function ConnectToLDAP() { BuildDefault(); $array = $GLOBALS["KerbAuthInfos"]; if (!is_array($array)) { WLOG("KerbAuthInfos not an array"); return false; } if (!isset($array["LDAP_SERVER"])) { WLOG("LDAP_SERVER not set"); return; } if (!isset($array["LDAP_SUFFIX"])) { WLOG("LDAP_SUFFIX not set"); return; } $GLOBALS["SUFFIX"] = $array["LDAP_SUFFIX"]; $GLOBALS["CONNECTION"] = @ldap_connect($array["LDAP_SERVER"], $array["LDAP_PORT"]); //WLOG("[LDAP]: Connecting to LDAP server `{$array["LDAP_SERVER"]}:{$array["LDAP_PORT"]}`"); if (!$GLOBALS["CONNECTION"]) { WLOG("[LDAP]: Fatal: ldap_connect({$array["LDAP_SERVER"]},{$array["LDAP_PORT"]} )"); @ldap_close(); return false; } //WLOG("[LDAP]: Connecting to LDAP server {$array["LDAP_SERVER"]} <span style='font-weight:bold;color:#00B218'>success</span> with suffix:«{$GLOBALS["SUFFIX"]}»"); @ldap_set_option($GLOBALS["CONNECTION"], LDAP_OPT_PROTOCOL_VERSION, 3); @ldap_set_option($GLOBALS["CONNECTION"], LDAP_OPT_REFERRALS, 0); @ldap_set_option($GLOBALS["CONNECTION"], LDAP_OPT_PROTOCOL_VERSION, 3); // on passe le LDAP en version 3, necessaire pour travailler avec le AD @ldap_set_option($GLOBALS["CONNECTION"], LDAP_OPT_REFERRALS, 0); if (preg_match("#^(.+?)\\/(.+?)\$#", $array["WINDOWS_SERVER_ADMIN"], $re)) { $array["WINDOWS_SERVER_ADMIN"] = $re[1]; } if (preg_match("#^(.+?)\\\\(.+?)\$#", $array["WINDOWS_SERVER_ADMIN"], $re)) { $array["WINDOWS_SERVER_ADMIN"] = $re[1]; } //$GLOBALS["BIND"]=ldap_bind($GLOBALS["CONNECTION"], $array["LDAP_DN"], $array["LDAP_PASSWORD"]); $GLOBALS["BIND"] = @ldap_bind($GLOBALS["CONNECTION"], "{$array["WINDOWS_SERVER_ADMIN"]}@{$array["WINDOWS_DNS_SUFFIX"]}", $array["WINDOWS_SERVER_PASS"]); if (!$GLOBALS["BIND"]) { if (@ldap_get_option($GLOBALS["CONNECTION"], LDAP_OPT_DIAGNOSTIC_MESSAGE, $extended_error)) { $error = $error . " {$extended_error}"; } switch (ldap_errno($GLOBALS["CONNECTION"])) { case 0x31: $error = $error . " Bad username or password. Please try again."; break; case 0x32: $error = $error . " Insufficient access rights."; break; case 81: $error = $error . " Unable to connect to the LDAP server \n\t\t\t\t{$array["LDAP_SERVER"]} please, verify if ldap daemon is running or the ldap server address"; break; case -1: break; default: $error = $error . " Could not bind to the LDAP server." . " " . @ldap_err2str($GLOBALS["CONNECTION"]); } WLOG("[LDAP]:" . __LINE__ . " Connecting to LDAP server {$array["LDAP_SERVER"]} failed {$error}"); return false; } //WLOG("[LDAP]: Binding to LDAP server {$array["LDAP_SERVER"]} <span style='font-weight:bold;color:#00B218'>success</span>."); return true; }
if (!$users->kas_installed) { die; } if ($argv[1] == '--rebuild-tables') { rebuildtables(); die; } if ($argv[1] == '--dograph') { dograph(); die; } BuildRobots(); filter_conf(); removes(); ListOU(); BuildDefault(); shell_exec("/bin/chown mailflt3:mailflt3 /usr/local/ap-mailfilter3/conf/def/group/*"); shell_exec("/usr/local/ap-mailfilter3/bin/mkprofiles"); shell_exec("/usr/local/ap-mailfilter3/bin/kas-restart -f -p -m"); function dograph() { exec("/usr/local/ap-mailfilter3/control/bin/stat -c /usr/local/ap-mailfilter3/control/stat/stat.conf >/dev/null 2>&1"); exec("/usr/local/ap-mailfilter3/control/bin/statvisual -c /usr/local/ap-mailfilter3/control/stat/stat.conf"); } function removes() { @unlink("/usr/local/ap-mailfilter3/conf/def/common/common-allow.xml"); shell_exec('/bin/touch /usr/local/ap-mailfilter3/conf/def/common/common-allow.xml'); @unlink("/usr/local/ap-mailfilter3/conf/def/common/common-deny.xml"); shell_exec('/bin/touch /usr/local/ap-mailfilter3/conf/def/common/common-deny.xml'); $dir_handle = @opendir("/usr/local/ap-mailfilter3/conf/def/group");