/**
* Binds to the current connection using the
* inserted credentials.
*
* @param string $username
* @param string $password
*
* @returns bool
*
* @throws AdldapException
*/
protected function bindUsingCredentials($username, $password)
{
if (empty($username)) {
// Allow binding with null username.
$username = null;
} else {
// If the username isn't empty, we'll append the configured
// account suffix to bind to the LDAP server.
$username .= $this->configuration->getAccountSuffix();
}
if (empty($password)) {
// Allow binding with null password
$password = null;
}
if ($this->connection->bind($username, $password) === false) {
$error = $this->connection->getLastError();
if ($this->connection->isUsingSSL() && $this->connection->isUsingTLS() === false) {
$message = 'Bind to Active Directory failed. Either the LDAPs connection failed or the login credentials are incorrect. AD said: ' . $error;
} else {
$message = 'Bind to Active Directory failed. Check the login credentials and/or server details. AD said: ' . $error;
}
throw new AdldapException($message);
}
return true;
}
/**
* {@inheritdoc}
*/
public function bindUsingCredentials($username, $password, $suffix = null)
{
if (empty($username)) {
// Allow binding with null username.
$username = null;
} else {
// If the username isn't empty, we'll append the configured
// account suffix to bind to the LDAP server.
if (is_null($suffix)) {
$suffix = $this->configuration->getAccountSuffix();
}
$username .= $suffix;
}
if (empty($password)) {
// Allow binding with null password.
$password = null;
}
try {
$this->connection->bind($username, $password);
} catch (Exception $e) {
$error = $this->connection->getLastError();
if ($this->connection->isUsingSSL() && $this->connection->isUsingTLS() === false) {
$message = 'Bind to Active Directory failed. Either the LDAP SSL connection failed or the login credentials are incorrect. AD said: ' . $error;
} else {
$message = 'Bind to Active Directory failed. Check the login credentials and/or server details. AD said: ' . $error;
}
throw new BindException($message);
}
}
/**
* {@inheritdoc}
*/
public function bindAsAdministrator()
{
$username = $this->configuration->getAdminUsername();
$password = $this->configuration->getAdminPassword();
$suffix = $this->configuration->getAdminAccountSuffix();
if (empty($suffix)) {
// Use the user account suffix if no administrator account suffix is given.
$suffix = $this->configuration->getAccountSuffix();
}
$this->bindUsingCredentials($username, $password, $suffix);
}
/**
* Binds to the LDAP server as the configured administrator.
*
* @throws AdldapException
*
* @return bool
*/
protected function bindAsAdministrator()
{
$adminUsername = $this->configuration->getAdminUsername();
$adminPassword = $this->configuration->getAdminPassword();
$adminSuffix = $this->configuration->getAdminAccountSuffix();
if (empty($adminSuffix)) {
// If the admin suffix is empty, we'll use the default account suffix.
$adminSuffix = $this->configuration->getAccountSuffix();
}
$this->bindUsingCredentials($adminUsername, $adminPassword, $adminSuffix);
if ($this->connection->isBound() === false) {
$error = $this->connection->getLastError();
throw new AdldapException("Rebind to Active Directory failed. AD said: {$error}");
}
return true;
}
/**
* Binds to the current connection using the
* inserted credentials.
*
* @param string $username
* @param string $password
*
* @returns bool
*
* @throws AdldapException
*/
private function bindUsingCredentials($username, $password)
{
// Allow binding with null credentials
if (empty($username)) {
$username = null;
} else {
$username .= $this->configuration->getAccountSuffix();
}
if (empty($password)) {
$password = null;
}
if (!$this->connection->bind($username, $password)) {
$error = $this->connection->getLastError();
if ($this->connection->isUsingSSL() && !$this->connection->isUsingTLS()) {
$message = 'Bind to Active Directory failed. Either the LDAPs connection failed or the login credentials are incorrect. AD said: ' . $error;
} else {
$message = 'Bind to Active Directory failed. Check the login credentials and/or server details. AD said: ' . $error;
}
throw new AdldapException($message);
}
return true;
}