|
Support Incident Tracker GIT4.x
|
|
Support Incident Tracker GIT4.x
|
Go to the source code of this file.
| enum LDAP_AD_ADDRESS1 |
Definition at line 80 of file ldap.inc.php.
| enum LDAP_AD_CITY |
Definition at line 81 of file ldap.inc.php.
| enum LDAP_AD_COUNTY |
Definition at line 82 of file ldap.inc.php.
Definition at line 84 of file ldap.inc.php.
| enum LDAP_AD_DESCRIPTION |
Definition at line 72 of file ldap.inc.php.
| enum LDAP_AD_EMAIL |
Definition at line 68 of file ldap.inc.php.
| enum LDAP_AD_FAX |
Definition at line 71 of file ldap.inc.php.
| enum LDAP_AD_FORENAMES |
Definition at line 65 of file ldap.inc.php.
Definition at line 79 of file ldap.inc.php.
Definition at line 78 of file ldap.inc.php.
| enum LDAP_AD_GRPFULLDN |
Definition at line 74 of file ldap.inc.php.
Definition at line 77 of file ldap.inc.php.
| enum LDAP_AD_GRPONUSER |
Definition at line 73 of file ldap.inc.php.
| enum LDAP_AD_JOBTITLE |
Definition at line 67 of file ldap.inc.php.
Definition at line 85 of file ldap.inc.php.
Definition at line 86 of file ldap.inc.php.
| enum LDAP_AD_MOBILE |
Definition at line 69 of file ldap.inc.php.
| enum LDAP_AD_POSTCODE |
Definition at line 83 of file ldap.inc.php.
| enum LDAP_AD_REALNAME |
Definition at line 66 of file ldap.inc.php.
| enum LDAP_AD_SURNAME |
Definition at line 64 of file ldap.inc.php.
| enum LDAP_AD_TELEPHONE |
Definition at line 70 of file ldap.inc.php.
Definition at line 75 of file ldap.inc.php.
Definition at line 76 of file ldap.inc.php.
Definition at line 33 of file ldap.inc.php.
| enum LDAP_BASE_INCORRECT |
Definition at line 32 of file ldap.inc.php.
| enum LDAP_CORRECT |
Definition at line 37 of file ldap.inc.php.
Definition at line 36 of file ldap.inc.php.
| enum LDAP_EDIR_ADDRESS1 |
Definition at line 56 of file ldap.inc.php.
| enum LDAP_EDIR_CITY |
Definition at line 57 of file ldap.inc.php.
| enum LDAP_EDIR_COUNTY |
Definition at line 58 of file ldap.inc.php.
Definition at line 60 of file ldap.inc.php.
Definition at line 48 of file ldap.inc.php.
| enum LDAP_EDIR_EMAIL |
Definition at line 44 of file ldap.inc.php.
| enum LDAP_EDIR_FAX |
Definition at line 47 of file ldap.inc.php.
| enum LDAP_EDIR_FORENAMES |
Definition at line 41 of file ldap.inc.php.
Definition at line 55 of file ldap.inc.php.
Definition at line 54 of file ldap.inc.php.
| enum LDAP_EDIR_GRPFULLDN |
Definition at line 50 of file ldap.inc.php.
Definition at line 53 of file ldap.inc.php.
| enum LDAP_EDIR_GRPONUSER |
Definition at line 49 of file ldap.inc.php.
| enum LDAP_EDIR_JOBTITLE |
Definition at line 43 of file ldap.inc.php.
Definition at line 61 of file ldap.inc.php.
Definition at line 62 of file ldap.inc.php.
| enum LDAP_EDIR_MOBILE |
Definition at line 45 of file ldap.inc.php.
| enum LDAP_EDIR_POSTCODE |
Definition at line 59 of file ldap.inc.php.
| enum LDAP_EDIR_REALNAME |
Definition at line 42 of file ldap.inc.php.
| enum LDAP_EDIR_SURNAME |
Definition at line 40 of file ldap.inc.php.
| enum LDAP_EDIR_TELEPHONE |
Definition at line 46 of file ldap.inc.php.
Definition at line 51 of file ldap.inc.php.
Definition at line 52 of file ldap.inc.php.
| enum LDAP_INVALID_USER |
Definition at line 24 of file ldap.inc.php.
Definition at line 34 of file ldap.inc.php.
Definition at line 105 of file ldap.inc.php.
| enum LDAP_OPENLDAP_CITY |
Definition at line 106 of file ldap.inc.php.
| enum LDAP_OPENLDAP_COUNTY |
Definition at line 107 of file ldap.inc.php.
Definition at line 109 of file ldap.inc.php.
Definition at line 97 of file ldap.inc.php.
| enum LDAP_OPENLDAP_FAX |
Definition at line 96 of file ldap.inc.php.
Definition at line 90 of file ldap.inc.php.
Definition at line 104 of file ldap.inc.php.
Definition at line 99 of file ldap.inc.php.
Definition at line 102 of file ldap.inc.php.
Definition at line 98 of file ldap.inc.php.
Definition at line 92 of file ldap.inc.php.
| enum LDAP_OPENLDAP_MOBILE |
define ('LDAP_OPENLDAP_EMAIL', 'mail');
Definition at line 94 of file ldap.inc.php.
Definition at line 108 of file ldap.inc.php.
Definition at line 91 of file ldap.inc.php.
Definition at line 89 of file ldap.inc.php.
Definition at line 95 of file ldap.inc.php.
Definition at line 100 of file ldap.inc.php.
Definition at line 101 of file ldap.inc.php.
Definition at line 31 of file ldap.inc.php.
Definition at line 35 of file ldap.inc.php.
| enum LDAP_USERTYPE_ADMIN |
Definition at line 25 of file ldap.inc.php.
Definition at line 28 of file ldap.inc.php.
Definition at line 26 of file ldap.inc.php.
| enum LDAP_USERTYPE_USER |
Definition at line 27 of file ldap.inc.php.
| authenticateLDAP | ( | $ | username, |
| $ | password, | ||
| $ | id = 0, |
||
| $ | user = TRUE, |
||
| $ | populateOnly = FALSE, |
||
| $ | searchOnEmail = FALSE |
||
| ) |
Authenticate a user If successful and the user is new, the user is created in the database If successful and the user is returning, the user record is resynced
| string | $username,. | Username |
| string | $password,. | Password |
| int | $id,. | The userid or contactid, > 0 if you wish to update, else creates new |
| bool | $user,. | True for user, false for customer |
| 0 | the credentials were wrong or the user was not found. |
| 1 | to indicate user is authenticated and allowed to continue. |
Definition at line 517 of file ldap.inc.php.
References $_SESSION, $CONFIG, $id, $ldap_conn, $password, $user, $username, debug_log(), E_USER_ERROR, ldap_getDetails(), ldap_storeDetails(), and ldapOpen().
Referenced by authenticate(), authenticateContact(), and ldapImportCustomerFromEmail().
{
debug_log("authenticateLDAP {$username}", TRUE);
global $CONFIG;
$toReturn = false;
$ldap_conn = ldapOpen();
if ($ldap_conn != -1)
{
/*
* Search for user DN
* Authenticate
* Verify roles
*/
$entry = ldap_getDetails($username, $searchOnEmail, $ldap_conn);
if (!$entry)
{
// Multiple or zero
trigger_error("Unable to locate user", E_USER_ERROR);
$toReturn = false;
}
else
{
// just one
debug_log("One entry found", TRUE);
$_SESSION['ldap_user_dn'] = ldap_get_dn($ldap_conn, $entry);
$user_attributes = ldap_get_attributes($ldap_conn, $entry);
$toReturn = ldap_storeDetails($password, $id, $user, $populateOnly, $ldap_conn, $user_attributes);
}
}
else
{
$toReturn = -1;
}
@ldap_close($ldap_conn);
return $toReturn;
}
| ldap_getDetails | ( | $ | username, |
| $ | searchOnEmail, | ||
| &$ | ldap_conn | ||
| ) |
Definition at line 457 of file ldap.inc.php.
References $base, $CONFIG, $filter, $ldap_conn, $ldap_vars, $username, debug_log(), and E_USER_ERROR.
Referenced by authenticateLDAP(), and saction_ldapSync().
{
global $CONFIG, $ldap_vars;
$toReturn = false;
$base = $CONFIG['ldap_user_base'];
if (strpos($username, ",") != FALSE)
{
$filter = "(ObjectClass={$CONFIG['ldap_userobjecttype']})";
$base = $username;
}
else if (!$searchOnEmail)
{
$filter = "(&(ObjectClass={$CONFIG['ldap_userobjecttype']})({$CONFIG['ldap_userattribute']}={$username}))";
}
else
{
$filter = "(&(ObjectClass={$CONFIG['ldap_userobjecttype']})({$CONFIG['ldap_email']}={$username}))";
}
foreach ($ldap_vars AS $var)
{
$attributes[] = $CONFIG[strtolower("ldap_{$var}")];
}
debug_log("LDAP Filter: {$filter}", TRUE);
debug_log("LDAP Base: {$base}", TRUE);
$sr = ldap_search($ldap_conn, $base, $filter, $attributes);
if (ldap_count_entries($ldap_conn, $sr) != 1)
{
// Multiple or zero
trigger_error("LDAP unable to locate object: '$username', or multiple matches where found. filter: {$filter}", E_USER_ERROR);
$toReturn = false;
}
else
{
// just one
debug_log("LDAP got details for object: '$username'", TRUE);
$toReturn = ldap_first_entry($ldap_conn, $sr);
}
return $toReturn;
}
| ldap_is_account_disabled | ( | $ | attribute | ) |
Function to identify whether a user account is disabled handles bit mask filter used by AD
| mixed | $attribute | String or integer value representing the login disabled attribute in LDAP |
Definition at line 822 of file ldap.inc.php.
References $CONFIG.
Referenced by saction_ldapSync().
{
global $CONFIG;
if ($CONFIG['ldap_type'] == 'AD')
{
// Need to use mask
if ($attribute & $CONFIG['ldap_logindisabledvalue'])
{
return true;
}
else
{
return false;
}
}
else
{
if (strtolower($attribute) != strtolower($CONFIG['ldap_logindisabledvalue']))
{
return true;
}
else
{
return false;
}
}
}
| ldap_storeDetails | ( | $ | password, |
| $ | id = 0, |
||
| $ | user = TRUE, |
||
| $ | populateOnly = FALSE, |
||
| &$ | ldap_conn, | ||
| $ | user_attributes | ||
| ) |
Definition at line 239 of file ldap.inc.php.
References $_SESSION, $CONFIG, $contact, $filter, $id, $ldap_conn, $password, $result, $status, $user, debug_log(), elseif, and ldapOpen().
Referenced by authenticateLDAP(), and saction_ldapSync().
{
global $CONFIG;
$toReturn = false;
if ($populateOnly)
{
$user_bind = true;
}
else
{
// Authentocate
$user_bind = @ldap_bind($ldap_conn, $_SESSION['ldap_user_dn'], $password);
}
if (!$user_bind)
{
// Auth failed
debug_log("LDAP Invalid credentials {$_SESSION['ldap_user_dn']}", TRUE);
$toReturn = false;
}
else
{
// Sucessfull
debug_log("LDAP Valid Credentials", TRUE);
$usertype = LDAP_INVALID_USER;
if ($CONFIG['ldap_grponuser'])
{
if (is_array($user_attributes[$CONFIG['ldap_grpattributeuser']]))
{
// Group stored on user
foreach ($user_attributes[$CONFIG['ldap_grpattributeuser']] AS $group)
{
if ($user)
{
// User/Staff
// NOTE: we dont have to check about overwriting ADMIN type as we break
if (strtolower($group) == strtolower($CONFIG['ldap_admin_group']))
{
$usertype = LDAP_USERTYPE_ADMIN;
break;
}
elseif (strtolower($group) == strtolower($CONFIG['ldap_manager_group']))
{
$usertype = LDAP_USERTYPE_MANAGER;
}
elseif (strtolower($group) == strtolower($CONFIG['ldap_user_group']))
{
if ($usertype != LDAP_USERTYPE_MANAGER) $usertype = LDAP_USERTYPE_USER;
}
}
else
{
//Customer
if (strtolower($group) == strtolower($CONFIG['ldap_customer_group']))
{
$usertype = LDAP_USERTYPE_CUSTOMER;
break;
}
}
}
}
}
else
{
ldap_close($ldap_conn);
$ldap_conn = ldapOpen(); // Need to get an admin thread
if ($CONFIG['ldap_grpfulldn'])
{
$filter = "(&(objectClass={$CONFIG['ldap_grpobjecttype']})({$CONFIG['ldap_grpattributegrp']}={$_SESSION['ldap_user_dn']}))";
}
else
{
$filter = "(&(objectClass={$CONFIG['ldap_grpobjecttype']})({$CONFIG['ldap_grpattributegrp']}={$user_attributes[$CONFIG['ldap_userattribute']][0]}))";
}
if ($user)
{
debug_log("USER: {$filter}" , TRUE);
/*
* Locate
*/
if (ldap_count_entries($ldap_conn, ldap_search($ldap_conn, $CONFIG['ldap_admin_group'], $filter)))
{
$usertype = LDAP_USERTYPE_ADMIN;
debug_log("ADMIN", TRUE);
}
elseif (ldap_count_entries($ldap_conn, ldap_search($ldap_conn, $CONFIG['ldap_manager_group'], $filter)))
{
$usertype = LDAP_USERTYPE_MANAGER;
debug_log("MANAGER", TRUE);
}
elseif (ldap_count_entries($ldap_conn, ldap_search($ldap_conn, $CONFIG['ldap_user_group'], $filter)))
{
$usertype = LDAP_USERTYPE_USER;
debug_log("USER", TRUE);
}
else
{
debug_log("INVALID USER", TRUE);
}
}
else
{
// get back customer group
$result = ldap_search($ldap_conn, $CONFIG['ldap_customer_group'], $filter);
if (ldap_count_entries($ldap_conn, $result))
{
$usertype = LDAP_USERTYPE_CUSTOMER;
debug_log("CUSTOMER", TRUE);
}
else
{
debug_log("INVALID CUSTOMER", TRUE);
}
}
}
if ($usertype != LDAP_INVALID_USER AND $user)
{
// get attributes
$user = new User();
$user->username = $user_attributes[$CONFIG['ldap_userattribute']][0];
if ($CONFIG['ldap_cache_passwords']) $user->password = $password;
$user->realname = $user_attributes[$CONFIG['ldap_realname']][0];
$user->jobtitle = $user_attributes[$CONFIG['ldap_jobtitle']][0];
$user->email = $user_attributes[$CONFIG['ldap_email']][0];
$user->phone = $user_attributes[$CONFIG['ldap_telephone']][0];
$user->mobile = $user_attributes[$CONFIG['ldap_mobile']][0];
$user->fax = $user_attributes[$CONFIG['ldap_fax']][0];
$user->message = $user_attributes[$CONFIG['ldap_description']][0];
$user->source = 'ldap';
// TODO FIXME this doesn't take into account custom roles'
switch ($usertype)
{
case LDAP_USERTYPE_ADMIN:
$user->roleid = 1;
break;
case LDAP_USERTYPE_MANAGER:
$user->roleid = 2;
break;
default:
$user->roleid = 3;
}
if ($id == 0)
{
$user->status = $CONFIG['ldap_default_user_status'];
$user->holiday_entitlement = $CONFIG['default_entitlement'];
$status = $user->add();
}
else
{
// Modify
$user->id = $id;
$status = $user->edit();
}
if ($status) $toReturn = true;
else $toReturn = false;
}
elseif ($usertype == LDAP_USERTYPE_CUSTOMER AND !$user)
{
// Contact
debug_log("Adding contact TYPE {$usertype} USER {$user}", TRUE);
debug_log("User attributes: ".print_r($user_attributes, TRUE), TRUE);
$contact = new Contact();
$contact->username = $user_attributes[$CONFIG['ldap_userattribute']][0];
if ($CONFIG['ldap_cache_passwords']) $contact->password = $password;
$contact->surname = $user_attributes[$CONFIG['ldap_surname']][0];
$contact->forenames = $user_attributes[$CONFIG['ldap_forenames']][0];
$contact->jobtitle = $user_attributes[$CONFIG['ldap_jobtitle']][0];
$contact->email = $user_attributes[$CONFIG['ldap_email']][0];
$contact->phone = $user_attributes[$CONFIG['ldap_telephone']][0];
$contact->mobile = $user_attributes[$CONFIG['ldap_mobile']][0];
$contact->fax = $user_attributes[$CONFIG['ldap_fax']][0];
$contact->address1 = $user_attributes[$CONFIG['ldap_address1']][0];
$contact->city = $user_attributes[$CONFIG['ldap_city']][0];
$contact->county = $user_attributes[$CONFIG['ldap_county']][0];
$contact->postcode = $user_attributes[$CONFIG['ldap_postcode']][0];
$contact->courtesytitle = $user_attributes[$CONFIG['ldap_courtesytitle']][0];
$contact->emailonadd = false;
$contact->source = 'ldap';
if ($id == 0)
{
// Set a couple of defaults on first login
$contact->siteid = $CONFIG['ldap_default_customer_siteid'];
$status = $contact->add();
}
else
{
debug_log("MODIFY CONTACT {$id}", TRUE);
$contact->id = $id;
$status = $contact->edit();
}
if ($status) $toReturn = true;
else $toReturn = false;
}
else
{
$toReturn = false;
}
}
return $toReturn;
}
| ldapCheckGroupExists | ( | $ | dn, |
| $ | mapping | ||
| ) |
Checks if a group exists in LDAP Paul Heaney
| string | $dn | the DN of the group to check it exists |
| string | $mapping | the LDAP name mapping to use |
Definition at line 681 of file ldap.inc.php.
References ldapCheckObjectExists().
{
$toReturn = false;
$mapping = strtoupper($mapping);
$o = constant("LDAP_{$mapping}_GRPOBJECTTYPE");
return ldapCheckObjectExists($dn, $o);
}
| ldapCheckObjectExists | ( | $ | dn, |
| $ | objectType | ||
| ) |
Checks if a object exists in LDAP Paul Heaney
| string | $dn | the DN of the object to check it exists |
| string | $objectType | The type of object we are looking for |
Definition at line 640 of file ldap.inc.php.
References $filter, $ldap_conn, debug_log(), and ldapOpen().
Referenced by ldapCheckGroupExists().
{
$toReturn = false;
$filter = "(ObjectClass={$objectType})";
$ldap_conn = ldapOpen(); // Need to get an admin thread
debug_log("LDAP Filter: {$filter}", TRUE);
debug_log("LDAP Object: {$dn}", TRUE);
// Need to surpress this error otherwise we get an warning cascaded back to the user rather than ours
$sr = @ldap_read($ldap_conn, $dn, $filter);
if ($sr)
{
if (ldap_count_entries($ldap_conn, $sr) != 1)
{
// Multiple or zero
$toReturn = false;
}
else
{
// just one
$toReturn = true;
}
}
else
{
$toReturn = false;
}
return $toReturn;
}
| ldapGroupBrowse | ( | $ | base, |
| $ | ldap_host, | ||
| $ | ldap_port, | ||
| $ | ldap_type, | ||
| $ | ldap_protocol, | ||
| $ | ldap_security, | ||
| $ | ldap_bind_user, | ||
| $ | ldap_bind_pass | ||
| ) |
Definition at line 693 of file ldap.inc.php.
References $base, $CONFIG, $filter, $j, $ldap_bind_pass, $ldap_bind_user, $ldap_conn, $ldap_host, $ldap_port, $ldap_protocol, $ldap_security, $ldap_type, $return, $type, debug_log(), ldapNamingContexts(), and ldapOpen().
Referenced by ldapNamingContexts().
{
global $CONFIG;
debug_log("ldapGroupBrowse");
$return = array();
if (!empty($base))
{
$ldap_conn = ldapOpen($ldap_host, $ldap_port, $ldap_protocol, $ldap_security, $ldap_bind_user, $ldap_bind_pass);
if ($ldap_conn != -1)
{
if ($base == '[root]') $base = '';
$groupObjType = constant("LDAP_{$ldap_type}_GRPOBJECTTYPE");
$filter = "(|(objectClass=Organization)(objectClass=OrganizationalUnit)(objectClass=domain)(objectClass={$groupObjType}))";
$attribs = array('dn', 'objectClass');
debug_log("LDAP Filter: {$filter}", TRUE);
$sr = ldap_list($ldap_conn, $base, $filter, $attribs);
if ($sr)
{
$return[] = array('status' => 'ok');
$entries = ldap_get_entries($ldap_conn, $sr);
$a = array();
for ($i = 0; $i < $entries['count']; $i++)
{
$type = 'container';
for ($j = 0; $j < $entries[$i]['objectclass']['count']; $j++)
{
if (strtolower($entries[$i]['objectclass'][$j]) == strtolower($groupObjType))
{
$type = 'group';
}
}
$name = explode(',', $entries[$i]['dn']);
$cn = explode('=', $name[0]);
$return[] = array('dn' => $entries[$i]['dn'], 'cn' => $cn[1], 'type' => $type);
}
}
}
else
{
$return[] = array('status' => 'bad');
}
}
else
{
$return = ldapNamingContexts($ldap_host, $ldap_port, $ldap_type, $ldap_protocol, $ldap_security, $ldap_bind_user, $ldap_bind_pass);
}
return $return;
}
| ldapImportCustomerFromEmail | ( | $ | ) |
Checks that the email address given is a contact that has not yet been imported into the DB, then imports them.
| string | $email,. |
Definition at line 569 of file ldap.inc.php.
References $CONFIG, $email, $obj, $result, $sql, authenticateLDAP(), debug_log(), E_USER_WARNING, and elseif.
{
global $CONFIG;
$toReturn = false;
/*
* Check if contact exists
* is contact sit
* return
* if ldap enabled
* is contact ldap
* sync
* else
* try and find in LDAP
*
*/
debug_log ("ldapImportCustomerFromEmail {$email}");
if (!empty($email))
{
$sql = "SELECT id, username, contact_source FROM `{$GLOBALS['dbContacts']}` WHERE email = '{$email}'";
debug_log($sql, TRUE);
$result = mysql_query($sql);
if (mysql_error()) trigger_error("MySQL Query Error ".mysql_error(), E_USER_WARNING);
if (mysql_num_rows($result) == 1)
{
debug_log ("just one");
// Can only deal with the case where one exists, if multiple contacts have the same email address its difficult to deal with
$obj = mysql_fetch_object($result);
if ($obj->contact_source == 'sit')
{
$toReturn = true;
}
elseif ($obj->contact_source == 'ldap')
{
if (authenticateLDAP($obj->username, '', $obj->id, false, true, false)) $toReturn = true;
}
else
{
// Exists but of some other type
$toReturn = true;
}
}
elseif (mysql_num_rows($result) > 1)
{
debug_log ("More than one contact was found in LDAP with this address '{$email}', not importing", TRUE);
// Contact does exists with these details, just theres more than one of them
$toReturn = true;
}
else
{
// Zero found
if ($CONFIG['use_ldap'])
{
// Try and search
if (authenticateLDAP($email, '', 0, false, true, true)) $toReturn = true;
}
}
}
return $toReturn;
}
| ldapNamingContexts | ( | $ | ldap_host, |
| $ | ldap_port, | ||
| $ | ldap_type, | ||
| $ | ldap_protocol, | ||
| $ | ldap_security, | ||
| $ | ldap_bind_user, | ||
| $ | ldap_bind_pass | ||
| ) |
Definition at line 757 of file ldap.inc.php.
References $filter, $ldap_bind_pass, $ldap_bind_user, $ldap_conn, $ldap_host, $ldap_port, $ldap_protocol, $ldap_security, $ldap_type, $return, debug_log(), ldapGroupBrowse(), and ldapOpen().
Referenced by ldapGroupBrowse().
{
debug_log("ldapNamingContexts");
$ldap_conn = ldapOpen($ldap_host, $ldap_port, $ldap_protocol, $ldap_security, $ldap_bind_user, $ldap_bind_pass);
$return = array();
if ($ldap_conn != -1)
{
$filter = "(objectClass=*)";
$attribs = array('namingContexts', 'rootDomainNamingContext', 'defaultNamingContext');
debug_log("LDAP Filter: {$filter}", TRUE);
$sr = ldap_read($ldap_conn, "", $filter, $attribs);
if ($sr)
{
$return[] = array('status' => 'ok');
$entries = ldap_get_entries($ldap_conn, $sr);
if (!empty($entries[0]['defaultnamingcontext']))
{
$return[] = array('dn' => $entries[0]['defaultnamingcontext'][0], 'cn' => $entries[0]['defaultnamingcontext'][0], 'type' => 'container');
}
else if (!empty($entries[0]['rootdomainnamingcontext']))
{
$return[] = array('dn' => $entries[0]['rootdomainnamingcontext'][0], 'cn' => $entries[0]['rootdomainnamingcontext'][0], 'type' => 'container');
}
else
{
for ($i = 0; $i < $entries[0]['namingcontexts']['count']; $i++)
{
if (empty($entries[0]['namingcontexts'][$i]))
{
$return = ldapGroupBrowse('[root]', $ldap_host, $ldap_port, $ldap_type, $ldap_protocol, $ldap_security, $ldap_bind_user, $ldap_bind_pass);
break;
}
else
{
$return[] = array('dn' => $entries[0]['namingcontexts'][$i], 'cn' => $entries[0]['namingcontexts'][$i], 'type' => 'container');
}
}
}
}
}
else
{
$return[] = array('status' => 'connectfailed');
}
return $return;
}
| if ($CONFIG['use_ldap']) ldapOpen | ( | $ | host = '', |
| $ | port = '', |
||
| $ | protocol = '', |
||
| $ | security = '', |
||
| $ | user = '', |
||
| $ | password = '' |
||
| ) |
Opens a connection to the LDAP host
Definition at line 161 of file ldap.inc.php.
References $CONFIG, $ldap_conn, $password, $user, debug_log(), E_USER_ERROR, and E_USER_WARNING.
Referenced by authenticateLDAP(), ldap_storeDetails(), ldapCheckObjectExists(), ldapGroupBrowse(), ldapNamingContexts(), and saction_ldapSync().
{
debug_log("ldapOpen", TRUE);
global $CONFIG, $ldap_conn;
if (empty($host)) $host = $CONFIG['ldap_host'];
if (empty($port)) $port = $CONFIG['ldap_port'];
if (empty($protocol)) $protocol = $CONFIG['ldap_protocol'];
if (empty($security)) $security = $CONFIG['ldap_security'];
if (empty($user)) $user = $CONFIG['ldap_bind_user'];
if (empty($password)) $password = $CONFIG['ldap_bind_pass'];
// Use a default port if one isn't specified
if (empty($port))
{
if ($security == 'SSL') $port = '636';
else $port = '389';
}
$toReturn = -1;
$ldap_url = "ldap://{$host}:{$port}";
if ($security == 'SSL')
{
$ldap_url = "ldaps://{$host}:{$port}";
}
debug_log ("LDAP TYPE: {$CONFIG['ldap_type']}", TRUE);
debug_log ("LDAP URL: {$ldap_url}", TRUE);
$ldap_conn = @ldap_connect($ldap_url);
if ($ldap_conn)
{
// Set protocol version
ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, $protocol);
ldap_set_option($ldap_conn, LDAP_OPT_REFERRALS, 0);
if ( $security == 'TLS' )
{
// Protocol V3 required for start_tls
if ( $protocol == 3 )
{
if ( !ldap_start_tls($ldap_conn) )
{
trigger_error("Ldap_start_tls failed", E_USER_ERROR);
}
}
else
{
trigger_error("LDAP Protocol v3 required for TLS", E_USER_ERROR);
}
}
if ( isset($user) && mb_strlen($user) > 0 )
{
$r = @ldap_bind($ldap_conn, $user, $password);
if ( ! $r )
{
// Could not bind!
trigger_error("Could not bind to LDAP server with credentials '{$user}'", E_USER_WARNING);
}
else
{
$toReturn = $ldap_conn;
}
}
}
return $toReturn;
}
| if (realpath(__FILE__)==realpath($_SERVER['SCRIPT_FILENAME'])) $ldap_conn = "" |
Definition at line 21 of file ldap.inc.php.
| $ldap_vars |
array("SURNAME", "FORENAMES", "REALNAME", "JOBTITLE", "EMAIL", "MOBILE", "TELEPHONE", "FAX", "DESCRIPTION", "GRPONUSER", "GRPFULLDN", "USERATTRIBUTE", "USEROBJECTTYPE", "GRPOBJECTTYPE", "GRPATTRIBUTEUSER", "GRPATTRIBUTEGRP", "ADDRESS1", "CITY", "COUNTY", "POSTCODE", "COURTESYTITLE", "LOGINDISABLEDATTRIBUTE", "LOGINDISABLEDVALUE")
Definition at line 136 of file ldap.inc.php.
Referenced by ldap_getDetails().
| For more help developing with SiT! see http://sitracker.org/wiki/DevelopmentHowTo | © 2008-2011 Support Incident Tracker |
 |