コード例 #1
0
function get_userlist()
{
    global $config, $ds;
    $userlist = array();
    $userhash = array();
    $ldap_groups = get_group_list();
    foreach ($ldap_groups as $ldap_group) {
        $group_cn = get_cn($ldap_group);
        $search = ldap_search($ds, $config['auth_ad_base_dn'], "(cn={$group_cn})", array('member'));
        $entries = ldap_get_entries($ds, $search);
        foreach ($entries[0]['member'] as $member) {
            $member_cn = get_cn($member);
            $search = ldap_search($ds, $config['auth_ad_base_dn'], "(cn={$member_cn})", array('sAMAccountname', 'displayName', 'objectSID', 'mail'));
            $results = ldap_get_entries($ds, $search);
            foreach ($results as $result) {
                if (isset($result['samaccountname'][0])) {
                    $userid = preg_replace('/.*-(\\d+)$/', '$1', sid_from_ldap($result['objectsid'][0]));
                    // don't make duplicates, user may be member of more than one group
                    $userhash[$result['samaccountname'][0]] = array('realname' => $result['displayName'][0], 'user_id' => $userid, 'email' => $result['mail'][0]);
                }
            }
        }
    }
    foreach (array_keys($userhash) as $key) {
        $userlist[] = array('username' => $key, 'realname' => $userhash[$key]['realname'], 'user_id' => $userhash[$key]['user_id'], 'email' => $userhash[$key]['email']);
    }
    return $userlist;
}
コード例 #2
0
function get_userlevel($username)
{
    global $config, $ldap_connection;
    $userlevel = 0;
    // Find all defined groups $username is in
    $search = ldap_search($ldap_connection, $config['auth_ad_base_dn'], get_auth_ad_user_filter($username), array('memberOf'));
    $entries = ldap_get_entries($ldap_connection, $search);
    unset($entries[0]['memberof']['count']);
    // Loop the list and find the highest level
    foreach ($entries[0]['memberof'] as $entry) {
        $group_cn = get_cn($entry);
        if (isset($config['auth_ad_groups'][$group_cn]['level']) && $config['auth_ad_groups'][$group_cn]['level'] > $userlevel) {
            $userlevel = $config['auth_ad_groups'][$group_cn]['level'];
        }
    }
    return $userlevel;
}