bashclub/piler
1
0
Fork 0
mirror of https://bitbucket.org/jsuto/piler.git synced 2024-11-07 22:31:59 +01:00
Code Issues Packages Projects Releases Wiki Activity

fixed gui auth against AD to include list membership info

Browse Source
This commit is contained in:
SJ 2013-04-17 11:32:05 +02:00
parent ebbbb77fb6
commit a198aa11e8
3 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
webui/config.php
View File

@ -44,6 +44,13 @@ $config['LDAP_BASE_DN'] = '';
$config['LDAP_DISTRIBUTIONLIST_OBJECTCLASS'] = 'zimbraDistributionList';
$config['LDAP_DISTRIBUTIONLIST_ATTR'] = 'zimbraMailForwardingAddress';
// AD specific settings
//
//$config['LDAP_ACCOUNT_OBJECTCLASS'] = 'user';
//$config['LDAP_DISTRIBUTIONLIST_OBJECTCLASS'] = 'group';
//$config['LDAP_DISTRIBUTIONLIST_ATTR'] = 'member';
// Lotus Notes specific settings for ldap authentication
//
//$config['LDAP_ACCOUNT_OBJECTCLASS'] = 'dominoPerson';

6
webui/model/user/auth.php
View File

@ -66,7 +66,8 @@ class ModelUserAuth extends Model {
$ldap = new LDAP(LDAP_HOST, LDAP_HELPER_DN, LDAP_HELPER_PASSWORD);
if($ldap->is_bind_ok()) {
$query = $ldap->query(LDAP_BASE_DN, "(|(&(objectClass=" . LDAP_ACCOUNT_OBJECTCLASS . ")(" . LDAP_MAIL_ATTR . "=$username))(&(objectClass=" . LDAP_DISTRIBUTIONLIST_OBJECTCLASS . ")(" . LDAP_DISTRIBUTIONLIST_ATTR . "=$username)" . "))", array());
$query = $ldap->query(LDAP_BASE_DN, "(&(objectClass=" . LDAP_ACCOUNT_OBJECTCLASS . ")(" . LDAP_MAIL_ATTR . "=$username))", array());
if(isset($query->row)) {
$a = $query->row;
@ -76,6 +77,9 @@ class ModelUserAuth extends Model {
if(ENABLE_SYSLOG == 1) { syslog(LOG_INFO, "ldap auth against '" . LDAP_HOST . "', dn: '" . $a['dn'] . "', result: " . $ldap_auth->is_bind_ok()); }
if($ldap_auth->is_bind_ok()) {
$query = $ldap->query(LDAP_BASE_DN, "(|(&(objectClass=" . LDAP_ACCOUNT_OBJECTCLASS . ")(" . LDAP_MAIL_ATTR . "=$username))(&(objectClass=" . LDAP_DISTRIBUTIONLIST_OBJECTCLASS . ")(" . LDAP_DISTRIBUTIONLIST_ATTR . "=$username)" . ")(&(objectClass=" . LDAP_DISTRIBUTIONLIST_OBJECTCLASS . ")(" . LDAP_DISTRIBUTIONLIST_ATTR . "=" . $a['dn'] . ")))", array());
$emails = $this->get_email_array_from_ldap_attr($query->rows);
$this->add_session_vars($a['cn'], $username, $emails);

1
webui/system/database/ldap.php
View File

@ -57,6 +57,7 @@ class LDAP {
$query = new stdClass();
$query->filter = $filter;
$query->row = isset($data[0]) ? $data[0] : array();
$query->dn = isset($results[0]['dn']) ? $results[0]['dn'] : "";
$query->rows = $data;