function external_ldap_members($dn, $conf)
{
$ldap_host = $conf["ldap_server"];
$ldap_port = $conf["ldap_port"];
$ldap_admin = $conf["ldap_user"];
$ldap_password = $conf["ldap_password"];
$suffix = $conf["ldap_suffix"];
$ldap_filter_users = $conf["ldap_filter_users"];
$ldap_filter_group = $conf["ldap_filter_group"];
if (preg_match("#^ExtLdap:(.+)#", $dn, $re)) {
$dn = $re[1];
}
if ($GLOBALS["output"]) {
echo "{$ldap_host}:{$ldap_port} -> {$ldap_filter_group}\n";
}
if (!is_numeric($ldap_port)) {
$ldap_port = 389;
}
if (!function_exists("ldap_connect")) {
if (function_exists("debug_backtrace")) {
$trace = debug_backtrace();
if (isset($trace[1])) {
$called = " called by " . basename($trace[1]["file"]) . " {$trace[1]["function"]}() line {$trace[1]["line"]}";
writeLogs("-> Call to undefined function ldap_connect() {$called}" . __LINE__, __CLASS__ . '/' . __FUNCTION__, __FILE__, __LINE__);
}
}
return array();
}
$ldap_connection = @ldap_connect($ldap_host, $ldap_port);
if (!$ldap_connection) {
WLOG("Fatal: ldap_connect -> {$ldap_host}:{$ldap_port} FAILED");
return array();
}
ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, 0);
$ldapbind = @ldap_bind($ldap_connection, $ldap_admin, $ldap_password);
if (!$ldapbind) {
$error = ldap_err2str(ldap_err2str(ldap_errno($ldap_connection)));
@ldap_close($ldap_connection);
WLOG("Fatal: ldap_bind -> {$ldap_host}:{$ldap_port} FAILED {$error}");
return array();
}
if (preg_match_all("#\\((.+?)=(.+?)\\)#", $ldap_filter_group, $re)) {
while (list($key, $line) = each($re[1])) {
if ($re[2][$key] == "*") {
$MemberAttribute = $line;
}
}
}
if ($GLOBALS["output"]) {
echo "DN -> Member attribute = {$dn}\n";
}
if ($GLOBALS["output"]) {
echo "{$ldap_filter_group} -> Member attribute = {$MemberAttribute}\n";
}
$pattern = str_replace("%u", "*", $ldap_filter_group);
$sr = @ldap_search($ldap_connection, $dn, $pattern, array());
if (!$sr) {
$error = ldap_err2str(ldap_err2str(ldap_errno($ldap_connection)));
@ldap_close($ldap_connection);
WLOG("Fatal: ldap_search -> {$pattern} FAILED {$error}");
return array();
}
$filter = array("cn", "description", 'sAMAccountName', "dn", "member", "memberOf", "userPrincipalName");
$f = array();
$result = @ldap_get_entries($ldap_connection, $sr);
for ($i = 0; $i < $result["count"]; $i++) {
if (isset($result[$i][$MemberAttribute]["count"])) {
for ($z = 0; $z < $result[$i][$MemberAttribute]["count"]; $z++) {
$uid = $result[$i][$MemberAttribute][$z];
$uids = GetAccountFromDistinguishedName($uid, $ldap_connection, $MemberAttribute, $dn);
if (count($uids) > 0) {
while (list($ind, $fnd) = each($uids)) {
$f[$ind] = $ind;
}
continue;
}
$TRANS = explode(",", $uid);
while (list($ind, $fnd) = each($TRANS)) {
if (preg_match("#^(userPrincipalName|cn|uid|memberUid|sAMAccountName|member|memberOf)=(.+)#i", $fnd, $re)) {
$uid = trim($re[2]);
$f[$uid] = $uid;
break;
}
}
}
}
}
return $f;
}
/**
* log something
*
* @param string $title
* @param array $data
* @param bool $debug
*/
function debugLog($title, $data, $debug = -10000)
{
$debug === -10000 && ($debug = defined('DEBUG_LOG') && DEBUG_LOG);
if ($debug) {
$echo = date('Y-m-d H:i:s', time()) . DEBUG_LOG . '|-------------------' . "\n" . $title . "\n";
$echo .= var_export($data, true) . "\n";
$echo .= '-------------------|' . "\n";
writeLogs('geo_debug.log', $echo);
}
}
