/**
* {@inheritdoc}
*/
public function remove(Entry $entry)
{
$con = $this->connection->getResource();
if (!@ldap_delete($con, $entry->getDn())) {
throw new LdapException(sprintf('Could not remove entry "%s": %s', $entry->getDn(), ldap_error($con)));
}
}
function deleteAd($wireless_id)
{
if (!defined("LDAP_HOST_1")) {
return true;
}
//接続開始
$ldap_conn = ldap_connect(LDAP_HOST_1, LDAP_PORT);
if (!$ldap_conn) {
$ldap_conn = ldap_connect(LDAP_HOST_2, LDAP_PORT);
}
if (!$ldap_conn) {
Debug_Trace("接続失敗", 9);
return false;
}
// バインド
$ldap_bind = ldap_bind($ldap_conn, LDAP_DN, LDAP_PASS);
if (!$ldap_bind) {
Debug_Trace("バインド失敗", 9);
return false;
}
// 削除
$userDn = "CN=" . $wireless_id . "," . WLESS_ID_DN;
if (ldap_delete($ldap_conn, $userDn)) {
Debug_Trace("削除は成功しました", 952);
} else {
Debug_Trace("削除は失敗しました", 952);
return false;
}
return true;
}
/**
* Delete a distinguished name from Active Directory
* You should never need to call this yourself, just use the wrapper functions user_delete and contact_delete
*
* @param string $dn The distinguished name to delete
* @return bool
*/
public function delete($dn)
{
$result = ldap_delete($this->adldap->getLdapConnection(), $dn);
if ($result != true) {
return false;
}
return true;
}
public function removeUser($login)
{
$connect = $this->_bindLdapUser();
if ($connect === false) {
return false;
}
$result = ldap_delete($connect, $this->_buildUserDn($login));
ldap_close($connect);
return $result;
}
public static function deleta($email)
{
$ldap = app('ldap');
$base_dn = env('LDAP_BASE_DN');
$dn = "uid={$email},ou=People,{$base_dn}";
$success = ldap_delete($ldap, $dn);
ldap_close($ldap);
if (!$success) {
throw new Exception('Erro ao deletar usuario');
}
return $success;
}
public function removeUser($login)
{
$connect = $this->_getLinkId();
$result = false;
if ($connect) {
if (ldap_bind($connect, $this->_params['ldapUser'], $this->_params['ldapPassword'])) {
$result = ldap_delete($connect, $this->_buildUserDn($user->login));
}
ldap_close($connect);
}
return $result;
}
public function removeUser($login)
{
$connect = ldap_connect($this->_params['hostname'], $this->_params['port']);
$result = false;
if ($connect) {
ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
if (ldap_bind($connect, $this->_params['ldapUser'], $this->_params['ldapPassword'])) {
$result = ldap_delete($connect, 'cn=' . $user->login . ',' . $this->_params['searchBaseDN']);
}
ldap_close($connect);
}
return $result;
}
function AssistedLDAPDelete($ldapc, $dn)
{
// Use these variables that are outside the function
global $app_theme;
// Delete the entry
$r_del = ldap_delete($ldapc, $dn);
// Let's see if you could make it
if (!$r_del) {
echo '<div class="error">' . _("An error has ocurred trying to delete entries on the LDAP database: ") . ldap_error($ldapc) . '.<br /><br /><a href="javascript:history.back(1);">' . _("Back") . '</a></div>';
include "../themes/{$app_theme}/footer.php";
die;
}
return $r_del;
}
/**
* @return boolean
* @param ResourceBundle $connection
* @param string $connection
* @param boolean $recursive
*/
public function deleteRecord($connection, $dn, $recursive = false)
{
if ($recursive == false) {
return ldap_delete($connection, $dn);
} else {
$sr = ldap_list($connection, $dn, "ObjectClass=*", array(""));
$info = ldap_get_entries($connection, $sr);
for ($i = 0; $i < $info['count']; $i++) {
$result = myldap_delete($connection, $info[$i]['dn'], $recursive);
if (!$result) {
return $result;
}
}
return ldap_delete($connection, $dn);
}
}
/**
* suppression d'entrees OpenLDAP
* recursivite possible
*/
function lda_del($ldapconn, $dn, $recursive = FALSE)
{
if ($recursive == FALSE) {
return ldap_delete($ldapconn, $dn);
} else {
$sr = ldap_list($ldapconn, $dn, "ObjectClass=*");
$info = ldap_get_entries($ldapconn, $sr);
for ($i = 0; $i < $info['count']; $i++) {
$result = lda_del($ldapconn, $info[$i]['dn'], $recursive);
if (!$result) {
return $result;
}
}
return ldap_delete($ldapconn, $dn);
}
}
function delete_ldap($dn, $connect, $recursive = false)
{
if ($recursive == false) {
if (!@ldap_delete($connect, $dn)) {
echo "Deleting {$dn}...\n";
echo "ERROR: ldap_delete \"{$dn}\"" . ldap_err2str(ldap_errno($connect)) . "\n";
return false;
}
}
$sr = @ldap_list($connect, $dn, "ObjectClass=*");
if ($sr) {
$info = @ldap_get_entries($connect, $sr);
for ($i = 0; $i < $info['count']; $i++) {
$result = delete_ldap($info[$i]['dn'], $connect, $recursive);
if (!$result) {
return $result;
}
}
return delete_ldap($dn, $connect, false);
}
}
/**
* Performs a request against the LDAP server
*
* The type of request (and the corresponding PHP ldap function called)
* depend on two additional parameters, added in respect to the
* DB_common interface.
*
* @param string $filter text of the request to send to the LDAP server
* @param string $action type of request to perform, defaults to search (ldap_search())
* @param array $params array of additional parameters to pass to the PHP ldap function requested
* @return result from ldap function or DB Error object if no result
*/
function simpleQuery($filter, $action = null, $params = null)
{
if ($action === null) {
$action = !empty($this->q_action) ? $this->q_action : $this->action;
}
if ($params === null) {
$params = count($this->q_params) > 0 ? $this->q_params : array();
}
if (!$this->isManip($action)) {
$base = $this->q_base ? $this->q_base : $this->base;
$attributes = array();
$attrsonly = 0;
$sizelimit = 0;
$timelimit = 0;
$deref = LDAP_DEREF_NEVER;
$sorting = '';
$sorting_method = '';
reset($params);
while (list($k, $v) = each($params)) {
if (isset(${$k})) {
${$k} = $v;
}
}
$this->sorting = $sorting;
$this->sorting_method = $sorting_method;
$this->attributes = $attributes;
# double escape char for filter: '(o=Przedsi\C4\99biorstwo)' => '(o=Przedsi\\C4\\99biorstwo)'
$filter = str_replace('\\', '\\\\', $filter);
$this->last_query = $filter;
if ($action == 'search') {
$result = @ldap_search($this->connection, $base, $filter, $attributes, $attrsonly, $sizelimit, $timelimit, $deref);
} else {
if ($action == 'list') {
$result = @ldap_list($this->connection, $base, $filter, $attributes, $attrsonly, $sizelimit, $timelimit, $deref);
} else {
if ($action == 'read') {
$result = @ldap_read($this->connection, $base, $filter, $attributes, $attrsonly, $sizelimit, $timelimit, $deref);
} else {
return $this->ldapRaiseError(DB_ERROR_UNKNOWN_LDAP_ACTION);
}
}
}
if (!$result) {
return $this->ldapRaiseError();
}
} else {
# If first argument is an array, it contains the entry with DN.
if (is_array($filter)) {
$entry = $filter;
$filter = $entry["dn"];
} else {
$entry = array();
}
unset($entry["dn"]);
$attribute = '';
$value = '';
$newrdn = '';
$newparent = '';
$deleteoldrdn = false;
reset($params);
while (list($k, $v) = each($params)) {
if (isset(${$k})) {
${$k} = $v;
}
}
$this->last_query = $filter;
if ($action == 'add') {
$result = @ldap_add($this->connection, $filter, $entry);
} else {
if ($action == 'compare') {
$result = @ldap_add($this->connection, $filter, $attribute, $value);
} else {
if ($action == 'delete') {
$result = @ldap_delete($this->connection, $filter);
} else {
if ($action == 'modify') {
$result = @ldap_modify($this->connection, $filter, $entry);
} else {
if ($action == 'mod_add') {
$result = @ldap_mod_add($this->connection, $filter, $entry);
} else {
if ($action == 'mod_del') {
$result = @ldap_mod_del($this->connection, $filter, $entry);
} else {
if ($action == 'mod_replace') {
$result = @ldap_mod_replace($this->connection, $filter, $entry);
} else {
if ($action == 'rename') {
$result = @ldap_rename($this->connection, $filter, $newrdn, $newparent, $deleteoldrdn);
} else {
return $this->ldapRaiseError(DB_ERROR_UNKNOWN_LDAP_ACTION);
}
}
}
}
}
}
}
}
if (!$result) {
return $this->ldapRaiseError();
}
}
$this->freeQuery();
return $result;
}
/**
* Delete a LDAP entry
* Ldap object connect and bind must have been done
*
* @param string $dn DN entry key
* @return int <0 if KO, >0 if OK
*/
function delete($dn)
{
global $conf;
dol_syslog(get_class($this) . "::delete Delete LDAP entry dn=" . $dn);
// Check parameters
if (!$this->connection) {
$this->error = "NotConnected";
return -2;
}
if (!$this->bind) {
$this->error = "NotConnected";
return -3;
}
// Encode to LDAP page code
$dn = $this->convFromOutputCharset($dn, $this->ldapcharset);
$result = @ldap_delete($this->connection, $dn);
if ($result) {
return 1;
}
return -1;
}
<?php
require "connect.inc";
$link = ldap_connect_and_bind($host, $port, $user, $passwd, $protocol_version);
insert_dummy_data($link);
ldap_add($link, "cn=userref,dc=my-domain,dc=com", array("objectClass" => array("extensibleObject", "referral"), "cn" => "userref", "ref" => "cn=userA,dc=my-domain,dc=com"));
ldap_set_option($link, LDAP_OPT_DEREF, LDAP_DEREF_NEVER);
$result = ldap_search($link, "dc=my-domain,dc=com", "(cn=*)");
$ref = ldap_first_reference($link, $result);
$refs = null;
var_dump(ldap_parse_reference($link, $ref, $refs), $refs);
?>
===DONE===
<?php
include "connect.inc";
$link = ldap_connect_and_bind($host, $port, $user, $passwd, $protocol_version);
// Referral can only be removed with Manage DSA IT Control
ldap_set_option($link, LDAP_OPT_SERVER_CONTROLS, array(array("oid" => "2.16.840.1.113730.3.4.2")));
ldap_delete($link, "cn=userref,dc=my-domain,dc=com");
remove_dummy_data($link);
/**
* @return bool
*/
public function Delete($sDeleteDn)
{
$bResult = false;
if (!empty($sDeleteDn)) {
CApi::Log('ldap_delete = ' . ($sDeleteDn . ',' . $this->sSearchDN));
$bResult = !!@ldap_delete($this->rLink, $sDeleteDn . ',' . $this->sSearchDN);
$this->validateLdapErrorOnFalse($bResult);
}
return $bResult;
}
/**
* Deletes a given DN from the tree
*
* @param string $dn The DN of the object you want to delete
*
* @return boolean Result of operation
*
* @since 12.1
*/
public function delete($dn)
{
return @ldap_delete($this->_resource, $dn);
}
/**
* Perform an LDAP delete.
*
* @param string $dn
*
* @return boolean result per ldap_delete
*/
public function delete($dn)
{
if (!$this->connection) {
$this->connect();
$this->bind();
}
$result = @ldap_delete($this->connection, $dn);
if (!$result) {
$error = "LDAP Server delete(%dn) in LdapServer::delete() Error Server ID = %sid, LDAP Err No: %ldap_errno LDAP Err Message: %ldap_err2str ";
$tokens = array('%dn' => $dn, '%sid' => $this->sid, '%ldap_errno' => ldap_errno($this->connection), '%ldap_err2str' => ldap_err2str(ldap_errno($this->connection)));
watchdog('ldap_server', $error, $tokens, WATCHDOG_ERROR);
}
return $result;
}
/**
* Deletes an entry on the current LDAP directory.
*
* @param string $dn
*
* @return bool
*/
public function delete($dn)
{
if ($this->suppressErrors) {
return @ldap_delete($this->getConnection(), $dn);
}
return ldap_delete($this->getConnection(), $dn);
}
<?php
require "connect.inc";
$link = ldap_connect_and_bind($host, $port, $user, $passwd, $protocol_version);
insert_dummy_data($link, $base);
ldap_add($link, "cn=userref,$base", array(
"objectClass" => array("extensibleObject", "referral"),
"cn" => "userref",
"ref" => "cn=userA,$base",
));
ldap_set_option($link, LDAP_OPT_DEREF, LDAP_DEREF_NEVER);
$result = ldap_search($link, "$base", "(cn=*)");
var_dump($ref = ldap_first_reference($link, $result));
$refs = null;
ldap_parse_reference($link, $ref, $refs);
var_dump($refs);
?>
===DONE===
<?php
include "connect.inc";
$link = ldap_connect_and_bind($host, $port, $user, $passwd, $protocol_version);
// Referral can only be removed with Manage DSA IT Control
ldap_set_option($link, LDAP_OPT_SERVER_CONTROLS, array(array("oid" => "2.16.840.1.113730.3.4.2")));
ldap_delete($link, "cn=userref,$base");
remove_dummy_data($link, $base);
?>
/**
* Deletes an entry from the directory.
*
* @param string|Horde_Ldap_Entry $dn DN string or Horde_Ldap_Entry.
* @param boolean $recursive Should we delete all children
* recursivelx as well?
* @throws Horde_Ldap_Exception
*/
public function delete($dn, $recursive = false)
{
if ($dn instanceof Horde_Ldap_Entry) {
$dn = $dn->dn();
}
if (!is_string($dn)) {
throw new Horde_Ldap_Exception('Parameter is not a string nor an entry object!');
}
/* Recursive delete searches for children and calls delete for them. */
if ($recursive) {
$result = @ldap_list($this->_link, $dn, '(objectClass=*)', array(null), 0, 0);
if ($result && @ldap_count_entries($this->_link, $result)) {
for ($subentry = @ldap_first_entry($this->_link, $result); $subentry; $subentry = @ldap_next_entry($this->_link, $subentry)) {
$this->delete(@ldap_get_dn($this->_link, $subentry), true);
}
}
}
/* Continue the delete operation in a loop until we get a success, or a
* definitive failure. */
while (true) {
$link = $this->getLink();
if (!$link) {
/* We do not have a successful connection yet. The call to
* getLink() would have kept trying if we wanted one. */
throw new Horde_Ldap_Exception('Could not add entry ' . $dn . ' no valid LDAP connection could be found.');
}
$s = @ldap_delete($link, $dn);
if ($s) {
/* Entry successfully deleted. */
return;
}
/* We have a failure. What kind? We may be able to reconnect and
* try again. */
$error_code = @ldap_errno($link);
if ($this->errorName($error_code) == 'LDAP_OPERATIONS_ERROR' && $this->_config['auto_reconnect']) {
/* The server has disconnected before trying the operation. We
* should try again, possibly with a different server. */
$this->_link = false;
$this->_reconnect();
} elseif ($this->errorName($error_code) == 'LDAP_NOT_ALLOWED_ON_NONLEAF') {
/* Subentries present, server refused to delete.
* Deleting subentries is the clients responsibility, but since
* the user may not know of the subentries, we do not force
* that here but instead notify the developer so he may take
* actions himself. */
throw new Horde_Ldap_Exception('Could not delete entry ' . $dn . ' because of subentries. Use the recursive parameter to delete them.', $error_code);
} else {
/* Errors other than the above catched are just passed back to
* the user so he may react upon them. */
throw new Horde_Ldap_Exception('Could not delete entry ' . $dn . ': ' . ldap_err2str($error_code), $error_code);
}
}
}
/**
* Deletes the specified entry from the LDAP directory.
*
* @param string $object_key
* @param string $object_id
*
* @throws Turba_Exception
*/
protected function _delete($object_key, $object_id)
{
if ($object_key != 'dn') {
throw new Turba_Exception(_("Invalid key specified."));
}
$this->_connect();
if (!@ldap_delete($this->_ds, Horde_String::convertCharset($object_id, 'UTF-8', $this->_params['charset']))) {
throw new Turba_Exception(sprintf(_("Delete failed: (%s) %s"), ldap_errno($this->_ds), ldap_error($this->_ds)));
}
}
<?php
require "connect.inc";
$link = ldap_connect_and_bind($host, $port, $user, $passwd, $protocol_version);
ldap_add($link, "dc=my-domain,dc=com", array("objectClass" => array("top", "dcObject", "organization"), "dc" => "my-domain", "o" => "my-domain"));
var_dump(ldap_delete($link, "dc=my-domain,dc=com"), @ldap_search($link, "dc=my-domain,dc=com", "(o=my-domain)"));
?>
===DONE===
<?php
require "connect.inc";
$link = ldap_connect_and_bind($host, $port, $user, $passwd, $protocol_version);
ldap_delete($link, "dc=my-domain,dc=com");
/**
* Delete an LDAP entry
*
* @param string|Dn $dn
* @param boolean $recursively
* @return Ldap Provides a fluid interface
* @throws Exception\LdapException
*/
public function delete($dn, $recursively = false)
{
if ($dn instanceof Dn) {
$dn = $dn->toString();
}
if ($recursively === true) {
if ($this->countChildren($dn) > 0) {
$children = $this->getChildrenDns($dn);
foreach ($children as $c) {
$this->delete($c, true);
}
}
}
ErrorHandler::start(E_WARNING);
$isDeleted = ldap_delete($this->getResource(), $dn);
ErrorHandler::stop();
if ($isDeleted === false) {
throw new Exception\LdapException($this, 'deleting: ' . $dn);
}
return $this;
}
/**
* Mark one or more contact records as deleted
*
* @param array Record identifiers
* @return boolean True on success, False on error
*/
function delete($ids)
{
if (!is_array($ids)) {
// Not an array, break apart the encoded DNs.
$dns = explode(',', $ids);
}
// end if
foreach ($dns as $id) {
$dn = base64_decode($id);
$this->_debug("C: Delete [dn: {$dn}]");
// Delete the record.
$res = ldap_delete($this->conn, $dn);
if ($res === FALSE) {
$this->_debug("S: " . ldap_error($this->conn));
return false;
}
// end if
$this->_debug("S: OK");
}
// end foreach
return count($dns);
}
protected function recursive_delete($connection, $dn, $filter)
{
if ($res = ldap_list($connection, $dn, $filter, array('dn'))) {
$info = ldap_get_entries($connection, $res);
ldap_free_result($res);
if ($info['count'] > 0) {
if ($res = ldap_search($connection, "{$filter},{$dn}", 'cn=*', array('dn'))) {
$info = ldap_get_entries($connection, $res);
ldap_free_result($res);
foreach ($info as $i) {
if (isset($i['dn'])) {
ldap_delete($connection, $i['dn']);
}
}
}
if ($res = ldap_search($connection, "{$filter},{$dn}", 'ou=*', array('dn'))) {
$info = ldap_get_entries($connection, $res);
ldap_free_result($res);
foreach ($info as $i) {
if (isset($i['dn']) and $info[0]['dn'] != $i['dn']) {
ldap_delete($connection, $i['dn']);
}
}
}
ldap_delete($connection, "{$filter},{$dn}");
}
}
}
/**
* Deletes an entry at the given DN.
*
* @param String $dn The distinguished name of a LDAP entity.
* @return boolean Returns true on success and false on failure.
*/
public function delete($dn)
{
return ldap_delete($this->conn, $dn);
}
<?php
header("Content-Type: text/plain");
/**
* delete a group
* @param : group name [required]
* @return : success/fail message (txt)
* */
if (!empty($_POST['group'])) {
// LDAP ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
// On a besoin de récupérer les infos sur les groupes pour le formulaire/ pour ajouter un nouvel utilisateur
include '../ldap/index.php';
$ds = connectionLDAP();
// LDAP ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
$name = $_POST['group'];
$dn = "cn={$name},ou=groups,dc=rBOX,dc=lan";
// Supression de l'entrée de l'annuaire
$r = ldap_delete($ds, $dn);
if ($r) {
echo 'Le groupe a été correctement supprimé.';
} else {
echo 'Données non conformes.';
}
kill($ds);
}
/**
* Creates a new user on LDAP.
* By using information in userobject
* Use user_exists to prevent duplicate usernames
*
* @param mixed $userobject Moodle userobject
* @param mixed $plainpass Plaintext password
*/
function user_create($userobject, $plainpass)
{
$extusername = core_text::convert($userobject->username, 'utf-8', $this->config->ldapencoding);
$extpassword = core_text::convert($plainpass, 'utf-8', $this->config->ldapencoding);
switch ($this->config->passtype) {
case 'md5':
$extpassword = '******' . base64_encode(pack('H*', md5($extpassword)));
break;
case 'sha1':
$extpassword = '******' . base64_encode(pack('H*', sha1($extpassword)));
break;
case 'plaintext':
default:
break;
// plaintext
}
$ldapconnection = $this->ldap_connect();
$attrmap = $this->ldap_attributes();
$newuser = array();
foreach ($attrmap as $key => $values) {
if (!is_array($values)) {
$values = array($values);
}
foreach ($values as $value) {
if (!empty($userobject->{$key})) {
$newuser[$value] = core_text::convert($userobject->{$key}, 'utf-8', $this->config->ldapencoding);
}
}
}
//Following sets all mandatory and other forced attribute values
//User should be creted as login disabled untill email confirmation is processed
//Feel free to add your user type and send patches to paca@sci.fi to add them
//Moodle distribution
switch ($this->config->user_type) {
case 'edir':
$newuser['objectClass'] = array('inetOrgPerson', 'organizationalPerson', 'person', 'top');
$newuser['uniqueId'] = $extusername;
$newuser['logindisabled'] = 'TRUE';
$newuser['userpassword'] = $extpassword;
$uadd = ldap_add($ldapconnection, $this->config->user_attribute . '=' . ldap_addslashes($extusername) . ',' . $this->config->create_context, $newuser);
break;
case 'rfc2307':
case 'rfc2307bis':
// posixAccount object class forces us to specify a uidNumber
// and a gidNumber. That is quite complicated to generate from
// Moodle without colliding with existing numbers and without
// race conditions. As this user is supposed to be only used
// with Moodle (otherwise the user would exist beforehand) and
// doesn't need to login into a operating system, we assign the
// user the uid of user 'nobody' and gid of group 'nogroup'. In
// addition to that, we need to specify a home directory. We
// use the root directory ('/') as the home directory, as this
// is the only one can always be sure exists. Finally, even if
// it's not mandatory, we specify '/bin/false' as the login
// shell, to prevent the user from login in at the operating
// system level (Moodle ignores this).
$newuser['objectClass'] = array('posixAccount', 'inetOrgPerson', 'organizationalPerson', 'person', 'top');
$newuser['cn'] = $extusername;
$newuser['uid'] = $extusername;
$newuser['uidNumber'] = AUTH_UID_NOBODY;
$newuser['gidNumber'] = AUTH_GID_NOGROUP;
$newuser['homeDirectory'] = '/';
$newuser['loginShell'] = '/bin/false';
// IMPORTANT:
// We have to create the account locked, but posixAccount has
// no attribute to achive this reliably. So we are going to
// modify the password in a reversable way that we can later
// revert in user_activate().
//
// Beware that this can be defeated by the user if we are not
// using MD5 or SHA-1 passwords. After all, the source code of
// Moodle is available, and the user can see the kind of
// modification we are doing and 'undo' it by hand (but only
// if we are using plain text passwords).
//
// Also bear in mind that you need to use a binding user that
// can create accounts and has read/write privileges on the
// 'userPassword' attribute for this to work.
$newuser['userPassword'] = '******' . $extpassword;
$uadd = ldap_add($ldapconnection, $this->config->user_attribute . '=' . ldap_addslashes($extusername) . ',' . $this->config->create_context, $newuser);
break;
case 'ad':
// User account creation is a two step process with AD. First you
// create the user object, then you set the password. If you try
// to set the password while creating the user, the operation
// fails.
// Passwords in Active Directory must be encoded as Unicode
// strings (UCS-2 Little Endian format) and surrounded with
// double quotes. See http://support.microsoft.com/?kbid=269190
if (!function_exists('mb_convert_encoding')) {
print_error('auth_ldap_no_mbstring', 'auth_ldap');
}
// Check for invalid sAMAccountName characters.
if (preg_match('#[/\\[\\]:;|=,+*?<>@"]#', $extusername)) {
print_error('auth_ldap_ad_invalidchars', 'auth_ldap');
}
// First create the user account, and mark it as disabled.
$newuser['objectClass'] = array('top', 'person', 'user', 'organizationalPerson');
$newuser['sAMAccountName'] = $extusername;
$newuser['userAccountControl'] = AUTH_AD_NORMAL_ACCOUNT | AUTH_AD_ACCOUNTDISABLE;
$userdn = 'cn=' . ldap_addslashes($extusername) . ',' . $this->config->create_context;
if (!ldap_add($ldapconnection, $userdn, $newuser)) {
print_error('auth_ldap_ad_create_req', 'auth_ldap');
}
// Now set the password
unset($newuser);
$newuser['unicodePwd'] = mb_convert_encoding('"' . $extpassword . '"', 'UCS-2LE', 'UTF-8');
if (!ldap_modify($ldapconnection, $userdn, $newuser)) {
// Something went wrong: delete the user account and error out
ldap_delete($ldapconnection, $userdn);
print_error('auth_ldap_ad_create_req', 'auth_ldap');
}
$uadd = true;
break;
default:
print_error('auth_ldap_unsupportedusertype', 'auth_ldap', '', $this->config->user_type_name);
}
$this->ldap_close();
return $uadd;
}
/**
* Delete an LDAP entry
*
* @param string|Zend_Ldap_Dn $dn
* @param boolean $recursively
* @return Zend_Ldap Provides a fluid interface
* @throws Zend_Ldap_Exception
*/
public function delete($dn, $recursively = false)
{
if ($dn instanceof Zend_Ldap_Dn) {
$dn = $dn->toString();
}
if ($recursively === true) {
if ($this->countChildren($dn) > 0) {
$children = $this->_getChildrenDns($dn);
foreach ($children as $c) {
$this->delete($c, true);
}
}
}
$isDeleted = @ldap_delete($this->getResource(), $dn);
if ($isDeleted === false) {
/**
* @see Zend_Ldap_Exception
*/
#require_once 'Zend/Ldap/Exception.php';
throw new Zend_Ldap_Exception($this, 'deleting: ' . $dn);
}
return $this;
}
/**
* Delete a distinguished name from Active Directory
* You should never need to call this yourself, just use the wrapper functions user_delete and contact_delete
*
* @param string $dn The distinguished name to delete
* @return bool
*/
protected function dn_delete($dn)
{
$result = ldap_delete($this->_conn, $dn);
if ($result != true) {
return false;
}
return true;
}
