$new_user['uid'] = $config['system']['nextuid']++;
$config['system']['user'][] = $new_user;
local_user_set($new_user);
}
global $config;
// attributes used in page
$ldap_users = array();
$ldap_is_connected = false;
$exit_form = false;
// find gui auth server
$authcfg = auth_get_authserver($config['system']['webgui']['authmode']);
if ($authcfg['type'] == 'ldap') {
// setup peer ca
ldap_setup_caenv($authcfg);
// connect to ldap server
$ldap_auth = new OPNsense\Auth\LDAP($authcfg['ldap_basedn'], $authcfg['ldap_protver']);
$ldap_is_connected = $ldap_auth->connect($authcfg['ldap_full_url'], $authcfg['ldap_binddn'], $authcfg['ldap_bindpw']);
if ($ldap_is_connected) {
// collect list of current ldap users from config
$confDNs = array();
foreach ($config['system']['user'] as $confUser) {
if (!empty($confUser['user_dn'])) {
$confDNs[] = trim($confUser['user_dn']);
}
}
// search ldap
$result = $ldap_auth->searchUsers("*", $authcfg['ldap_attr_user'], $authcfg['ldap_extended_query']);
// actual form action, either save new accounts or list missing
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// create selected accounts
$exit_form = true;
if (isset($_GET['cert'])) {
$authcfg = array();
$authcfg['ldap_caref'] = $_GET['cert'];
ldap_setup_caenv($authcfg);
}
$ldap_authcn = isset($_GET['authcn']) ? explode(";", $_GET['authcn']) : array();
if (isset($_GET['urltype']) && strstr($_GET['urltype'], "Standard")) {
$ldap_full_url = "ldap://";
} else {
$ldap_full_url = "ldaps://";
}
$ldap_full_url .= is_ipaddrv6($_GET['host']) ? "[{$_GET['host']}]" : $_GET['host'];
if (!empty($_GET['port'])) {
$ldap_full_url .= ":{$_GET['port']}";
}
$ldap_auth = new OPNsense\Auth\LDAP($_GET['basedn'], isset($_GET['proto']) ? $_GET['proto'] : 3);
$ldap_is_connected = $ldap_auth->connect($ldap_full_url, !empty($_GET['binddn']) ? $_GET['binddn'] : null, !empty($_GET['bindpw']) ? $_GET['bindpw'] : null);
if ($ldap_is_connected) {
$ous = $ldap_auth->listOUs();
}
}
?>
<body>
<script type="text/javascript">
function post_choices() {
var ous = <?php
echo count($ous);
?>
;
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
require_once "guiconfig.inc";
require_once "auth.inc";
include 'head.inc';
if (isset($config['system']['authserver'][0]['host'])) {
$auth_server = $config['system']['authserver'][0]['host'];
$authserver = $_GET['authserver'];
$authcfg = auth_get_authserver($authserver);
$ldap_auth = new OPNsense\Auth\LDAP($authcfg['ldap_basedn'], $authcfg['ldap_protver']);
ldap_setup_caenv($authcfg);
$ldap_is_connected = $ldap_auth->connect($authcfg['ldap_full_url'], $authcfg['ldap_binddn'], $authcfg['ldap_bindpw']);
}
?>
<body>
<form method="post" name="iform" id="iform">
<?php
if (!$authcfg) {
printf(gettext("Could not find settings for %s%s"), htmlspecialchars($authserver), "<p/>");
} else {
echo "<table class='table table-striped'>";
echo "<tr><th colspan='2'>" . sprintf(gettext("Testing %s LDAP settings... One moment please..."), $g['product_name']) . "</th></tr>";
echo "<tr><td>" . gettext("Attempting connection to") . " " . $authserver . "</td>";
