/** * Search and map a user inside the LDAP * * @param CUser $user * @param CSourceLDAP $source_ldap * @param resource $ldapconn * @param string $person [optional] * @param string $filter [optional] * @param boolean $force_create [optional] * * @return CUser */ static function searchAndMap(CUser $user, CSourceLDAP $source_ldap, $ldapconn, $person = null, $filter = null, $force_create = false) { if (!$person) { $person = $user->user_username; } $person = utf8_encode($person); if (!$filter) { $filter = "(samaccountname={$person})"; } $results = $source_ldap->ldap_search($ldapconn, $filter); if (!$results || $results["count"] == 0) { $user->_bound = false; $user->_count_ldap = 0; return $user; } if ($results["count"] > 1) { throw new CMbException("CSourceLDAP_too-many-results"); } $results = $results[0]; $idex = new CIdSante400(); $idex->tag = CAppUI::conf("admin LDAP ldap_tag"); $idex->object_class = "CUser"; $idex->id400 = self::getObjectGUID($results); $idex->loadMatchingObject(); // On sauvegarde le password renseigné $user_password = $user->user_password; $_user_password = $user->_user_password; // objectguid retrouvé on charge le user if ($idex->_id) { $user = new CUser(); $user->load($idex->object_id); } else { // objectguid non retrouvé on associe à l'user courant l'objectguid // Si on est pas en mode création on le recherche if (!$force_create) { // Suppression du password pour le loadMatchingObject $user->user_password = null; $user->_user_password = null; $user->loadMatchingObject(); if (!$user->_id) { throw new CMbException("Auth-failed-user-unknown"); } } } $user->_bound = true; $user = self::mapTo($user, $results); // Save Mediuser variables $actif = $user->_user_actif; $deb_activite = $user->_user_deb_activite; $fin_activite = $user->_user_fin_activite; // Restore User password variables $user->user_password = $user_password; $user->_user_password = $_user_password; if (!$user->user_type) { $user->user_type = 0; } // Pas de profil $user->template = 0; $user->user_login_errors = 0; $user->repair(); $msg = $user->store(); if ($msg) { throw new CMbException($msg); } if (!$force_create && !$user->_ref_mediuser->actif || $force_create && !$actif) { throw new CMbException("Auth-failed-user-deactivated"); } // Restore Mediuser variables $user->_user_actif = $actif; $user->_user_deb_activite = $deb_activite; $user->_user_fin_activite = $fin_activite; $user->_count_ldap = 1; if (!$idex->_id) { $idex->object_id = $user->_id; $idex->last_update = CMbDT::dateTime(); if ($msg = $idex->store()) { throw new CMbException($msg); } } return $user; }
* * @category Admin * @package Mediboard * @author SARL OpenXtrem <*****@*****.**> * @license GNU General Public License, see http://www.gnu.org/licenses/gpl.html * @version $Revision$ * @link http://www.mediboard.org */ CCanDo::checkAdmin(); $action = CValue::get("action"); $source_ldap_id = CValue::get("source_ldap_id"); $ldaprdn = CValue::get("ldaprdn"); $ldappass = CValue::get("ldappass"); $filter = CValue::get("filter", "(samaccountname=*)"); $attributes = CValue::get("attributes"); $source_ldap = new CSourceLDAP(); $source_ldap->load($source_ldap_id); try { $ldapconn = $source_ldap->ldap_connect(); CAppUI::stepAjax("CSourceLDAP_connect", UI_MSG_OK, $source_ldap->host); $source_ldap->ldap_bind($ldapconn, $ldaprdn, $ldappass, true); $user = $ldaprdn ? $ldaprdn : "anonymous"; $user = $source_ldap->bind_rdn_suffix ? $ldaprdn . $source_ldap->bind_rdn_suffix : $user; CAppUI::stepAjax("CSourceLDAP_authenticate", UI_MSG_OK, $source_ldap->host, $user); } catch (CMbException $e) { $e->stepAjax(UI_MSG_ERROR); } if ($action == "search") { if ($attributes) { $attributes = preg_split("/\\s*[,\n\\|]\\s*/", $attributes); }
<?php /** * $Id: ajax_refresh_source_ldap.php 18997 2013-05-02 09:24:16Z rhum1 $ * * @category Admin * @package Mediboard * @author SARL OpenXtrem <*****@*****.**> * @license GNU General Public License, see http://www.gnu.org/licenses/gpl.html * @version $Revision: 18997 $ * @link http://www.mediboard.org */ CCanDo::checkAdmin(); $source_ldap = new CSourceLDAP(); $sources_ldap = $source_ldap->loadList(null, "priority DESC"); $sources_ldap[] = $source_ldap; // to create a new one // Création du template $smarty = new CSmartyDP(); $smarty->assign("sources_ldap", $sources_ldap); $smarty->display("inc_sources_ldap.tpl");