protected function validateUsingLdapExt($value)
{
if (!ldap_explode_dn($value, 0)) {
return false;
}
return true;
}
/**
* @return string
*/
public function getParentDN()
{
$parts = ldap_explode_dn($this->distinguisedName, 0);
unset($parts['count']);
unset($parts[0]);
return implode(',', $parts);
}
/**
* @param string $dn
* @param bool $createParent
*
* @return bool
*/
public function createOrganizationalUnit($dn, $createParent = false)
{
$parts = ldap_explode_dn($dn, 0);
unset($parts['count']);
// Doesn't support anything else than 'ou'
if (stripos($parts[0], 'ou=') !== 0) {
return false;
}
// Previously create parents
if ($createParent) {
$parentParts = $parts;
unset($parentParts[0]);
$parent = implode(',', $parentParts);
$found = $this->searchDN($parent);
if (!$found) {
$this->createOrganizationalUnit($parent, true);
}
}
// Already exists ?
$found = $this->searchDN($dn);
if (!$found) {
list(, $name) = explode('=', $parts[0]);
$object = new Object($dn);
$object->get('objectClass')->add('top');
$object->get('objectClass')->add('organizationalUnit');
$object->get('ou')->add($name);
return $this->add($object, false);
}
return true;
}
/**
* Extends PHPs ldap_explode_dn() function
*
* UTF-8 chars like German umlauts would otherwise be escaped and shown
* as backslash-prefixed hexcode-sequenzes.
*
* @param string DN
* @param boolean Returns 'type=value' when true and 'value' when false
* @return string
*/
public static function explodeDN($dn, $with_type = true)
{
$res = ldap_explode_dn($dn, $with_type ? 0 : 1);
foreach ($res as $k => $v) {
$res[$k] = preg_replace('/\\\\([0-9a-f]{2})/ei', "chr(hexdec('\\1'))", $v);
}
unset($res['count']);
return $res;
}
/**
* Converts a string distinguished name into its separate pieces.
*
* @param string $dn
* @param int $withAttributes Set to 0 to get the attribute names along with the value.
* @return array
*/
public static function explodeDn($dn, $withAttributes = 1)
{
$pieces = ldap_explode_dn($dn, $withAttributes);
if ($pieces === false || !isset($pieces['count']) || $pieces['count'] == 0) {
throw new \yii\base\InvalidParamException(sprintf('Unable to parse DN "%s".', $dn));
}
unset($pieces['count']);
return $pieces;
}
/**
* Converts a DN string into an array of RDNs.
*
* This will also decode hex characters into their true
* UTF-8 representation embedded inside the DN as well.
*
* @param string $dn
* @param bool $removeAttributePrefixes
*
* @return array|false
*/
public static function explodeDn($dn, $removeAttributePrefixes = true)
{
$dn = ldap_explode_dn($dn, $removeAttributePrefixes ? 1 : 0);
if (is_array($dn) && array_key_exists('count', $dn)) {
foreach ($dn as $rdn => $value) {
$dn[$rdn] = self::unescape($value);
}
}
return $dn;
}
function explode_dn($dn, $with_attributes = 0)
{
$result = ldap_explode_dn($dn, $with_attributes);
if (is_array($result)) {
foreach ($result as $key => $value) {
$result[$key] = $value;
}
}
return $result;
}
/**
* Entry constructor.
*
* @param resource $ds
* LDAP connection resource.
* @param string $rdn
* Relative distinguished name (to baseDN).
* @param string $dn
* Distinguished name.
* @param array $data
* Associative array of attribute keys and values.
*/
public function __construct($ds, $rdn, $dn, $data)
{
$this->ds = $ds;
$this->rdn = $rdn;
$this->dn = $dn;
$this->data = $data;
$this->oldData = $data;
$exploded_dn = ldap_explode_dn($dn, 0);
$top_dn = explode('=', $exploded_dn[0]);
$this->dnAttribute = strtolower($top_dn[0]);
}
/**
* Extends PHPs ldap_explode_dn() function
*
* UTF-8 chars like German umlauts would otherwise be escaped and shown
* as backslash-prefixed hexcode-sequenzes.
*
* @param string DN
* @param boolean Returns 'type=value' when true and 'value' when false
* @return string
*/
public static function explodeDN($dn, $with_type = true)
{
$res = ldap_explode_dn($dn, $with_type ? 0 : 1);
foreach ($res as $k => $v) {
$res[$k] = preg_replace_callback('/\\\\([0-9a-f]{2})/i', function ($m) {
return chr(hexdec($m[1]));
}, $v);
}
unset($res['count']);
return $res;
}
function escapeDN($dn)
{
$aDN = ldap_explode_dn($dn, false);
unset($aDN['count']);
foreach ($aDN as $key => $part) {
$value = substr($part, strpos($part, '=') + 1);
$escapedValue = strtr($value, array(',' => '\\2c', '=' => '\\3d', '+' => '\\2b', '<' => '\\3c', '>' => '\\3e', ';' => '\\3b', '\\' => '\\5c', '"' => '\\22', '#' => '\\23'));
$part = str_replace($part, $value, $escapedValue);
}
$dn = implode(',', $aDN);
return $dn;
}
public function testEntryConstruct()
{
$returnedLdapEntries = ['count' => 3, 0 => [0 => 'distinguishedname', 'count' => 1, 'dn' => 'CN=Karen Berge,CN=admin,DC=corp,DC=Fabrikam,DC=COM', 'distinguishedname' => ['count' => 1, 'CN=Karen Berge,CN=admin,DC=corp,DC=Fabrikam,DC=COM']], 1 => [0 => 'distinguishedname', 'count' => 1, 'dn' => 'CN=Doe\\, John,CN=admin,DC=corp,DC=Fabrikam,DC=COM', 'distinguishedname' => ['count' => 1, 'CN=Doe\\, John,CN=admin,DC=corp,DC=Fabrikam,DC=COM']], 2 => [0 => 'cn', 'cn' => ['count' => 1, 0 => 'Test'], 'distinguishedname' => ['count' => 1, 0 => 'CN=Bauman\\, Steve,OU=Users,OU=Developers,OU=User Accounts,OU=Canada,DC=corp,DC=Fabrikam,DC=COM'], 1 => 'distinguishedname', 'displayname' => ['count' => 1, 0 => 'Bauman, Steve'], 2 => 'displayname', 'samaccountname' => ['count' => 1, 0 => 'stevebauman'], 3 => 'samaccountname', 'count' => 4, 'dn' => 'CN=Bauman\\, Steve,OU=Users,OU=Developers,OU=User Accounts,OU=Canada,DC=corp,DC=Fabrikam,DC=COM']];
$explodedDnsToReturn = [ldap_explode_dn($returnedLdapEntries[0]['dn'], 1), ldap_explode_dn($returnedLdapEntries[1]['dn'], 1), ldap_explode_dn($returnedLdapEntries[2]['dn'], 1)];
$connection = $this->newConnectionMock();
$connection->shouldReceive('explodeDn')->times(3)->andReturnValues($explodedDnsToReturn)->shouldReceive('close')->andReturn(true);
$expectedResults = [['distinguishedname' => 'CN=Karen Berge,CN=admin,DC=corp,DC=Fabrikam,DC=COM', 'dn' => 'CN=Karen Berge,CN=admin,DC=corp,DC=Fabrikam,DC=COM', 'dn_array' => ['count' => 5, 0 => 'Karen Berge', 1 => 'admin', 2 => 'corp', 3 => 'Fabrikam', 4 => 'COM']], ['distinguishedname' => 'CN=Doe\\, John,CN=admin,DC=corp,DC=Fabrikam,DC=COM', 'dn' => 'CN=Doe\\, John,CN=admin,DC=corp,DC=Fabrikam,DC=COM', 'dn_array' => ['count' => 5, 0 => 'Doe\\2C John', 1 => 'admin', 2 => 'corp', 3 => 'Fabrikam', 4 => 'COM']], ['cn' => 'Test', 'displayname' => 'Bauman, Steve', 'samaccountname' => 'stevebauman', 'distinguishedname' => 'CN=Bauman\\, Steve,OU=Users,OU=Developers,OU=User Accounts,OU=Canada,DC=corp,DC=Fabrikam,DC=COM', 'dn' => 'CN=Bauman\\, Steve,OU=Users,OU=Developers,OU=User Accounts,OU=Canada,DC=corp,DC=Fabrikam,DC=COM', 'dn_array' => ['count' => 8, 0 => 'Bauman\\2C Steve', 1 => 'Users', 2 => 'Developers', 3 => 'User Accounts', 4 => 'Canada', 5 => 'corp', 6 => 'Fabrikam', 7 => 'COM']]];
$entries = [];
for ($i = 0; $i < $returnedLdapEntries["count"]; $i++) {
$entry = new Entry($returnedLdapEntries[$i], $connection);
$entries[] = $entry->getAttributes();
}
$this->assertEquals($expectedResults, $entries);
}
/**
* Answer a string name for a DN
*
* @param string $dn
* @return string
* @access public
* @since 8/31/09
*/
function dnToName($dn)
{
$levels = ldap_explode_dn($dn, 1);
unset($levels['count']);
// if (preg_match('/Miles/i', $dn)) {
// var_dump($dn);
// var_dump($levels);
// exit;
// }
if (count($levels) <= 2) {
return implode('.', $levels);
} else {
return str_replace('\\2C', ',', $levels[0]);
}
}
public function parseLdapDn($dn)
{
$parsr = ldap_explode_dn($dn, 0);
$out = array();
foreach ($parsr as $key => $value) {
if (FALSE !== strstr($value, '=')) {
list($prefix, $data) = explode("=", $value);
$data = preg_replace("/\\\\([0-9A-Fa-f]{2})/e", "''.chr(hexdec('\\1')).''", $data);
if (isset($current_prefix) && $prefix == $current_prefix) {
$out[$prefix][] = $data;
} else {
$current_prefix = $prefix;
$out[$prefix][] = $data;
}
}
}
return $out;
}
private function assign($computer)
{
if (array_key_exists(0, $computer) && $computer['count'] > 0) {
if (array_key_exists('dn', $computer[0])) {
$this->dn = ldap_explode_dn($computer[0]['dn'], 1);
$this->name = $this->dn[0];
if (array_key_exists(1, $this->dn)) {
$this->group = $this->dn[1];
}
if (array_key_exists(2, $this->dn)) {
$this->type = $this->dn[2];
}
if (array_key_exists('dnshostname', $computer[0])) {
$this->host_name = $computer[0]['dnshostname'][0];
}
$this->os = new ComputerOs($computer[0]);
}
}
}
function ldap_process($user, $pass)
{
require_once QA_INCLUDE_DIR . "../qa-plugin/qa-ldap-login/ldap-config.php";
// Establish link with LDAP server
$con = ldap_connect($hostname, $port) or die("Could not connect to ldap host.");
if (!is_resource($con)) {
trigger_error("Unable to connect to {$hostname}", E_USER_WARNING);
}
ldap_set_option($con, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($con, LDAP_OPT_REFERRALS, 0);
// Removing @email.com
if (strstr($user, '@')) {
$parts = preg_split("/@/", $user);
$user = $parts[0];
}
// Check if user/pass combo authenticates
$bind = ldap_bind($con, $user . $account_suffix, $pass);
if ($bind) {
} else {
return false;
}
// Connect to LDAP with read-only admin account
$bind = ldap_bind($con, $username . $account_suffix, $password);
if ($bind) {
// Run query to determine user's name
// Replace DOMAIN & com with ldap domain info
$dn = "CN=Users,DC=DOMAIN,DC=com";
$filter = "(&(objectClass=user)(sAMAccountName=" . $uname . "))";
$attributes = array("displayname");
$search = ldap_search($con, $dn, $filter, $attributes);
$data = ldap_get_entries($con, $search);
$explode = ldap_explode_dn($data[0]["dn"], 0);
$name = explode(" ", str_replace("CN=", "", $explode[0]));
// Close LDAP link
ldap_close($con);
// Return user's name in array
$name[2] = $user;
return $name;
}
}
/**
* Assigns object variables from adldap array.
*
* @param $user
*/
private function assign($user)
{
if (array_key_exists('dn', $user[0])) {
$this->dn = ldap_explode_dn($user[0]['dn'], 1);
$this->dn_string = $user[0]['dn'];
}
if (array_key_exists('samaccountname', $user[0])) {
$this->username = $user[0]['samaccountname'][0];
}
if (array_key_exists('displayname', $user[0])) {
$this->name = $user[0]['displayname'][0];
}
if (array_key_exists('mail', $user[0])) {
$this->email = $user[0]['mail'][0];
}
if (array_key_exists(1, $this->dn)) {
$this->type = $this->dn[1];
}
if (array_key_exists(2, $this->dn)) {
$this->group = $this->dn[2];
}
}
<?php
include '../standard_header.inc.php';
# 3. Dateiname und evtl. Pfad des Templates für die Webseite
$webseite = "new_pxe.dwt";
include 'rbs_header.inc.php';
###################################################################################
$mnr = -1;
$sbmnr = -1;
$mcnr = -1;
$mnr = $_GET['mnr'];
$sbmnr = $_GET['sbmnr'];
$mcnr = $_GET['mcnr'];
# Menuleisten erstellen
createMainMenu($rollen, $mainnr);
createRBSMenu($rollen, $mnr, $auDN, $sbmnr);
###################################################################################
$rbsDN = $_GET['rbsdn'];
$rbsdnexp = ldap_explode_dn($rbsDN, 1);
$pxecn = str_replace("_", " ", $_GET['pxecn']);
$pxeday = str_replace("_", " ", $_GET['pxeday']);
$pxebeg = str_replace("_", " ", $_GET['pxebeg']);
$pxeend = str_replace("_", " ", $_GET['pxeend']);
$template->assign(array("PXECN" => $pxecn, "PXEDAY" => $pxeday, "PXEBEG" => $pxebeg, "PXEEND" => $pxeend, "LDAPURI" => "", "FILEURI" => "", "RBSDN" => $rbsDN, "RBSCN" => $rbsdnexp[0], "RBSAU" => "", "NFS" => "", "NFSROOT" => "", "TFTP" => "", "TFTPROOT" => "", "FILE" => "", "ALLOW" => "", "CONSOLE" => "", "DEFAULT" => "menu.c32", "DISPLAY" => "", "FONT" => "", "IMPLICIT" => "", "KBDMAP" => "", "MENMPW" => "", "MENTIT" => "", "NOESC" => "1", "ONERR" => "", "ONTIME" => "", "PROMPT" => "0", "SAY" => "", "SERIAL" => "", "TIMEOUT" => "600", "MNR" => $mnr, "SBMNR" => $sbmnr));
###################################################################################
include "rbs_footer.inc.php";
function ldap_add_user_by_array($data, $update_if_exists = true)
{
$lastname = api_convert_encoding($data['sn'][0], api_get_system_encoding(), 'UTF-8');
$firstname = api_convert_encoding($data['cn'][0], api_get_system_encoding(), 'UTF-8');
$email = $data['mail'][0];
// Get uid from dn
$dn_array = ldap_explode_dn($data['dn'], 1);
$username = $dn_array[0];
// uid is first key
$outab[] = $data['edupersonprimaryaffiliation'][0];
// Here, "student"
//$val = ldap_get_values_len($ds, $entry, "userPassword");
//$val = ldap_get_values_len($ds, $data, "userPassword");
//$password = $val[0];
// TODO the password, if encrypted at the source, will be encrypted twice, which makes it useless. Try to fix that.
$password = $data['userPassword'][0];
$structure = $data['edupersonprimaryorgunitdn'][0];
$array_structure = explode(",", $structure);
$array_val = explode("=", $array_structure[0]);
$etape = $array_val[1];
$array_val = explode("=", $array_structure[1]);
$annee = $array_val[1];
// To ease management, we add the step-year (etape-annee) code
$official_code = $etape . "-" . $annee;
$auth_source = 'ldap';
// No expiration date for students (recover from LDAP's shadow expiry)
$expiration_date = '0000-00-00 00:00:00';
$active = 1;
if (empty($status)) {
$status = 5;
}
if (empty($phone)) {
$phone = '';
}
if (empty($picture_uri)) {
$picture_uri = '';
}
// Adding user
$user_id = 0;
if (UserManager::is_username_available($username)) {
$user_id = UserManager::create_user($firstname, $lastname, $status, $email, $username, $password, $official_code, api_get_setting('platformLanguage'), $phone, $picture_uri, $auth_source, $expiration_date, $active);
} else {
if ($update_if_exists) {
$user = UserManager::get_user_info($username);
$user_id = $user['user_id'];
UserManager::update_user($user_id, $firstname, $lastname, $username, null, null, $email, $status, $official_code, $phone, $picture_uri, $expiration_date, $active);
}
}
return $user_id;
}
/**
* Returns a specfic contact.
*
* Same as getContacts except that either 'carddata' or 'vcard' is mandatory.
*
* @param string $addressbookid
* @param mixed $ids
* @return array|bool
*/
public function getContact($addressbookid, $ids, array $options = array())
{
if (!is_array($ids)) {
$a_ids = array($ids);
} else {
$a_ids = $ids;
}
$cards = array();
$toReturn = false;
if (self::setLdapParams($addressbookid)) {
foreach ($a_ids as $id) {
$cid = str_replace(".vcf", "", $id);
if (ldap_explode_dn(base64_decode($cid), 0) == false) {
$ldifEntry = $this->connector->getLdifEntry("X-URI", null);
$filter = "";
if (isset($ldifEntry[0]['unassigned'])) {
$filter = $this->connector->getUnassignedVCardProperty() . "=X-URI:" . $cid . "*";
} else {
$filter = $ldifEntry[0]['name'] . "=" . $cid . "*";
}
$card = self::ldapFindOne($this->ldapParams['ldapbasednsearch'], $filter, $this->connector->getLdapEntries());
} else {
$card = self::ldapFindOne(base64_decode($cid), $this->ldapParams['ldapfilter'], $this->connector->getLdapEntries());
}
}
if ($card != null) {
return self::getSabreFormatCard($addressbookid, $this->connector->ldapToVCard($card));
}
}
return false;
}
$dhcpchange = 1;
} else {
# echo "kein Änderung <br>";
}
}
echo "</td><td width='33%' class='tab_d'>";
echo "<br><b>RemoteBoot Dienst:</b> <br><br>";
for ($j = 0; $j < count($rbs); $j++) {
$rbsadd = array();
$rbsdel = array();
$hostexp = ldap_explode_dn($hostDN[$j], 1);
if ($rbs[$j] != $oldrbs[$j]) {
echo "<b>{$hostexp['0']}</b> - ";
$exp = ldap_explode_dn($rbs[$j], 1);
$rbscn = $exp[0];
$oldexp = ldap_explode_dn($oldrbs[$j], 1);
$oldrbscn = $oldexp[0];
if ($rbs[$j] == "") {
$rbsdel['hlprbservice'] = array();
$rbsdel['dhcpoptnext-server'] = array();
$rbsdel['dhcpoptfilename'] = array();
$result = ldap_mod_del($ds, $hostDN[$j], $rbsdel);
if ($result) {
echo "erfolgreich ausgetragen, alter Wert: <b>{$oldrbscn}</b> <br>";
} else {
echo "Fehler beim austragen aus Remote Boot Dienst <b>{$oldrbscn}</b> <br>";
}
} else {
$rbsdhcpdata = get_node_data($rbs[$j], array("tftpserverip", "initbootfile"));
$rbsadd['hlprbservice'] = $rbs[$j];
$rbsadd['dhcpoptnext-server'] = $rbsdhcpdata['tftpserverip'];
# DHCP Service Daten
$dhcpsv_array = get_dhcpservices($auDN, array("dn", "cn"));
$dhcpserviceDN = $dhcpsv_array[0]['dn'];
$attributes = array("dn", "cn", "dhcpprimarydn", "dhcpsecondarydn", "description", "dhcpofferdn", "dhcpstatements", "dhcpfailoverpeer", "dhcpoptallow", "dhcpoptddns-update-style", "dhcpoptdefault-lease-time", "dhcpoptdeny", "dhcpoptfilename", "dhcpoptignore", "dhcppermittedclients", "dhcpoptmax-lease-time", "dhcpoptnext-server", "optiondefinition", "dhcpoptuse-host-decl-names", "dhcpoptbroadcast-address", "dhcpoptdhcp-max-message-size", "dhcpoptdomain-name", "dhcpoptdomain-name-servers", "dhcpoptgeneric", "dhcpoptntp-servers", "dhcpoptroot-path", "dhcpoptrouters");
$dhcpsv_data = get_node_data($dhcpserviceDN, $attributes);
#print_r($dhcpsv_data);
# DHCP Service Anbieten
# momentanes Offer
# todo: falls dhcpofferDN leer dann standardwert AU teilbaum
$offerexp = ldap_explode_dn($dhcpsv_data['dhcpofferdn'], 1);
$dhcpoffernow = $offerexp[0];
# alternative Offers
$expdn = ldap_explode_dn($auDN, 0);
# Mit Merkmalen
$expdn = array_slice($expdn, 1);
$expou = ldap_explode_dn($auDN, 1);
# nur Werte
$expou = array_slice($expou, 1, -3);
#print_r($expou); echo "<br>";
#print_r($expdn); echo "<br>";
for ($i = 0; $i < count($expou); $i++) {
$dhcpoffers[$i]['ou'] = $expou[$i];
$dhcpoffers[$i]['dn'] = implode(',', $expdn);
$expdn = array_slice($expdn, 1);
}
#print_r($dhcpoffers);
$expcn = explode('_', $dhcpsv_data['cn']);
$name = array_slice($expcn, 1);
$dhcpcn = implode('_', $name);
$optdef = "";
if (count($dhcpsv_data['optiondefinition']) == 1) {
$rbs = htmlentities($rbs);
$oldrbs = htmlentities($oldrbs);
/*echo "new dhcp:"; print_r($dhcp); echo "<br>";
echo "old dhcp:"; print_r($olddhcp); echo "<br>";
echo "new rbs:"; print_r($rbs); echo "<br>";
echo "old rbs:"; print_r($oldrbs); echo "<br>";
echo "Host DN:"; print_r($hostDN); echo "<br>";
echo "submenuNR:"; print_r($sbmnr); echo "<br><br>";*/
$seconds = 2;
$url = 'rbshost.php?dn=' . $hostDN . '&sbmnr=' . $sbmnr;
echo " \n<html>\n<head>\n\t<title>AU Management</title>\n\t<link rel='stylesheet' href='../styles.css' type='text/css'>\n</head>\n<body>\n<table border='0' cellpadding='30' cellspacing='0'> \n<tr><td>";
##########################################
# RBS
if ($rbs != "none" && $rbs != $oldrbs) {
if ($rbs != "") {
$exp = ldap_explode_dn($rbs, 1);
$rbscn = $exp[0];
$rbsau = $exp[2];
$dhcpdata = get_node_data($rbs, array("tftpserverip", "initbootfile"));
$entryrbs['hlprbservice'] = $rbs;
$entryrbs['dhcpoptnext-server'] = $dhcpdata['tftpserverip'];
$entryrbs['dhcpoptfilename'] = $dhcpdata['initbootfile'];
if ($oldrbs != "") {
echo "RBS replace ";
print_r($oldrbs);
echo " with ";
print_r($entryrbs);
echo "<br>";
if ($result = ldap_mod_replace($ds, $hostDN, $entryrbs)) {
update_dhcpmtime(array());
rbs_adjust_host($hostDN, $rbs);
$mnr = 0;
$sbmnr = -1;
$mcnr = -1;
###################################################################################
$sbmnr = $_GET['sbmnr'];
# Menuleisten erstellen
createMainMenu($rollen, $mainnr);
createComputersMenu($rollen, $mnr, $auDN, $sbmnr, $mcnr);
###################################################################################
$hostDN = "HostName=" . $_GET['host'] . ",cn=computers," . $auDN;
# Rechner Daten
$attributes = array("hostname", "domainname", "ipaddress", "hwaddress", "description", "hlprbservice", "dhcphlpcont", "dhcpoptfixed-address", "dhcpopthardware", "dhcpoptfilename", "dhcpoptnext-server", "hw-mouse", "hw-graphic", "hw-monitor");
$host = get_node_data($hostDN, $attributes);
$rbsDN = $host['hlprbservice'];
if ($rbsDN) {
$exprbs = ldap_explode_dn($rbsDN, 1);
# Rechnerspezifische PXEs
$hostpxeconfigs = get_pxeconfigs2($hostDN, array("dn", "cn", "description", "timerange"));
$pxehost = "<tr>\n\t\t\t\t\t\t<td colspan='3' width='50%' class='tab_h'>\n\t\t\t\t\t\t<b>Client <code class='font_object'> " . $host['hostname'] . " \n\t\t\t\t\t\t</code> - spezifische PXE Konfigurationen (Bootmenüs)</b></td>\n\t\t\t\t\t</tr>";
if (count($hostpxeconfigs) != 0) {
for ($i = 0; $i < count($hostpxeconfigs); $i++) {
$pxelink = "<a href='pxe.php?dn=" . $hostpxeconfigs[$i]['dn'] . "&mnr=1&sbmnr=" . $sbmnr . "&mcnr=" . $i . "&nodedn=" . $hostDN . "' class='headerlink'>" . $hostpxeconfigs[$i]['cn'] . "</a>";
$trange = "";
if (count($hostpxeconfigs[$i]['timerange']) > 1) {
foreach ($hostpxeconfigs[$i]['timerange'] as $tr) {
$exptime = array_merge(explode('_', $tr), array($hostpxeconfigs[$i]['cn']));
$timeranges[$i][] = $exptime;
# Für grafische Wo-Ansicht
if ($exptime[0] == "X") {
$exptime[0] = "täglich";
}
/**
* Adds a user to the Dokeos database or updates its data
* @param string username (and uid inside LDAP)
* @author Mustapha Alouani
*/
function ldap_add_user($login)
{
global $ldap_basedn, $ldap_host, $ldap_port, $ldap_rdn, $ldap_pass;
$ds = ldap_connect($ldap_host, $ldap_port);
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
if ($ds) {
$str_query = "(uid=" . $login . ")";
$r = false;
$res = ldap_handle_bind($ds, $r);
$sr = ldap_search($ds, $ldap_basedn, $str_query);
//echo "Le nombre de resultats est : ".ldap_count_entries($ds,$sr)."<p>";
$info = ldap_get_entries($ds, $sr);
for ($key = 0; $key < $info['count']; $key++) {
$lastname = api_convert_encoding($info[$key]['sn'][0], api_get_system_encoding(), 'UTF-8');
$firstname = api_convert_encoding($info[$key]['givenname'][0], api_get_system_encoding(), 'UTF-8');
$email = $info[$key]['mail'][0];
// Get uid from dn
$dn_array = ldap_explode_dn($info[$key]['dn'], 1);
$username = $dn_array[0];
// uid is first key
$outab[] = $info[$key]['edupersonprimaryaffiliation'][0];
// Ici "student"
//$val = ldap_get_values_len($ds, $entry, "userPassword");
//$val = ldap_get_values_len($ds, $info[$key], "userPassword");
//$password = $val[0];
// TODO the password, if encrypted at the source, will be encrypted twice, which makes it useless. Try to fix that.
$password = $info[$key]['userPassword'][0];
$structure = $info[$key]['edupersonprimaryorgunitdn'][0];
$array_structure = explode(",", $structure);
$array_val = explode("=", $array_structure[0]);
$etape = $array_val[1];
$array_val = explode("=", $array_structure[1]);
$annee = $array_val[1];
// Pour faciliter la gestion on ajoute le code "etape-annee"
$official_code = $etape . "-" . $annee;
$auth_source = 'ldap';
// Pas de date d'expiration d'etudiant (a recuperer par rapport au shadow expire LDAP)
$expiration_date = '0000-00-00 00:00:00';
$active = 1;
if (empty($status)) {
$status = 5;
}
if (empty($phone)) {
$phone = '';
}
if (empty($picture_uri)) {
$picture_uri = '';
}
// Ajout de l'utilisateur
if (UserManager::is_username_available($username)) {
$user_id = UserManager::create_user($firstname, $lastname, $status, $email, $username, $password, $official_code, api_get_setting('platformLanguage'), $phone, $picture_uri, $auth_source, $expiration_date, $active);
} else {
$user = UserManager::get_user_info($username);
$user_id = $user['user_id'];
UserManager::update_user($user_id, $firstname, $lastname, $username, null, null, $email, $status, $official_code, $phone, $picture_uri, $expiration_date, $active);
}
}
} else {
Display::display_error_message(get_lang('LDAPConnectionError'));
}
return $user_id;
}
/**
* @param string $dn
* @param bool $removeAttributePrefixes
*
* @return array
*/
public function explodeDn($dn, $removeAttributePrefixes = true)
{
return ldap_explode_dn($dn, $removeAttributePrefixes ? 1 : 0);
}
public function MoveMessage($folderid, $id, $newfolderid, $contentParameters)
{
ZLog::Write(LOGLEVEL_DEBUG, sprintf("BackendLDAP->MoveMessage('%s','%s', '%s')", $folderid, $id, $newfolderid));
$base_dns = explode("|", LDAP_BASE_DNS);
$old = "";
$new = "";
foreach ($base_dns as $base_dn) {
$folder = explode(":", $base_dn);
if ($folder[0] == $folderid) {
$old = str_replace('%u', $this->user, $folder[1]);
}
if ($folder[0] == $newfolderid) {
$new = str_replace('%u', $this->user, $folder[1]);
}
}
$result_id = ldap_list($this->ldap_link, $old, "(entryUUID=" . $id . ")", array("entryUUID"));
if ($result_id) {
$entry_id = ldap_first_entry($this->ldap_link, $result_id);
if ($entry_id) {
$dn = ldap_get_dn($this->ldap_link, $entry_id);
$newdn = ldap_explode_dn($dn, 0);
return ldap_rename($this->ldap_link, $dn, $newdn[0], true);
}
}
return false;
}
/**
* Looks for the UID in a DN
* @param string $dn
* @return mixed. String, the uid on success, false on failure
*/
protected function getUIDFromDN($dn)
{
$components = ldap_explode_dn($dn, 0);
foreach ($components as $key => $component) {
if ($key === 'count') {
continue;
}
if (substr($component, 0, 4) != 'uid=') {
continue;
}
/* the preg_replace is here b/c of http://us2.php.net/manual/en/function.ldap-explode-dn.php#34724 */
return preg_replace("/\\\\([0-9A-Fa-f]{2})/e", "''.chr(hexdec('\\1')).''", substr($component, 4));
}
return false;
}
/**
* Establish a connection to the LDAP server
*/
private function _connect()
{
global $RCMAIL;
if (!function_exists('ldap_connect')) {
raise_error(array('code' => 100, 'type' => 'ldap', 'file' => __FILE__, 'line' => __LINE__, 'message' => "No ldap support in this installation of PHP"), true, true);
}
if (is_resource($this->conn)) {
return true;
}
if (!is_array($this->prop['hosts'])) {
$this->prop['hosts'] = array($this->prop['hosts']);
}
if (empty($this->prop['ldap_version'])) {
$this->prop['ldap_version'] = 3;
}
foreach ($this->prop['hosts'] as $host) {
$host = idn_to_ascii(rcube_parse_host($host));
$hostname = $host . ($this->prop['port'] ? ':' . $this->prop['port'] : '');
$this->_debug("C: Connect [{$hostname}] [{$this->prop['name']}]");
if ($lc = @ldap_connect($host, $this->prop['port'])) {
if ($this->prop['use_tls'] === true) {
if (!ldap_start_tls($lc)) {
continue;
}
}
$this->_debug("S: OK");
ldap_set_option($lc, LDAP_OPT_PROTOCOL_VERSION, $this->prop['ldap_version']);
$this->prop['host'] = $host;
$this->conn = $lc;
if (isset($this->prop['referrals'])) {
ldap_set_option($lc, LDAP_OPT_REFERRALS, $this->prop['referrals']);
}
break;
}
$this->_debug("S: NOT OK");
}
// See if the directory is writeable.
if ($this->prop['writable']) {
$this->readonly = false;
}
if (!is_resource($this->conn)) {
raise_error(array('code' => 100, 'type' => 'ldap', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Could not connect to any LDAP server, last tried {$hostname}"), true);
return false;
}
$bind_pass = $this->prop['bind_pass'];
$bind_user = $this->prop['bind_user'];
$bind_dn = $this->prop['bind_dn'];
$this->base_dn = $this->prop['base_dn'];
$this->groups_base_dn = $this->prop['groups']['base_dn'] ? $this->prop['groups']['base_dn'] : $this->base_dn;
// User specific access, generate the proper values to use.
if ($this->prop['user_specific']) {
// No password set, use the session password
if (empty($bind_pass)) {
$bind_pass = $RCMAIL->decrypt($_SESSION['password']);
}
// Get the pieces needed for variable replacement.
if ($fu = $RCMAIL->user->get_username()) {
list($u, $d) = explode('@', $fu);
} else {
$d = $this->mail_domain;
}
$dc = 'dc=' . strtr($d, array('.' => ',dc='));
// hierarchal domain string
$replaces = array('%dn' => '', '%dc' => $dc, '%d' => $d, '%fu' => $fu, '%u' => $u);
if ($this->prop['search_base_dn'] && $this->prop['search_filter']) {
if (!empty($this->prop['search_bind_dn']) && !empty($this->prop['search_bind_pw'])) {
$this->bind($this->prop['search_bind_dn'], $this->prop['search_bind_pw']);
}
// Search for the dn to use to authenticate
$this->prop['search_base_dn'] = strtr($this->prop['search_base_dn'], $replaces);
$this->prop['search_filter'] = strtr($this->prop['search_filter'], $replaces);
$this->_debug("S: searching with base {$this->prop['search_base_dn']} for {$this->prop['search_filter']}");
$res = @ldap_search($this->conn, $this->prop['search_base_dn'], $this->prop['search_filter'], array('uid'));
if ($res) {
if (($entry = ldap_first_entry($this->conn, $res)) && ($bind_dn = ldap_get_dn($this->conn, $entry))) {
$this->_debug("S: search returned dn: {$bind_dn}");
$dn = ldap_explode_dn($bind_dn, 1);
$replaces['%dn'] = $dn[0];
}
} else {
$this->_debug("S: " . ldap_error($this->conn));
}
// DN not found
if (empty($replaces['%dn'])) {
if (!empty($this->prop['search_dn_default'])) {
$replaces['%dn'] = $this->prop['search_dn_default'];
} else {
raise_error(array('code' => 100, 'type' => 'ldap', 'file' => __FILE__, 'line' => __LINE__, 'message' => "DN not found using LDAP search."), true);
return false;
}
}
}
// Replace the bind_dn and base_dn variables.
$bind_dn = strtr($bind_dn, $replaces);
$this->base_dn = strtr($this->base_dn, $replaces);
$this->groups_base_dn = strtr($this->groups_base_dn, $replaces);
if (empty($bind_user)) {
$bind_user = $u;
}
}
if (empty($bind_pass)) {
$this->ready = true;
} else {
if (!empty($bind_dn)) {
$this->ready = $this->bind($bind_dn, $bind_pass);
} else {
if (!empty($this->prop['auth_cid'])) {
$this->ready = $this->sasl_bind($this->prop['auth_cid'], $bind_pass, $bind_user);
} else {
$this->ready = $this->sasl_bind($bind_user, $bind_pass);
}
}
}
return $this->ready;
}
private function getAllGroupNames($entry, $attrib)
{
$results = array();
$values = @ldap_get_values($this->conn, $entry, $attrib);
if (!empty($values)) {
for ($i = 0; $i < $values["count"]; $i++) {
$ar = ldap_explode_dn($values[$i], 1);
array_push($results, $ar[0]);
}
}
return $results;
}
function getNodeRDN($dn, $ref = 0)
{
$tmp = ldap_explode_dn($dn, $ref);
return $tmp[0];
}