function ldap_test_pw($dn, $pw) { $ds = ldap_connection(); if (!$ds or !$pw) { // avec ldap 2.x.x, ldap_connect est tjrs ok. La connection n'est ouverte qu'au bind return false; } else { ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, LDAP_PROTOCOL_VERSION); $r = ldap_bind($ds, $dn, $pw); ldap_close($ds); return $r; } }
} unset($ldap_bind); } if (isset($_POST['type']) && $_POST['type'] == "auth") { //get ldap server details while ($ra = mysql_fetch_array($r)) { $current_ldap_server_host = $ra[1]; $current_ldap_server_port = $ra[2]; $current_ldap_server_ssl = $ra[3]; $current_ldap_server_ldaptype = $ra[4]; $current_ldap_server_bindaccount = $ra[5]; $current_ldap_server_password = $ra[6]; $current_ldap_server_basedn = $ra[7]; } //get connected $ldap_conn = ldap_connection($current_ldap_server_host, $current_ldap_server_port, $current_ldap_server_ssl); if (!$ldap_conn) { $_SESSION['alert_message'] = "could not connect to server"; header('location:./?test_ldap_server=' . $host . '#tabs-3'); exit; } //get username and password from submission $username = $_POST['username']; $password = $_POST['password']; //get username $ldap_user_lookup = ldap_user_email_query($current_ldap_server_host, $current_ldap_server_port, $current_ldap_server_bindaccount, $current_ldap_server_password, $current_ldap_server_basedn, $current_ldap_server_ssl, $current_ldap_server_ldaptype, $username); if ($ldap_user_lookup) { $ldap_test_user_dn = $ldap_user_lookup['0']['dn']; } unset($ldap_bind); //attempt bind with provided username and password
function ldap_user_group_check($ldap_server, $ldap_port, $ldap_ssl, $ldap_type, $ldap_user, $ldap_pass, $ldap_basedn, $ldap_user, $ldap_group_dn) { //call connect function $ldap_conn = ldap_connection($ldap_server, $ldap_port, $ldap_user, $ldap_pass); //call bind function $ldap_bind = ldap_bind_connection($ldap_conn, $ldap_user, $ldap_pass); //setup search filter for the data you want $search = "(&(uid=" . $ldap_user . ")(memberof=" . $ldap_group_dn . ")"; //setup filter for what you want from your data $filter = array("dn", "uid"); //search $ldap_user_of_group = ldap_search($ldap_conn, $ldap_basedn, $search, $filter); //get data $ldap_user_of_group = ldap_get_entries($ldap_conn, $ldap_user_of_group); //return dump return $ldap_user_of_group; }
$ldap_port = $ra1['port']; $ldap_ssl_enc = $ra1['ssl_enc']; $ldap_ldaptype = $ra1['ldaptype']; $ldap_bindaccount = $ra1['bindaccount']; $ldap_password = $ra1['password']; $ldap_basedn = $ra1['basedn']; } //get group dn $ldap_group_dn = ldap_group_query($ldap_host, $ldap_port, $ldap_bindaccount, $ldap_password, $ldap_basedn, $ldap_ldaptype, $ldap_ssl_enc, $group); $ldap_group_dump = ldap_user_of_group($ldap_host, $ldap_port, $ldap_ssl_enc, $ldap_ldaptype, $ldap_bindaccount, $ldap_password, $ldap_basedn, $ldap_group_dn[0]['dn']); foreach ($ldap_group_dump as $username) { $ldap_user = $username['mail'][0]; if (strtolower($ldap_user) == strtolower($u)) { //attempt bind with provided username and password //get connected $ldap_conn = ldap_connection($ldap_host, $ldap_port, $ldap_ssl_enc); if (!$ldap_conn) { $_SESSION['alert_message'] = "problems attempting authentication"; header('location:../'); exit; } //get username $ldap_user_lookup = ldap_user_email_query($ldap_host, $ldap_port, $ldap_bindaccount, $ldap_password, $ldap_basedn, $ldap_ssl_enc, $ldap_ldaptype, $ldap_user); if ($ldap_user_lookup) { $ldap_dn = $ldap_user_lookup['0']['dn']; } //attempt bind with provided username and password $ldap_bind = ldap_bind_connection($ldap_conn, $ldap_dn, $temp_p); if ($ldap_bind) { //create an authenticated session $_SESSION['authenticated'] = 1;