function get_userlist()
{
global $config, $ds;
$userlist = array();
$userhash = array();
$ldap_groups = get_group_list();
foreach ($ldap_groups as $ldap_group) {
$group_cn = get_cn($ldap_group);
$search = ldap_search($ds, $config['auth_ad_base_dn'], "(cn={$group_cn})", array('member'));
$entries = ldap_get_entries($ds, $search);
foreach ($entries[0]['member'] as $member) {
$member_cn = get_cn($member);
$search = ldap_search($ds, $config['auth_ad_base_dn'], "(cn={$member_cn})", array('sAMAccountname', 'displayName', 'objectSID', 'mail'));
$results = ldap_get_entries($ds, $search);
foreach ($results as $result) {
if (isset($result['samaccountname'][0])) {
$userid = preg_replace('/.*-(\\d+)$/', '$1', sid_from_ldap($result['objectsid'][0]));
// don't make duplicates, user may be member of more than one group
$userhash[$result['samaccountname'][0]] = array('realname' => $result['displayName'][0], 'user_id' => $userid, 'email' => $result['mail'][0]);
}
}
}
}
foreach (array_keys($userhash) as $key) {
$userlist[] = array('username' => $key, 'realname' => $userhash[$key]['realname'], 'user_id' => $userhash[$key]['user_id'], 'email' => $userhash[$key]['email']);
}
return $userlist;
}
function get_userlevel($username)
{
global $config, $ldap_connection;
$userlevel = 0;
// Find all defined groups $username is in
$search = ldap_search($ldap_connection, $config['auth_ad_base_dn'], get_auth_ad_user_filter($username), array('memberOf'));
$entries = ldap_get_entries($ldap_connection, $search);
unset($entries[0]['memberof']['count']);
// Loop the list and find the highest level
foreach ($entries[0]['memberof'] as $entry) {
$group_cn = get_cn($entry);
if (isset($config['auth_ad_groups'][$group_cn]['level']) && $config['auth_ad_groups'][$group_cn]['level'] > $userlevel) {
$userlevel = $config['auth_ad_groups'][$group_cn]['level'];
}
}
return $userlevel;
}