public function form_read($form, $prefs) { if (array_key_exists('dsfw', $form)) { $default_user_branch = 'cn=Users,'; $domain_separator = 'dc'; $uidprefix = 'cn'; } else { $default_user_branch = ''; //'ou=users,'; $domain_separator = 'o'; $uidprefix = 'cn'; } if ($form['admin_branch'] == 'default') { $admin_dn = $uidprefix . '=' . $form['admin_login'] . ',' . $default_user_branch . domain2suffix($form['domain'], $domain_separator); } elseif ($form['admin_branch'] == 'specific') { $abranch = $form['admin_branch_ou']; if (strstr($abranch, ',') != False) { $buffer = explode(',', $abranch); $buffer = array_reverse($buffer); for ($i = 0; $i < count($buffer); $i++) { $buffer[$i] = trim($buffer[$i]); } $abranch = implode(',ou=', $buffer); } $admin_dn = $uidprefix . '=' . $form['admin_login'] . ',ou=' . $abranch . ',' . domain2suffix($form['domain'], $domain_separator); } $ad_ar = array(); $ad_ar['hosts'] = array($form['host'], $form['host2']); $ad_ar['suffix'] = domain2suffix($form['domain'], $domain_separator); $ad_ar['login'] = $admin_dn; $ad_ar['password'] = $form['admin_password']; $ad_ar['filter'] = '(objectClass=person)'; $ad_ar['userbranch'] = ''; $ad_ar['options'] = array('LDAP_OPT_PROTOCOL_VERSION' => '3'); $ad_ar['extra'] = array(); if (isset($form['dsfw'])) { $ad_ar['extra']['dsfw'] = 'dsfw'; } $ad_ar['match'] = array(); $ad_ar['match']['login'] = $uidprefix; $ad_ar['match']['displayname'] = 'fullName'; // Enable modules $module_to_enable = array('SessionManagement', 'UserDB', 'UserGroupDB'); $module_enabled = $prefs->get('general', 'module_enable'); $prefs->set('general', 'module_enable', array_unique(array_merge($module_enabled, $module_to_enable))); // Select AD as UserDB $prefs->set('UserDB', 'enable', 'ldap'); // Push the conf $prefs->set('UserDB', 'ldap', $ad_ar); // Select Module for UserGroupDB if ($form['user_group'] == 'internal') { $prefs->set('UserGroupDB', 'enable', 'sql'); } elseif (isset($form['dsfw'])) { // Active Directory mode $prefs->set('UserGroupDB', 'enable', 'activedirectory'); $prefs->set('UserGroupDB', 'activedirectory', array('use_child_group' => 0)); } else { $prefs->set('UserGroupDB', 'enable', 'ldap'); $prefs->set('UserGroupDB', 'ldap', array('filter' => '(objectClass=groupOfNames)', 'match' => array('name' => 'cn'), 'user_field' => 'groupMembership', 'user_field_type' => 'group_dn', 'group_field' => 'member', 'group_field_type' => 'user_dn')); } // Set the Session Management module $prefs->set('SessionManagement', 'enable', 'novell'); $dlu = 0; if (isset($form['dlu']) && $form['dlu'] == 'dlu') { $dlu = 1; } $prefs->set('SessionManagement', 'novell', array('dlu' => $dlu)); // Disable the unused module $module_to_disable = array('ProfileDB', 'SharedFolderDB'); $module_enabled = $prefs->get('general', 'module_enable'); foreach ($module_to_disable as $a_module_name) { $key = array_search($a_module_name, $module_enabled); if ($key !== false) { unset($module_enabled[$key]); } } $prefs->set('general', 'module_enable', $module_enabled); // for now disable profile and sharedlfolder on session settings $session_settings_defaults = $prefs->get('general', 'session_settings_defaults'); if (array_key_exists('enable_profiles', $session_settings_defaults)) { $session_settings_defaults['enable_profiles'] = '0'; } if (array_key_exists('enable_sharedfolders', $session_settings_defaults)) { $session_settings_defaults['enable_sharedfolders'] = '0'; } $prefs->set('general', 'session_settings_defaults', $session_settings_defaults); return True; }
public static function prefsIsValid($prefs_, &$log = array()) { $config_AD = $prefs_->get('UserDB', 'activedirectory'); $minimum_keys = array('hosts', 'domain', 'login', 'password', 'domain'); foreach ($minimum_keys as $m_key) { if (!isset($config_AD[$m_key])) { $log['config_AD has key ' . $m_key] = false; return false; } // else { // $log['config_AD has key '.$m_key] = true; // } } $ldap_suffix = domain2suffix($config_AD['domain']); if (!$ldap_suffix) { $log['domain2suffix for \'' . $config_AD['domain'] . '\''] = false; return false; } $log['domain2suffix for \'' . $config_AD['domain'] . '\''] = true; if (!UserDB_ldap::isValidDN($ldap_suffix)) { $log['isValidDN for \'' . $ldap_suffix . '\''] = false; return false; } $log['isValidDN for \'' . $ldap_suffix . '\''] = true; $config_ldap = self::makeLDAPconfig($config_AD); $LDAP2 = new LDAP($config_ldap); $ret = $LDAP2->connect($log); if ($ret === false) { // $log['LDAP connect to \''.$config_ldap['host'].'\''] = false; return false; } // $log['Connect to AD'] = true; $LDAP2->disconnect(); return true; }