Ejemplo n.º 1
0
function ActiveDirectoryToMysql()
{
    $sock = new sockets();
    $EnableManageUsersTroughActiveDirectory = $sock->GET_INFO("EnableManageUsersTroughActiveDirectory");
    if (!is_numeric($EnableManageUsersTroughActiveDirectory)) {
        $EnableManageUsersTroughActiveDirectory = 0;
    }
    if ($EnableManageUsersTroughActiveDirectory == 0) {
        die;
    }
    $unix = new unix();
    $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".pid";
    $pidTime = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".time";
    $oldpid = $unix->get_pid_from_file($pidfile);
    $sock = new sockets();
    $ActiveDirectoryMysqlSinc = $sock->GET_INFO($ActiveDirectoryMysqlSinc);
    if (!is_numeric($ActiveDirectoryMysqlSinc)) {
        $ActiveDirectoryMysqlSinc = 5;
    }
    if ($ActiveDirectoryMysqlSinc == 0) {
        $ActiveDirectoryMysqlSinc = 1;
    }
    $ActiveDirectoryMysqlSinc = $ActiveDirectoryMysqlSinc * 60;
    if ($unix->process_exists($oldpid, basename(__FILE__))) {
        writelogs("Process {$oldpid} already exists", __FUNCTION__, __FILE__, __LINE__);
        return;
    }
    if (system_is_overloaded(basename(__FILE__))) {
        writelogs("Overloaded system, aborting", __FUNCTION__, __FILE__, __LINE__);
        return;
    }
    @file_put_contents($pidfile, getmypid());
    if (!$GLOBALS["FORCE"]) {
        if ($unix->file_time_min($pidTime) < $ActiveDirectoryMysqlSinc) {
            return;
        }
    }
    @unlink($pidTime);
    @file_put_contents($pidTime, time());
    $t1 = time();
    $ldap = new ldapAD();
    $hash = $ldap->Ldap_search($ldap->suffix, "(objectClass=organizationalUnit)", array("name", "ou", "dn"), 5000);
    if (!is_numeric($hash["count"])) {
        $hash["count"] = 0;
    }
    if ($hash["count"] == 0) {
        return;
    }
    $q = new mysql();
    $q->QUERY_SQL("TRUNCATE TABLE `activedirectory_users`", "artica_backup");
    if (!$q->ok) {
        $unix->send_email_events("ActiveDirectory: mysql error {$q->mysql_error}", "process aborted. Will restart in next cycle", "system");
        return;
    }
    $q->QUERY_SQL("TRUNCATE TABLE `activedirectory_groups`", "artica_backup");
    $q->QUERY_SQL("TRUNCATE TABLE `activedirectory_groupsNames`", "artica_backup");
    $sql = "SELECT ou,dn,enabled,OnlyBranch FROM activedirectory_orgs ORDER BY ou";
    $results = $q->QUERY_SQL($sql, "artica_backup");
    $BranchsInMyql = mysql_num_rows($results);
    while ($ligne = @mysql_fetch_array($results, MYSQL_ASSOC)) {
        $OUCONFIG[$ligne["dn"]]["PARAMS"]["ENABLED"] = $ligne["enabled"];
        $OUCONFIG[$ligne["dn"]]["PARAMS"]["OnlyBranch"] = $ligne["OnlyBranch"];
    }
    $GLOBALS["MEMORY_COUNT_USERS"] = 0;
    $GLOBALS["MEMORY_COUNT_GROUPS"] = 0;
    for ($i = 0; $i < $hash["count"]; $i++) {
        $OrganizationDN = utf8_encode($hash[$i]["dn"]);
        if (isset($OUCONFIG[$OrganizationDN])) {
            if ($OUCONFIG[$OrganizationDN]["PARAMS"]["ENABLED"] == 0) {
                echo "Importing users from {$hash[$i]["ou"][0]} {$OrganizationDN} aborted (disabled)\n";
                continue;
            }
        }
        if ($BranchsInMyql > 0) {
            if (!isset($OUCONFIG[$OrganizationDN])) {
                echo "Importing users from {$hash[$i]["ou"][0]} {$OrganizationDN} is not in mysql database (disabled)\n";
                continue;
            }
        }
        $OnlyBranch = $OUCONFIG[$OrganizationDN]["PARAMS"]["OnlyBranch"];
        $dn = utf8_encode($hash[$i]["dn"]);
        $ou = utf8_encode($hash[$i]["ou"][0]);
        $dn = addslashes($dn);
        $ou = addslashes($ou);
        $sql = "INSERT IGNORE INTO activedirectory_orgs (ou,dn) VALUES('{$ou}','{$dn}')";
        $q->QUERY_SQL($sql, "artica_backup");
        echo "Importing users from {$hash[$i]["ou"][0]} {$hash[$i]["dn"]} OnlyBranch={$OnlyBranch}\n";
        importuser($hash[$i]["dn"], $ou, $OnlyBranch);
    }
    if ($GLOBALS["MEMORY_COUNT_USERS"] == 0) {
        @unlink($pidTime);
    }
    checksGroups();
    $distanceOfTimeInWords = $unix->distanceOfTimeInWords($t1, time());
    $unix->send_email_events("ActiveDirectory: {$GLOBALS["MEMORY_COUNT_USERS"]} members / {$GLOBALS["MEMORY_COUNT_GROUPS"]} groups imported", "These items has been imported into the cache database in {$distanceOfTimeInWords}", "system");
}
Ejemplo n.º 2
0
function GetUsersArray()
{
    $unix = new unix();
    $netbin = $unix->LOCATE_NET_BIN_PATH();
    exec("{$netbin} ads search '(objectClass=user)' {$GLOBALS["AUTHCMD"]} 2>&1", $results);
    $array = array();
    while (list($index, $line) = each($results)) {
        if (preg_match("#distinguishedName: (.+)#", $line, $re)) {
            $array[trim($re[1])] = true;
            continue;
        }
    }
    $groups = array();
    while (list($dn, $line) = each($array)) {
        $results = array();
        exec("{$netbin} ads search '(&(objectclass=user)(distinguishedName={$dn}))' {$GLOBALS["AUTHCMD"]} 2>&1", $results);
        $givenname = null;
        $displayname = null;
        $samaccountname = null;
        $userprincipalname = null;
        $telephoneNumber = null;
        $mobile = null;
        $title = null;
        $sn = null;
        $ou = null;
        $mail = null;
        while (list($index, $ligne) = each($results)) {
            if (preg_match("#givenName: (.+)#", $ligne, $re)) {
                $givenname = trim($re[1]);
                continue;
            }
            if (preg_match("#displayName: (.+)#", $ligne, $re)) {
                $displayname = trim($re[1]);
                continue;
            }
            if (preg_match("#sAMAccountName: (.+)#", $ligne, $re)) {
                $samaccountname = trim($re[1]);
                continue;
            }
            if (preg_match("#userPrincipalName: (.+)#", $ligne, $re)) {
                $userprincipalname = trim($re[1]);
                continue;
            }
            if (preg_match("#telephoneNumber: (.+)#", $ligne, $re)) {
                $telephoneNumber = trim($re[1]);
                continue;
            }
            if (preg_match("#mobile: (.+)#", $ligne, $re)) {
                $mobile = trim($re[1]);
                continue;
            }
            if (preg_match("#title: (.+)#", $ligne, $re)) {
                $title = trim($re[1]);
                continue;
            }
            if (preg_match("#sn: (.+)#", $ligne, $re)) {
                $sn = trim($re[1]);
                continue;
            }
            if (preg_match("#mail: (.+)#", $ligne, $re)) {
                $mail = trim($re[1]);
                continue;
            }
            if (preg_match("#memberOf: (.+)#", $ligne, $re)) {
                $groups[$dn][] = trim($re[1]);
            }
        }
        if (strpos($samaccountname, "\$") > 0) {
            continue;
        }
        $givenname = addslashes($givenname);
        $displayname = addslashes($displayname);
        $samaccountname = addslashes($samaccountname);
        $userprincipalname = addslashes($userprincipalname);
        $telephoneNumber = addslashes($telephoneNumber);
        $mobile = addslashes($mobile);
        $title = addslashes($title);
        $sn = addslashes($sn);
        if ($GLOBALS["VERBOSE"]) {
            echo $dn . " `{$samaccountname}`\n";
        }
        $sql[] = "('{$dn}','{$samaccountname}','{$mail}','{$userprincipalname}','{$displayname}','{$ou}','{$telephoneNumber}','{$mobile}','{$givenname}','{$title}','{$sn}')";
    }
    if (count($sql) == 0) {
        return;
    }
    $q = new mysql();
    $q->QUERY_SQL("TRUNCATE TABLE activedirectory_users", "artica_backup");
    $q->QUERY_SQL("TRUNCATE TABLE activedirectory_groups", "artica_backup");
    $prefix = "INSERT IGNORE INTO activedirectory_users (dn,samaccountname,mail,userprincipalname,displayname,ou,telephonenumber,mobile,givenname,title,sn) VALUES";
    $sqlfinal = $prefix . " " . @implode(",", $sql);
    if ($GLOBALS["VERBOSE"]) {
        echo $sqlfinal . "\n";
    }
    $q->QUERY_SQL($sqlfinal, "artica_backup");
    if (!$q->ok) {
        echo $q->mysql_error . "\n";
        return;
    }
    $sql = array();
    while (list($userdn, $groupdnArray) = each($groups)) {
        while (list($a, $groupdn) = each($groupdnArray)) {
            if ($GLOBALS["VERBOSE"]) {
                echo "link {$userdn} -> {$groupdn}\n";
            }
            LinkGroups($groupdn, $userdn);
        }
    }
    checksGroups();
}