//AD $adldap = new adLDAP($options); //try to login with higher credentials for search $authUser = $adldap->authenticate($params->adminUsername, $params->adminPassword); if ($authUser == false) { $Result->show("danger", _("Invalid credentials"), true); } // set OpenLDAP flag if ($server->type == "LDAP") { $adldap->setUseOpenLDAP(true); } //search groups $groups = $adldap->group()->search(adLDAP::ADLDAP_SECURITY_GLOBAL_GROUP, true, "*{$_POST['dfilter']}*"); //echo $adldap->getLastError(); } catch (adLDAPException $e) { $Result->show("danger", $adldap->getLastError(), false); $Result->show("danger", $e->getMessage(), true); } //check for found if (sizeof($groups) == 0) { print "<div class='alert alert-info'>"; print _('No groups found') . "!<hr>"; print _('Possible reasons') . ":"; print "<ul>"; print "<li>" . _('Invalid baseDN setting for AD') . "</li>"; print "<li>" . _('AD account does not have enough privileges for search') . "</li>"; print "</div>"; } else { print _(" Following groups were found") . ": (" . sizeof($groups) . "):<hr>"; print "<table class='table table-top table-td-top table-striped'>"; // loop
/** * Check user against AD */ function checkADLogin($username, $password) { /* get All settings */ $settings = getAllSettings(); # include login script include dirname(__FILE__) . "/adLDAP/src/adLDAP.php"; # open connection try { # get settings for connection $ad = getADSettings(); # AD $adldap = new adLDAP(array('base_dn' => $ad['base_dn'], 'account_suffix' => $ad['account_suffix'], 'domain_controllers' => $ad['domain_controllers'], 'use_ssl' => $ad['use_ssl'], 'use_tls' => $ad['use_tls'], 'ad_port' => $ad['ad_port'])); # set OpenLDAP flag if ($settings['domainAuth'] == "2") { $adldap->setUseOpenLDAP(true); } } catch (adLDAPException $e) { die('<div class="alert alert-danger">' . $e . '</div>'); } # user authentication $authUser = $adldap->authenticate($username, $password); # result if ($authUser == true) { return 'ok'; } else { $err = $adldap->getLastError(); print "<div class='alert alert-danger'>{$err}</div>"; return 'Failed to authenticate user via AD!'; } }
/** * Check user against AD */ function checkADLogin($username, $password) { /* get All settings */ $settings = getAllSettings(); //include login script include dirname(__FILE__) . "/adLDAP/src/adLDAP.php"; //open connection try { //get settings for connection $ad = getADSettings(); //AD $adldap = new adLDAP(array('base_dn' => $ad['base_dn'], 'account_suffix' => $ad['account_suffix'], 'domain_controllers' => $ad['domain_controllers'], 'use_ssl' => $ad['use_ssl'], 'use_tls' => $ad['use_tls'], 'ad_port' => $ad['ad_port'])); // set OpenLDAP flag if ($settings['domainAuth'] == "2") { $adldap->setUseOpenLDAP(true); } } catch (adLDAPException $e) { die('<div class="alert alert-error">' . $e . '</div>'); } //user authentication $authUser = $adldap->authenticate($username, $password); if ($authUser == true) { global $db; $database = new database($db['host'], $db['user'], $db['pass'], $db['name']); $query = "SELECT id FROM users WHERE username = '******';"; $user_id = $database->getRow($query); if (count($user_id) == 0) { $real_name = str_replace('.', ' ', $username); $real_name = ucwords($real_name); $email = $username . "@enovance.com"; $query = "INSERT INTO users (username, role, real_name, email, domainUser, lang) VALUES ('{$username}', 'Administrator', '{$real_name}', '{$email}', 1, 1);"; $database->executeQuery($query); $user_id = $database->insert_id; if (count($user_id) > 0) { updateLogTable('Created user ' . $username . ' successfully', "", 0); } } $database->close(); if (count($user_id) > 0) { updateLogTable('User ' . $username . ' authenticated against AD.', "", 0); return 'ok'; } else { updateLogTable('Failed to create user .' . $username, "", 2); return "Failed to creater user {$username}"; } } else { updateLogTable('User ' . $username . ' failed to authenticate against AD.', "", 2); $err = $adldap->getLastError(); return 'Failed to authenticate user via AD!'; } }
/** * Check user against AD */ function checkADLogin($username, $password) { /* first checked if it is defined in database - username and ad option */ global $db; # get variables from config file /* global $ad; */ /* check if user exists in local database */ $database = new database($db['host'], $db['user'], $db['pass'], $db['name']); $query = 'select count(*) as count from users where `username` = binary "' . $username . '" and `domainUser` = "1";'; /* execute */ try { $result = $database->getArray($query); } catch (Exception $e) { $error = $e->getMessage(); print "<div class='alert alert-danger'>" . _('Error') . ": {$error}</div>"; return false; } /* close database connection */ $database->close(); /* get All settings */ $settings = getAllSettings(); /* if yes try with AD */ if ($result[0]['count'] == "1") { //include login script include dirname(__FILE__) . "/adLDAP/src/adLDAP.php"; //open connection try { //get settings for connection $ad = getADSettings(); //AD $adldap = new adLDAP(array('base_dn' => $ad['base_dn'], 'account_suffix' => $ad['account_suffix'], 'domain_controllers' => $ad['domain_controllers'], 'use_ssl' => $ad['use_ssl'], 'use_tls' => $ad['use_tls'], 'ad_port' => $ad['ad_port'])); // set OpenLDAP flag if ($settings['domainAuth'] == "2") { $adldap->setUseOpenLDAP(true); } } catch (adLDAPException $e) { die('<div class="alert alert-danger">' . $e . '</div>'); } //user authentication $authUser = $adldap->authenticate($username, $password); if ($authUser == true) { updateLogTable('User ' . $username . ' authenticated against AD.', "", 0); return 'ok'; } else { updateLogTable('User ' . $username . ' failed to authenticate against AD.', "", 2); $err = $adldap->getLastError(); print "<div class='alert alert-danger'>{$err}</div>"; return 'Failed to authenticate user via AD!'; } } else { return false; } }