changed mail attribute "mail" to "proxyAddresses" in case of AD

This commit is contained in:
SJ 2013-12-23 11:27:36 +01:00
parent 1cb85a3803
commit 4c1b895677
3 changed files with 23 additions and 8 deletions

View File

@ -68,18 +68,21 @@ $config['LDAP_BASE_DN'] = '';
$config['LDAP_ACCOUNT_OBJECTCLASS'] = 'user';
$config['LDAP_DISTRIBUTIONLIST_OBJECTCLASS'] = 'group';
$config['LDAP_DISTRIBUTIONLIST_ATTR'] = 'member';
$config['LDAP_MAIL_ATTR'] = 'proxyAddresses';
// zimbra specific settings
//$config['LDAP_HELPER_DN'] = 'uid=zimbra,cn=admins,cn=zimbra';
//$config['LDAP_ACCOUNT_OBJECTCLASS'] = 'zimbraAccount';
//$config['LDAP_DISTRIBUTIONLIST_OBJECTCLASS'] = 'zimbraDistributionList';
//$config['LDAP_DISTRIBUTIONLIST_ATTR'] = 'zimbraMailForwardingAddress';
//$config['LDAP_MAIL_ATTR'] = 'mail';
// Lotus Notes specific settings for ldap authentication
//
//$config['LDAP_ACCOUNT_OBJECTCLASS'] = 'dominoPerson';
//$config['LDAP_DISTRIBUTIONLIST_OBJECTCLASS'] = 'dominoGroup');
//$config['LDAP_DISTRIBUTIONLIST_ATTR'] = 'mail';
//$config['LDAP_MAIL_ATTR'] = 'mail';
// iredmail specific settings
//$config['LDAP_HELPER_DN'] = 'cn=vmailadmin,dc=yourdomain,dc=com';
@ -87,6 +90,7 @@ $config['LDAP_DISTRIBUTIONLIST_ATTR'] = 'member';
//$config['LDAP_BASE_DN'] = 'o=domains,dc=yourdomain,dc=com';
//$config['LDAP_DISTRIBUTIONLIST_OBJECTCLASS'] = 'mailList';
//$config['LDAP_DISTRIBUTIONLIST_ATTR'] = 'memberOfGroup';
//$config['LDAP_MAIL_ATTR'] = 'mail';

View File

@ -79,6 +79,7 @@ class ModelUserAuth extends Model {
$ldap_admin_member_dn = LDAP_ADMIN_MEMBER_DN;
$role = 0;
$username_prefix = '';
if(ENABLE_SAAS == 1) {
$a = $this->model_saas_ldap->get_ldap_params_by_email($username);
@ -95,13 +96,15 @@ class ModelUserAuth extends Model {
list($ldap_mail_attr, $ldap_account_objectclass, $ldap_distributionlist_attr, $ldap_distributionlist_objectclass) = get_ldap_attribute_names($ldap_type);
if($ldap_mail_attr == 'proxyAddresses') { $username_prefix = 'smtp:'; }
if($ldap_host == '' || $ldap_helper_password == '') { return 0; }
$ldap = new LDAP($ldap_host, $ldap_helper_dn, $ldap_helper_password);
if($ldap->is_bind_ok()) {
$query = $ldap->query($ldap_base_dn, "(&(objectClass=$ldap_account_objectclass)($ldap_mail_attr=$username))", array());
$query = $ldap->query($ldap_base_dn, "(&(objectClass=$ldap_account_objectclass)($ldap_mail_attr=$username_prefix$username))", array());
if(isset($query->row['dn']) && $query->row['dn']) {
$a = $query->row;
@ -112,7 +115,7 @@ class ModelUserAuth extends Model {
if($ldap_auth->is_bind_ok()) {
$query = $ldap->query($ldap_base_dn, "(|(&(objectClass=$ldap_account_objectclass)($ldap_mail_attr=$username))(&(objectClass=$ldap_distributionlist_objectclass)($ldap_distributionlist_attr=$username)" . ")(&(objectClass=$ldap_distributionlist_objectclass)($ldap_distributionlist_attr=" . stripslashes($a['dn']) . ")))", array());
$query = $ldap->query($ldap_base_dn, "(|(&(objectClass=$ldap_account_objectclass)($ldap_mail_attr=$username_prefix$username))(&(objectClass=$ldap_distributionlist_objectclass)($ldap_distributionlist_attr=$username_prefix$username)" . ")(&(objectClass=$ldap_distributionlist_objectclass)($ldap_distributionlist_attr=" . stripslashes($a['dn']) . ")))", array());
if($this->check_ldap_membership($ldap_auditor_member_dn, $query->rows) == 1) { $role = 2; }
if($this->check_ldap_membership($ldap_admin_member_dn, $query->rows) == 1) { $role = 1; }
@ -174,15 +177,23 @@ class ModelUserAuth extends Model {
if(is_array($a[$mailattr])) {
for($i = 0; $i < $a[$mailattr]['count']; $i++) {
if(preg_match("/^smtp\:/i", $a[$mailattr][$i]) || strchr($a[$mailattr][$i], '@') ) {
$email = strtolower(preg_replace("/^smtp\:/i", "", $a[$mailattr][$i]));
if(!in_array($email, $data) && strchr($email, '@') && substr($email, 0, 4) != 'sip:' && substr($email, 0, 4) != 'eum:') { array_push($data, $email); }
$a[$mailattr][$i] = strtolower($a[$mailattr][$i]);
if(strchr($a[$mailattr][$i], '@')) {
if(preg_match("/^([\w]+)\:/i", $a[$mailattr][$i], $p)) {
if(isset($p[0]) && $p[0] != "smtp:") { continue; }
}
$email = preg_replace("/^([\w]+)\:/i", "", $a[$mailattr][$i]);
if(validemail($email) && !in_array($email, $data)) { array_push($data, $email); }
}
}
}
else {
$email = strtolower(preg_replace("/^smtp\:/i", "", $a[$mailattr]));
if(!in_array($email, $data) && strchr($email, '@') && substr($email, 0, 4) != 'sip:' && substr($email, 0, 4) != 'eum:') { array_push($data, $email); }
$email = strtolower(preg_replace("/^([\w]+)\:/i", "", $a[$mailattr]));
if(validemail($email) && !in_array($email, $data)) { array_push($data, $email); }
}
}
}

View File

@ -504,7 +504,7 @@ function get_ldap_attribute_names($ldap_type = '') {
switch ($ldap_type) {
case 'AD':
$ldap_mail_attr = 'mail';
$ldap_mail_attr = 'proxyAddresses';
$ldap_account_objectclass = 'user';
$ldap_distributionlist_attr = 'member';
$ldap_distributionlist_objectclass = 'group';