/** * Build the array sent to GenericUser for use in Auth::user(). * * @param adLDAP\adLDAP $infoCollection * * @return array $info */ protected function setInfoArray($infoCollection) { /* * in app/auth.php set the fields array with each value * as a field you want from active directory * If you have 'user' => 'samaccountname' it will set the $info['user'] = $infoCollection->samaccountname * refer to the adLDAP docs for which fields are available. */ if (!empty($this->config['fields'])) { foreach ($this->config['fields'] as $k => $field) { if ($k == 'groups') { $info[$k] = $this->getAllGroups($infoCollection->memberof); } elseif ($k == 'primarygroup') { $info[$k] = $this->getPrimaryGroup($infoCollection->distinguishedname); } else { $info[$k] = $infoCollection->{$field}; } } } else { //if no fields array present default to username and displayName $info['username'] = $infoCollection->samaccountname; $info['displayname'] = $infoCollection->displayName; $info['primarygroup'] = $this->getPrimaryGroup($infoCollection->distinguishedname); $info['groups'] = $this->getAllGroups($infoCollection->memberof); } /* * I needed a user list to populate a dropdown * Set userlist to true in app/config/auth.php and set a group in app/config/auth.php as well * The table is the OU in Active directory you need a list of. */ if (!empty($this->config['userList'])) { $info['userlist'] = $this->ad->folder()->listing([$this->config['group']]); } return $info; }
/** * Delete a user account * * @param string $username The username to delete (please be careful here!) * @param bool $isGUID Is the username a GUID or a samAccountName * @return array */ public function delete($username, $isGUID = false) { $userinfo = $this->info($username, array("*"), $isGUID); $dn = $userinfo[0]['distinguishedname'][0]; $result = $this->adldap->folder()->delete($dn); if ($result != true) { return false; } return true; }
/** * Delete a group account * * @param string $group The group to delete (please be careful here!) * * @return array */ public function delete($group) { if (!$this->adldap->getLdapBind()) { return false; } if ($group === null) { return "Missing compulsory field [group]"; } $groupInfo = $this->info($group, array("*")); $dn = $groupInfo[0]['distinguishedname'][0]; $result = $this->adldap->folder()->delete($dn); if ($result !== true) { return false; } return true; }
// modify a user account (this example will set "user must change password at next logon") if (0) { $attributes = array('change_password' => 1); $result = $adldap->user()->modify('username', $attributes); var_dump($result); } // change the password of a user. It must meet your domain's password policy if (0) { try { $result = $adldap->user()->password('username', 'Password123'); var_dump($result); } catch (adLDAPException $e) { echo $e; exit; } } // see a user's last logon time if (0) { try { $result = $adldap->user()->getLastLogon('username'); var_dump(date('Y-m-d H:i:s', $result)); } catch (adLDAPException $e) { echo $e; exit; } } // list the contents of the Users OU if (0) { $result = $adldap->folder()->listing(array('Users'), adLDAP::ADLDAP_FOLDER, false); var_dump($result); }