+                        last;
+                    }
+                }
+                $datatable .= '<br />'.&mt('Bcc:').('&nbsp;'x6).
+                              '<input type="text" name="'.$type.'_bcc" '.
+                              'value="'.$bccemails{$type}.'"  /></fieldset>'.
+                              '<fieldset><legend>'.&mt('Optional added text').'</legend>'.
+                              &mt('Text automatically added to e-mail:').' '.
+                              '<input type="text" name="'.$type.'_includestr" value="'.$includestr{$type}.'" /><br >'.
+                              '<span class="LC_nobreak">'.&mt('Location:').'&nbsp;'.
+                              '<label><input type="radio" name="'.$type.'_includeloc" value="s"'.$locchecked{'s'}.' />'.&mt('in subject').'</label>'.
+                              ('&nbsp;'x2).
+                              '<label><input type="radio" name="'.$type.'_includeloc" value="b"'.$locchecked{'b'}.' />'.&mt('in body').'</label>'.
+                              '</span></fieldset>';
+            }
+            $datatable .= '</td></tr>'."\n";
+            $rownum ++;
+        }
     }
-    foreach my $type (@mailings) {
+    if ($position eq 'middle') {
+        my %choices;
+        $choices{'reporterrors'} = &mt('E-mail error reports to [_1]',
+                                       &Apache::loncommon::modal_link('http://loncapa.org/core.html',
+                                       &mt('LON-CAPA core group - MSU'),600,500));
+        $choices{'reportupdates'} = &mt('E-mail record of completed LON-CAPA updates to [_1]',
+                                        &Apache::loncommon::modal_link('http://loncapa.org/core.html',
+                                        &mt('LON-CAPA core group - MSU'),600,500));
+        my @toggles = ('reporterrors','reportupdates');
+        my %defaultchecked = ('reporterrors'  => 'on',
+                              'reportupdates' => 'on');
+        (my $reports,$rownum) = &radiobutton_prefs($settings,\@toggles,\%defaultchecked,
+                                                   \%choices,$rownum);
+        $datatable .= $reports;
+    } elsif ($position eq 'bottom') {
         $css_class = $rownum%2?' class="LC_odd_row"':'';
         $datatable .= '<tr'.$css_class.'>'.
-                      '<td><span class="LC_nobreak">'.
-                      $titles->{$type}.': </span></td>'.
-                      '<td class="LC_left_item">'.
-                      '<span class="LC_nobreak">';
-        foreach my $item (@contacts) {
-            $datatable .= '<label>'.
-                          '<input type="checkbox" name="'.$type.'"'.
-                          $checked{$type}{$item}.
-                          ' value="'.$item.'" />'.$short_titles->{$item}.
-                          '</label>&nbsp;';
-        }
-        $datatable .= '</span><br />'.&mt('Others').':&nbsp;&nbsp;'.
-                      '<input type="text" name="'.$type.'_others" '.
-                      'value="'.$otheremails{$type}.'"  />';
-        if ($type eq 'helpdeskmail') {
-            $datatable .= '<br />'.&mt('Bcc:').('&nbsp;'x6).
-                          '<input type="text" name="'.$type.'_bcc" '.
-                          'value="'.$bccemails{$type}.'"  />';
+                      '<td>'.&mt('Extra helpdesk form fields:').'<br />'.
+                      &mt('(e-mail, subject, and description always shown)').
+                      '</td><td class="LC_left_item">';
+        if ((ref($fields) eq 'ARRAY') && (ref($fieldtitles) eq 'HASH') &&
+            (ref($fieldoptions) eq 'HASH') && (ref($possoptions) eq 'HASH')) {
+            $datatable .= '<table><tr><th>'.&mt('Field').'</th><th>'.&mt('Status').'</th></tr>';
+            foreach my $field (@{$fields}) {
+                $datatable .= '<tr><td>'.$fieldtitles->{$field};
+                if (($field eq 'screenshot') || ($field eq 'cc')) {
+                    $datatable .= ' '.&mt('(logged-in users)');
+                }
+                $datatable .='</td><td>';
+                my $clickaction;
+                if ($field eq 'screenshot') {
+                    $clickaction = ' onclick="screenshotSize(this);"';
+                }
+                if (ref($possoptions->{$field}) eq 'ARRAY') {
+                    foreach my $option (@{$possoptions->{$field}}) {
+                        my $checked;
+                        if ($currfield{$field} eq $option) {
+                            $checked = ' checked="checked"';
+                        }
+                        $datatable .= '<span class="LC_nobreak"><label>'.
+                                      '<input type="radio" name="helpform_'.$field.'" '.
+                                      'value="'.$option.'"'.$checked.$clickaction.' />'.$fieldoptions->{$option}.
+                                      '</label></span>'.('&nbsp;'x2);
+                    }
+                }
+                if ($field eq 'screenshot') {
+                    my $display;
+                    if ($currfield{$field} eq 'no') {
+                        $display = ' style="display:none"';
+                    }
+                    $datatable .= '</td></tr><tr id="help_screenshotsize"'.$display.' />'.
+                                  '<td>'.&mt('Maximum size for upload (MB)').'</td><td>'.
+                                  '<input type="text" size="5" name="helpform_maxsize" value="'.$maxsize.'" />';
+                }
+                $datatable .= '</td></tr>';
+            }
+            $datatable .= '</table>';
         }
         $datatable .= '</td></tr>'."\n";
         $rownum ++;
     }
-    my %choices;
-    $choices{'reporterrors'} = &mt('E-mail error reports to [_1]',
-                                   &Apache::loncommon::modal_link('http://loncapa.org/core.html',
-                                   &mt('LON-CAPA core group - MSU'),600,500));
-    $choices{'reportupdates'} = &mt('E-mail record of completed LON-CAPA updates to [_1]',
-                                    &Apache::loncommon::modal_link('http://loncapa.org/core.html',
-                                    &mt('LON-CAPA core group - MSU'),600,500));
-    my @toggles = ('reporterrors','reportupdates');
-    my %defaultchecked = ('reporterrors'  => 'on',
-                          'reportupdates' => 'on');
-    (my $reports,$rownum) = &radiobutton_prefs($settings,\@toggles,\%defaultchecked,
-                                               \%choices,$rownum);
-    $datatable .= $reports;
     $$rowtotal += $rownum;
     return $datatable;
 }
 
+sub contacts_javascript {
+    return <<"ENDSCRIPT";
+
+<script type="text/javascript">
+// <![CDATA[
+
+function screenshotSize(field) {
+    if (document.getElementById('help_screenshotsize')) {
+        if (field.value == 'no') {
+            document.getElementById('help_screenshotsize').style.display="none";
+        } else {
+            document.getElementById('help_screenshotsize').style.display="";
+        }
+    }
+    return;
+}
+
+// ]]>
+</script>
+
+ENDSCRIPT
+}
+
 sub print_helpsettings {
     my ($position,$dom,$settings,$rowtotal) = @_;
     my $confname = $dom.'-domainconfig';
+    my $formname = 'display';
     my ($datatable,$itemcount);
     if ($position eq 'top') {
         $itemcount = 1;
@@ -3060,20 +3260,71 @@ sub print_helpsettings {
     } else {
         my $css_class;
         my %existing=&Apache::lonnet::dump('roles',$dom,$confname,'rolesdef_');
-        my %customroles;
-        foreach my $key (keys(%existing)) {
+        my (%customroles,%ordered,%current);
+        if (ref($settings) eq 'HASH') {
+            if (ref($settings->{'adhoc'}) eq 'HASH') {
+                %current = %{$settings->{'adhoc'}};
+            }
+        }
+        my $count = 0;
+        foreach my $key (sort(keys(%existing))) {
             if ($key=~/^rolesdef\_(\w+)$/) {
                 my $rolename = $1;
-                my %privs;
+                my (%privs,$order);
                 ($privs{'system'},$privs{'domain'},$privs{'course'}) = split(/\_/,$existing{$key});
                 $customroles{$rolename} = \%privs;
+                if (ref($current{$rolename}) eq 'HASH') {
+                    $order = $current{$rolename}{'order'};
+                }
+                if ($order eq '') {
+                    $order = $count;
+                }
+                $ordered{$order} = $rolename;
+                $count++;
             }
         }
-        my $count = 0;
+        my $maxnum = scalar(keys(%ordered));
+        my @roles_by_num = ();
+        foreach my $item (sort {$a <=> $b } (keys(%ordered))) {
+            push(@roles_by_num,$item);
+        }
         my $context = 'domprefs';
         my $crstype = 'Course';
-        foreach my $role (sort(keys(%customroles))) {
-            my $prefix = 'custhelp'.$count;
+        my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom);
+        my @accesstypes = ('all','dh','da','none');
+        my ($numstatustypes,@jsarray);
+        if (ref($types) eq 'ARRAY') {
+            if (@{$types} > 0) {
+                $numstatustypes = scalar(@{$types});
+                push(@accesstypes,'status');
+                @jsarray = ('bystatus');
+            }
+        }
+        my %domhelpdesk = &Apache::lonnet::get_active_domroles($dom,['dh','da']);
+        if (keys(%domhelpdesk)) {
+            push(@accesstypes,('inc','exc'));
+            push(@jsarray,('notinc','notexc'));
+        }
+        my $hiddenstr = join("','",@jsarray);
+        $datatable .= &helpsettings_javascript(\@roles_by_num,$maxnum,$hiddenstr,$formname);
+        my $context = 'domprefs';
+        my $crstype = 'Course';
+        my $prefix = 'helproles_';
+        my $add_class = 'LC_hidden';
+        foreach my $num (@roles_by_num) {
+            my $role = $ordered{$num};
+            my ($desc,$access,@statuses);
+            if (ref($current{$role}) eq 'HASH') {
+                $desc = $current{$role}{'desc'};
+                $access = $current{$role}{'access'};
+                if (ref($current{$role}{'insttypes'}) eq 'ARRAY') {
+                    @statuses = @{$current{$role}{'insttypes'}};
+                }
+            }
+            if ($desc eq '') {
+                $desc = $role;
+            }
+            my $identifier = 'custhelp'.$num;
             my %full=();
             my %levels= (
                          course => {},
@@ -3088,18 +3339,32 @@ sub print_helpsettings {
             &Apache::lonuserutils::custom_role_privs($customroles{$role},\%full,\%levels,\%levelscurrent);
             my @templateroles = &Apache::lonuserutils::custom_template_roles($context,$crstype);
             $css_class = $itemcount%2?' class="LC_odd_row"':'';
-            $datatable .= '<tr '.$css_class.'><td><label>'.
-                          '<input type="checkbox" name="modifycusthelp" value="'.$count.'" />'.
-                          '<input type="hidden" name="custhelprole'.$count.'" value="'.$role.'" />'. 
-                          &mt('Modify').'</label></td>'.
-                          '<td>'.&mt('Existing helpdesk role:').'&nbsp;'.
-                          '<b>'.$role.'</b><br />'.
-                          &Apache::lonuserutils::custom_role_header($context,$crstype,
-                                                                    \@templateroles,$prefix).
+            my $chgstr = ' onchange="javascript:reorderHelpRoles(this.form,'."'helproles_".$num."_pos'".');"';
+            $datatable .= '<tr '.$css_class.'><td valign="top"><b>'.$role.'</b><br />'.
+                          '<select name="helproles_'.$num.'_pos"'.$chgstr.'>';
+            for (my $k=0; $k<=$maxnum; $k++) {
+                my $vpos = $k+1;
+                my $selstr;
+                if ($k == $num) {
+                    $selstr = ' selected="selected" ';
+                }
+                $datatable .= '<option value="'.$k.'"'.$selstr.'>'.$vpos.'</option>';
+            }
+            $datatable .= '</select>'.('&nbsp;'x2).
+                          '<input type="hidden" name="helproles_'.$num.'" value="'.$role.'" />'.
+                          '</td>'.
+                          '<td><fieldset><legend>'.&mt('Role name').'</legend>'.
+                          &mt('Name shown to users:').
+                          '<input type="text" name="helproles_'.$num.'_desc" value="'.$desc.'" />'.
+                          '</fieldset>'.
+                          &helpdeskroles_access($dom,$prefix,$num,$add_class,$current{$role},\@accesstypes,
+                                                $othertitle,$usertypes,$types,\%domhelpdesk).
+                          '<fieldset>'.
+                          '<legend>'.&mt('Role privileges').&adhocbutton($prefix,$num,'privs','show').'</legend>'.
                           &Apache::lonuserutils::custom_role_table($crstype,\%full,\%levels,
-                                                                   \%levelscurrent,$prefix).
-                          '<br /></td>';
-            $count ++;
+                                                                   \%levelscurrent,$identifier,
+                                                                   'LC_hidden',$prefix.$num.'_privs').
+                          '</fieldset></td>';
             $itemcount ++;
         }
         $css_class = $itemcount%2?' class="LC_odd_row"':'';
@@ -3113,25 +3378,252 @@ sub print_helpsettings {
                     );
         &Apache::lonuserutils::custom_role_privs(\%privs,\%full,\%levels,\%levelscurrent);
         my @templateroles = &Apache::lonuserutils::custom_template_roles($context,$crstype);
-        $datatable .= '<tr '.$css_class.'><td><span class="LC_nobreak"><label>'.
+        my $chgstr = ' onchange="javascript:reorderHelpRoles(this.form,'."'helproles_".$count."_pos'".');"';
+        $datatable .= '<tr '.$css_class.'><td valign="top"><span class="LC_nobreak"><label>'.
+                      '<input type="hidden" name="helproles_maxnum" value="'.$maxnum.'" />'."\n".
+                      '<select name="helproles_'.$count.'_pos"'.$chgstr.'>';
+        for (my $k=0; $k<$maxnum+1; $k++) {
+            my $vpos = $k+1;
+            my $selstr;
+            if ($k == $maxnum) {
+                $selstr = ' selected="selected" ';
+            }
+            $datatable .= '<option value="'.$k.'"'.$selstr.'>'.$vpos.'</option>';
+        }
+        $datatable .= '</select>&nbsp;'."\n".
                       '<input type="checkbox" name="newcusthelp" value="'.$count.'" />'. &mt('Add').
                       '</label></span></td>'.
-                      '<td><span class="LC_nobreak">'.
-                      '<b>'.&mt('Name of new helpdesk role:').'</b>&nbsp;'.
-                      '<input type="text" size="20" name="newcusthelpname" value="" />'.
-                      '</span><br />'.
+                      '<td><fieldset><legend>'.&mt('Role name').'</legend>'.
+                      '<span class="LC_nobreak">'.
+                      &mt('Internal name:').
+                      '<input type="text" size="10" name="custhelpname'.$count.'" value="" />'.
+                      '</span>'.('&nbsp;'x4).
+                      '<span class="LC_nobreak">'.
+                      &mt('Name shown to users:').
+                      '<input type="text" size="20" name="helproles_'.$count.'_desc" value="" />'.
+                      '</span></fieldset>'.
+                       &helpdeskroles_access($dom,$prefix,$count,'',undef,\@accesstypes,$othertitle,
+                                             $usertypes,$types,\%domhelpdesk).
+                      '<fieldset><legend>'.&mt('Role privileges').'</legend>'.
                       &Apache::lonuserutils::custom_role_header($context,$crstype,
                                                                 \@templateroles,$newcust).
                       &Apache::lonuserutils::custom_role_table('Course',\%full,\%levels,
                                                                \%levelscurrent,$newcust).
-                      '<br /><br />'.
-                      '</td></tr>';
+                      '</fieldset></td></tr>';
         $count ++;
         $$rowtotal += $count;
     }
     return $datatable;
 }
 
+sub adhocbutton {
+    my ($prefix,$num,$field,$visibility) = @_;
+    my %lt = &Apache::lonlocal::texthash(
+                                          show => 'Show details',
+                                          hide => 'Hide details',
+                                        );
+    return '<span style="text-decoration:line-through; font-weight: normal;">'.('&nbsp;'x10).
+           '</span>'.('&nbsp;'x2).'<input type="button" id="'.$prefix.$num.'_'.$field.'_vis"'.
+           ' value="'.$lt{$visibility}.'" style="height:20px;" '.
+           'onclick="toggleHelpdeskItem('."'$num','$field'".');" />'.('&nbsp;'x2);
+}
+
+sub helpsettings_javascript {
+    my ($roles_by_num,$total,$hiddenstr,$formname) = @_;
+    return unless(ref($roles_by_num) eq 'ARRAY');
+    my %html_js_lt = &Apache::lonlocal::texthash(
+                                          show => 'Show details',
+                                          hide => 'Hide details',
+                                        );
+    &html_escape(\%html_js_lt);
+    my $jstext = '    var helproles = Array('."'".join("','",@{$roles_by_num})."'".');'."\n";
+    return <<"ENDSCRIPT";
+<script type="text/javascript">
+// <![CDATA[
+
+function reorderHelpRoles(form,item) {
+    var changedVal;
+$jstext
+    var newpos = 'helproles_${total}_pos';
+    var maxh = 1 + $total;
+    var current = new Array();
+    var newitemVal = form.elements[newpos].options[form.elements[newpos].selectedIndex].value;
+    if (item == newpos) {
+        changedVal = newitemVal;
+    } else {
+        changedVal = form.elements[item].options[form.elements[item].selectedIndex].value;
+        current[newitemVal] = newpos;
+    }
+    for (var i=0; i<helproles.length; i++) {
+        var elementName = 'helproles_'+helproles[i]+'_pos';
+        if (elementName != item) {
+            if (form.elements[elementName]) {
+                var currVal = form.elements[elementName].options[form.elements[elementName].selectedIndex].value;
+                current[currVal] = elementName;
+            }
+        }
+    }
+    var oldVal;
+    for (var j=0; j<maxh; j++) {
+        if (current[j] == undefined) {
+            oldVal = j;
+        }
+    }
+    if (oldVal < changedVal) {
+        for (var k=oldVal+1; k<=changedVal ; k++) {
+           var elementName = current[k];
+           form.elements[elementName].selectedIndex = form.elements[elementName].selectedIndex - 1;
+        }
+    } else {
+        for (var k=changedVal; k<oldVal; k++) {
+            var elementName = current[k];
+            form.elements[elementName].selectedIndex = form.elements[elementName].selectedIndex + 1;
+        }
+    }
+    return;
+}
+
+function helpdeskAccess(num) {
+    var curraccess = null;
+    if (document.$formname.elements['helproles_'+num+'_access'].length) {
+        for (var i=0; i<document.$formname.elements['helproles_'+num+'_access'].length; i++) {
+            if (document.$formname.elements['helproles_'+num+'_access'][i].checked) {
+                curraccess = document.$formname.elements['helproles_'+num+'_access'][i].value;
+            }
+        }
+    }
+    var shown = Array();
+    var hidden = Array();
+    if (curraccess == 'none') {
+        hidden = Array('$hiddenstr');
+    } else {
+        if (curraccess == 'status') {
+            shown = Array('bystatus');
+            hidden = Array('notinc','notexc');
+        } else {
+            if (curraccess == 'exc') {
+                shown = Array('notexc');
+                hidden = Array('notinc','bystatus');
+            }
+            if (curraccess == 'inc') {
+                shown = Array('notinc');
+                hidden = Array('notexc','bystatus');
+            }
+            if ((curraccess == 'all') || (curraccess == 'dh') || (curraccess == 'da')) {
+                hidden = Array('notinc','notexc','bystatus');
+            }
+        }
+    }
+    if (hidden.length > 0) {
+        for (var i=0; i<hidden.length; i++) {
+            if (document.getElementById('helproles_'+num+'_'+hidden[i])) {
+                document.getElementById('helproles_'+num+'_'+hidden[i]).style.display = 'none';
+            }
+        }
+    }
+    if (shown.length > 0) {
+        for (var i=0; i<shown.length; i++) {
+            if (document.getElementById('helproles_'+num+'_'+shown[i])) {
+                if (shown[i] == 'privs') {
+                    document.getElementById('helproles_'+num+'_'+shown[i]).style.display = 'block';
+                } else {
+                    document.getElementById('helproles_'+num+'_'+shown[i]).style.display = 'inline-block';
+                }
+            }
+        }
+    }
+    return;
+}
+
+function toggleHelpdeskItem(num,field) {
+    if (document.getElementById('helproles_'+num+'_'+field)) {
+        if (document.getElementById('helproles_'+num+'_'+field).className.match(/(?:^|\\s)LC_hidden(?!\\S)/)) {
+            document.getElementById('helproles_'+num+'_'+field).className =
+                document.getElementById('helproles_'+num+'_'+field).className.replace(/(?:^|\\s)LC_hidden(?!\\S)/g ,'');
+            if (document.getElementById('helproles_'+num+'_'+field+'_vis')) {
+                document.getElementById('helproles_'+num+'_'+field+'_vis').value = '$html_js_lt{hide}';
+            }
+        } else {
+            document.getElementById('helproles_'+num+'_'+field).className += ' LC_hidden';
+            if (document.getElementById('helproles_'+num+'_'+field+'_vis')) {
+                document.getElementById('helproles_'+num+'_'+field+'_vis').value = '$html_js_lt{show}';
+            }
+        }
+    }
+    return;
+}
+
+// ]]>
+</script>
+
+ENDSCRIPT
+}
+
+sub helpdeskroles_access {
+    my ($dom,$prefix,$num,$add_class,$current,$accesstypes,$othertitle,
+        $usertypes,$types,$domhelpdesk) = @_;
+    return unless ((ref($accesstypes) eq 'ARRAY') && (ref($domhelpdesk) eq 'HASH'));
+    my %lt = &Apache::lonlocal::texthash(
+                    'rou'    => 'Role usage',
+                    'whi'    => 'Which helpdesk personnel may use this role?',
+                    'all'    => 'All with domain helpdesk or helpdesk assistant role',
+                    'dh'     => 'All with domain helpdesk role',
+                    'da'     => 'All with domain helpdesk assistant role',
+                    'none'   => 'None',
+                    'status' => 'Determined based on institutional status',
+                    'inc'    => 'Include all, but exclude specific personnel',
+                    'exc'    => 'Exclude all, but include specific personnel',
+                  );
+    my %usecheck = (
+                     all => ' checked="checked"',
+                   );
+    my %displaydiv = (
+                      status => 'none',
+                      inc    => 'none',
+                      exc    => 'none',
+                      priv   => 'block',
+                     );
+    my $output;
+    if (ref($current) eq 'HASH') {
+        if (($current->{'access'} ne '') && ($current->{'access'} ne 'all')) {
+            if (grep(/^\Q$current->{access}\E$/,@{$accesstypes})) {
+                $usecheck{$current->{access}} = $usecheck{'all'};
+                delete($usecheck{'all'});
+                if ($current->{access} =~ /^(status|inc|exc)$/) {
+                    my $access = $1;
+                    $displaydiv{$access} = 'inline';
+                } elsif ($current->{access} eq 'none') {
+                    $displaydiv{'priv'} = 'none';
+                }
+            }
+        }
+    }
+    $output = '<fieldset id="'.$prefix.$num.'_usage"><legend>'.$lt{'rou'}.'</legend>'.
+              '<p>'.$lt{'whi'}.'</p>';
+    foreach my $access (@{$accesstypes}) {
+        $output .= '<p><label><input type="radio" name="'.$prefix.$num.'_access" value="'.$access.'" '.$usecheck{$access}.
+                   ' onclick="helpdeskAccess('."'$num'".');" />'.
+                   $lt{$access}.'</label>';
+        if ($access eq 'status') {
+            $output .= '<div id="'.$prefix.$num.'_bystatus" style="display:'.$displaydiv{$access}.'">'.
+                       &Apache::lonuserutils::adhoc_status_types($dom,$prefix,$num,$current->{$access},
+                                                                 $othertitle,$usertypes,$types).
+                       '</div>';
+        } elsif (($access eq 'inc') && (keys(%{$domhelpdesk}) > 0)) {
+            $output .= '<div id="'.$prefix.$num.'_notinc" style="display:'.$displaydiv{$access}.'">'.
+                       &Apache::lonuserutils::adhoc_staff($access,$prefix,$num,$current->{$access},$domhelpdesk).
+                       '</div>';
+        } elsif (($access eq 'exc') && (keys(%{$domhelpdesk}) > 0)) {
+            $output .= '<div id="'.$prefix.$num.'_notexc" style="display:'.$displaydiv{$access}.'">'.
+                       &Apache::lonuserutils::adhoc_staff($access,$prefix,$num,$current->{$access},$domhelpdesk).
+                       '</div>';
+        }
+        $output .= '</p>';
+    }
+    $output .= '</fieldset>';
+    return $output;
+}
+
 sub radiobutton_prefs {
     my ($settings,$toggles,$defaultchecked,$choices,$itemcount,$onclick,
         $additional,$align) = @_;
@@ -3174,7 +3666,7 @@ sub radiobutton_prefs {
         } else {
             $datatable .= '<td class="LC_right_item">';
         }
-        $datatable .= 
+        $datatable .=
             '<span class="LC_nobreak">'.
             '<label><input type="radio" name="'.
             $item.'" '.$checkedon{$item}.' value="1"'.$onclick.' />'.&mt('Yes').
@@ -3268,6 +3760,8 @@ sub print_ltitools {
             if (ref($settings->{$item}->{'display'}) eq 'HASH') {
                 if ($settings->{$item}->{'display'}->{'target'} eq 'window') {
                     $currdisp{'window'} = ' checked="checked"';
+                } elsif ($settings->{$item}->{'display'}->{'target'} eq 'tab') {
+                    $currdisp{'tab'} = ' checked="checked"';
                 } else {
                     $currdisp{'iframe'} = ' checked="checked"';
                 }
@@ -3277,10 +3771,12 @@ sub print_ltitools {
                 if ($settings->{$item}->{'display'}->{'height'} =~ /^(\d+)$/) {
                      $currdisp{'height'} = $1;
                 }
+                $currdisp{'linktext'} = $settings->{$item}->{'display'}->{'linktext'};
+                $currdisp{'explanation'} = $settings->{$item}->{'display'}->{'explanation'};
             } else {
                 $currdisp{'iframe'} = ' checked="checked"';
             }
-            foreach my $disp ('iframe','window') {
+            foreach my $disp ('iframe','tab','window') {
                 $datatable .= '<label><input type="radio" name="ltitools_target_'.$i.'" value="'.$disp.'"'.$currdisp{$disp}.' />'.
                               $lt{$disp}.'</label>'.('&nbsp;'x2);
             }
@@ -3290,6 +3786,12 @@ sub print_ltitools {
                               '<input type="text" name="ltitools_'.$dimen.'_'.$i.'" size="5" value="'.$currdisp{$dimen}.'" /></label>'.
                               ('&nbsp;'x2);
             }
+            $datatable .= '<br />'.
+                          '<div class="LC_left_float">'.$lt{'linktext'}.'<br />'.
+                          '<input type="text" name="ltitools_linktext_'.$i.'" size="25" value="'.$currdisp{'linktext'}.'" /></label></div>'.
+                          '<div class="LC_left_float">'.$lt{'explanation'}.'<br />'.
+                          '<textarea name="ltitools_explanation_'.$i.'" rows="5" cols="40">'.$currdisp{'explanation'}.
+                          '</textarea></div><div style=""></div><br />';
             $datatable .= '<br />';
             foreach my $extra ('passback','roster') {
                 my $checkedon = '';
@@ -3371,7 +3873,7 @@ sub print_ltitools {
                 }
             }
             $datatable .= '<fieldset><legend>'.&mt('Configurable in course').'</legend><span class="LC_nobreak">';
-            foreach my $item ('label','title','target') {
+            foreach my $item ('label','title','target','linktext','explanation') {
                 my $checked;
                 if ($courseconfig{$item}) {
                     $checked = ' checked="checked"';
@@ -3439,7 +3941,7 @@ sub print_ltitools {
                   '<span class="LC_nobreak">'.&mt('Display target:');
     my %defaultdisp;
     $defaultdisp{'iframe'} = ' checked="checked"';
-    foreach my $disp ('iframe','window') {
+    foreach my $disp ('iframe','tab','window') {
         $datatable .= '<label><input type="radio" name="ltitools_add_target" value="'.$disp.'"'.$defaultdisp{$disp}.' />'.
                       $lt{$disp}.'</label>'.('&nbsp;'x2);
     }
@@ -3449,7 +3951,12 @@ sub print_ltitools {
                       '<input type="text" name="ltitools_add_'.$dimen.'" size="5" /></label>'.
                       ('&nbsp;'x2);
     }
-    $datatable .= '<br />';
+    $datatable .= '<br />'.
+                  '<div class="LC_left_float">'.$lt{'linktext'}.'<br />'.
+                  '<input type="text" name="ltitools_add_linktext" size="5" /></label></div>'.
+                  '<div class="LC_left_float">'.$lt{'explanation'}.'<br />'.
+                  '<textarea name=ltitools_add_explanation" rows="5" cols="40"></textarea>'.
+                  '</div><div style=""></div><br />';
     foreach my $extra ('passback','roster') {
         $datatable .= $lt{$extra}.'&nbsp;'.
                       '<label><input type="radio" name="ltitools_add_'.$extra.'" value="1" />'.
@@ -3487,10 +3994,10 @@ sub print_ltitools {
     }
     $datatable .= '</tr></table></fieldset>'.
                   '<fieldset><legend>'.&mt('Configurable in course').'</legend><span class="LC_nobreak">';
-    foreach my $item ('label','title','target') {
-         $datatable .= '<label>'.
-                       '<input type="checkbox" name="ltitools_courseconfig" value="'.$item.'" checked="checked" />'.
-                       $lt{'crs'.$item}.'</label>'.('&nbsp;' x2)."\n";
+    foreach my $item ('label','title','target','linktext','explanation') {
+        $datatable .= '<label>'.
+                      '<input type="checkbox" name="ltitools_courseconfig" value="'.$item.'" checked="checked" />'.
+                      $lt{'crs'.$item}.'</label>'.('&nbsp;' x2)."\n";
     }
     $datatable .= '</span></fieldset>'.
                   '<fieldset><legend>'.&mt('Custom items sent on launch').'</legend>'.
@@ -3508,28 +4015,33 @@ sub print_ltitools {
 
 sub ltitools_names {
     my %lt = &Apache::lonlocal::texthash(
-                                          'title'     => 'Title',
-                                          'version'   => 'Version',
-                                          'msgtype'   => 'Message Type',
-                                          'url'       => 'URL',
-                                          'key'       => 'Key',
-                                          'secret'    => 'Secret',
-                                          'icon'      => 'Icon',   
-                                          'user'      => 'Username:domain',
-                                          'fullname'  => 'Full Name',
-                                          'firstname' => 'First Name',
-                                          'lastname'  => 'Last Name',
-                                          'email'     => 'E-mail',
-                                          'roles'     => 'Role',
-                                          'window'    => 'Window/Tab',
-                                          'iframe'    => 'iFrame',
-                                          'height'    => 'Height',
-                                          'width'     => 'Width',
-                                          'passback'  => 'Tool can return grades:',
-                                          'roster'    => 'Tool can retrieve roster:',
-                                          'crstarget' => 'Display target',
-                                          'crslabel'  => 'Course label',
-                                          'crstitle'  => 'Course title', 
+                                          'title'          => 'Title',
+                                          'version'        => 'Version',
+                                          'msgtype'        => 'Message Type',
+                                          'url'            => 'URL',
+                                          'key'            => 'Key',
+                                          'secret'         => 'Secret',
+                                          'icon'           => 'Icon',   
+                                          'user'           => 'Username:domain',
+                                          'fullname'       => 'Full Name',
+                                          'firstname'      => 'First Name',
+                                          'lastname'       => 'Last Name',
+                                          'email'          => 'E-mail',
+                                          'roles'          => 'Role',
+                                          'window'         => 'Window',
+                                          'tab'            => 'Tab',
+                                          'iframe'         => 'iFrame',
+                                          'height'         => 'Height',
+                                          'width'          => 'Width',
+                                          'linktext'       => 'Default Link Text',
+                                          'explanation'    => 'Default Explanation',
+                                          'passback'       => 'Tool can return grades:',
+                                          'roster'         => 'Tool can retrieve roster:',
+                                          'crstarget'      => 'Display target',
+                                          'crslabel'       => 'Course label',
+                                          'crstitle'       => 'Course title', 
+                                          'crslinktext'    => 'Link Text',
+                                          'crsexplanation' => 'Explanation',
                                         );
     return %lt;
 }
@@ -3560,7 +4072,7 @@ sub print_coursedefaults {
                             'canuse_pdfforms' => 'off',
                             'uselcmath'       => 'on',
                             'usejsme'         => 'on',
-                            'canclone'        => 'none', 
+                            'canclone'        => 'none',
                           );
         @toggles = ('canuse_pdfforms','uselcmath','usejsme');
         ($datatable,$itemcount) = &radiobutton_prefs($settings,\@toggles,\%defaultchecked,
@@ -3599,7 +4111,7 @@ sub print_coursedefaults {
                     $currcanclone = $settings->{'canclone'};
                 }
             }
-        } 
+        }
         foreach my $option (@cloneoptions) {
             my ($checked,$additional);
             if ($currcanclone eq $option) {
@@ -3668,7 +4180,7 @@ sub print_coursedefaults {
                     foreach my $type (@types) {
                         if (ref($settings->{'postsubmit'}->{'timeout'}) eq 'HASH') {
                             if ($settings->{'postsubmit'}->{'timeout'}->{$type} =~ /^\d+$/) {
-                                $deftimeout{$type} = $settings->{'postsubmit'}->{'timeout'}->{$type}; 
+                                $deftimeout{$type} = $settings->{'postsubmit'}->{'timeout'}->{$type};
                             } else {
                                 $deftimeout{$type} = $staticdefaults{'postsubmit'};
                             }
@@ -3784,7 +4296,7 @@ sub print_coursedefaults {
         foreach my $type (@types) {
             $datatable .= '<td align="center">'.&mt($type).'<br />'.
                            '<input type="text" name="mysqltables_'.$type.'"'.
-                           ' value="'.$currmysql{$type}.'" size="5" /></td>';
+                           ' value="'.$currmysql{$type}.'" size="8" /></td>';
         }
         $datatable .= '</tr></table></td></tr>'."\n";
         $itemcount ++;
@@ -4206,7 +4718,32 @@ sub print_ssl {
         my @domservers = &Apache::lonnet::get_servers($dom);
         my %servers = &Apache::lonnet::internet_dom_servers($dom);
         my %altids = &id_for_thisdom(%servers);
-        if ($position eq 'middle') {
+        if (($position eq 'connto') || ($position eq 'connfrom')) {
+            my $legacy;
+            unless (ref($settings) eq 'HASH') {
+                my $name;
+                if ($position eq 'connto') {
+                    $name = 'loncAllowInsecure';
+                } else {
+                    $name = 'londAllowInsecure';
+                }
+                my $primarylibserv = &Apache::lonnet::domain($dom,'primary');
+                my @ids=&Apache::lonnet::current_machine_ids();
+                if (($primarylibserv ne '') && (!grep(/^\Q$primarylibserv\E$/,@ids))) {
+                    my %what = (
+                                   $name => 1,
+                               );
+                    my ($result,$returnhash) =
+                        &Apache::lonnet::get_remote_globals($primarylibserv,\%what);
+                    if ($result eq 'ok') {
+                        if (ref($returnhash) eq 'HASH') {
+                            $legacy = $returnhash->{$name};
+                        }
+                    }
+                } else {
+                    $legacy = $Apache::lonnet::perlvar{$name};
+                }
+            }
             foreach my $type ('dom','intdom','other') {
                 my %checked;
                 $css_class = $itemcount%2?' class="LC_odd_row"':'';
@@ -4233,16 +4770,21 @@ sub print_ssl {
                 unless ($skip) {
                     $checked{'yes'} = ' checked="checked"'; 
                     if (ref($settings) eq 'HASH') {
-                        if (ref($settings->{'connect'}) eq 'HASH') {
-                            if ($settings->{'connect'}->{$type} =~ /^(no|req)$/) {
+                        if (ref($settings->{$position}) eq 'HASH') {
+                            if ($settings->{$position}->{$type} =~ /^(no|req)$/) {
                                 $checked{$1} = $checked{'yes'};
                                 delete($checked{'yes'}); 
                             }
                         }
+                    } else {
+                        if ($legacy == 0) {
+                            $checked{'req'} = $checked{'yes'};
+                            delete($checked{'yes'});    
+                        }
                     }
                     foreach my $option ('no','yes','req') {
                         $datatable .= '<span class="LC_nobreak"><label>'.
-                                      '<input type="radio" name="connect_'.$type.'" '.
+                                      '<input type="radio" name="'.$position.'_'.$type.'" '.
                                       'value="'.$option.'"'.$checked{$option}.' />'.$titles{$option}.
                                       '</label></span>'.('&nbsp;'x2);
                     }
@@ -4273,7 +4815,8 @@ sub ssl_titles {
                dom           => 'LON-CAPA servers/VMs from same domain',
                intdom        => 'LON-CAPA servers/VMs from same "internet" domain',
                other         => 'External LON-CAPA servers/VMs',
-               connect       => 'Connections to other servers',
+               connto        => 'Connections to other servers',
+               connfrom      => 'Connections from other servers',
                replication   => 'Replicating content to other institutions',
                certreq       => 'Client certificate required, but specific domains exempt',
                nocertreq     => 'No client certificate required, except for specific domains',
@@ -4483,7 +5026,7 @@ sub spares_row {
                             <span class="LC_nobreak">'.
                           &mt('[_1] when busy, offloads to:'
                               ,'<b>'.$server.'</b>').'</span><br />'.
-                          '<span class="LC_nobreak">'."\n". 
+                          '<span class="LC_nobreak">'."\n".
                           '<label><input type="checkbox" name="offloadnow" value="'.$server.'"'.$checkednow.' />'.
                           '&nbsp;'.&mt('Switch active users on next access').'</label></span>'.
                           "\n";
@@ -4847,9 +5390,14 @@ sub loadbalancing_titles {
            '_LC_ipchange'    => &mt('Non-SSO users with IP mismatch'),
                      );
     my @alltypes = ('_LC_adv','_LC_author','_LC_internetdom','_LC_external','_LC_ipchangesso','_LC_ipchange');
+    my @available;
     if (ref($types) eq 'ARRAY') {
-        unshift(@alltypes,@{$types},'default');
+        @available = @{$types};
+    }
+    unless (grep(/^default$/,@available)) {
+        push(@available,'default');
     }
+    unshift(@alltypes,@available);
     my %titles;
     foreach my $type (@alltypes) {
         if ($type =~ /^_LC_/) {
@@ -4972,14 +5520,15 @@ sub sparestype_titles {
 
 sub contact_titles {
     my %titles = &Apache::lonlocal::texthash (
-                   'supportemail' => 'Support E-mail address',
-                   'adminemail'   => 'Default Server Admin E-mail address',
-                   'errormail'    => 'Error reports to be e-mailed to',
-                   'packagesmail' => 'Package update alerts to be e-mailed to',
-                   'helpdeskmail' => 'Helpdesk requests to be e-mailed to',
-                   'lonstatusmail' => 'E-mail from nightly status check (warnings/errors)',
-                   'requestsmail' => 'E-mail from course requests requiring approval',
-                   'updatesmail'  => 'E-mail from nightly check of LON-CAPA module integrity/updates',
+                   'supportemail'    => 'Support E-mail address',
+                   'adminemail'      => 'Default Server Admin E-mail address',
+                   'errormail'       => 'Error reports to be e-mailed to',
+                   'packagesmail'    => 'Package update alerts to be e-mailed to',
+                   'helpdeskmail'    => "Helpdesk requests for this domain's users",
+                   'otherdomsmail'   => 'Helpdesk requests for other (unconfigured) domains',
+                   'lonstatusmail'   => 'E-mail from nightly status check (warnings/errors)',
+                   'requestsmail'    => 'E-mail from course requests requiring approval',
+                   'updatesmail'     => 'E-mail from nightly check of LON-CAPA module integrity/updates',
                    'idconflictsmail' => 'E-mail from bi-nightly check for multiple users sharing same student/employee ID',
                  );
     my %short_titles = &Apache::lonlocal::texthash (
@@ -4989,6 +5538,34 @@ sub contact_titles {
     return (\%titles,\%short_titles);
 }
 
+sub helpform_fields {
+    my %titles =  &Apache::lonlocal::texthash (
+                       'username'   => 'Name',
+                       'user'       => 'Username/domain',
+                       'phone'      => 'Phone',
+                       'cc'         => 'Cc e-mail',
+                       'course'     => 'Course Details',
+                       'section'    => 'Sections',
+                       'screenshot' => 'File upload',
+    );
+    my @fields = ('username','phone','user','course','section','cc','screenshot');
+    my %possoptions = (
+                        username     => ['yes','no','req'],
+                        phone        => ['yes','no','req'],
+                        user         => ['yes','no'],
+                        cc           => ['yes','no'],
+                        course       => ['yes','no'],
+                        section      => ['yes','no'],
+                        screenshot   => ['yes','no'],
+                      );
+    my %fieldoptions = &Apache::lonlocal::texthash (
+                         'yes'  => 'Optional',
+                         'req'  => 'Required',
+                         'no'   => "Not shown",
+    );
+    return (\@fields,\%titles,\%fieldoptions,\%possoptions);
+}
+
 sub tool_titles {
     my %titles = &Apache::lonlocal::texthash (
                      aboutme    => 'Personal web page',
@@ -5198,6 +5775,7 @@ sub print_selfcreation {
     my %radiohash;
     my $numinrow = 4;
     map { $radiohash{'cancreate_'.$_} = 1; } @selfcreate;
+    my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom);
     if ($position eq 'top') {
         my %choices = &Apache::lonlocal::texthash (
                                                       cancreate_login      => 'Institutional Login',
@@ -5213,8 +5791,6 @@ sub print_selfcreation {
                                                      \%choices,$itemcount,$onclick);
         $$rowtotal += $itemcount;
         
-        my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom);
-
         if (ref($usertypes) eq 'HASH') {
             if (keys(%{$usertypes}) > 0) {
                 $datatable .= &insttypes_row($createsettings,$types,$usertypes,
@@ -5264,16 +5840,22 @@ sub print_selfcreation {
         $$rowtotal ++;
     } elsif ($position eq 'middle') {
         my %domconf = &Apache::lonnet::get_dom('configuration',['usermodification'],$dom);
-        my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom);
-        $usertypes->{'default'} = $othertitle;
+        my @posstypes;
         if (ref($types) eq 'ARRAY') {
-            push(@{$types},'default');
-            $usertypes->{'default'} = $othertitle;
-            foreach my $status (@{$types}) {
-                $datatable .= &modifiable_userdata_row('selfcreate',$status,$domconf{'usermodification'},
-                                                       $numinrow,$$rowtotal,$usertypes);
-                $$rowtotal ++;
-            }
+            @posstypes = @{$types};
+        }
+        unless (grep(/^default$/,@posstypes)) {
+            push(@posstypes,'default');
+        }
+        my %usertypeshash;
+        if (ref($usertypes) eq 'HASH') {
+            %usertypeshash = %{$usertypes};
+        }
+        $usertypeshash{'default'} = $othertitle;
+        foreach my $status (@posstypes) {
+            $datatable .= &modifiable_userdata_row('selfcreate',$status,$domconf{'usermodification'},
+                                                   $numinrow,$$rowtotal,\%usertypeshash);
+            $$rowtotal ++;
         }
     } else {
         my %choices = &Apache::lonlocal::texthash (
@@ -5291,29 +5873,34 @@ sub print_selfcreation {
         my $onclick = "toggleDisplay(this.form,'emailoptions');";
         my $additional = '<div id="emailoptions" style="display: '.$display.'">';
         my %domdefaults = &Apache::lonnet::get_domain_defaults($dom);
-        my $usertypes = {};
-        my $order = [];
-        if ((ref($domdefaults{'inststatustypes'}) eq 'HASH') && (ref($domdefaults{'inststatusguest'}) eq 'ARRAY')) {
-            $usertypes = $domdefaults{'inststatustypes'};
+        my $order;
+        if (ref($domdefaults{'inststatusguest'}) eq 'ARRAY') {
             $order = $domdefaults{'inststatusguest'};
         }
+        my (@ordered,%usertypeshash);
         if (ref($order) eq 'ARRAY') {
-            push(@{$order},'default');
-            if (@{$order} > 1) {
-                $usertypes->{'default'} = &mt('Other users');
-                $additional .= '<table><tr>';
-                foreach my $status (@{$order}) {
-                    $additional .= '<th>'.$usertypes->{$status}.'</th>';
-                }
-                $additional .= '</tr><tr>';
-                foreach my $status (@{$order}) {
-                    $additional .= '<td>'.&email_as_username($rowtotal,$processing,$status).'</td>';
-                }
-                $additional .= '</tr></table>';
-            } else {
-                $usertypes->{'default'} = &mt('All users');
-                $additional .= &email_as_username($rowtotal,$processing);
+            @ordered = @{$order};
+        }
+        if (@ordered) {
+            unless (grep(/^default$/,@ordered)) {
+                push(@ordered,'default');
+            }
+            if (ref($usertypes) eq 'HASH') {
+                %usertypeshash = %{$usertypes};
             }
+            $usertypeshash{'default'} = $othertitle;
+            $additional .= '<table><tr>';
+            foreach my $status (@ordered) {
+                $additional .= '<th>'.$usertypeshash{$status}.'</th>';
+            }
+            $additional .= '</tr><tr>';
+            foreach my $status (@ordered) {
+                $additional .= '<td>'.&email_as_username($rowtotal,$processing,$status).'</td>';
+            }
+            $additional .= '</tr></table>';
+        } else {
+            $usertypeshash{'default'} = $othertitle;
+            $additional .= &email_as_username($rowtotal,$processing);
         }
         $additional .= '</div>'."\n";
 
@@ -5324,12 +5911,10 @@ sub print_selfcreation {
         $$rowtotal ++;
         my ($infofields,$infotitles) = &Apache::loncommon::emailusername_info();
         $numinrow = 1;
-        if (ref($order) eq 'ARRAY') {
-            foreach my $status (@{$order}) {
-                $datatable .= &modifiable_userdata_row('cancreate','emailusername_'.$status,$settings,
-                                                       $numinrow,$$rowtotal,$usertypes,$infofields,$infotitles);
-                $$rowtotal ++;
-            }
+        foreach my $status (@ordered) {
+            $datatable .= &modifiable_userdata_row('cancreate','emailusername_'.$status,$settings,
+                                                   $numinrow,$$rowtotal,\%usertypeshash,$infofields,$infotitles);
+            $$rowtotal ++;
         }
         my ($emailrules,$emailruleorder) =
             &Apache::lonnet::inst_userrules($dom,'email');
@@ -5596,7 +6181,10 @@ sub print_usermodification {
 sub print_defaults {
     my ($position,$dom,$settings,$rowtotal) = @_;
     my $rownum = 0;
-    my ($datatable,$css_class);
+    my ($datatable,$css_class,$titles);
+    unless ($position eq 'bottom') {
+        $titles = &defaults_titles($dom);
+    }
     if ($position eq 'top') {
         my @items = ('auth_def','auth_arg_def','lang_def','timezone_def',
                      'datelocale_def','portal_def');
@@ -5609,7 +6197,6 @@ sub print_defaults {
                 $defaults{$item} = $domdefaults{$item};
             }
         }
-        my $titles = &defaults_titles($dom);
         foreach my $item (@items) {
             if ($rownum%2) {
                 $css_class = '';
@@ -5657,8 +6244,87 @@ sub print_defaults {
             $datatable .= '</td></tr>';
             $rownum ++;
         }
+    } elsif ($position eq 'middle') {
+        my @items = ('intauth_cost','intauth_check','intauth_switch');
+        my %defaults;
+        if (ref($settings) eq 'HASH') {
+            %defaults = %{$settings};
+            if ($defaults{'intauth_cost'} !~ /^\d+$/) {
+                $defaults{'intauth_cost'} = 10;
+            }
+            if ($defaults{'intauth_check'} !~ /^(0|1|2)$/) {
+                $defaults{'intauth_check'} = 0;
+            }
+            if ($defaults{'intauth_switch'} !~ /^(0|1|2)$/) {
+                $defaults{'intauth_switch'} = 0;
+            }
+        } else {
+            %defaults = (
+                          'intauth_cost'   => 10,
+                          'intauth_check'  => 0,
+                          'intauth_switch' => 0,
+                        );
+        }
+        foreach my $item (@items) {
+            if ($rownum%2) {
+                $css_class = '';
+            } else {
+                $css_class = ' class="LC_odd_row" ';
+            }
+            $datatable .= '<tr'.$css_class.'>'.
+                          '<td><span class="LC_nobreak">'.$titles->{$item}.
+                          '</span></td><td class="LC_left_item" colspan="3">';
+            if ($item eq 'intauth_switch') {
+                my @options = (0,1,2);
+                my %optiondesc = &Apache::lonlocal::texthash (
+                                   0 => 'No',
+                                   1 => 'Yes',
+                                   2 => 'Yes, and copy existing passwd file to passwd.bak file',
+                                 );
+                $datatable .= '<table width="100%">';
+                foreach my $option (@options) {
+                    my $checked = ' ';
+                    if ($defaults{$item} eq $option) {
+                        $checked = ' checked="checked"';
+                    }
+                    $datatable .= '<tr><td class="LC_left_item"><span class="LC_nobreak">'.
+                                  '<label><input type="radio" name="'.$item.
+                                  '" value="'.$option.'"'.$checked.' />'.
+                                  $optiondesc{$option}.'</label></span></td></tr>';
+                }
+                $datatable .= '</table>';
+            } elsif ($item eq 'intauth_check') {
+                my @options = (0,1,2);
+                my %optiondesc = &Apache::lonlocal::texthash (
+                                   0 => 'No',
+                                   1 => 'Yes, allow login then update passwd file using default cost (if higher)',
+                                   2 => 'Yes, disallow login if stored cost is less than domain default',
+                                 );
+                $datatable .= '<table wisth="100%">';
+                foreach my $option (@options) {
+                    my $checked = ' ';
+                    my $onclick;
+                    if ($defaults{$item} eq $option) {
+                        $checked = ' checked="checked"';
+                    }
+                    if ($option == 2) {
+                        $onclick = ' onclick="javascript:warnIntAuth(this);"';
+                    }
+                    $datatable .= '<tr><td class="LC_left_item"><span class="LC_nobreak">'.
+                                  '<label><input type="radio" name="'.$item.
+                                  '" value="'.$option.'"'.$checked.$onclick.' />'.
+                                  $optiondesc{$option}.'</label></span></td></tr>';
+                }
+                $datatable .= '</table>';
+            } else {
+                $datatable .= '<input type="text" name="'.$item.'" value="'.
+                              $defaults{$item}.'" size="3" onblur="javascript:warnIntAuth(this);" />'; 
+            }
+            $datatable .= '</td></tr>';
+            $rownum ++;
+        }
     } else {
-        my (%defaults);
+        my %defaults;
         if (ref($settings) eq 'HASH') {
             if ((ref($settings->{'inststatusorder'}) eq 'ARRAY') && (ref($settings->{'inststatustypes'}) eq 'HASH') &&
                 (ref($settings->{'inststatusguest'}) eq 'ARRAY')) {
@@ -5753,6 +6419,9 @@ sub defaults_titles {
                    'timezone_def'  => 'Default timezone',
                    'datelocale_def' => 'Default locale for dates',
                    'portal_def'     => 'Portal/Default URL',
+                   'intauth_cost'   => 'Encryption cost for bcrypt (positive integer)',
+                   'intauth_check'  => 'Check bcrypt cost if authenticated',
+                   'intauth_switch' => 'Existing crypt-based switched to bcrypt on authentication',
                  );
     if ($dom) {
         my $uprimary_id = &Apache::lonnet::domain($dom,'primary');
@@ -6288,7 +6957,35 @@ sub serverstatus_pages {
 
 sub defaults_javascript {
     my ($settings) = @_;
-    return unless (ref($settings) eq 'HASH'); 
+    my $intauthcheck = &mt('Warning: disallowing login for an authenticated user if the stored cost is less than the default will require a password reset by/for the user.');
+    my $intauthcost = &mt('Warning: bcrypt encryption cost for internal authentication must be an integer.');
+    &js_escape(\$intauthcheck);
+    &js_escape(\$intauthcost);
+    my $intauthjs = <<"ENDSCRIPT";
+
+function warnIntAuth(field) {
+    if (field.name == 'intauth_check') {
+        if (field.value == '2') {
+            alert('$intauthcheck');
+        }
+    }
+    if (field.name == 'intauth_cost') {
+        field.value.replace(/\s/g,'');
+        if (field.value != '') {
+            var regexdigit=/^\\d+\$/;
+            if (!regexdigit.test(field.value)) {
+                alert('$intauthcost');
+            }
+        }
+    }
+    return;
+}
+
+ENDSCRIPT
+
+    if (ref($settings) ne 'HASH') {
+        return &Apache::lonhtmlcommon::scripttag($intauthjs);
+    }
     if ((ref($settings->{'inststatusorder'}) eq 'ARRAY') && (ref($settings->{'inststatustypes'}) eq 'HASH')) {
         my $maxnum = scalar(@{$settings->{'inststatusorder'}});
         if ($maxnum eq '') {
@@ -6342,10 +7039,14 @@ $jstext
     return;
 }
 
+$intauthjs
+
 // ]]>
 </script>
 
 ENDSCRIPT
+    } else {
+        return &Apache::lonhtmlcommon::scripttag($intauthjs);
     }
 }
 
@@ -7079,7 +7780,7 @@ sub modify_login {
             } elsif ($currheadtagurls{$lonhost}) {
                 $loginhash{'login'}{'headtag'}{$lonhost}{'url'} = $currheadtagurls{$lonhost};
                 if ($currexempt{$lonhost}) {
-                    if ((!exists($possexempt{$lonhost})) || ($possexempt{$lonhost} ne $currexempt{$lonhost})) { 
+                    if ((!exists($possexempt{$lonhost})) || ($possexempt{$lonhost} ne $currexempt{$lonhost})) {
                         $changes{'headtag'}{$lonhost} = 1;
                     }
                 } elsif ($possexempt{$lonhost}) {
@@ -7311,7 +8012,6 @@ sub modify_login {
     return $resulttext;
 }
 
-
 sub check_exempt_addresses {
     my ($iplist) = @_;
     $iplist =~ s/^\s+//;
@@ -8222,7 +8922,7 @@ sub modify_quotas {
                                     my $newpos = $env{'form.'.$itemid};
                                     $newpos =~ s/\D+//g;
                                     foreach my $item ('subject','title','publisher','author') {
-                                        next if ((($item eq 'author') || ($item eq 'publisher')) && 
+                                        next if ((($item eq 'author') || ($item eq 'publisher')) &&
                                                  ($type eq 'templates'));
                                         $confhash{$type}{$key}{$item} = $env{'form.'.$type.'_'.$item.'_'.$i};
                                         if ($domconfig{$action}{$type}{$key}{$item} ne $confhash{$type}{$key}{$item}) {
@@ -8367,7 +9067,7 @@ sub modify_quotas {
             }
             if ($env{'form.validationdc'}) {
                 my $newval = $env{'form.validationdc'};
-                my %domcoords = &get_active_dcs($dom);
+                my %domcoords = &Apache::lonnet::get_active_domroles($dom,['dc']);
                 if (exists($domcoords{$newval})) {
                     $confhash{'validation'}{'dc'} = $newval;
                 }
@@ -8391,7 +9091,7 @@ sub modify_quotas {
                     }
                 } elsif ($confhash{'validation'}{'dc'} ne '') {
                     $changes{'validation'}{'dc'} = $confhash{'validation'}{'dc'};
-                }  
+                }
             } else {
                 if (ref($domconfig{'requestcourses'}) eq 'HASH') {
                     if (ref($domconfig{'requestcourses'}{'validation'}) eq 'HASH') {
@@ -8797,7 +9497,7 @@ sub process_textbook_image {
 sub modify_ltitools {
     my ($r,$dom,$action,$lastactref,%domconfig) = @_;
     my %domdefaults = &Apache::lonnet::get_domain_defaults($dom,1);
-    my ($newid,@allpos,%changes,%confhash,$errors,$resulttext);
+    my ($newid,@allpos,%changes,%confhash,%encconfig,$errors,$resulttext);
     my $confname = $dom.'-domainconfig';
     my $servadm = $r->dir_config('lonAdmEMail');
     my ($configuserok,$author_ok,$switchserver) = &config_check($dom,$confname,$servadm);
@@ -8822,7 +9522,11 @@ sub modify_ltitools {
             foreach my $item ('title','url','key','secret') {
                 $env{'form.ltitools_add_'.$item} =~ s/(`)/'/g;
                 if ($env{'form.ltitools_add_'.$item}) {
-                    $confhash{$newid}{$item} = $env{'form.ltitools_add_'.$item};
+                    if (($item eq 'key') || ($item eq 'secret')) {
+                        $encconfig{$newid}{$item} = $env{'form.ltitools_add_'.$item};
+                    } else {
+                        $confhash{$newid}{$item} = $env{'form.ltitools_add_'.$item};
+                    }
                 }
             }
             if ($env{'form.ltitools_add_version'} eq 'LTI-1p0') {
@@ -8831,15 +9535,23 @@ sub modify_ltitools {
             if ($env{'form.ltitools_add_msgtype'} eq 'basic-lti-launch-request') {
                 $confhash{$newid}{'msgtype'} = $env{'form.ltitools_add_msgtype'};
             }
-            foreach my $item ('width','height') {
+            foreach my $item ('width','height','linktext','explanation') {
                 $env{'form.ltitools_add_'.$item} =~ s/^\s+//;
                 $env{'form.ltitools_add_'.$item} =~ s/\s+$//;
-                if ($env{'form.ltitools_add_'.$item} =~ /^\d+$/) {
-                    $confhash{$newid}{'display'}{$item} = $env{'form.ltitools_add_'.$item};
+                if (($item eq 'width') || ($item eq 'height')) {
+                    if ($env{'form.ltitools_add_'.$item} =~ /^\d+$/) {
+                        $confhash{$newid}{'display'}{$item} = $env{'form.ltitools_add_'.$item};
+                    }
+                } else {
+                    if ($env{'form.ltitools_add_'.$item} ne '') {
+                        $confhash{$newid}{'display'}{$item} = $env{'form.ltitools_add_'.$item}; 
+                    }
                 }
             }
             if ($env{'form.ltitools_add_target'} eq 'window') {
                 $confhash{$newid}{'display'}{'target'} = $env{'form.ltitools_add_target'};
+            } elsif ($env{'form.ltitools_add_target'} eq 'tab') {
+                $confhash{$newid}{'display'}{'target'} = $env{'form.ltitools_add_target'};
             } else {
                 $confhash{$newid}{'display'}{'target'} = 'iframe';
             }
@@ -8923,12 +9635,18 @@ sub modify_ltitools {
                 } else {
                     my $newpos = $env{'form.ltitools_'.$itemid};
                     $newpos =~ s/\D+//g;
-                    foreach my $item ('title','url','key','secret') {
+                    foreach my $item ('title','url') {
                         $confhash{$itemid}{$item} = $env{'form.ltitools_'.$item.'_'.$i};
                         if ($domconfig{$action}{$itemid}{$item} ne $confhash{$itemid}{$item}) {
                             $changes{$itemid} = 1;
                         }
                     }
+                    foreach my $item ('key','secret') {
+                        $encconfig{$itemid}{$item} = $env{'form.ltitools_'.$item.'_'.$i};
+                        if ($domconfig{$action}{$itemid}{$item} ne $encconfig{$itemid}{$item}) {
+                            $changes{$itemid} = 1;
+                        }
+                    }
                     if ($env{'form.ltitools_version_'.$i} eq 'LTI-1p0') {
                         $confhash{$itemid}{'version'} = $env{'form.ltitools_version_'.$i};
                     }
@@ -8947,10 +9665,34 @@ sub modify_ltitools {
                             } else {
                                 $changes{$itemid} = 1;
                             }
+                        } elsif (ref($domconfig{$action}{$itemid}{'display'}) eq 'HASH') {
+                            if ($domconfig{$action}{$itemid}{'display'}{$size} ne '') {
+                                $changes{$itemid} = 1;
+                            }
+                        }
+                    }
+                    foreach my $item ('linktext','explanation') {
+                        $env{'form.ltitools_'.$item.'_'.$i} =~ s/^\s+//;
+                        $env{'form.ltitools_'.$item.'_'.$i} =~ s/\s+$//;
+                        if ($env{'form.ltitools_'.$item.'_'.$i} ne '') {
+                            $confhash{$itemid}{'display'}{$item} = $env{'form.ltitools_'.$item.'_'.$i};
+                            if (ref($domconfig{$action}{$itemid}{'display'}) eq 'HASH') {
+                                if ($domconfig{$action}{$itemid}{'display'}{$item} ne $confhash{$itemid}{'display'}{$item}) {
+                                    $changes{$itemid} = 1;
+                                }
+                            } else {
+                                $changes{$itemid} = 1;
+                            }
+                        } elsif (ref($domconfig{$action}{$itemid}{'display'}) eq 'HASH') {
+                            if ($domconfig{$action}{$itemid}{'display'}{$item} ne '') {
+                                $changes{$itemid} = 1;
+                            }
                         }
                     }
                     if ($env{'form.ltitools_target_'.$i} eq 'window') {
                         $confhash{$itemid}{'display'}{'target'} = $env{'form.ltitools_target_'.$i};
+                    } elsif ($env{'form.ltitools_target_'.$i} eq 'tab') {
+                        $confhash{$itemid}{'display'}{'target'} = $env{'form.ltitools_target_'.$i};
                     } else {
                         $confhash{$itemid}{'display'}{'target'} = 'iframe';
                     }
@@ -8970,7 +9712,7 @@ sub modify_ltitools {
                         }
                     }
                     my @courseconfig = &Apache::loncommon::get_env_multiple('form.ltitools_courseconfig_'.$i);
-                    foreach my $item ('label','title','target') {
+                    foreach my $item ('label','title','target','linktext','explanation') {
                         if (grep(/^\Q$item\E$/,@courseconfig)) {
                             $confhash{$itemid}{'crsconf'}{$item} = 1;
                             if (ref($domconfig{$action}{$itemid}{'crsconf'}) eq 'HASH') {
@@ -9109,9 +9851,21 @@ sub modify_ltitools {
     my $putresult = &Apache::lonnet::put_dom('configuration',\%ltitoolshash,
                                              $dom);
     if ($putresult eq 'ok') {
+        my %ltienchash = (
+                             $action => { %encconfig }
+                         );
+        &Apache::lonnet::put_dom('encconfig',\%ltienchash,$dom);
         if (keys(%changes) > 0) {
             my $cachetime = 24*60*60;
-            &Apache::lonnet::do_cache_new('ltitools',$dom,\%confhash,$cachetime);
+            my %ltiall = %confhash;
+            foreach my $id (keys(%ltiall)) {
+                if (ref($encconfig{$id}) eq 'HASH') {
+                    foreach my $item ('key','secret') {
+                        $ltiall{$id}{$item} = $encconfig{$id}{$item};
+                    }
+                }
+            }
+            &Apache::lonnet::do_cache_new('ltitools',$dom,\%ltiall,$cachetime);
             if (ref($lastactref) eq 'HASH') {
                 $lastactref->{'ltitools'} = 1;
             }
@@ -9135,24 +9889,27 @@ sub modify_ltitools {
                     $resulttext .= '</li><ul>';
                     my $position = $pos + 1;
                     $resulttext .= '<li>'.&mt('Order: [_1]',$position).'</li>';
-                    foreach my $item ('version','msgtype','url','key') {
+                    foreach my $item ('version','msgtype','url') {
                         if ($confhash{$itemid}{$item} ne '') {
                             $resulttext .= '<li>'.$lt{$item}.':&nbsp;'.$confhash{$itemid}{$item}.'</li>';
                         }
                     }
-                    if ($confhash{$itemid}{'secret'} ne '') {
+                    if ($encconfig{$itemid}{'key'} ne '') {
+                        $resulttext .= '<li>'.$lt{'key'}.':&nbsp;'.$encconfig{$itemid}{'key'}.'</li>';
+                    }
+                    if ($encconfig{$itemid}{'secret'} ne '') {
                         $resulttext .= '<li>'.$lt{'secret'}.':&nbsp;';
-                        my $num = length($confhash{$itemid}{'secret'});
+                        my $num = length($encconfig{$itemid}{'secret'});
                         $resulttext .= ('*'x$num).'</li>';
                     }
                     $resulttext .= '<li>'.&mt('Configurable in course:');
-                    my @possconfig = ('label','title','target');
+                    my @possconfig = ('label','title','target','linktext','explanation');
                     my $numconfig = 0; 
                     if (ref($confhash{$itemid}{'crsconf'}) eq 'HASH') { 
                         foreach my $item (@possconfig) {
                             if ($confhash{$itemid}{'crsconf'}{$item}) {
                                 $numconfig ++;
-                                $resulttext .= ' '.$lt{'crs'.$item};
+                                $resulttext .= ' "'.$lt{'crs'.$item}.'"';
                             }
                         }
                     }
@@ -9185,7 +9942,12 @@ sub modify_ltitools {
                             $displaylist =~ s/,$//;
                             $resulttext .= '<li>'.$displaylist.'</li>';
                         }
-                    } 
+                        foreach my $item ('linktext','explanation') {
+                            if ($confhash{$itemid}{'display'}{$item}) {
+                                $resulttext .= '<li>'.$lt{$item}.':&nbsp;'.$confhash{$itemid}{'display'}{$item}.'</li>';
+                            }
+                        }
+                    }
                     if (ref($confhash{$itemid}{'fields'}) eq 'HASH') {
                         my $fieldlist;
                         foreach my $field (@allfields) {
@@ -9400,9 +10162,9 @@ sub modify_autoenroll {
             }
             if ($changes{'autofailsafe'}) {
                 if ($failsafe ne '') {
-                    $resulttext .= '<li>'.&mt("$title{'failsafe'} set to [_1]",$failsafe).'</li>';
+                    $resulttext .= '<li>'.&mt('Failsafe for no drops if institutional data missing for a section set to: [_1]',$failsafe).'</li>';
                 } else {
-                    $resulttext .= '<li>'.&mt("$title{'failsafe'} deleted");
+                    $resulttext .= '<li>'.&mt('Failsafe for no drops if institutional data missing for a section: deleted');
                 }
                 &Apache::lonnet::get_domain_defaults($dom,1);
                 if (ref($lastactref) eq 'HASH') {
@@ -9624,7 +10386,7 @@ sub modify_autocreate {
         $newvals{$item} = 0 if ($newvals{$item} eq '');
     }
     $newvals{'xmldc'} = $env{'form.autocreate_xmldc'};
-    my %domcoords = &get_active_dcs($dom);
+    my %domcoords = &Apache::lonnet::get_active_domroles($dom,['dc']);
     unless (exists($domcoords{$newvals{'xmldc'}})) {
         $newvals{'xmldc'} = '';
     } 
@@ -9681,7 +10443,7 @@ sub modify_autocreate {
 }
 
 sub modify_directorysrch {
-    my ($dom,%domconfig) = @_;
+    my ($dom,$lastactref,%domconfig) = @_;
     my ($resulttext,%changes);
     my %currdirsrch;
     if (ref($domconfig{'directorysrch'}) eq 'HASH') {
@@ -9692,7 +10454,7 @@ sub modify_directorysrch {
     my %title = ( available => 'Institutional directory search available',
                   localonly => 'Other domains can search institution',
                   lcavailable => 'LON-CAPA directory search available',
-                  lclocalonly => 'Other domains can search LON-CAPA domain', 
+                  lclocalonly => 'Other domains can search LON-CAPA domain',
                   searchby => 'Search types',
                   searchtypes => 'Search latitude');
     my @offon = ('off','on');
@@ -9786,27 +10548,27 @@ sub modify_directorysrch {
             }
         }
         if (exists($currdirsrch{'lcavailable'})) {
-             if ($currdirsrch{'lcavailable'} ne $env{'form.dirsrch_domavailable'}) {
-                 $changes{'lcavailable'} = 1;
-             }
+            if ($currdirsrch{'lcavailable'} ne $env{'form.dirsrch_domavailable'}) {
+                $changes{'lcavailable'} = 1;
+            }
         } else {
             if ($env{'form.dirsrch_lcavailable'} eq '1') {
                 $changes{'lcavailable'} = 1;
             }
         }
         if (exists($currdirsrch{'localonly'})) {
-             if ($currdirsrch{'localonly'} ne $env{'form.dirsrch_instlocalonly'}) {
-                 $changes{'localonly'} = 1;
-             }
+            if ($currdirsrch{'localonly'} ne $env{'form.dirsrch_instlocalonly'}) {
+                $changes{'localonly'} = 1;
+            }
         } else {
             if ($env{'form.dirsrch_instlocalonly'} eq '1') {
                 $changes{'localonly'} = 1;
             }
         }
         if (exists($currdirsrch{'lclocalonly'})) {
-             if ($currdirsrch{'lclocalonly'} ne $env{'form.dirsrch_domlocalonly'}) {
-                 $changes{'lclocalonly'} = 1;
-             }
+            if ($currdirsrch{'lclocalonly'} ne $env{'form.dirsrch_domlocalonly'}) {
+                $changes{'lclocalonly'} = 1;
+            }
         } else {
             if ($env{'form.dirsrch_domlocalonly'} eq '1') {
                 $changes{'lclocalonly'} = 1;
@@ -9825,7 +10587,7 @@ sub modify_directorysrch {
             }
             if ($changes{'lclocalonly'}) {
                 $resulttext .= '<li>'.&mt("$title{'lclocalonly'} set to: $otherdoms[$env{'form.dirsrch_domlocalonly'}]").'</li>';
-            }   
+            }
             if (ref($changes{'cansearch'}) eq 'ARRAY') {
                 my $chgtext;
                 if (ref($usertypes) eq 'HASH') {
@@ -9875,6 +10637,10 @@ sub modify_directorysrch {
                 $resulttext .= '<li>'.&mt($title{'searchtypes'}.' set to: "[_1]"',$chgtext).'</li>';
             }
             $resulttext .= '</ul>';
+            &Apache::lonnet::do_cache_new('directorysrch',$dom,$dirsrch_hash{'directorysrch'},3600);
+            if (ref($lastactref) eq 'HASH') {
+                $lastactref->{'directorysrch'} = 1;
+            }
         } else {
             $resulttext = &mt('No changes made to directory search settings');
         }
@@ -9893,11 +10659,12 @@ sub modify_contacts {
             $currsetting{$key} = $domconfig{'contacts'}{$key};
         }
     }
-    my (%others,%to,%bcc);
+    my (%others,%to,%bcc,%includestr,%includeloc);
     my @contacts = ('supportemail','adminemail');
-    my @mailings = ('errormail','packagesmail','helpdeskmail','lonstatusmail',
-                    'requestsmail','updatesmail','idconflictsmail');
+    my @mailings = ('errormail','packagesmail','helpdeskmail','otherdomsmail',
+                    'lonstatusmail','requestsmail','updatesmail','idconflictsmail');
     my @toggles = ('reporterrors','reportupdates');
+    my ($fields,$fieldtitles,$fieldoptions,$possoptions) = &helpform_fields();
     foreach my $type (@mailings) {
         @{$newsetting{$type}} = 
             &Apache::loncommon::get_env_multiple('form.'.$type);
@@ -9907,12 +10674,17 @@ sub modify_contacts {
             } else {
                 $contacts_hash{contacts}{$type}{$item} = 0;
             }
-        }  
+        }
         $others{$type} = $env{'form.'.$type.'_others'};
         $contacts_hash{contacts}{$type}{'others'} = $others{$type};
-        if ($type eq 'helpdeskmail') {
+        if (($type eq 'helpdeskmail') || ($type eq 'otherdomsmail')) {
             $bcc{$type} = $env{'form.'.$type.'_bcc'};
             $contacts_hash{contacts}{$type}{'bcc'} = $bcc{$type};
+            if (($env{'form.'.$type.'_includestr'} ne '') && ($env{'form.'.$type.'_includeloc'} =~ /^s|b$/)) {
+                $includestr{$type} = $env{'form.'.$type.'_includestr'};
+                $includeloc{$type} = $env{'form.'.$type.'_includeloc'};
+                $contacts_hash{contacts}{$type}{'include'} = $includeloc{$type}.':'.&escape($includestr{$type});
+            }
         }
     }
     foreach my $item (@contacts) {
@@ -9924,6 +10696,23 @@ sub modify_contacts {
             $contacts_hash{'contacts'}{$item} = $env{'form.'.$item};
         }
     }
+    if ((ref($fields) eq 'ARRAY') && (ref($possoptions) eq 'HASH')) {
+        foreach my $field (@{$fields}) {
+            if (ref($possoptions->{$field}) eq 'ARRAY') {
+                my $value = $env{'form.helpform_'.$field};
+                $value =~ s/^\s+|\s+$//g;
+                if (grep(/^\Q$value\E$/,@{$possoptions->{$field}})) {
+                    $contacts_hash{contacts}{'helpform'}{$field} = $value;
+                    if ($field eq 'screenshot') {
+                        $env{'form.helpform_maxsize'} =~ s/^\s+|\s+$//g;
+                        if ($env{'form.helpform_maxsize'} =~ /^\d+\.?\d*$/) {
+                            $contacts_hash{contacts}{'helpform'}{'maxsize'} = $env{'form.helpform_maxsize'};
+                        }
+                    }
+                }
+            }
+        }
+    }
     if (keys(%currsetting) > 0) {
         foreach my $item (@contacts) {
             if ($to{$item} ne $currsetting{$item}) {
@@ -9943,10 +10732,39 @@ sub modify_contacts {
             if ($others{$type} ne $currsetting{$type}{'others'}) {
                 push(@{$changes{$type}},'others');
             }
-            if ($type eq 'helpdeskmail') {   
+            if (($type eq 'helpdeskmail') || ($type eq 'otherdomsmail')) {
                 if ($bcc{$type} ne $currsetting{$type}{'bcc'}) {
                     push(@{$changes{$type}},'bcc'); 
                 }
+                my ($currloc,$currstr) = split(/:/,$currsetting{$type}{'include'},2);
+                if (($includeloc{$type} ne $currloc) || (&escape($includestr{$type}) ne $currstr)) {
+                    push(@{$changes{$type}},'include');
+                }
+            }
+        }
+        if (ref($fields) eq 'ARRAY') {
+            if (ref($currsetting{'helpform'}) eq 'HASH') {
+                foreach my $field (@{$fields}) {
+                    if ($currsetting{'helpform'}{$field} ne $contacts_hash{'contacts'}{'helpform'}{$field}) {
+                        push(@{$changes{'helpform'}},$field);
+                    }
+                    if (($field eq 'screenshot') && ($contacts_hash{'contacts'}{'helpform'}{'screenshot'} ne 'no')) {
+                        if ($currsetting{'helpform'}{'maxsize'} ne $contacts_hash{'contacts'}{'helpform'}{'maxsize'}) {
+                            push(@{$changes{'helpform'}},'maxsize');
+                        }
+                    }
+                }
+            } else {
+                foreach my $field (@{$fields}) {
+                    if ($contacts_hash{'contacts'}{'helpform'}{$field} ne 'yes') {
+                        push(@{$changes{'helpform'}},$field);
+                    }
+                    if (($field eq 'screenshot') && ($contacts_hash{'contacts'}{'helpform'}{'screenshot'} ne 'no')) {
+                        if ($contacts_hash{'contacts'}{'helpform'}{'maxsize'} != 1) {
+                            push(@{$changes{'helpform'}},'maxsize');
+                        }
+                    }
+                }
             }
         }
     } else {
@@ -9956,26 +10774,41 @@ sub modify_contacts {
         $default{'errormail'} = 'adminemail';
         $default{'packagesmail'} = 'adminemail';
         $default{'helpdeskmail'} = 'supportemail';
+        $default{'otherdomsmail'} = 'supportemail';
         $default{'lonstatusmail'} = 'adminemail';
         $default{'requestsmail'} = 'adminemail';
         $default{'updatesmail'} = 'adminemail';
         foreach my $item (@contacts) {
            if ($to{$item} ne $default{$item}) {
-              $changes{$item} = 1;
+               $changes{$item} = 1;
            }
         }
         foreach my $type (@mailings) {
             if ((@{$newsetting{$type}} != 1) || ($newsetting{$type}[0] ne $default{$type})) {
-               
                 push(@{$changes{$type}},@{$newsetting{$type}});
             }
             if ($others{$type} ne '') {
                 push(@{$changes{$type}},'others');
             }
-            if ($type eq 'helpdeskmail') {
+            if (($type eq 'helpdeskmail') || ($type eq 'otherdomsmail')) {
                 if ($bcc{$type} ne '') {
                     push(@{$changes{$type}},'bcc');
                 }
+                if (($includeloc{$type} =~ /^b|s$/) && ($includestr{$type} ne '')) {
+                    push(@{$changes{$type}},'include');
+                }
+            }
+        }
+        if (ref($fields) eq 'ARRAY') {
+            foreach my $field (@{$fields}) {
+                if ($contacts_hash{'contacts'}{'helpform'}{$field} ne 'yes') {
+                    push(@{$changes{'helpform'}},$field);
+                }
+                if (($field eq 'screenshot') && ($contacts_hash{'contacts'}{'helpform'}{'screenshot'} ne 'no')) {
+                    if ($contacts_hash{'contacts'}{'helpform'}{'maxsize'} != 1) {
+                        push(@{$changes{'helpform'}},'maxsize');
+                    }
+                }
             }
         }
     }
@@ -10007,7 +10840,11 @@ sub modify_contacts {
             }
             foreach my $type (@mailings) {
                 if (ref($changes{$type}) eq 'ARRAY') {
-                    $resulttext .= '<li>'.$titles->{$type}.': ';
+                    if (($type eq 'helpdeskmail') || ($type eq 'otherdomsmail')) {
+                        $resulttext .= '<li>'.$titles->{$type}.' -- '.&mt('sent to').': ';
+                    } else {
+                        $resulttext .= '<li>'.$titles->{$type}.': ';
+                    }
                     my @text;
                     foreach my $item (@{$newsetting{$type}}) {
                         push(@text,$short_titles->{$item});
@@ -10015,12 +10852,31 @@ sub modify_contacts {
                     if ($others{$type} ne '') {
                         push(@text,$others{$type});
                     }
-                    $resulttext .= '<span class="LC_cusr_emph">'.
-                                   join(', ',@text).'</span>';
-                    if ($type eq 'helpdeskmail') {
+                    if (@text) {
+                        $resulttext .= '<span class="LC_cusr_emph">'.
+                                       join(', ',@text).'</span>';
+                    }
+                    if (($type eq 'helpdeskmail') || ($type eq 'otherdomsmail')) {
                         if ($bcc{$type} ne '') {
-                            $resulttext .= '&nbsp;'.&mt('with Bcc to').': <span class="LC_cusr_emph">'.$bcc{$type}.'</span>';
+                            my $bcctext;
+                            if (@text) {
+                                $bcctext = '&nbsp;'.&mt('with Bcc to');
+                            } else {
+                                $bcctext = '(Bcc)';
+                            }
+                            $resulttext .= $bcctext.': <span class="LC_cusr_emph">'.$bcc{$type}.'</span>';
+                        } elsif (!@text) {
+                            $resulttext .= &mt('No one');
+                        }   
+                        if ($includestr{$type} ne '') {
+                            if ($includeloc{$type} eq 'b') {
+                                $resulttext .= '<br />'.&mt('Text automatically added to e-mail body:').' '.$includestr{$type};
+                            } elsif ($includeloc{$type} eq 's') {
+                                $resulttext .= '<br />'.&mt('Text automatically added to e-mail subject:').' '.$includestr{$type};
+                            }
                         }
+                    } elsif (!@text) {
+                        $resulttext .= &mt('No recipients');
                     }
                     $resulttext .= '</li>';
                 }
@@ -10042,9 +10898,50 @@ sub modify_contacts {
                                         &mt('LON-CAPA core group - MSU'),600,500)).
                                 '</li>';
             }
+            if ((ref($changes{'helpform'}) eq 'ARRAY') && (ref($fields) eq 'ARRAY')) {
+                my (@optional,@required,@unused,$maxsizechg);
+                foreach my $field (@{$changes{'helpform'}}) {
+                    if ($field eq 'maxsize') {
+                        $maxsizechg = 1;
+                        next;
+                    }
+                    if ($contacts_hash{'contacts'}{'helpform'}{$field} eq 'yes') {
+                        push(@optional,$field);
+                    } elsif ($contacts_hash{'contacts'}{'helpform'}{$field} eq 'no') {
+                        push(@unused,$field);
+                    } elsif ($contacts_hash{'contacts'}{'helpform'}{$field} eq 'req') {
+                        push(@required,$field);
+                    }
+                }
+                if (@optional) {
+                    $resulttext .= '<li>'.
+                                   &mt('Help form fields changed to "Optional": [_1].',
+                                       '<span class="LC_cusr_emph">'.join(', ',map { $fieldtitles->{$_}; } @optional)).'</span>'.
+                                   '</li>';
+                }
+                if (@required) {
+                    $resulttext .= '<li>'.
+                                   &mt('Help form fields changed to "Required": [_1].',
+                                       '<span class="LC_cusr_emph">'.join(', ',map { $fieldtitles->{$_}; } @required)).'</span>'.
+                                   '</li>';
+                }
+                if (@unused) {
+                    $resulttext .= '<li>'.
+                                   &mt('Help form fields changed to "Not shown": [_1].',
+                                       '<span class="LC_cusr_emph">'.join(', ',map { $fieldtitles->{$_}; } @unused)).'</span>'.
+                                   '</li>';
+                }
+                if ($maxsizechg) {
+                    $resulttext .= '<li>'.
+                                   &mt('Max size for file uploaded to help form by logged-in user set to [_1] MB.',
+                                       $contacts_hash{'contacts'}{'helpform'}{'maxsize'}).
+                                   '</li>';
+
+                }
+            }
             $resulttext .= '</ul>';
         } else {
-            $resulttext = &mt('No changes made to contact information');
+            $resulttext = &mt('No changes made to contacts and form settings');
         }
     } else {
         $resulttext = '<span class="LC_error">'.
@@ -11069,7 +11966,8 @@ sub modify_defaults {
     my ($dom,$lastactref,%domconfig) = @_;
     my ($resulttext,$mailmsgtxt,%newvalues,%changes,@errors);
     my %domdefaults = &Apache::lonnet::get_domain_defaults($dom,1);
-    my @items = ('auth_def','auth_arg_def','lang_def','timezone_def','datelocale_def','portal_def');
+    my @items = ('auth_def','auth_arg_def','lang_def','timezone_def','datelocale_def',
+                 'portal_def','intauth_cost','intauth_check','intauth_switch');
     my @authtypes = ('internal','krb4','krb5','localauth');
     foreach my $item (@items) {
         $newvalues{$item} = $env{'form.'.$item};
@@ -11111,6 +12009,24 @@ sub modify_defaults {
                     push(@errors,$item);
                 }
             }
+        } elsif ($item eq 'intauth_cost') {
+            if ($newvalues{$item} ne '') {
+                if ($newvalues{$item} =~ /\D/) {
+                    push(@errors,$item);
+                }
+            }
+        } elsif ($item eq 'intauth_check') {
+            if ($newvalues{$item} ne '') {
+                unless ($newvalues{$item} =~ /^(0|1|2)$/) {
+                    push(@errors,$item);
+                }
+            }
+        } elsif ($item eq 'intauth_switch') {
+            if ($newvalues{$item} ne '') {
+                unless ($newvalues{$item} =~ /^(0|1|2)$/) {
+                    push(@errors,$item);
+                }
+            }
         }
         if (grep(/^\Q$item\E$/,@errors)) {
             $newvalues{$item} = $domdefaults{$item};
@@ -11265,6 +12181,28 @@ sub modify_defaults {
                                           localauth  => 'loc',
                         );
                         $value = $authnames{$shortauth{$value}};
+                    } elsif ($item eq 'intauth_switch') {
+                        my %optiondesc = &Apache::lonlocal::texthash (
+                                            0 => 'No',
+                                            1 => 'Yes',
+                                            2 => 'Yes, and copy existing passwd file to passwd.bak file',
+                                         );
+                        if ($value =~ /^(0|1|2)$/) {
+                            $value = $optiondesc{$value};
+                        } else {
+                            $value = &mt('none -- defaults to No');
+                        }
+                    } elsif ($item eq 'intauth_check') {
+                        my %optiondesc = &Apache::lonlocal::texthash (
+                                             0 => 'No',
+                                             1 => 'Yes, allow login then update passwd file using default cost (if higher)',
+                                             2 => 'Yes, disallow login if stored cost is less than domain default',
+                                         );
+                        if ($value =~ /^(0|1|2)$/) {
+                            $value = $optiondesc{$value};
+                        } else {
+                            $value = &mt('none -- defaults to No');
+                        }
                     }
                     $resulttext .= '<li>'.&mt('[_1] set to "[_2]"',$title->{$item},$value).'</li>';
                     $mailmsgtext .= "$title->{$item} set to $value\n";  
@@ -11810,15 +12748,18 @@ sub modify_serverstatuses {
 }
 
 sub modify_helpsettings {
-    my ($r,$dom,$confname,%domconfig) = @_;
+    my ($r,$dom,$confname,$lastactref,%domconfig) = @_;
     my ($resulttext,$errors,%changes,%helphash);
     my %defaultchecked = ('submitbugs' => 'on');
     my @offon = ('off','on');
     my @toggles = ('submitbugs');
-    my %current = ('submitbugs' => '');  
+    my %current = ('submitbugs' => '',
+                   'adhoc'      => {},
+                  );
     if (ref($domconfig{'helpsettings'}) eq 'HASH') {
         %current = %{$domconfig{'helpsettings'}};
     }
+    my %domdefaults = &Apache::lonnet::get_domain_defaults($dom,1);
     foreach my $item (@toggles) {
         if ($defaultchecked{$item} eq 'on') { 
             if ($current{$item} eq '') {
@@ -11841,57 +12782,205 @@ sub modify_helpsettings {
             $helphash{'helpsettings'}{$item} = $env{'form.'.$item};
         }
     }
-
-    my @modify = &Apache::loncommon::get_env_multiple('form.modifycusthelp');
+    my $maxnum = $env{'form.helproles_maxnum'};
     my $confname = $dom.'-domainconfig';
     my %existing=&Apache::lonnet::dump('roles',$dom,$confname,'rolesdef_');
-    if (@modify) {
-        foreach my $num (@modify) {
-            my $rolename = $env{'form.custhelprole'.$num};
-            if ($rolename ne '') {
-                if (exists($existing{'rolesdef_'.$rolename})) {
-                    my $prefix = 'custhelp'.$num;
-                    my %newprivs = &Apache::lonuserutils::custom_role_update($rolename,$prefix);
-                    my %currprivs;
-                    ($currprivs{'s'},$currprivs{'d'},$currprivs{'c'}) = 
-                        split(/\_/,$existing{'rolesdef_'.$rolename});
-                    foreach my $level ('c','d','s') {
-                        if ($newprivs{$level} ne $currprivs{$level}) {
-                            $changes{'customrole'}{$rolename} = 1;
-                            my $result = &Apache::lonnet::definerole($rolename,$newprivs{'s'},$newprivs{'d'},
-                                                                     $newprivs{'c'},$confname,$dom);
-                            last;
+    my (@allpos,%newsettings,%changedprivs,$newrole);
+    my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom);
+    my @accesstypes = ('all','dh','da','none','status','inc','exc');
+    my %domhelpdesk = &Apache::lonnet::get_active_domroles($dom,['dh','da']);
+    my %lt = &Apache::lonlocal::texthash(
+                    s      => 'system',
+                    d      => 'domain',
+                    order  => 'Display order',
+                    access => 'Role usage',
+                    all    => 'All with domain helpdesk or helpdesk assistant role',
+                    dh     => 'All with domain helpdesk role',
+                    da     => 'All with domain helpdesk assistant role',
+                    none   => 'None',
+                    status => 'Determined based on institutional status',
+                    inc    => 'Include all, but exclude specific personnel',
+                    exc    => 'Exclude all, but include specific personnel',
+    );
+    for (my $num=0; $num<=$maxnum; $num++) {
+        my ($prefix,$identifier,$rolename,%curr);
+        if ($num == $maxnum) {
+            next unless ($env{'form.newcusthelp'} == $maxnum);
+            $identifier = 'custhelp'.$num;
+            $prefix = 'helproles_'.$num;
+            $rolename = $env{'form.custhelpname'.$num};
+            $rolename=~s/[^A-Za-z0-9]//gs;
+            next if ($rolename eq '');
+            next if (exists($existing{'rolesdef_'.$rolename}));
+            my %newprivs = &Apache::lonuserutils::custom_role_update($rolename,$identifier);
+            my $result = &Apache::lonnet::definerole($rolename,$newprivs{'s'},$newprivs{'d'},
+                                                     $newprivs{'c'},$confname,$dom);
+            if ($result ne 'ok') {
+                $errors .= '<li><span class="LC_error">'.
+                           &mt('An error occurred storing the new custom role: [_1]',
+                           $result).'</span></li>';
+                next;
+            } else {
+                $changedprivs{$rolename} = \%newprivs;
+                $newrole = $rolename;
+            }
+        } else {
+            $prefix = 'helproles_'.$num;
+            $rolename = $env{'form.'.$prefix};
+            next if ($rolename eq '');
+            next unless (exists($existing{'rolesdef_'.$rolename}));
+            $identifier = 'custhelp'.$num;
+            my %newprivs = &Apache::lonuserutils::custom_role_update($rolename,$identifier);
+            my %currprivs;
+            ($currprivs{'s'},$currprivs{'d'},$currprivs{'c'}) =
+                split(/\_/,$existing{'rolesdef_'.$rolename});
+            foreach my $level ('c','d','s') {
+                if ($newprivs{$level} ne $currprivs{$level}) {
+                    my $result = &Apache::lonnet::definerole($rolename,$newprivs{'s'},$newprivs{'d'},
+                                                             $newprivs{'c'},$confname,$dom);
+                    if ($result ne 'ok') {
+                        $errors .= '<li><span class="LC_error">'.
+                                   &mt('An error occurred storing privileges for existing role [_1]: [_2]',
+                                       $rolename,$result).'</span></li>';
+                    } else {
+                        $changedprivs{$rolename} = \%newprivs;
+                    }
+                    last;
+                }
+            }
+            if (ref($current{'adhoc'}) eq 'HASH') {
+                if (ref($current{'adhoc'}{$rolename}) eq 'HASH') {
+                    %curr = %{$current{'adhoc'}{$rolename}};
+                }
+            }
+        }
+        my $newpos = $env{'form.'.$prefix.'_pos'};
+        $newpos =~ s/\D+//g;
+        $allpos[$newpos] = $rolename;
+        my $newdesc = $env{'form.'.$prefix.'_desc'};
+        $helphash{'helpsettings'}{'adhoc'}{$rolename}{'desc'} = $newdesc;
+        if ($curr{'desc'}) {
+            if ($curr{'desc'} ne $newdesc) {
+                $changes{'customrole'}{$rolename}{'desc'} = 1;
+                $newsettings{$rolename}{'desc'} = $newdesc;
+            }
+        } elsif ($newdesc ne '') {
+            $changes{'customrole'}{$rolename}{'desc'} = 1;
+            $newsettings{$rolename}{'desc'} = $newdesc;
+        }
+        my $access = $env{'form.'.$prefix.'_access'};
+        if (grep(/^\Q$access\E$/,@accesstypes)) {
+            $helphash{'helpsettings'}{'adhoc'}{$rolename}{'access'} = $access;
+            if ($access eq 'status') {
+                my @statuses = &Apache::loncommon::get_env_multiple('form.'.$prefix.'_status');
+                if (scalar(@statuses) == 0) {
+                    $helphash{'helpsettings'}{'adhoc'}{$rolename}{'access'} = 'none';
+                } else {
+                    my (@shownstatus,$numtypes);
+                    $helphash{'helpsettings'}{'adhoc'}{$rolename}{$access} = [];
+                    if (ref($types) eq 'ARRAY') {
+                        $numtypes = scalar(@{$types});
+                        foreach my $type (sort(@statuses)) {
+                            if ($type eq 'default') {
+                                push(@{$helphash{'helpsettings'}{'adhoc'}{$rolename}{$access}},$type);
+                            } elsif (grep(/^\Q$type\E$/,@{$types})) {
+                                push(@{$helphash{'helpsettings'}{'adhoc'}{$rolename}{$access}},$type);
+                                push(@shownstatus,$usertypes->{$type});
+                            }
+                        }
+                    }
+                    if (grep(/^default$/,@statuses)) {
+                        push(@shownstatus,$othertitle);
+                    }
+                    if (scalar(@shownstatus) == 1+$numtypes) {
+                        $helphash{'helpsettings'}{'adhoc'}{$rolename}{'access'} = 'all';
+                        delete($helphash{'helpsettings'}{'adhoc'}{$rolename}{'status'});
+                    } else {
+                        $newsettings{$rolename}{'status'} = join(' '.&mt('or').' ',@shownstatus);
+                        if (ref($curr{'status'}) eq 'ARRAY') {
+                            my @diffs = &Apache::loncommon::compare_arrays($helphash{'helpsettings'}{'adhoc'}{$rolename}{$access},$curr{$access});
+                            if (@diffs) {
+                                $changes{'customrole'}{$rolename}{$access} = 1;
+                            }
+                        } elsif (@{$helphash{'helpsettings'}{'adhoc'}{$rolename}{$access}}) {
+                            $changes{'customrole'}{$rolename}{$access} = 1;
                         }
                     }
                 }
+            } elsif (($access eq 'inc') || ($access eq 'exc')) {
+                my @personnel = &Apache::loncommon::get_env_multiple('form.'.$prefix.'_staff_'.$access);
+                my @newspecstaff;
+                $helphash{'helpsettings'}{'adhoc'}{$rolename}{$access} = [];
+                foreach my $person (sort(@personnel)) {
+                    if ($domhelpdesk{$person}) {
+                        push(@{$helphash{'helpsettings'}{'adhoc'}{$rolename}{$access}},$person);
+                    }
+                }
+                if (ref($curr{$access}) eq 'ARRAY') {
+                    my @diffs = &Apache::loncommon::compare_arrays($helphash{'helpsettings'}{'adhoc'}{$rolename}{$access},$curr{$access});
+                    if (@diffs) {
+                        $changes{'customrole'}{$rolename}{$access} = 1;
+                    }
+                } elsif (@{$helphash{'helpsettings'}{'adhoc'}{$rolename}{$access}}) {
+                    $changes{'customrole'}{$rolename}{$access} = 1;
+                }
+                foreach my $person (@{$helphash{'helpsettings'}{'adhoc'}{$rolename}{$access}}) {
+                    my ($uname,$udom) = split(/:/,$person);
+                        push(@newspecstaff,&Apache::loncommon::aboutmewrapper(&Apache::loncommon::plainname($uname,$udom,'lastname'),$uname,$udom));
+                }
+                $newsettings{$rolename}{$access} = join(', ',sort(@newspecstaff));
             }
+        } else {
+            $helphash{'helpsettings'}{'adhoc'}{$rolename}{'access'}= 'all';
+        }
+        unless ($curr{'access'} eq $access) {
+            $changes{'customrole'}{$rolename}{'access'} = 1;
+            $newsettings{$rolename}{'access'} = $lt{$helphash{'helpsettings'}{'adhoc'}{$rolename}{'access'}};
         }
     }
-    if ($env{'form.newcusthelp'} ne '') {
-        my $prefix = 'custhelp'.$env{'form.newcusthelp'};
-        my $rolename = $env{'form.newcusthelpname'};
-        $rolename=~s/[^A-Za-z0-9]//gs;
-        if ($rolename ne '') {
-            unless(exists($existing{'rolesdef_'.$rolename})) {
-                my %newprivs = &Apache::lonuserutils::custom_role_update($rolename,$prefix);
-                my $result = &Apache::lonnet::definerole($rolename,$newprivs{'s'},$newprivs{'d'},
-                                                         $newprivs{'c'},$confname,$dom);
-                if ($result eq 'ok') {
-                    $changes{'newcustomrole'} = $rolename;
-                } else {
-                    $errors .= '<li><span class="LC_error">'.
-                               &mt('An error occurred storing the new custom role: [_1]',
-                                   $result).'</span></li>';
+    if (@allpos > 0) {
+        my $idx = 0;
+        foreach my $rolename (@allpos) {
+            if ($rolename ne '') {
+                $helphash{'helpsettings'}{'adhoc'}{$rolename}{'order'} = $idx;
+                if (ref($current{'adhoc'}) eq 'HASH') {
+                    if (ref($current{'adhoc'}{$rolename}) eq 'HASH') {
+                        if ($current{'adhoc'}{$rolename}{'order'} ne $idx) {
+                            $changes{'customrole'}{$rolename}{'order'} = 1;
+                            $newsettings{$rolename}{'order'} = $idx+1;
+                        }
+                    }
                 }
+                $idx ++;
             }
         }
     }
-
     my $putresult;
     if (keys(%changes) > 0) {
         $putresult = &Apache::lonnet::put_dom('configuration',\%helphash,$dom);
         if ($putresult eq 'ok') {
-            $resulttext = &mt('Changes made:').'<ul>';
+            if (ref($helphash{'helpsettings'}) eq 'HASH') {
+                $domdefaults{'submitbugs'} = $helphash{'helpsettings'}{'submitbugs'};
+                if (ref($helphash{'helpsettings'}{'adhoc'}) eq 'HASH') {
+                    $domdefaults{'adhocroles'} = $helphash{'helpsettings'}{'adhoc'};
+                }
+            }
+            my $cachetime = 24*60*60;
+            &Apache::lonnet::do_cache_new('domdefaults',$dom,\%domdefaults,$cachetime);
+            if (ref($lastactref) eq 'HASH') {
+                $lastactref->{'domdefaults'} = 1;
+            }
+        } else {
+            $errors .= '<li><span class="LC_error">'.
+                       &mt('An error occurred storing the settings: [_1]',
+                           $putresult).'</span></li>';
+        }
+    }
+    if ((keys(%changes) && ($putresult eq 'ok')) || (keys(%changedprivs))) {
+        $resulttext = &mt('Changes made:').'<ul>';
+        my (%shownprivs,@levelorder);
+        @levelorder = ('c','d','s');
+        if ((keys(%changes)) && ($putresult eq 'ok')) {
             foreach my $item (sort(keys(%changes))) {
                 if ($item eq 'submitbugs') {
                     $resulttext .= '<li>'.&mt('Display link to: [_1] set to "'.$offon[$env{'form.'.$item}].'".',
@@ -11899,27 +12988,86 @@ sub modify_helpsettings {
                                               &mt('LON-CAPA bug tracker'),600,500)).'</li>';
                 } elsif ($item eq 'customrole') {
                     if (ref($changes{'customrole'}) eq 'HASH') {
+                        my @keyorder = ('order','desc','access','status','exc','inc');
+                        my %keytext = &Apache::lonlocal::texthash(
+                                                                   order  => 'Order',
+                                                                   desc   => 'Role description',
+                                                                   access => 'Role usage',
+                                                                   status => 'Allowed institutional types',
+                                                                   exc    => 'Allowed personnel',
+                                                                   inc    => 'Disallowed personnel',
+                        );
                         foreach my $role (sort(keys(%{$changes{'customrole'}}))) {
-                            $resulttext .= '<li>'.&mt('Existing custom role modified: [_1]',
-                                                     $role).'</li>';
+                            if (ref($changes{'customrole'}{$role}) eq 'HASH') {
+                                if ($role eq $newrole) {
+                                    $resulttext .= '<li>'.&mt('New custom role added: [_1]',
+                                                              $role).'<ul>';
+                                } else {
+                                    $resulttext .= '<li>'.&mt('Existing custom role modified: [_1]',
+                                                              $role).'<ul>';
+                                }
+                                foreach my $key (@keyorder) {
+                                    if ($changes{'customrole'}{$role}{$key}) {
+                                        $resulttext .= '<li>'.&mt("[_1] set to: [_2]",
+                                                                  $keytext{$key},$newsettings{$role}{$key}).
+                                                       '</li>';
+                                    }
+                                }
+                                if (ref($changedprivs{$role}) eq 'HASH') {
+                                    $shownprivs{$role} = 1;
+                                    $resulttext .= '<li>'.&mt('Privileges set to :').'<ul>';
+                                    foreach my $level (@levelorder) {
+                                        foreach my $item (split(/\:/,$changedprivs{$role}{$level})) {
+                                            next if ($item eq '');
+                                            my ($priv) = split(/\&/,$item,2);
+                                            if (&Apache::lonnet::plaintext($priv)) {
+                                                $resulttext .= '<li>'.&Apache::lonnet::plaintext($priv);
+                                                unless ($level eq 'c') {
+                                                    $resulttext .= ' ('.$lt{$level}.')';
+                                                }
+                                                $resulttext .= '</li>';
+                                            }
+                                        }
+                                    }
+                                    $resulttext .= '</ul>';
+                                }
+                                $resulttext .= '</ul></li>';
+                            }
                         }
                     }
-                } elsif ($item eq 'newcustomrole') {
-                    $resulttext .= '<li>'.&mt('New custom role added: [_1]',
-                                              $changes{'newcustomrole'}).'</li>';
                 }
             }
-            $resulttext .= '</ul>';
-        } else {
-            $resulttext = &mt('No changes made to help settings');
-            $errors .= '<li><span class="LC_error">'.
-                       &mt('An error occurred storing the settings: [_1]',
-                           $putresult).'</span></li>';
         }
+        if (keys(%changedprivs)) {
+            foreach my $role (sort(keys(%changedprivs))) {
+                unless ($shownprivs{$role}) {
+                    $resulttext .= '<li>'.&mt('Existing custom role modified: [_1]',
+                                              $role).'<ul>'.
+                                   '<li>'.&mt('Privileges set to :').'<ul>';
+                    foreach my $level (@levelorder) {
+                        foreach my $item (split(/\:/,$changedprivs{$role}{$level})) {
+                            next if ($item eq '');
+                            my ($priv) = split(/\&/,$item,2);
+                            if (&Apache::lonnet::plaintext($priv)) {
+                                $resulttext .= '<li>'.&Apache::lonnet::plaintext($priv);
+                                unless ($level eq 'c') {
+                                    $resulttext .= ' ('.$lt{$level}.')';
+                                }
+                                $resulttext .= '</li>';
+                            }
+                        }
+                    }
+                    $resulttext .= '</ul></li></ul></li>';
+                }
+            }
+        }
+        $resulttext .= '</ul>';
+    } else {
+        $resulttext = &mt('No changes made to help settings');
     }
     if ($errors) {
         $resulttext .= '<br />'.&mt('The following errors occurred: ').'<ul>'.
-                       $errors.'</ul>';
+                                    $errors.'</ul>';
     }
     return $resulttext;
 }
@@ -11997,7 +13145,7 @@ sub modify_coursedefaults {
                         $changes{$item} = 1;
                     }
                 } elsif ($item =~ /^(uploadquota|mysqltables)_/) {
-                    my $setting = $1; 
+                    my $setting = $1;
                     unless (($currdef eq '') && ($newdef == $staticdefaults{$setting})) {
                         $changes{$setting} = 1;
                     }
@@ -12012,7 +13160,7 @@ sub modify_coursedefaults {
             }
         }
         my $newclone;
-        if ($env{'form.canclone'} =~ /^(none|domain|instcode)$/) { 
+        if ($env{'form.canclone'} =~ /^(none|domain|instcode)$/) {
             $newclone = $env{'form.canclone'};
         }
         if ($newclone eq 'instcode') {
@@ -12035,8 +13183,8 @@ sub modify_coursedefaults {
                 $newclone eq '';
             }
         } elsif ($newclone ne '') {
-            $defaultshash{'coursedefaults'}{'canclone'} = $newclone; 
-        } 
+            $defaultshash{'coursedefaults'}{'canclone'} = $newclone;
+        }
         if ($newclone ne $currclone) {
             $changes{'canclone'} = 1;
         }
@@ -12054,10 +13202,10 @@ sub modify_coursedefaults {
                 $defaultshash{'coursedefaults'}{'coursecredits'}{$type} = $credits{$type};
             }
         } else {
-            if ($env{'form.coursecredits'} eq '1') { 
+            if ($env{'form.coursecredits'} eq '1') {
                 foreach my $type (@types) {
                     unless ($type eq 'community') {
-                        if ($domconfig{'coursedefaults'}{'coursecredits'}{$type} ne $credits{$type}) {        
+                        if ($domconfig{'coursedefaults'}{'coursecredits'}{$type} ne $credits{$type}) {
                             $changes{'coursecredits'} = 1;
                         }
                         $defaultshash{'coursedefaults'}{'coursecredits'}{$type} = $credits{$type};
@@ -12100,7 +13248,7 @@ sub modify_coursedefaults {
                 }
                 if (exists($currtimeout{$type})) {
                     if ($timeout ne $currtimeout{$type}) {
-                        $changes{'postsubmit'} = 1; 
+                        $changes{'postsubmit'} = 1;
                     }
                 } elsif ($timeout ne '') {
                     $changes{'postsubmit'} = 1;
@@ -12129,7 +13277,7 @@ sub modify_coursedefaults {
                     if ($changes{$item}) {
                         $domdefaults{$item}=$defaultshash{'coursedefaults'}{$item};
                     }
-                } 
+                }
                 if ($changes{'coursecredits'}) {
                     if (ref($defaultshash{'coursedefaults'}{'coursecredits'}) eq 'HASH') {
                         foreach my $type (keys(%{$defaultshash{'coursedefaults'}{'coursecredits'}})) {
@@ -12192,7 +13340,7 @@ sub modify_coursedefaults {
                     if ($env{'form.'.$item} eq '1') {
                         $resulttext .= '<li>'.&mt('Molecule editor uses JSME (HTML5), if supported by browser.').'</li>';
                     } else {
-                        $resulttext .= '<li>'.&mt('Molecule editor uses JME (Java), if supported by client OS.').'</li>'; 
+                        $resulttext .= '<li>'.&mt('Molecule editor uses JME (Java), if supported by client OS.').'</li>';
                     }
                 } elsif ($item eq 'anonsurvey_threshold') {
                     $resulttext .= '<li>'.&mt('Responder count required for display of anonymous survey submissions set to [_1].',$defaultshash{'coursedefaults'}{'anonsurvey_threshold'}).'</li>';
@@ -12227,7 +13375,7 @@ sub modify_coursedefaults {
                         $resulttext .= '<li>'.&mt('Submit button(s) remain enabled on page after student makes submission.');
                     } else {
                         $resulttext .= '<li>'.&mt('Submit button(s) disabled on page after student makes submission').'; ';
-                        if (ref($defaultshash{'coursedefaults'}{'postsubmit'}) eq 'HASH') { 
+                        if (ref($defaultshash{'coursedefaults'}{'postsubmit'}) eq 'HASH') {
                             $resulttext .= &mt('durations:').'<ul>';
                             foreach my $type (@types) {
                                 $resulttext .= '<li>';
@@ -12258,7 +13406,7 @@ sub modify_coursedefaults {
                             }
                             $resulttext .= '</ul>';
                         }
-                        $resulttext .= '</li>';    
+                        $resulttext .= '</li>';
                     }
                 } elsif ($item eq 'coursecredits') {
                     if (ref($defaultshash{'coursedefaults'}{'coursecredits'}) eq 'HASH') {
@@ -12286,7 +13434,7 @@ sub modify_coursedefaults {
                     } elsif ($defaultshash{'coursedefaults'}{'canclone'} eq 'domain') {
                         $resulttext .= '<li>'.&mt('By default, a course requester can clone any course from his/her domain.').'</li>';
                     } else {
-                        $resulttext .= '<li>'.&mt('By default, only course owner and coordinators may clone a course.').'</li>'; 
+                        $resulttext .= '<li>'.&mt('By default, only course owner and coordinators may clone a course.').'</li>';
                     }
                 }
             }
@@ -12741,7 +13889,7 @@ sub modify_usersessions {
                 }
             }
             unless ($changes{'offloadnow'}) {
-                foreach my $lonhost (keys(%{$defaultshash{'usersessions'}{'offloadnow'}})) { 
+                foreach my $lonhost (keys(%{$defaultshash{'usersessions'}{'offloadnow'}})) {
                     unless ($domconfig{'usersessions'}{'offloadnow'}{$lonhost}) {
                         $changes{'offloadnow'} = 1;
                         last;
@@ -12772,8 +13920,10 @@ sub modify_usersessions {
             }
             my $cachetime = 24*60*60;
             &Apache::lonnet::do_cache_new('domdefaults',$dom,\%domdefaults,$cachetime);
+            &Apache::lonnet::do_cache_new('usersessions',$dom,$defaultshash{'usersessions'},3600);
             if (ref($lastactref) eq 'HASH') {
                 $lastactref->{'domdefaults'} = 1;
+                $lastactref->{'usersessions'} = 1;
             }
             if (keys(%changes) > 0) {
                 my %lt = &usersession_titles();
@@ -12874,7 +14024,7 @@ sub modify_ssl {
     my %servers = &Apache::lonnet::internet_dom_servers($dom);
     my (%defaultshash,%changes);
     my $action = 'ssl';
-    my @prefixes = ('connect','replication');
+    my @prefixes = ('connto','connfrom','replication');
     foreach my $prefix (@prefixes) {
         $defaultshash{$action}{$prefix} = {};
     }
@@ -12884,12 +14034,13 @@ sub modify_ssl {
     my @reptypes = ('certreq','nocertreq');
     my @connecttypes = ('dom','intdom','other');
     my %types = (
-                  connect      => \@connecttypes,
-                  replication  => \@reptypes,
+                  connto      => \@connecttypes,
+                  connfrom    => \@connecttypes,
+                  replication => \@reptypes,
                 );
     foreach my $prefix (sort(keys(%types))) {
         foreach my $type (@{$types{$prefix}}) {
-            if ($prefix eq 'connect') {
+            if (($prefix eq 'connto') || ($prefix eq 'connfrom')) {
                 my $value = 'yes';
                 if ($env{'form.'.$prefix.'_'.$type} =~ /^(no|req)$/) {
                     $value = $env{'form.'.$prefix.'_'.$type};
@@ -12978,8 +14129,11 @@ sub modify_ssl {
                 if (ref($defaultshash{$action}{'replication'}) eq 'HASH') {
                     $domdefaults{'replication'} = $defaultshash{$action}{'replication'};
                 }
-                if (ref($defaultshash{$action}{'connect'}) eq 'HASH') {
-                    $domdefaults{'connect'} = $domconfig{$action}{'connect'};
+                if (ref($defaultshash{$action}{'connto'}) eq 'HASH') {
+                    $domdefaults{'connto'} = $domconfig{$action}{'connto'};
+                }
+                if (ref($defaultshash{$action}{'connfrom'}) eq 'HASH') {
+                    $domdefaults{'connfrom'} = $domconfig{$action}{'connfrom'};
                 }
             }
             my $cachetime = 24*60*60;
@@ -12998,7 +14152,7 @@ sub modify_ssl {
                                 my $newvalue;
                                 if (ref($defaultshash{$action}) eq 'HASH') {
                                     if (ref($defaultshash{$action}{$prefix})) {
-                                        if ($prefix eq 'connect') {
+                                        if (($prefix eq 'connto') || ($prefix eq 'connfrom')) {
                                             $newvalue = $titles{$defaultshash{$action}{$prefix}{$type}};
                                         } elsif (ref($defaultshash{$action}{$prefix}{$type}) eq 'ARRAY') {
                                             if (@{$defaultshash{$action}{$prefix}{$type}} > 0) {
@@ -13259,7 +14413,7 @@ sub modify_loadbalancing {
                 }
                 if ($rule eq 'specific') {
                     my $specifiedhost = $env{'form.loadbalancing_singleserver_'.$i.'_'.$type};
-                    if (exists($servers{$specifiedhost})) { 
+                    if (exists($servers{$specifiedhost})) {
                         $rule = $specifiedhost;
                     }
                 }
@@ -13335,7 +14489,7 @@ sub modify_loadbalancing {
                                         if ($rule eq '') {
                                             $balancetext =  $ruletitles{'default'};
                                         } elsif (($rule eq 'homeserver') || ($rule eq 'externalbalancer') ||
-                                                 ($type eq '_LC_ipchange') || ($type eq '_LC_ipchangesso')) { 
+                                                 ($type eq '_LC_ipchange') || ($type eq '_LC_ipchangesso')) {
                                             if (($type eq '_LC_ipchange') || ($type eq '_LC_ipchangesso')) {
                                                 foreach my $sparetype (@sparestypes) {
                                                     if (ref($defaultshash{'loadbalancing'}{$balancer}{'targets'}{$sparetype}) eq 'ARRAY') {
@@ -13454,24 +14608,9 @@ sub recurse_cat_deletes {
     return;
 }
 
-sub get_active_dcs {
-    my ($dom) = @_;
-    my $now = time;
-    my %dompersonnel = &Apache::lonnet::get_domain_roles($dom,['dc'],$now,$now);
-    my %domcoords;
-    my $numdcs = 0;
-    foreach my $server (keys(%dompersonnel)) {
-        foreach my $user (sort(keys(%{$dompersonnel{$server}}))) {
-            my ($trole,$uname,$udom,$runame,$rudom,$rsec) = split(/:/,$user);
-            $domcoords{$uname.':'.$udom} = $dompersonnel{$server}{$user};
-        }
-    }
-    return %domcoords;
-}
-
 sub active_dc_picker {
     my ($dom,$numinrow,$inputtype,$name,%currhash) = @_;
-    my %domcoords = &get_active_dcs($dom);
+    my %domcoords = &Apache::lonnet::get_active_domroles($dom,['dc']);
     my @domcoord = keys(%domcoords);
     if (keys(%currhash)) {
         foreach my $dc (keys(%currhash)) {
@@ -14077,7 +15216,7 @@ function updateCaptcha(caller,context) {
             privtext.innerHTML = "$lt{'priv'}";
             versionitem.type = 'text';
             versionitem.size = '3';
-            versiontext.innerHTML = "$lt{'ver'}"; 
+            versiontext.innerHTML = "$lt{'ver'}";
         } else {
             pubitem.type = 'hidden';
             privitem.type = 'hidden';
@@ -14150,7 +15289,7 @@ sub captcha_phrases {
                  original  => 'original (CAPTCHA)',
                  recaptcha => 'successor (ReCAPTCHA)',
                  notused   => 'unused',
-                 ver => 'ReCAPTCHA version (1 or 2)', 
+                 ver => 'ReCAPTCHA version (1 or 2)',
     );
 }
 
@@ -14160,7 +15299,7 @@ sub devalidate_remote_domconfs {
     my %servers = &Apache::lonnet::internet_dom_servers($dom);
     my %thismachine;
     map { $thismachine{$_} = 1; } &Apache::lonnet::current_machine_ids();
-    my @posscached = ('domainconfig','domdefaults','ltitools');
+    my @posscached = ('domainconfig','domdefaults','ltitools','usersessions','directorysrch');
     if (keys(%servers)) {
         foreach my $server (keys(%servers)) {
             next if ($thismachine{$server});