/**
* Change the default address
*
* @param string $username The username of the user to add the Exchange account to
* @param string $emailAddress The email address to make default
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return bool
*/
public function primaryAddress($username, $emailAddress, $isGUID = false)
{
if ($username === NULL) {
return "Missing compulsory field [username]";
}
if ($emailAddress === NULL) {
return "Missing compulsory fields [emailAddress]";
}
// Find the dn of the user
$user = $this->adldap->user()->info($username, array("cn", "proxyaddresses"), $isGUID);
if ($user[0]["dn"] === NULL) {
return false;
}
$userDn = $user[0]["dn"];
if (is_array($user[0]["proxyaddresses"])) {
$modAddresses = array();
for ($i = 0; $i < sizeof($user[0]['proxyaddresses']); $i++) {
if (strstr($user[0]['proxyaddresses'][$i], 'SMTP:') !== false) {
$user[0]['proxyaddresses'][$i] = str_replace('SMTP:', 'smtp:', $user[0]['proxyaddresses'][$i]);
}
if ($user[0]['proxyaddresses'][$i] == 'smtp:' . $emailAddress) {
$user[0]['proxyaddresses'][$i] = str_replace('smtp:', 'SMTP:', $user[0]['proxyaddresses'][$i]);
}
if ($user[0]['proxyaddresses'][$i] != '') {
$modAddresses['proxyAddresses'][$i] = $user[0]['proxyaddresses'][$i];
}
}
$result = @ldap_mod_replace($this->adldap->getLdapConnection(), $userDn, $modAddresses);
if ($result == false) {
return false;
}
return true;
}
}
public function authAD()
{
$adldap = new adLDAP();
if ($adldap->authenticate($this->login, $this->password)) {
$user_info = $adldap->user()->info($this->login);
$this->display_name = $user_info[0]['displayname'][0];
$this->logged = true;
$this->is_admin = $this->isAdmin($user_info);
} else {
$this->logged = false;
}
}
/**
* Remove a user from a group
*
* @param string $group The group to remove a user from
* @param string $user The AD user to remove from the group
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return bool
*/
public function removeUser($group, $user, $isGUID = false)
{
// Find the parent dn
$groupInfo = $this->info($group, array("cn"));
if ($groupInfo[0]["dn"] === NULL) {
return false;
}
$groupDn = $groupInfo[0]["dn"];
// Find the users dn
$userDn = $this->adldap->user()->dn($user, $isGUID);
if ($userDn === false) {
return false;
}
$del = array();
$del["member"] = $userDn;
$result = @ldap_mod_del($this->adldap->getLdapConnection(), $groupDn, $del);
if ($result == false) {
return false;
}
return true;
}
$_POST = filter_user_input($_POST, true, true, false);
//dont debug
ini_set('display_errors', 1);
error_reporting(E_ERROR);
//include AD script
include dirname(__FILE__) . "/../../functions/adLDAP/src/adLDAP.php";
// get All settings
$settings = getAllSettings();
//open connection
try {
//get settings for connection
$ad = getADSettings();
//AD
$adldap = new adLDAP(array('base_dn' => $ad['base_dn'], 'account_suffix' => $ad['account_suffix'], 'domain_controllers' => explode(";", $ad['domain_controllers']), 'use_ssl' => $ad['use_ssl'], 'use_tls' => $ad['use_tls'], 'ad_port' => $ad['ad_port']));
//try to login with higher credentials for search
$authUser = $adldap->user()->authenticate($ad['adminUsername'], $ad['adminPassword']);
if ($authUser == false) {
throw new adLDAPException('Invalid credentials');
}
// set OpenLDAP flag
if ($settings['domainAuth'] == "2") {
$adldap->setUseOpenLDAP(true);
}
//search for domain user!
$userinfo = $adldap->user()->info("{$_POST['dname']}*", array("*"));
//echo $adldap->getLastError();
} catch (adLDAPException $e) {
die('<div class="alert alert-danger">' . $e . '</div>');
}
//at least 2 chars
if (strlen($_POST['dname']) < 2) {
//prevent null bind
if ($username != NULL && $password != NULL) {
//include the class and create a connection
include dirname(__FILE__) . "/../lib/adLDAP/adLDAP.php";
try {
$adldap = new adLDAP();
} catch (adLDAPException $e) {
echo $e;
exit;
}
//authenticate the user
if ($adldap->authenticate($username, $password)) {
//establish your session and redirect
session_start();
$_SESSION["username"] = $username;
$_SESSION["userinfo"] = $adldap->user()->info($username);
$redir = "Location: https://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/menu.php";
header($redir);
exit;
}
}
$failed = 1;
}
?>
<html>
<head>
<title>adLDAP example</title>
</head>
<body>
/**
* Restaure un item
* @global type $DB
* @param type $arrayItem
*/
function restaurerItem($arrayItem)
{
global $DB;
$date = date('j-m-Y');
$heure = date('H:m:s');
//Récupération des informations de configuration
$configClass = new PluginReformeConfig();
$config = $configClass->getInfoAdministrative();
//Récupération des infos de la machine
$info = $this->getInfoMachine($arrayItem[0], $arrayItem[1]);
$bon_reforme = null;
//Modification de la fiche GLPI
$comment = addslashes($info['commentaire']) . "\nRestauration effectuée par: " . "" . $arrayItem[2] . " le: " . $date . " à : " . $heure;
//Si nom de la machine non remis
if ($info["name"] == "") {
$query = "SELECT name,statut,bon_reforme FROM glpi_plugin_reforme_log " . "WHERE id_item = '{$arrayItem['0']}' AND type_item = '{$arrayItem['1']}' " . "AND vie='1'";
if ($result = $DB->query($query)) {
if ($DB->numrows($result) > 0) {
$row = $DB->fetch_assoc($result);
$info["name"] = $row["name"];
$bon_reforme = $row["bon_reforme"];
switch ($arrayItem[1]) {
case 'Computer':
$query1 = "UPDATE glpi_computers SET name='" . $row["name"] . "'," . "states_id='" . $row["statut"] . "' WHERE id='" . $arrayItem[0] . "'";
$query2 = "UPDATE glpi_computers SET comment='{$comment}' " . "WHERE id='" . $arrayItem[0] . "'";
// instanciation de adldap
$cheminAdldap = $this->getAbsolutePathForm() . "/adldap";
require_once $cheminAdldap . '/adLDAP.php';
//Récupération des AD et réactivation de la machine si présente
$LDAPConfig = $this->getLDAPConfig($info["id"]);
$domaine = "";
//Si la machine appartenait à un domaine on la restaure
if ($LDAPConfig != NULL && $this->testerAD($LDAPConfig)) {
$serveur[0] = $LDAPConfig['serveur'];
$adldap = new adLDAP(array('base_dn' => $LDAPConfig['dc'], 'account_suffix' => $LDAPConfig['suffix'], 'domain_controllers' => $serveur));
$adldap->close();
$adldap->setAdminUsername($LDAPConfig['login']);
$adldap->setAdminPassword($LDAPConfig['passwd']);
$adldap->connect();
$result = $adldap->computer()->info($info["name"], array("distinguishedname"));
if ($result[0]["distinguishedname"][0] != "") {
if ($adldap->user()->activerComputer($result[0]["distinguishedname"][0])) {
$domaine = $LDAPConfig['suffix'];
} else {
$domaine = $LDAPConfig['suffix'] . "-->erreur";
}
}
$adldap->close();
}
break;
case 'Monitor':
$query1 = "UPDATE glpi_monitors SET name='" . $row["name"] . "'," . "states_id='" . $row["statut"] . "' WHERE id='" . $arrayItem[0] . "'";
$query2 = "UPDATE glpi_monitors SET comment='{$comment}' " . "WHERE id='" . $arrayItem[0] . "'";
break;
default:
break;
}
$DB->query($query1);
$DB->query($query2);
}
}
}
// Désactivation du log de réforme
$query = "UPDATE glpi_plugin_reforme_log SET vie='0' WHERE id_item='" . $arrayItem[0] . "'" . " AND type_item='" . $arrayItem[1] . "'";
$DB->query($query);
$stockage = $this->getAbsolutePathForm() . "bon_reforme";
// Envoie du mail d'annulation de réforme
$sujet = "Anulation de la reforme de la machine: " . $info["name"];
$Message_Send = utf8_decode("L\\'objet : <span class=\"Titre\">" . $info["name"] . "</span> a été réformée par erreur<br><br>");
$Message_Send .= utf8_decode("La machine a été restauré dans la base GLPI par: " . "<span class=\"Tech\">" . $arrayItem[2] . "</span><br><br>");
$Message_Send .= utf8_decode("<span class=\"glpi\">Ce message a été envoyé " . "de façon automatique par GLPI (Plugin Reforme)<br></span>");
$Message_Send .= utf8_decode("<span class=\"glpi\">© Viduc 2013 <A " . "HREF=\"http://viduc.sugarbox.fr/\">http://viduc.sugarbox.fr/</A> </span>");
$this->Send_Mail($config['mail'], $sujet, $Message_Send, $this->getAbsolutePathForm() . 'bon_reforme/' . $bon_reforme . '.pdf', $bon_reforme . '.pdf');
//Suppression du bon de réforme
unlink($this->getAbsolutePathForm() . 'bon_reforme/' . $bon_reforme . '.pdf');
}
try {
//set options
$options = array('base_dn' => $params->base_dn, 'account_suffix' => $params->account_suffix, 'domain_controllers' => explode(";", $params->domain_controllers), 'use_ssl' => $params->use_ssl, 'use_tls' => $params->use_tls, 'ad_port' => $params->ad_port);
//AD
$adldap = new adLDAP($options);
//try to login with higher credentials for search
$authUser = $adldap->authenticate($params->adminUsername, $params->adminPassword);
if ($authUser == false) {
$Result->show("danger", _("Invalid credentials"), true);
}
// set OpenLDAP flag
if ($server->type == "LDAP") {
$adldap->setUseOpenLDAP(true);
}
//search for domain user!
$userinfo = $adldap->user()->info("{$_POST['dname']}*", array("*"));
//echo $adldap->getLastError();
} catch (adLDAPException $e) {
$Result->show("danger", $e->getMessage(), true);
}
//check for found
if (!isset($userinfo['count'])) {
print "<div class='alert alert-info'>";
print _('No users found') . "!<hr>";
print _('Possible reasons') . ":";
print "<ul>";
print "<li>" . _('Username not existing') . "</li>";
print "<li>" . _('Invalid baseDN setting for AD') . "</li>";
print "<li>" . _('AD account does not have enough privileges for search') . "</li>";
print "</div>";
} else {
<?php
//$db = new database(DATABASE_HOST,DATABASE_PORT,DATABASE_USER,DATABASE_PASSWORD,DATABASE_NAME);
try {
$settings = array("account_suffix" => $this->page->get_global_setting('auth_ad_account_suffix'), "base_dn" => $this->page->get_global_setting('auth_ad_base_dn'), "domain_controllers" => explode(',', $this->page->get_global_setting('auth_ad_domain_controllers')), "admin_username" => $this->page->get_global_setting('auth_ad_admin_username'), "admin_password" => $this->page->get_global_setting('auth_ad_admin_password', true));
$adldap = new adLDAP($settings);
$auth = $adldap->authenticate("{$username}", "{$password}");
$c = $adldap->user()->groups($username);
ob_start();
var_dump($auth);
$html = ob_get_contents();
ob_end_clean();
echo "<br/>";
$d = $adldap->user()->info($username, array('displayname'));
echo $d[0]['displayname'][0];
if ($adldap->authenticate("{$username}", "{$password}") == 1) {
$ln = array();
foreach (explode(" ", $d[0]['displayname'][0]) as $n => $v) {
if ($n == 0) {
$first_name = $v;
} else {
$ln[] = $v;
}
}
$user_info = array();
$user_info['user_name'] = $username;
$user_info['password'] = hash("sha256", $password . SALT);
$user_info['first_name'] = $first_name;
$user_info['last_name'] = implode(" ", $ln);
$result = $this->db->query("SELECT * FROM tbl_user WHERE user_name = '{$username}'");
if ($this->db->num_rows($result) == 0) {
<?php
require_once dirname(__FILE__) . '/adLDAP.php';
$adldap = new adLDAP(array("account_suffix" => "@test.slimcrm.com", "base_dn" => "DC=test,DC=slimcrm,DC=com", "domain_controllers" => array("50.57.184.4"), "admin_username" => "administrator", "admin_password" => "CTL-tmp-domaintestD5v5mqV6D"));
echo $adldap->authenticate("tholum", "Password1");
echo "\n";
$c = $adldap->user()->groups('tholum');
var_dump($c);
}
//set options
$options = array('base_dn' => $params->base_dn, 'account_suffix' => $params->account_suffix, 'domain_controllers' => explode(";", $params->domain_controllers), 'use_ssl' => $params->use_ssl, 'use_tls' => $params->use_tls, 'ad_port' => $params->ad_port);
//AD
$adldap = new adLDAP($options);
//try to login with higher credentials for search
$authUser = $adldap->authenticate($params->adminUsername, $params->adminPassword);
if ($authUser == false) {
$Result->show("danger", _("Invalid credentials"), true);
}
// set OpenLDAP flag
if ($server->type == "LDAP") {
$adldap->setUseOpenLDAP(true);
}
//search for domain user!
$userinfo = $adldap->user()->info("{$_POST['dname']}*", array("*"), false, $server->type);
//echo $adldap->getLastError();
} catch (adLDAPException $e) {
$Result->show("danger", $e->getMessage(), true);
}
//check for found
if (!isset($userinfo['count'])) {
print "<div class='alert alert-info'>";
print _('No users found') . "!<hr>";
print _('Possible reasons') . ":";
print "<ul>";
print "<li>" . _('Username not existing') . "</li>";
print "<li>" . _('Invalid baseDN setting for AD') . "</li>";
print "<li>" . _('AD account does not have enough privileges for search') . "</li>";
print "</div>";
} else {
function login($return = '')
{
if ($this->authorized()) {
redirect($return);
}
$check = FALSE;
// If no valid mechanisms found, bail
if (!$this->auth_mechanisms) {
redirect('auth/generate');
}
$login = isset($_POST['login']) ? $_POST['login'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
// Loop through authentication mechanisms
// Break when we have a match
foreach ($this->auth_mechanisms as $mechanism => $auth_data) {
// Local is just a username => hash array
switch ($mechanism) {
case 'noauth':
// No authentication
$check = TRUE;
$login = '******';
break 2;
case 'config':
// Config authentication
if ($_POST && isset($auth_data[$login])) {
$t_hasher = $this->load_phpass();
$check = $t_hasher->CheckPassword($password, $auth_data[$login]);
break 2;
}
break;
case 'ldap':
// LDAP authentication
if ($login && $password) {
include_once APP_PATH . '/lib/authLDAP/authLDAP.php';
$ldap_auth_obj = new Auth_ldap($auth_data);
if ($ldap_auth_obj->authenticate($login, $password)) {
//alert('Authenticated');
// Check user against users list
if (isset($auth_data['mr_allowed_users'])) {
//
$admin_users = is_array($auth_data['mr_allowed_users']) ? $auth_data['mr_allowed_users'] : array($auth_data['mr_allowed_users']);
if (in_array(strtolower($login), array_map('strtolower', $admin_users))) {
$check = TRUE;
break 2;
}
}
// Check user against group list
if (isset($auth_data['mr_allowed_groups'])) {
// Set mr_allowed_groups to array
$admin_groups = is_array($auth_data['mr_allowed_groups']) ? $auth_data['mr_allowed_groups'] : array($auth_data['mr_allowed_groups']);
// Get groups from AD
if ($user_data = $ldap_auth_obj->getUserData($login)) {
foreach ($user_data['grps'] as $group) {
if (in_array($group, $admin_groups)) {
$check = TRUE;
break 3;
}
}
}
}
//end group list check
// Not in users list or group list
error(lang('not_authorized'));
break;
}
}
case 'AD':
// Active Directory authentication
// Prevent empty values
if ($_POST && $login && $password) {
//include the class and create a connection
//TODO wrap this include somewhere else?
include_once APP_PATH . '/lib/adLDAP/adLDAP.php';
try {
$adldap = new adLDAP($auth_data);
} catch (adLDAPException $e) {
// When in debug mode, show additional info
$msg = conf('debug') ? ":<br>" . $e->getMessage() : '';
error(lang('error_contacting_AD') . $msg);
break 2;
}
// Authenticate user
if ($adldap->authenticate($login, $password)) {
// Check user against userlist
if (isset($auth_data['mr_allowed_users'])) {
//
$admin_users = is_array($auth_data['mr_allowed_users']) ? $auth_data['mr_allowed_users'] : array($auth_data['mr_allowed_users']);
if (in_array(strtolower($login), array_map('strtolower', $admin_users))) {
$check = TRUE;
break 2;
}
}
// Check user against group list
if (isset($auth_data['mr_allowed_groups'])) {
// Set mr_allowed_groups to array
$admin_groups = is_array($auth_data['mr_allowed_groups']) ? $auth_data['mr_allowed_groups'] : array($auth_data['mr_allowed_groups']);
// Get groups from AD
$groups = $adldap->user()->groups($login);
foreach ($groups as $group) {
if (in_array($group, $admin_groups)) {
$check = TRUE;
break 3;
}
}
}
//end group list check
// Not in users list or group list
error(lang('not_authorized'));
break;
}
break;
}
break;
default:
die('Unknown authentication mechanism: ' . $mechanism);
break;
}
}
// If authentication succeeded, create session
if ($check) {
$_SESSION['user'] = $login;
$_SESSION['auth'] = $mechanism;
session_regenerate_id();
redirect($return);
}
// If POST and no other alerts, auth has failed
if ($_POST && !$GLOBALS['alerts']) {
if (!$login or !$password) {
error(lang('empty_not_allowed'));
} else {
error(lang('wrong_user_or_pass'));
}
}
$data = array('login' => $login, 'url' => url("auth/login/{$return}"));
$obj = new View();
$obj->view('auth/login', $data);
}
function login($return = '')
{
if (func_get_args()) {
$return_parts = func_get_args();
$return = implode('/', $return_parts);
}
if ($this->authorized()) {
redirect($return);
}
$check = FALSE;
// If no valid mechanisms found, bail
if (!$this->auth_mechanisms) {
redirect('auth/generate');
}
$login = isset($_POST['login']) ? $_POST['login'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
// User is a member of these groups
$groups = array();
// Loop through authentication mechanisms
// Break when we have a match
foreach ($this->auth_mechanisms as $mechanism => $auth_data) {
// Local is just a username => hash array
switch ($mechanism) {
case 'noauth':
// No authentication
$check = TRUE;
$login = '******';
break 2;
case 'config':
// Config authentication
if ($login && $password) {
if (isset($auth_data[$login])) {
$t_hasher = $this->load_phpass();
$check = $t_hasher->CheckPassword($password, $auth_data[$login]);
if ($check) {
// Get group memberships
foreach (conf('groups', array()) as $groupname => $members) {
if (in_array($login, $members)) {
$groups[] = $groupname;
}
}
}
break 2;
}
}
break;
case 'ldap':
// LDAP authentication
if ($login && $password) {
include_once APP_PATH . '/lib/authLDAP/authLDAP.php';
$ldap_auth_obj = new Auth_ldap($auth_data);
if ($ldap_auth_obj->authenticate($login, $password)) {
//alert('Authenticated');
// Check user against users list
if (isset($auth_data['mr_allowed_users'])) {
$admin_users = is_array($auth_data['mr_allowed_users']) ? $auth_data['mr_allowed_users'] : array($auth_data['mr_allowed_users']);
if (in_array(strtolower($login), array_map('strtolower', $admin_users))) {
$check = TRUE;
// If business units enabled, get group memberships
if (conf('enable_business_units')) {
if ($user_data = $ldap_auth_obj->getUserData($login)) {
$groups = $user_data['grps'];
}
}
break 2;
}
}
// Check user against group list
if (isset($auth_data['mr_allowed_groups'])) {
// Set mr_allowed_groups to array
$admin_groups = is_array($auth_data['mr_allowed_groups']) ? $auth_data['mr_allowed_groups'] : array($auth_data['mr_allowed_groups']);
// Get groups from AD
if ($user_data = $ldap_auth_obj->getUserData($login)) {
foreach ($user_data['grps'] as $group) {
if (in_array($group, $admin_groups)) {
$check = TRUE;
// If business units enabled, store group memberships
if (conf('enable_business_units')) {
$groups = $user_data['grps'];
}
break 3;
}
}
}
}
//end group list check
// Not in users list or group list
error('Not authorized', 'auth.not_authorized');
break;
}
}
case 'AD':
// Active Directory authentication
// Prevent empty values
if ($_POST && $login && $password) {
//include the class and create a connection
//TODO: wrap this include somewhere else?
include_once APP_PATH . '/lib/adLDAP/adLDAP.php';
try {
$adldap = new adLDAP($auth_data);
} catch (adLDAPException $e) {
error('An error ocurred while contacting AD', 'error_contacting_AD');
// When in debug mode, show additional info
if (conf('debug')) {
error($e->getMessage());
}
break 2;
}
// If nothing has failed to this point, authenticate user
if ($adldap->authenticate($login, $password)) {
// Check user against userlist
if (isset($auth_data['mr_allowed_users'])) {
$admin_users = is_array($auth_data['mr_allowed_users']) ? $auth_data['mr_allowed_users'] : array($auth_data['mr_allowed_users']);
if (in_array(strtolower($login), array_map('strtolower', $admin_users))) {
$check = TRUE;
// If business units enabled, get group memberships
if (conf('enable_business_units')) {
$groups = $adldap->user()->groups($login);
}
break 2;
}
}
// Check user against group list
if (isset($auth_data['mr_allowed_groups'])) {
// Set mr_allowed_groups to array
$admin_groups = is_array($auth_data['mr_allowed_groups']) ? $auth_data['mr_allowed_groups'] : array($auth_data['mr_allowed_groups']);
// Get groups from AD
$groups = $adldap->user()->groups($login);
foreach ($groups as $group) {
if (in_array($group, $admin_groups)) {
$check = TRUE;
break 3;
}
}
}
//end group list check
// Not in users list or group list
error('Not authorized', 'auth.not_authorized');
break;
}
break;
}
break;
//end of AD method
//end of AD method
default:
die('Unknown authentication mechanism: ' . $mechanism);
break;
}
//end switch
}
//end foreach loop
// If authentication succeeded, create session
if ($check) {
$_SESSION['user'] = $login;
$_SESSION['groups'] = $groups;
$_SESSION['auth'] = $mechanism;
$this->set_session_props();
session_regenerate_id();
redirect($return);
}
// If POST and no other alerts, auth has failed
if ($_POST && !$GLOBALS['alerts']) {
if (!$login or !$password) {
error('Empty values are not allowed', 'auth.empty_not_allowed');
} else {
error('Wrong username or password', 'auth.wrong_user_or_pass');
}
}
$data = array('login' => $login, 'url' => url("auth/login/{$return}"));
$obj = new View();
$obj->view('auth/login', $data);
}
<?php
require_once dirname(__FILE__) . '/adLDAP.php';
try {
$adldap = new adLDAP();
echo "A";
$adldap->user()->authenticate('SV_LDAP_CARTOPLI ', 'appli');
//var_dump( $adldap->user()->authenticate('jbeutin_stage', '070893'));
$user = $adldap->user()->infoCollection('SV_LDAP_CARTOPLI', array('*'));
//var_dump($adldap);
echo $user->displayName;
$groupArray = $user->memberOf;
foreach ($groupArray as $group) {
echo $group . "\n";
}
} catch (adLDAPException $e) {
echo $e;
exit;
}
date_default_timezone_set('America/Los_Angeles');
require_once 'adLDAP.php';
require_once "dbconn.php";
//require_once("/var/www/html/jump/filter_users.php");
$username = strtolower($_POST['username']);
$password = $_POST['password'];
$json_response = array();
$current_users = array();
$username_query_result = $dbconn->query('select username from people') or die("Error getting usernames");
while ($row = $username_query_result->fetch_assoc()) {
array_push($current_users, $row['username']);
}
$direction = 'login.php';
try {
$adldap = new adLDAP(array('base_dn' => 'DC=AD,DC=UCSD,DC=EDU', 'use_ssl' => true, 'domain_controllers' => array("ldap.ad.ucsd.edu"), 'account_suffix' => ''));
$authUser = $adldap->user()->authenticate("AD\\{$username}", $password);
if ($authUser) {
$_SESSION['username'] = $username;
$_SESSION['logged_in'] = true;
$_SESSION['logout_time'] = strtotime("+8 hours");
if (!in_array($username, $current_users)) {
$direction = 'setup.php';
$dbconn->query("insert into people (username) values ('{$username}')");
} else {
$direction = 'index.php';
}
} else {
//echo $adldap->getLastError() . "\n";
}
echo json_encode(array('authUser' => $authUser, 'direction' => $direction));
} catch (adLDAPException $e) {
<?php
/*
Test for the new user collections object
*/
//error_reporting(E_ALL ^ E_NOTICE);
include dirname(__FILE__) . '/../lib/adLDAP/adLDAP.php';
try {
$adldap = new adLDAP($options);
} catch (adLDAPException $e) {
echo $e;
exit;
}
echo "<pre>\n";
$collection = $adldap->user()->infoCollection('username');
print_r($collection->memberOf);
print_r($collection->displayName);
function checkcreds_ADGroups_ToServer($groups, $hostname, $username, $password, $account_suffix)
{
if (strlen($groups) == 0) {
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("{$hostname}: checkcreds_ADGroups_ToServer no defined group in line:" . __LINE__);
}
return true;
}
$YGroups = array();
$zGroups = explode("\n", $groups);
while (list($num, $ligne) = each($zGroups)) {
$ligne = trim(strtolower($ligne));
if ($ligne == null) {
continue;
}
$YGroups[$ligne] = $ligne;
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("{$hostname}: checkcreds_ADGroups_ToServer checks group {$ligne} in line:" . __LINE__);
}
}
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("{$hostname}: checkcreds_ADGroups_ToServer " . count($YGroups) . " in line:" . __LINE__);
}
if (count($YGroups) == 0) {
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("{$hostname}: checkcreds_ADGroups_ToServer no group defined, return true in line:" . __LINE__);
}
return true;
}
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("{$hostname}: checkcreds_ADGroups_ToServer checks {$username} groups in line:" . __LINE__);
}
$account_suffixZ = explode(".", $account_suffix);
while (list($num, $a) = each($account_suffixZ)) {
$zsuffix[] = "DC={$a}";
}
$suffix = @implode(",", $zsuffix);
$options = array('base_dn' => $suffix, 'ad_username' => $username, 'ad_password' => $password, 'recursive_groups' => true, 'domain_controllers' => array($hostname), 'account_suffix' => "@{$account_suffix}");
$adldap = new adLDAP($options);
$adldap->authenticate("{$username}", $password);
$result = $adldap->user()->groups($username);
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog_array($GLOBALS["CLASS_ACTV"]);
}
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("{$hostname}: checkcreds_ADGroups_ToServer {$username} in:" . count($result) . " groups in line:" . __LINE__);
}
while (list($num, $group) = each($result)) {
$group = trim(strtolower($group));
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("{$hostname}: checkcreds_AD checks {$group} group in line:" . __LINE__);
}
if (isset($YGroups[$group])) {
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("{$hostname}: checkcreds_AD checks {$group} is OK in line:" . __LINE__);
}
return true;
}
}
return false;
}
if (0) {
$attributes = array("group_name" => "Test Group", "description" => "Just Testing", "container" => array("Groups", "A Container"));
$result = $adldap->group()->create($attributes);
var_dump($result);
}
// retrieve information about a group
if (0) {
// Raw data array returned
$result = $adldap->group()->info("Group Name");
var_dump($result);
}
// create a user account
if (0) {
$attributes = array("username" => "freds", "logon_name" => "*****@*****.**", "firstname" => "Fred", "surname" => "Smith", "company" => "My Company", "department" => "My Department", "email" => "*****@*****.**", "container" => array("Container Parent", "Container Child"), "enabled" => 1, "password" => "Password123");
try {
$result = $adldap->user()->create($attributes);
var_dump($result);
} catch (adLDAPException $e) {
echo $e;
exit;
}
}
// retrieve the group membership for a user
if (0) {
$result = $adldap->user()->groups("username");
print_r($result);
}
// retrieve information about a user
if (0) {
// Raw data array returned
$result = $adldap->user()->info("username");
