$arGroups = array(); } // add groups, which import is forbidden, to common mapping with an id of -1 foreach ($noimportGroups as $ldapGroupId) { $arGroups[] = array("LDAP_GROUP_ID" => $ldapGroupId, "GROUP_ID" => -1); } } $arFields = array("NAME" => $_REQUEST['NAME'], "DESCRIPTION" => $_REQUEST['DESCRIPTION'], "CODE" => $_REQUEST['CODE'], "SERVER" => $_REQUEST['SERVER'], "PORT" => $_REQUEST['PORT'], "CONVERT_UTF8" => $_REQUEST['CONVERT_UTF8'], "ADMIN_LOGIN" => $_REQUEST['ADMIN_LOGIN'], "ACTIVE" => $_REQUEST['ACTIVE'], "ADMIN_PASSWORD" => $_REQUEST['ADMIN_PASSWORD'], "BASE_DN" => $_REQUEST['BASE_DN'], "GROUP_FILTER" => $_REQUEST['GROUP_FILTER'], "GROUP_ID_ATTR" => $_REQUEST['GROUP_ID_ATTR'], "GROUP_NAME_ATTR" => $_REQUEST['GROUP_NAME_ATTR'], "GROUP_MEMBERS_ATTR" => $_REQUEST['GROUP_MEMBERS_ATTR'], "USER_FILTER" => $_REQUEST['USER_FILTER'], "USER_ID_ATTR" => $_REQUEST['USER_ID_ATTR'], "USER_NAME_ATTR" => $_REQUEST['USER_NAME_ATTR'], "USER_LAST_NAME_ATTR" => $_REQUEST['USER_LAST_NAME_ATTR'], "USER_EMAIL_ATTR" => $_REQUEST['USER_EMAIL_ATTR'], "USER_GROUP_ATTR" => $_REQUEST['USER_GROUP_ATTR'], "USER_GROUP_ACCESSORY" => $_REQUEST['USER_GROUP_ACCESSORY'], "SYNC_PERIOD" => $_REQUEST['SYNC_PERIOD'], "SYNC" => $_REQUEST['SYNC'], "SYNC_ATTR" => $_REQUEST['SYNC_ATTR'], "USER_DEPARTMENT_ATTR" => $_REQUEST['USER_DEPARTMENT_ATTR'], "USER_MANAGER_ATTR" => $_REQUEST['USER_MANAGER_ATTR'], "IMPORT_STRUCT" => $_REQUEST['IMPORT_STRUCT'], "STRUCT_HAVE_DEFAULT" => $_REQUEST['STRUCT_HAVE_DEFAULT'], "ROOT_DEPARTMENT" => $_REQUEST['ROOT_DEPARTMENT'], "DEFAULT_DEPARTMENT_NAME" => $_REQUEST['DEFAULT_DEPARTMENT_NAME'], "FIELD_MAP" => $arUserFieldMap, "MAX_PAGE_SIZE" => $_REQUEST['MAX_PAGE_SIZE'], "SYNC_USER_ADD" => $_REQUEST['SYNC_USER_ADD']); if (is_array($arGroups)) { $arFields['GROUPS'] = $arGroups; } // apply form to server config if ($ID > 0) { $res = CLdapServer::Update($ID, $arFields); } else { $ID = CLdapServer::Add($arFields); $res = $ID > 0; } if ($res) { if (strlen($save) > 0) { if (substr($_REQUEST['back_url'], 0, 1) == '/') { LocalRedirect($_REQUEST['back_url'] . '&ldapServer=' . $ID); } else { LocalRedirect("ldap_server_admin.php?lang=" . LANG); } } else { LocalRedirect($APPLICATION->GetCurPage() . "?lang=" . LANG . "&ID=" . $ID . "&tabControl_active_tab=" . urlencode($tabControl_active_tab)); } } else { if ($e = $APPLICATION->GetException()) { $message = new CAdminMessage(GetMessage("LDAP_SAVING_ERROR"), $e);
function OnPostForm() { $wizard =& $this->GetWizard(); if ($wizard->IsPrevButtonClick()) { return; } if (!$this->ldp) { $wizard->SetCurrentStep("ldap_settings"); $this->SetError(GetMessage("wiz_ldap_error"), "ldapServer"); return; } elseif (!$this->ldp->BindAdmin()) { $wizard->SetCurrentStep("ldap_settings"); $this->SetError(GetMessage("wiz_ldap_error1"), "ldapLogin"); return; } elseif ($this->ldp) { $dbGroup = $this->ldp->GetGroupList(); if (!$dbGroup->Fetch()) { $wizard->SetCurrentStep("ldap_settings"); $this->SetError(GetMessage("wiz_ldap_error_root"), "ldapBaseDN"); return; } } $arUserFieldMap = array("ACTIVE" => "UserAccountControl&2", "EMAIL" => "email", "NAME" => "givenName", "LAST_NAME" => "sn", "PERSONAL_WWW" => "wWWHomePage", "PERSONAL_PHONE" => "homePhone", "PERSONAL_MOBILE" => "mobile", "PERSONAL_STREET" => "streetAddress", "PERSONAL_MAILBOX" => "postOfficeBox", "PERSONAL_CITY" => "l", "PERSONAL_STATE" => "st", "PERSONAL_ZIP" => "postalCode", "PERSONAL_COUNTRY" => "c", "WORK_COMPANY" => "company", "WORK_DEPARTMENT" => "department", "WORK_POSITION" => "title", "WORK_PHONE" => "telephoneNumber", "WORK_FAX" => "facsimileTelephoneNumber", "ADMIN_NOTES" => "description"); $arFields = array("NAME" => GetMessage("wiz_ldap_server1"), "DESCRIPTION" => "", "CODE" => $wizard->GetVar('ldapNTLMDomain') ? $wizard->GetVar('ldapNTLMDomain') : '', "SERVER" => $wizard->GetVar("ldapServer"), "PORT" => $wizard->GetVar("ldapPort"), "CONVERT_UTF8" => "Y", "ADMIN_LOGIN" => $wizard->GetVar("ldapLogin"), "ACTIVE" => "Y", "ADMIN_PASSWORD" => $wizard->GetVar("ldapPassword"), "BASE_DN" => $wizard->GetVar("ldapBaseDN"), "GROUP_FILTER" => "(objectCategory=group)", "GROUP_ID_ATTR" => "dn", "GROUP_NAME_ATTR" => "sAMAccountName", "USER_FILTER" => "(&(objectClass=user)(objectCategory=PERSON))", "USER_ID_ATTR" => "samaccountname", "USER_NAME_ATTR" => "givenName", "USER_LAST_NAME_ATTR" => "sn", "USER_EMAIL_ATTR" => "mail", "USER_GROUP_ATTR" => "memberof", "SYNC_PERIOD" => "5", "SYNC" => "N", "SYNC_ATTR" => "whenChanged", "FIELD_MAP" => $arUserFieldMap); $ldapGroup = $wizard->GetVar("ldapGroup"); if (is_array($ldapGroup) && !empty($ldapGroup)) { $arGroups = array(); foreach ($ldapGroup as $groupID => $ldapGroupID) { $arGroups[] = array("GROUP_ID" => $groupID, "LDAP_GROUP_ID" => $ldapGroupID); } $arFields["GROUPS"] = $arGroups; } $ID = CLdapServer::Add($arFields); if ($ID < 1) { $this->SetError(GetMessage("wiz_ldap_server_err") . ($exception = $GLOBALS["APPLICATION"]->GetException() ? $exception->GetString() : "")); } elseif ($wizard->GetVar('ldapNTLM') == 'Y' && strlen($wizard->GetVar('ldapNTLMDomain')) > 0) { COption::SetOptionString("ldap", "use_ntlm", "Y"); COption::SetOptionString("ldap", "ntlm_default_server", $ID); RegisterModuleDependences('main', 'OnBeforeProlog', 'ldap', 'CLDAP', 'NTLMAuth', 40); $fhtaccess = $_SERVER['DOCUMENT_ROOT'] . '/.htaccess'; $f = fopen($fhtaccess, "rb"); $fcontent = fread($f, filesize($fhtaccess)); fclose($f); $fcontent = preg_replace('/AuthType .+SSPIOfferBasic On[\\r\\n\\t #]Require valid-user/is', '', $fcontent); $fcontent = $fcontent . "\r\n" . "AuthName \"My Intranet\"\r\n" . "AuthType SSPI\r\n" . "SSPIAuth On\r\n" . "SSPIPackage NTLM\r\n" . "SSPIDomain " . $wizard->GetVar('ldapNTLMDomain') . "\r\n" . "SSPIPerRequestAuth On\r\n" . "SSPIAuthoritative On\r\n" . "SSPIOfferBasic On\r\n" . "Require valid-user\r\n"; $f = fopen($fhtaccess, "wb+"); fwrite($f, $fcontent); fclose($f); } }