/** * Modify a LDAP entry * Ldap object connect and bind must have been done * * @param string $dn DN entry key * @param array $info Attributes array * @param string $user Objet user that modify * @return int <0 if KO, >0 if OK */ function modify($dn, $info, $user) { global $conf; dol_syslog(get_class($this) . "::modify dn=" . $dn . " info=" . join(',', $info)); // Check parameters if (!$this->connection) { $this->error = "NotConnected"; return -2; } if (!$this->bind) { $this->error = "NotConnected"; return -3; } // Encode to LDAP page code $dn = $this->convFromOutputCharset($dn, $this->ldapcharset); foreach ($info as $key => $val) { if (!is_array($val)) { $info[$key] = $this->convFromOutputCharset($val, $this->ldapcharset); } } $this->dump($dn, $info); //print_r($info); $result = @ldap_modify($this->connection, $dn, $info); if ($result) { dol_syslog(get_class($this) . "::modify successfull", LOG_DEBUG); return 1; } else { $this->error = @ldap_error($this->connection); dol_syslog(get_class($this) . "::modify failed: " . $this->error, LOG_ERR); return -1; } }
/** * Modifies an entry and return a true or false result * * @param string $dn The DN which contains the attribute you want to modify * @param string $attribute The attribute values you want to modify * * @return mixed result of comparison (true, false, -1 on error) * * @since 12.1 */ public function modify($dn, $attribute) { return @ldap_modify($this->_resource, $dn, $attribute); }
/** * Update the entry on the directory server * * This will evaluate all changes made so far and send them * to the directory server. * Please note, that if you make changes to objectclasses wich * have mandatory attributes set, update() will currently fail. * Remove the entry from the server and readd it as new in such cases. * This also will deal with problems with setting structural object classes. * * @param Net_LDAP2 $ldap If passed, a call to setLDAP() is issued prior update, thus switching the LDAP-server. This is for perl-ldap interface compliance * * @access public * @return true|Net_LDAP2_Error * @todo Entry rename with a DN containing special characters needs testing! */ public function update($ldap = null) { if ($ldap) { $msg = $this->setLDAP($ldap); if (Net_LDAP2::isError($msg)) { return PEAR::raiseError('You passed an invalid $ldap variable to update()'); } } // ensure we have a valid LDAP object $ldap =& $this->getLDAP(); if (!$ldap instanceof Net_LDAP2) { return PEAR::raiseError("The entries LDAP object is not valid"); } // Get and check link $link = $ldap->getLink(); if (!is_resource($link)) { return PEAR::raiseError("Could not update entry: internal LDAP link is invalid"); } /* * Delete the entry */ if (true === $this->_delete) { return $ldap->delete($this); } /* * New entry */ if (true === $this->_new) { $msg = $ldap->add($this); if (Net_LDAP2::isError($msg)) { return $msg; } $this->_new = false; $this->_changes['add'] = array(); $this->_changes['delete'] = array(); $this->_changes['replace'] = array(); $this->_original = $this->_attributes; $return = true; return $return; } /* * Rename/move entry */ if (false == is_null($this->_newdn)) { if ($ldap->getLDAPVersion() !== 3) { return PEAR::raiseError("Renaming/Moving an entry is only supported in LDAPv3"); } // make dn relative to parent (needed for ldap rename) $parent = Net_LDAP2_Util::ldap_explode_dn($this->_newdn, array('casefolding' => 'none', 'reverse' => false, 'onlyvalues' => false)); if (Net_LDAP2::isError($parent)) { return $parent; } $child = array_shift($parent); // maybe the dn consist of a multivalued RDN, we must build the dn in this case // because the $child-RDN is an array! if (is_array($child)) { $child = Net_LDAP2_Util::canonical_dn($child); } $parent = Net_LDAP2_Util::canonical_dn($parent); // rename/move if (false == @ldap_rename($link, $this->_dn, $child, $parent, true)) { return PEAR::raiseError("Entry not renamed: " . @ldap_error($link), @ldap_errno($link)); } // reflect changes to local copy $this->_dn = $this->_newdn; $this->_newdn = null; } /* * Carry out modifications to the entry */ // ADD foreach ($this->_changes["add"] as $attr => $value) { // if attribute exists, add new values if ($this->exists($attr)) { if (false === @ldap_mod_add($link, $this->dn(), array($attr => $value))) { return PEAR::raiseError("Could not add new values to attribute {$attr}: " . @ldap_error($link), @ldap_errno($link)); } } else { // new attribute if (false === @ldap_modify($link, $this->dn(), array($attr => $value))) { return PEAR::raiseError("Could not add new attribute {$attr}: " . @ldap_error($link), @ldap_errno($link)); } } // all went well here, I guess unset($this->_changes["add"][$attr]); } // DELETE foreach ($this->_changes["delete"] as $attr => $value) { // In LDAPv3 you need to specify the old values for deleting if (is_null($value) && $ldap->getLDAPVersion() === 3) { $value = $this->_original[$attr]; } if (false === @ldap_mod_del($link, $this->dn(), array($attr => $value))) { return PEAR::raiseError("Could not delete attribute {$attr}: " . @ldap_error($link), @ldap_errno($link)); } unset($this->_changes["delete"][$attr]); } // REPLACE foreach ($this->_changes["replace"] as $attr => $value) { if (false === @ldap_modify($link, $this->dn(), array($attr => $value))) { return PEAR::raiseError("Could not replace attribute {$attr} values: " . @ldap_error($link), @ldap_errno($link)); } unset($this->_changes["replace"][$attr]); } // all went well, so _original (server) becomes _attributes (local copy) $this->_original = $this->_attributes; $return = true; return $return; }
/** * {@inheritdoc} */ public function update(Entry $entry) { $con = $this->connection->getResource(); if (!@ldap_modify($con, $entry->getDn(), $entry->getAttributes())) { throw new LdapException(sprintf('Could not update entry "%s": %s', $entry->getDn(), ldap_error($con))); } }
/** * The "U" in CRUD */ function ldapUpdate($entry = null) { $entryDn = "uid=" . $entry['uid'] . "," . $this->baseDn; if ($entry) { if (@ldap_modify($this->ds, $entryDn, $entry)) { return true; } } }
public static function ativa($email) { $ldap = app('ldap'); $base_dn = env('LDAP_BASE_DN'); $dn = "uid={$email},ou=People,{$base_dn}"; $info = ldap_modify($ldap, $dn, ['validado' => 'TRUE']); ldap_close($ldap); return $info; }
function AssistedLDAPModify($ldapc, $moddn, $in) { // Use these variables that are outside the function global $app_theme; // Modify the entry $r_mod = ldap_modify($ldapc, $moddn, $in); // Let's see if you could make it if (!$r_mod) { echo '<div class="error">' . _("An error has ocurred trying to modify entries on the LDAP database: ") . ldap_error($ldapc) . '.<br /><br /><a href="javascript:history.back(1);">' . _("Back") . '</a></div>'; include "../themes/{$app_theme}/footer.php"; die; } return $r_mod; }
function putData($username, $data) { global $dsconnect, $host, $binduser, $bindpass, $basecn; if ($data != "") { $data .= "ga4php:"; } // set this to default to begin with $tokendata = false; // we need to track the "first" blank attribute $blank_attr = false; // we search for a username that matches what we've been passed $sr = ldap_search($dsconnect, "{$basecn}", "samaccountname={$username}"); $info = ldap_get_entries($dsconnect, $sr); $dn = $info[0]["distinguishedname"][0]; //echo "<pre>"; //print_r($info); //echo "</pre>"; $attr_name = false; for ($i = 1; $i < 15; $i++) { $valname = "extensionattribute{$i}"; if (isset($info[0]["{$valname}"][0])) { $val = $info[0]["{$valname}"][0]; // we are looking for an extension attribute that has a start of "ga4php" if (preg_match('/^ga4php.*/', $val) > 0) { $attr_name = $valname; } } else { if ($blank_attr == false) { // this will cathc the first unset extension variable name, if we need it $blank_attr = "{$valname}"; } } } // if the attr_name is not set, we need to set $blank_attr if ($attr_name == false) { // we use $blank_attr error_log("setting for {$username}, {$blank_attr}"); $infod["{$blank_attr}"][0] = "{$data}"; } else { error_log("setting for {$username}, {$attr_name}"); $infod["{$attr_name}"][0] = "{$data}"; } error_log("att end of put data for {$dn}, {$infod}"); return ldap_modify($dsconnect, $dn, $infod); // even simpler! }
public function updateUser($user) { if (!is_object($user) || !$user instanceof jAuthUserLDAP) { throw new jException('jelix~auth.ldap.object.user.unknown'); } if (!($user->login != '')) { throw new jException('jelix~auth.ldap.user.login.unset'); } $entries = $this->getAttributesLDAP($user, true); $connect = $this->_bindLdapUser(); if ($connect === false) { return false; } $result = ldap_modify($connect, $this->_buildUserDn($user->login), $entries); ldap_close($connect); return $result; }
/** * Add a note to the existing notes */ function ajax_addnote($dn, $note) { global $conf; global $LDAP_CON; global $FIELDS; header('Content-Type: text/html; charset=utf-8'); // fetch the existing note $result = ldap_search($LDAP_CON, $dn, '(objectClass=inetOrgPerson)', array($FIELDS['note'])); if (ldap_count_entries($LDAP_CON, $result)) { $result = ldap_get_binentries($LDAP_CON, $result); } $note = $note . "\n\n" . $result[0][$FIELDS['note']][0]; $note = preg_replace("!\n\n\n+!", "\n\n", $note); $entry[$FIELDS['note']] = $note; ldap_modify($LDAP_CON, $dn, $entry); require_once dirname(__FILE__) . '/inc/smarty/plugins/modifier.noteparser.php'; print smarty_modifier_noteparser($note); }
function changePassword($username, $newpassword, $newpassword2) { global $connection, $DN; if ($newpassword != $newpassword2) { return false; } $search = ldap_search($connection, $DN, "(uid=" . $username . ")", array("dn")); $ent = ldap_get_entries($connection, $search); if ($ent["count"] == 0) { return false; } $user_dn = $ent[0]['dn']; $new = array(); $new['userPassword'] = $newpassword; if (ldap_modify($connection, $user_dn, $new)) { return true; } else { return false; } }
public function UserMod($username, $attributes = array()) { // Clone the attributes array $attr = array_merge($attributes, array()); $Usr = $this->UserGet($username); if ($Usr) { $OldCn = $Usr['cn']; $NewCn = $attr['cn']; if ($NewCn == $OldCn) { // Same CN, no need to pass it as an argument unset($attr['cn']); } else { // Rename user ldap_rename($this->conn, 'CN=' . $OldCn . ',CN=Users,' . $this->BaseDn, 'CN=' . $NewCn, null, true); unset($attr['cn']); } return ldap_modify($this->conn, $this->GetUserDnByCn($NewCn), $attr); } else { return; } }
/** * modify attributes of ldap entry * * @param string $dn DN of entry * @param array $attributes should follow the structure of ldap_add functions * entry array: http://us.php.net/manual/en/function.ldap-add.php $attributes["attribute1"] = "value"; $attributes["attribute2"][0] = "value1"; $attributes["attribute2"][1] = "value2"; @return TRUE on success FALSE on error */ function modifyLdapEntry($dn, $attributes = array(), $old_attributes = FALSE) { $this->connectAndBindIfNotAlready(); if (!$old_attributes) { $result = @ldap_read($this->connection, $dn, 'objectClass=*'); if (!$result) { $error = "LDAP Server ldap_read(%dn) in LdapServer::modifyLdapEntry() Error Server ID = %sid, LDAP Err No: %ldap_errno LDAP Err Message: %ldap_err2str "; $tokens = array('%dn' => $dn, '%sid' => $this->sid, '%ldap_errno' => ldap_errno($this->connection), '%ldap_err2str' => ldap_err2str(ldap_errno($this->connection))); watchdog('ldap_server', $error, $tokens, WATCHDOG_ERROR); return FALSE; } $entries = ldap_get_entries($this->connection, $result); if (is_array($entries) && $entries['count'] == 1) { $old_attributes = $entries[0]; } } $attributes = $this->removeUnchangedAttributes($attributes, $old_attributes); foreach ($attributes as $key => $cur_val) { $old_value = FALSE; $key_lcase = drupal_strtolower($key); if (isset($old_attributes[$key_lcase])) { if ($old_attributes[$key_lcase]['count'] == 1) { $old_value = $old_attributes[$key_lcase][0]; } else { unset($old_attributes[$key_lcase]['count']); $old_value = $old_attributes[$key_lcase]; } } if ($cur_val == '' && $old_value != '') { // remove enpty attributes unset($attributes[$key]); $result = @ldap_mod_del($this->connection, $dn, array($key_lcase => $old_value)); if (!$result) { $error = "LDAP Server ldap_mod_del(%dn) in LdapServer::modifyLdapEntry() Error Server ID = %sid, LDAP Err No: %ldap_errno LDAP Err Message: %ldap_err2str "; $tokens = array('%dn' => $dn, '%sid' => $this->sid, '%ldap_errno' => ldap_errno($this->connection), '%ldap_err2str' => ldap_err2str(ldap_errno($this->connection))); watchdog('ldap_server', $error, $tokens, WATCHDOG_ERROR); return FALSE; } } elseif (is_array($cur_val)) { foreach ($cur_val as $mv_key => $mv_cur_val) { if ($mv_cur_val == '') { unset($attributes[$key][$mv_key]); // remove empty values in multivalues attributes } else { $attributes[$key][$mv_key] = $mv_cur_val; } } } } if (count($attributes) > 0) { $result = @ldap_modify($this->connection, $dn, $attributes); if (!$result) { $error = "LDAP Server ldap_modify(%dn) in LdapServer::modifyLdapEntry() Error Server ID = %sid, LDAP Err No: %ldap_errno LDAP Err Message: %ldap_err2str "; $tokens = array('%dn' => $dn, '%sid' => $this->sid, '%ldap_errno' => ldap_errno($this->connection), '%ldap_err2str' => ldap_err2str(ldap_errno($this->connection))); watchdog('ldap_server', $error, $tokens, WATCHDOG_ERROR); return FALSE; } } return TRUE; }
function change_passwd($rdn, $pass, $new_pass) { $rdn = $this->search_user_rdn($rdn); $this->auth($rdn, $pass); $entry = array(); $entry["userPassword"] = "******" . base64_encode(pack("H*", sha1($new_pass))); if (ldap_modify($this->conn, $rdn, $entry) === false) { throw new Xldap_Exception('Your password cannot be change, please contact the administrator'); } }
/** * Modify a user * * @param string $username The username to query * @param array $attributes The attributes to modify. Note if you set the enabled attribute you must not specify any other attributes * @param bool $isGUID Is the username passed a GUID or a samAccountName * @return bool */ public function modify($username, $attributes, $isGUID = false) { if ($username === NULL) { return "Missing compulsory field [username]"; } if (array_key_exists("password", $attributes) && !$this->adldap->getUseSSL() && !$this->adldap->getUseTLS()) { throw new adLDAPException('SSL/TLS must be configured on your webserver and enabled in the class to set passwords.'); } // Find the dn of the user $userDn = $this->dn($username, $isGUID); if ($userDn === false) { return false; } // Translate the update to the LDAP schema $mod = $this->adldap->adldap_schema($attributes); // Check to see if this is an enabled status update if (!$mod && !array_key_exists("enabled", $attributes)) { return false; } // Set the account control attribute (only if specified) if (array_key_exists("enabled", $attributes)) { if ($attributes["enabled"]) { $controlOptions = array("NORMAL_ACCOUNT"); } else { $controlOptions = array("NORMAL_ACCOUNT", "ACCOUNTDISABLE"); } $mod["userAccountControl"][0] = $this->accountControl($controlOptions); } // Do the update $result = @ldap_modify($this->adldap->getLdapConnection(), $userDn, $mod); if ($result == false) { return false; } return true; }
public static function modifyPassword($user, $password) { // create LDAP connection // $ldapConnectionConfig = Config::get('ldap.connections.' . App::environment()); $ldapHost = $ldapConnectionConfig['host']; $ldapPort = $ldapConnectionConfig['port']; $ldapConnection = ldap_connect($ldapHost, $ldapPort); if ($ldapConnection) { // query LDAP for user info // ldap_set_option($ldapConnection, LDAP_OPT_PROTOCOL_VERSION, 3); $ldapUser = $ldapConnectionConfig['users']['password_set_user']; $ldapbind = ldap_bind($ldapConnection, $ldapUser['user'], $ldapUser['password']); $dn = 'swampUuid=' . $user->user_uid . ',ou=people,o=SWAMP,dc=cosalab,dc=org'; $response = ldap_modify($ldapConnection, $dn, array('userPassword' => $password)); // close LDAP connection // ldap_close($ldapConnection); // update user_account entry // $userAccount = UserAccount::where('user_uid', '=', $user->user_uid)->first(); $userAccount->ldap_profile_update_date = gmdate('Y-m-d H:i:s'); $userAccount->save(); return $user; } }
/** * Changes userpassword in LDAP * * Called when the user password is updated. It assumes it is * called by an admin or that you've otherwise checked the user's * credentials * * @param object $user User table object * @param string $newpassword Plaintext password (not crypted/md5'ed) * @return boolean result * */ function user_update_password($user, $newpassword) { global $USER; $result = false; $username = $user->username; $extusername = core_text::convert($username, 'utf-8', $this->config->ldapencoding); $extpassword = core_text::convert($newpassword, 'utf-8', $this->config->ldapencoding); switch ($this->config->passtype) { case 'md5': $extpassword = '******' . base64_encode(pack('H*', md5($extpassword))); break; case 'sha1': $extpassword = '******' . base64_encode(pack('H*', sha1($extpassword))); break; case 'plaintext': default: break; // plaintext } $ldapconnection = $this->ldap_connect(); $user_dn = $this->ldap_find_userdn($ldapconnection, $extusername); if (!$user_dn) { error_log($this->errorlogtag . get_string('nodnforusername', 'auth_ldap', $user->username)); return false; } switch ($this->config->user_type) { case 'edir': // Change password $result = ldap_modify($ldapconnection, $user_dn, array('userPassword' => $extpassword)); if (!$result) { error_log($this->errorlogtag . get_string('updatepasserror', 'auth_ldap', array('errno' => ldap_errno($ldapconnection), 'errstring' => ldap_err2str(ldap_errno($ldapconnection))))); } // Update password expiration time, grace logins count $search_attribs = array($this->config->expireattr, 'passwordExpirationInterval', 'loginGraceLimit'); $sr = ldap_read($ldapconnection, $user_dn, '(objectClass=*)', $search_attribs); if ($sr) { $entry = ldap_get_entries_moodle($ldapconnection, $sr); $info = array_change_key_case($entry[0], CASE_LOWER); $newattrs = array(); if (!empty($info[$this->config->expireattr][0])) { // Set expiration time only if passwordExpirationInterval is defined if (!empty($info['passwordexpirationinterval'][0])) { $expirationtime = time() + $info['passwordexpirationinterval'][0]; $ldapexpirationtime = $this->ldap_unix2expirationtime($expirationtime); $newattrs['passwordExpirationTime'] = $ldapexpirationtime; } // Set gracelogin count if (!empty($info['logingracelimit'][0])) { $newattrs['loginGraceRemaining'] = $info['logingracelimit'][0]; } // Store attribute changes in LDAP $result = ldap_modify($ldapconnection, $user_dn, $newattrs); if (!$result) { error_log($this->errorlogtag . get_string('updatepasserrorexpiregrace', 'auth_ldap', array('errno' => ldap_errno($ldapconnection), 'errstring' => ldap_err2str(ldap_errno($ldapconnection))))); } } } else { error_log($this->errorlogtag . get_string('updatepasserrorexpire', 'auth_ldap', array('errno' => ldap_errno($ldapconnection), 'errstring' => ldap_err2str(ldap_errno($ldapconnection))))); } break; case 'ad': // Passwords in Active Directory must be encoded as Unicode // strings (UCS-2 Little Endian format) and surrounded with // double quotes. See http://support.microsoft.com/?kbid=269190 if (!function_exists('mb_convert_encoding')) { error_log($this->errorlogtag . get_string('needmbstring', 'auth_ldap')); return false; } $extpassword = mb_convert_encoding('"' . $extpassword . '"', "UCS-2LE", $this->config->ldapencoding); $result = ldap_modify($ldapconnection, $user_dn, array('unicodePwd' => $extpassword)); if (!$result) { error_log($this->errorlogtag . get_string('updatepasserror', 'auth_ldap', array('errno' => ldap_errno($ldapconnection), 'errstring' => ldap_err2str(ldap_errno($ldapconnection))))); } break; default: // Send LDAP the password in cleartext, it will md5 it itself $result = ldap_modify($ldapconnection, $user_dn, array('userPassword' => $extpassword)); if (!$result) { error_log($this->errorlogtag . get_string('updatepasserror', 'auth_ldap', array('errno' => ldap_errno($ldapconnection), 'errstring' => ldap_err2str(ldap_errno($ldapconnection))))); } } $this->ldap_close(); return $result; }
function changePassword($user, $oldPassword, $newPassword, $newPasswordCnf) { global $message; global $message_css; $server = "openldap-server"; $dn = "ou=product,ou=people,dc=zenchat,dc=ldap"; error_reporting(0); ldap_connect($server); $con = ldap_connect($server); ldap_set_option($con, LDAP_OPT_PROTOCOL_VERSION, 3); // bind anon and find user by uid $user_search = ldap_search($con, $dn, "(|(uid={$user})(mail={$user}))"); $user_get = ldap_get_entries($con, $user_search); $user_entry = ldap_first_entry($con, $user_search); $user_dn = ldap_get_dn($con, $user_entry); $user_id = $user_get[0]["uid"][0]; $user_givenName = $user_get[0]["givenName"][0]; $user_search_arry = array("*", "ou", "uid", "mail", "passwordRetryCount", "passwordhistory"); $user_search_filter = "(|(uid={$user_id})(mail={$user}))"; $user_search_opt = ldap_search($con, $user_dn, $user_search_filter, $user_search_arry); $user_get_opt = ldap_get_entries($con, $user_search_opt); $passwordRetryCount = $user_get_opt[0]["passwordRetryCount"][0]; $passwordhistory = $user_get_opt[0]["passwordhistory"][0]; //$message[] = "Username: "******"DN: " . $user_dn; //$message[] = "Current Pass: "******"New Pass: "******"Error E101 - Your Account is Locked Out!!!"; return false; } if (ldap_bind($con, $user_dn, $oldPassword) === false) { $message[] = "Error E101 - Current Username or Password is wrong."; return false; } if ($newPassword != $newPasswordCnf) { $message[] = "Error E102 - Your New passwords do not match!"; return false; } $encoded_newPassword = "******" . base64_encode(pack("H*", sha1($newPassword))); $history_arr = ldap_get_values($con, $user_dn, "passwordhistory"); if ($history_arr) { $message[] = "Error E102 - Your new password matches one of the last 10 passwords that you used, you MUST come up with a new password."; return false; } if (strlen($newPassword) < 8) { $message[] = "Error E103 - Your new password is too short.<br/>Your password must be at least 8 characters long."; return false; } if (!preg_match("/[0-9]/", $newPassword)) { $message[] = "Error E104 - Your new password must contain at least one number."; return false; } if (!preg_match("/[a-zA-Z]/", $newPassword)) { $message[] = "Error E105 - Your new password must contain at least one letter."; return false; } if (!preg_match("/[A-Z]/", $newPassword)) { $message[] = "Error E106 - Your new password must contain at least one uppercase letter."; return false; } if (!preg_match("/[a-z]/", $newPassword)) { $message[] = "Error E107 - Your new password must contain at least one lowercase letter."; return false; } if (!$user_get) { $message[] = "Error E200 - Unable to connect to server, you may not change your password at this time, sorry."; return false; } $auth_entry = ldap_first_entry($con, $user_search); $mail_addresses = ldap_get_values($con, $auth_entry, "mail"); $given_names = ldap_get_values($con, $auth_entry, "givenName"); $password_history = ldap_get_values($con, $auth_entry, "passwordhistory"); $mail_address = $mail_addresses[0]; $first_name = $given_names[0]; /* And Finally, Change the password */ $entry = array(); $entry["userPassword"] = "******"; if (ldap_modify($con, $user_dn, $entry) === false) { $error = ldap_error($con); $errno = ldap_errno($con); $message[] = "E201 - Your password cannot be change, please contact the administrator."; $message[] = "{$errno} - {$error}"; } else { $message_css = "yes"; mail($mail_address, "Password change notice", "Dear {$first_name},\nYour password on http://support.example.com for account {$user_id} was just changed. If you did not make this change, please contact support@example.com.\nIf you were the one who changed your password, you may disregard this message.\n\nThanks\n-Connor"); $message[] = "The password for {$user_id} has been changed.<br/>An informational email as been sent to {$mail_address}.<br/>Your new password is now fully Active."; } }
/** * Mail enable a contact * Allows email to be sent to them through Exchange * * @param string $distinguishedName The contact to mail enable * @param string $emailAddress The email address to allow emails to be sent through * @param string $mailNickname The mailnickname for the contact in Exchange. If NULL this will be set to the display name * @return bool */ public function contactMailEnable($distinguishedName, $emailAddress, $mailNickname = NULL) { if ($distinguishedName === NULL) { return "Missing compulsory field [distinguishedName]"; } if ($emailAddress === NULL) { return "Missing compulsory field [emailAddress]"; } if ($mailNickname !== NULL) { // Find the dn of the user $user = $this->adldap->contact()->info($distinguishedName, array("cn", "displayname")); if ($user[0]["displayname"] === NULL) { return false; } $mailNickname = $user[0]['displayname'][0]; } $attributes = array("email" => $emailAddress, "contact_email" => "SMTP:" . $emailAddress, "exchange_proxyaddress" => "SMTP:" . $emailAddress, "exchange_mailnickname" => $mailNickname); // Translate the update to the LDAP schema $mod = $this->adldap->adldap_schema($attributes); // Check to see if this is an enabled status update if (!$mod) { return false; } // Do the update $result = ldap_modify($this->adldap->getLdapConnection(), $distinguishedName, $mod); if ($result == false) { return false; } return true; }
/** * Modifies the specified LDAP entry. * * @param string $dn * @param array $entry * * @return bool */ public function modify($dn, array $entry) { if ($this->suppressErrors) { return @ldap_modify($this->getConnection(), $dn, $entry); } return ldap_modify($this->getConnection(), $dn, $entry); }
/** * Update user information in the external authentication database. * Return true if successful. * * @param User $user * @return bool * @access public */ function updateExternalDB($user) { global $wgLDAPUpdateLDAP, $wgLDAPWikiDN, $wgLDAPWikiPassword; global $wgLDAPSearchStrings; if (!$wgLDAPUpdateLDAP) { return true; } $this->email = $user->getEmail(); $this->realname = $user->getRealName(); $this->nickname = $user->getOption('nickname'); $this->language = $user->getOption('language'); $tmpuserdn = $wgLDAPSearchStrings[$_SESSION['wsDomain']]; $userdn = str_replace("USER-NAME", $user->getName(), $tmpuserdn); echo $userdn; $ldapconn = $this->connect(); if ($ldapconn) { ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3); $bind = @ldap_bind($ldapconn, $wgLDAPWikiDN, $wgLDAPWikiPassword); if (!$bind) { return false; } if ('' != $this->email) { $values["mail"] = $this->email; } if ('' != $this->nickname) { $values["displayname"] = $this->nickname; } if ('' != $this->realname) { $values["cn"] = $this->realname; } if ('' != $this->language) { $values["preferredlanguage"] = $this->language; } if (0 != sizeof($values) && ldap_modify($ldapconn, $userdn, $values)) { @ldap_unbind(); return true; } else { @ldap_unbind(); return false; } } else { return false; } }
/** * Performs a request against the LDAP server * * The type of request (and the corresponding PHP ldap function called) * depend on two additional parameters, added in respect to the * DB_common interface. * * @param string $filter text of the request to send to the LDAP server * @param string $action type of request to perform, defaults to search (ldap_search()) * @param array $params array of additional parameters to pass to the PHP ldap function requested * @return result from ldap function or DB Error object if no result */ function simpleQuery($filter, $action = null, $params = null) { if ($action === null) { $action = !empty($this->q_action) ? $this->q_action : $this->action; } if ($params === null) { $params = count($this->q_params) > 0 ? $this->q_params : array(); } if (!$this->isManip($action)) { $base = $this->q_base ? $this->q_base : $this->base; $attributes = array(); $attrsonly = 0; $sizelimit = 0; $timelimit = 0; $deref = LDAP_DEREF_NEVER; $sorting = ''; $sorting_method = ''; reset($params); while (list($k, $v) = each($params)) { if (isset(${$k})) { ${$k} = $v; } } $this->sorting = $sorting; $this->sorting_method = $sorting_method; $this->attributes = $attributes; # double escape char for filter: '(o=Przedsi\C4\99biorstwo)' => '(o=Przedsi\\C4\\99biorstwo)' $filter = str_replace('\\', '\\\\', $filter); $this->last_query = $filter; if ($action == 'search') { $result = @ldap_search($this->connection, $base, $filter, $attributes, $attrsonly, $sizelimit, $timelimit, $deref); } else { if ($action == 'list') { $result = @ldap_list($this->connection, $base, $filter, $attributes, $attrsonly, $sizelimit, $timelimit, $deref); } else { if ($action == 'read') { $result = @ldap_read($this->connection, $base, $filter, $attributes, $attrsonly, $sizelimit, $timelimit, $deref); } else { return $this->ldapRaiseError(DB_ERROR_UNKNOWN_LDAP_ACTION); } } } if (!$result) { return $this->ldapRaiseError(); } } else { # If first argument is an array, it contains the entry with DN. if (is_array($filter)) { $entry = $filter; $filter = $entry["dn"]; } else { $entry = array(); } unset($entry["dn"]); $attribute = ''; $value = ''; $newrdn = ''; $newparent = ''; $deleteoldrdn = false; reset($params); while (list($k, $v) = each($params)) { if (isset(${$k})) { ${$k} = $v; } } $this->last_query = $filter; if ($action == 'add') { $result = @ldap_add($this->connection, $filter, $entry); } else { if ($action == 'compare') { $result = @ldap_add($this->connection, $filter, $attribute, $value); } else { if ($action == 'delete') { $result = @ldap_delete($this->connection, $filter); } else { if ($action == 'modify') { $result = @ldap_modify($this->connection, $filter, $entry); } else { if ($action == 'mod_add') { $result = @ldap_mod_add($this->connection, $filter, $entry); } else { if ($action == 'mod_del') { $result = @ldap_mod_del($this->connection, $filter, $entry); } else { if ($action == 'mod_replace') { $result = @ldap_mod_replace($this->connection, $filter, $entry); } else { if ($action == 'rename') { $result = @ldap_rename($this->connection, $filter, $newrdn, $newparent, $deleteoldrdn); } else { return $this->ldapRaiseError(DB_ERROR_UNKNOWN_LDAP_ACTION); } } } } } } } } if (!$result) { return $this->ldapRaiseError(); } } $this->freeQuery(); return $result; }
/** * Save the attributes that are in the map or extraVar array to ldap dir * * @return Boolean true if there are any modifications done */ public function save() { $entries = $this->getAttributes(); $link = $this->_ldapConn->getLink(); $dn = $this->getDn(); GO::debug($entries); return @ldap_modify($link, $dn, $entries); }
function ldap_modify($DN, $WhatChange, $NotRecode = false) { if (is_array($WhatChange)) { //echo $DN; $DN = iconv($GLOBALS['CHARSET_APP'], $GLOBALS['CHARSET_DATA'], $DN); foreach ($WhatChange as $key => $value) { if (is_array($value)) { foreach ($value as $key1 => $value1) { if ($value1 == "") { unset($WhatChange[$key][$key1]); //$KeyForDel[]=$key; } else { if ($NotRecode) { $WhatChange[$key][$key1] = $value1; } else { $WhatChange[$key][$key1] = iconv($GLOBALS['CHARSET_APP'], $GLOBALS['CHARSET_DATA'], $value1); } } } } else { if ($WhatChange[$key] == "") { unset($WhatChange[$key]); $KeyForDel[] = $key; } else { if ($NotRecode) { $WhatChange[$key] = $value; } else { $WhatChange[$key] = iconv($GLOBALS['CHARSET_APP'], $GLOBALS['CHARSET_DATA'], $value); } } } } if (is_array(@$KeyForDel)) { $LS = ldap_search($this->LC, $DN, "name=*", $KeyForDel); $Entries = ldap_get_entries($this->LC, $LS); foreach ($KeyForDel as $key => $value) { if (@$Entries[0][$value][0] != "") { $WhatDel[$value] = $Entries[0][$value][0]; } } if (is_array(@$WhatDel)) { ldap_mod_del($this->LC, $DN, $WhatDel); } } //$LS=ldap_search($this->LC, $DN, $Filter, $Attributes); ldap_modify($this->LC, $DN, $WhatChange); } }
/** * Modifies the specified entry in the LDAP directory. * * @param Turba_Object $object The object we wish to save. * * @return string The object id, possibly updated. * @throw Turba_Exception */ protected function _save(Turba_Object $object) { $this->_connect(); list($object_key, $object_id) = each($this->toDriverKeys(array('__key' => $object->getValue('__key')))); $attributes = $this->toDriverKeys($object->getAttributes()); /* Get the old entry so that we can access the old * values. These are needed so that we can delete any * attributes that have been removed by using ldap_mod_del. */ if (empty($this->_params['objectclass'])) { $filter = null; } else { $filter = (string) Horde_Ldap_Filter::build(array('objectclass' => $this->_params['objectclass']), 'or'); } $oldres = @ldap_read($this->_ds, Horde_String::convertCharset($object_id, 'UTF-8', $this->_params['charset']), $filter, array_merge(array_keys($attributes), array('objectclass'))); $info = ldap_get_attributes($this->_ds, ldap_first_entry($this->_ds, $oldres)); if ($this->_params['version'] == 3 && Horde_String::lower(str_replace(array(',', '"'), array('\\2C', ''), $this->_makeKey($attributes))) != Horde_String::lower(str_replace(',', '\\2C', $object_id))) { /* Need to rename the object. */ $newrdn = $this->_makeRDN($attributes); if ($newrdn == '') { throw new Turba_Exception(_("Missing DN in LDAP source configuration.")); } if (ldap_rename($this->_ds, Horde_String::convertCharset($object_id, 'UTF-8', $this->_params['charset']), Horde_String::convertCharset($newrdn, 'UTF-8', $this->_params['charset']), $this->_params['root'], true)) { $object_id = $newrdn . ',' . $this->_params['root']; } else { throw new Turba_Exception(sprintf(_("Failed to change name: (%s) %s; Old DN = %s, New DN = %s, Root = %s"), ldap_errno($this->_ds), ldap_error($this->_ds), $object_id, $newrdn, $this->_params['root'])); } } /* Work only with lowercase keys. */ $info = array_change_key_case($info, CASE_LOWER); $attributes = array_change_key_case($attributes, CASE_LOWER); foreach ($info as $key => $var) { $oldval = null; /* Check to see if the old value and the new value are * different and that the new value is empty. If so then * we use ldap_mod_del to delete the attribute. */ if (isset($attributes[$key]) && $var[0] != $attributes[$key] && $attributes[$key] == '') { $oldval[$key] = $var[0]; if (!@ldap_mod_del($this->_ds, Horde_String::convertCharset($object_id, 'UTF-8', $this->_params['charset']), $oldval)) { throw new Turba_Exception(sprintf(_("Modify failed: (%s) %s"), ldap_errno($this->_ds), ldap_error($this->_ds))); } unset($attributes[$key]); } elseif (isset($attributes[$key]) && $var[0] == $attributes[$key]) { /* Drop unchanged elements from list of attributes to write. */ unset($attributes[$key]); } } unset($attributes[Horde_String::lower($object_key)]); $this->_encodeAttributes($attributes); $attributes = array_filter($attributes, array($this, '_emptyAttributeFilter')); /* Modify objectclasses only if they really changed. */ $oldClasses = array_map(array('Horde_String', 'lower'), $info['objectclass']); array_shift($oldClasses); $attributes['objectclass'] = array_unique(array_map('strtolower', array_merge($info['objectclass'], $this->_params['objectclass']))); unset($attributes['objectclass']['count']); $attributes['objectclass'] = array_values($attributes['objectclass']); /* Do not handle object classes unless they have changed. */ if (!array_diff($oldClasses, $attributes['objectclass'])) { unset($attributes['objectclass']); } if (!@ldap_modify($this->_ds, Horde_String::convertCharset($object_id, 'UTF-8', $this->_params['charset']), $attributes)) { throw new Turba_Exception(sprintf(_("Modify failed: (%s) %s"), ldap_errno($this->_ds), ldap_error($this->_ds))); } return $object_id; }
/** * Update LDAP registry * * @param string|Dn $dn * @param array $entry * @return Ldap Provides a fluid interface * @throws Exception\LdapException */ public function update($dn, array $entry) { if (!$dn instanceof Dn) { $dn = Dn::factory($dn, null); } self::prepareLdapEntryArray($entry); $rdnParts = $dn->getRdn(Dn::ATTR_CASEFOLD_LOWER); foreach ($rdnParts as $key => $value) { $value = Dn::unescapeValue($value); if (array_key_exists($key, $entry) && !in_array($value, $entry[$key])) { $entry[$key] = array_merge(array($value), $entry[$key]); } } $adAttributes = array('distinguishedname', 'instancetype', 'name', 'objectcategory', 'objectguid', 'usnchanged', 'usncreated', 'whenchanged', 'whencreated'); foreach ($adAttributes as $attr) { if (array_key_exists($attr, $entry)) { unset($entry[$attr]); } } if (count($entry) > 0) { ErrorHandler::start(E_WARNING); $isModified = ldap_modify($this->getResource(), $dn->toString(), $entry); ErrorHandler::stop(); if ($isModified === false) { throw new Exception\LdapException($this, 'updating: ' . $dn->toString()); } } return $this; }
/** * Update LDAP registry * * @param string|Zend_Ldap_Dn $dn * @param array $entry * @return Zend_Ldap Provides a fluid interface * @throws Zend_Ldap_Exception */ public function update($dn, array $entry) { if (!$dn instanceof Zend_Ldap_Dn) { $dn = Zend_Ldap_Dn::factory($dn, null); } self::prepareLdapEntryArray($entry); $rdnParts = $dn->getRdn(Zend_Ldap_Dn::ATTR_CASEFOLD_LOWER); foreach ($rdnParts as $key => $value) { $value = Zend_Ldap_Dn::unescapeValue($value); if (array_key_exists($key, $entry) && !in_array($value, $entry[$key])) { $entry[$key] = array_merge(array($value), $entry[$key]); } } $adAttributes = array('distinguishedname', 'instancetype', 'name', 'objectcategory', 'objectguid', 'usnchanged', 'usncreated', 'whenchanged', 'whencreated'); foreach ($adAttributes as $attr) { if (array_key_exists($attr, $entry)) { unset($entry[$attr]); } } if (count($entry) > 0) { $isModified = @ldap_modify($this->getResource(), $dn->toString(), $entry); if ($isModified === false) { /** * @see Zend_Ldap_Exception */ #require_once 'Zend/Ldap/Exception.php'; throw new Zend_Ldap_Exception($this, 'updating: ' . $dn->toString()); } } return $this; }
/** * @return bool */ public function Modify($sModifyDn, $aModifyEntry) { $bResult = false; if (!empty($sModifyDn)) { if (!empty($this->sSearchDN)) { $sModifyDn = $sModifyDn . ',' . $this->sSearchDN; } CApi::Log('ldap_modify = ' . $sModifyDn); CApi::LogObject($aModifyEntry); $bResult = !!@ldap_modify($this->rLink, $sModifyDn, $aModifyEntry); $this->validateLdapErrorOnFalse($bResult); } return $bResult; }
/** * Updates a LDAP entity at the given DN with the provided attributes. * * @param String $dn The distinguished name. * @param array $attribs The new attributes. * @return boolean Returns true on success or false on failure. */ public function modify($dn, $attribs) { return ldap_modify($this->conn, $dn, $attribs); }
/** * Set the person details. * @param string $username * @param array $details * @param boolean $create */ protected function setPerson($username, $password, $details, $create) { if (!$this->options['can_edit_user_detatils']) { return false; } if (!$username || !($ldap = $this->getConnection())) { return false; } $p_details = array(); foreach ($details as $detail => $value) { if ($value === null) { continue; } if (!array_key_exists($detail, $this->options['p_details'])) { continue; } if ($create && (is_string($value) && strlen($value) == 0)) { $value = array(); #want to know why am i doing this? #see: http://www.php.net/manual/en/function.ldap-modify.php#43216 #and: http://www.php.net/manual/en/function.ldap-modify.php#38092 } $p_details[$this->options['p_details'][$detail]] = $value; } if ($password) { $p_details[$this->options['password_field']] = $this->encryptPassword($password); } $dn = $this->getPeopleQry($username); if ($create) { $p_details['objectClass'] = $this->options['person_objectClass']; $p_details['uid'] = $username; if (!@ldap_add($ldap, $dn, $p_details)) { I2CE::raiseError("Could not create user {$username} with details at: " . $dn); return false; } } else { if (!@ldap_modify($ldap, $dn, $p_details)) { I2CE::raiseError("Could not modify user {$username} with details at: " . $dn); return false; } } return true; }