コード例 #1
6
ファイル: Utlookup.php プロジェクト: pkeane/humptydumpty
 public static function lookup($query, $type)
 {
     $person_array = array();
     $x500 = ldap_connect('ldap.utexas.edu');
     $bind = ldap_bind($x500);
     $dn = "ou=people,dc=directory,dc=utexas,dc=edu";
     $filter = "{$type}={$query}";
     $ldap_result = @ldap_search($x500, $dn, $filter);
     $attributes = array('eid' => 'uid', 'email' => 'mail', 'name' => 'cn', 'firstname' => 'givenname', 'lastname' => 'sn', 'office' => 'utexasedupersonofficelocation', 'phone' => 'telephonenumber', 'title' => 'title', 'unit' => 'ou');
     if ($ldap_result) {
         $entry_array = ldap_get_entries($x500, $ldap_result);
         for ($i = 0; $i < count($entry_array) - 1; $i++) {
             $person = array();
             if ($entry_array[$i]) {
                 $eid = $entry_array[$i]['uid'][0];
                 foreach ($attributes as $label => $att) {
                     if (isset($entry_array[$i][$att])) {
                         $person[$label] = $entry_array[$i][$att][0];
                     } else {
                         $person[$label] = '';
                     }
                 }
             }
             $person_array[] = $person;
         }
         ldap_close($x500);
     }
     return $person_array;
 }
コード例 #2
1
 public function connect()
 {
     // basic sequence with LDAP is connect, bind, search, interpret search
     // result, close connection
     $ds = ldap_connect("192.168.0.111");
     // must be a valid LDAP server!
     if ($ds) {
         $r = ldap_bind($ds, "portalusr01", "tbs4portal");
         // this is an "anonymous" bind, typically
         if (!$r) {
             echo "Unable to connect to LDAP server";
             die;
         }
         // Search surname entry
         //			$dn = "OU=Users,OU=PT. Monica Hijau Lestari,DC=thebodyshop,DC=co,DC=id";
         $dn = "OU=Users,OU=ho-bintaro,DC=thebodyshop,DC=co,DC=id";
         $filter = "(|(SN=*)(CN=*))";
         $sr = ldap_search($ds, $dn, $filter);
         $info = ldap_get_entries($ds, $sr);
         $dn = "OU=user,OU=warehouse-bsd,DC=thebodyshop,DC=co,DC=id";
         $filter = "(|(SN=*)(CN=*))";
         $sr = ldap_search($ds, $dn, $filter);
         $infoDc = ldap_get_entries($ds, $sr);
         $this->parseUsers($info, $infoDc);
         ldap_close($ds);
     } else {
         echo "Unable to connect to LDAP server";
     }
 }
コード例 #3
0
ファイル: Connection.php プロジェクト: robinkanters/symfony
 private function disconnect()
 {
     if ($this->connection && is_resource($this->connection)) {
         ldap_close($this->connection);
     }
     $this->connection = null;
 }
コード例 #4
0
ファイル: init.php プロジェクト: BackupTheBerlios/jasmine-svn
 /**
  *  This function take user-provided login and password, and tries
  *  an to authenticate this user using the LDAP server set in
  *  config.php.
  *
  *  @param login the login provided by the user
  *  @param password the password provided by the user
  *  @returns false if the authentification fails, or the username if
  *           it succeeds.
  */
 function validate($login, $password)
 {
     //echo "\$login : $login<br />\n";
     //echo "\$password : $password<br />\n";
     // Connect to the ldap server
     $this->connectionID = ldap_connect($this->ldapServer);
     // First, bind anonymously and retrieve the full DN corresponding to
     // the login provided by the user, as well as the user name to display.
     $success = ldap_bind($this->connectionID);
     $searchString = "(&(objectClass=person)({$this->ldapSearchAttribute}={$login}))";
     $result = ldap_search($this->connectionID, $this->ldapBase, $searchString, array("dn", $this->userNameAttribute));
     $entries = ldap_get_entries($this->connectionID, $result);
     // Keep only the first entry
     $userFullDN = $entries[0]["dn"];
     $userNameToDisplay = $entries[0]["{$this->userNameAttribute}"][0];
     // If $userNameToDisplay retrievial failed, we won't authenticate, so
     // set it to true to save things.
     if (empty($userNameToDisplay)) {
         $userNameToDisplay = true;
     }
     // TODO GESTION D'ERREUR !
     // Now we can authenticate : Bind to the ldap server
     $success = ldap_bind($this->connectionID, $userFullDN, $password);
     ldap_close($this->connectionID);
     // If bind was successful, then authentification succeeded too, and return
     // the user name to display.
     if ($success == true) {
         return $userNameToDisplay;
     } else {
         return false;
     }
 }
コード例 #5
0
ファイル: ldapreadout.php プロジェクト: stpmt11/phpos
function ldap_call($connection, $bind_user, $bind_pass, $filter)
{
    $ds = ldap_connect($connection);
    if ($ds) {
        $r = ldap_bind($ds, $bind_user, $bind_pass);
        //$filter="(|(mail= null)(objectCategory=group))";
        $sr = ldap_search($ds, "ou=LMC, dc=lamontanita, dc=local", $filter);
        ldap_sort($ds, $sr, "cn");
        $info = ldap_get_entries($ds, $sr);
        //echo $info["count"] . " results returned:<p>";
        /*	echo "<table id='ldaptable' border=1><tr><th>Name</th><th>E-mail</th></tr>";
            for ($i=0; $i<$info["count"]; $i++) {
            		if($info[$i]["mail"][0]!=null){
                echo "<td>". $info[$i]["cn"][0] . "</td>";
                echo "<td>" . $info[$i]["mail"][0] . "</td></tr>";
            }
            }    
        	echo "</table>";*/
        echo '<pre>';
        print_r($info);
        return $info;
        ldap_close($ds);
    } else {
        echo "<h4>LDAP_CALL unable to connect to LDAP server</h4>";
    }
}
コード例 #6
0
 /**
  * Closing the connection
  */
 function close()
 {
     if ($this->_connection !== null) {
         ldap_close($this->_connection);
         $this->_connection = null;
     }
 }
コード例 #7
0
 /**
  * Authenticates a user to LDAP
  *
  * @param $username
  * @param $password
  * @param bool|false $returnUser
  * @return bool true    if the username and/or password provided are valid
  *              false   if the username and/or password provided are invalid
  *         array of ldap_attributes if $returnUser is true
  */
 function ldap($username, $password, $returnUser = false)
 {
     $ldaphost = Setting::getSettings()->ldap_server;
     $ldaprdn = Setting::getSettings()->ldap_uname;
     $ldappass = Crypt::decrypt(Setting::getSettings()->ldap_pword);
     $baseDn = Setting::getSettings()->ldap_basedn;
     $filterQuery = Setting::getSettings()->ldap_auth_filter_query . $username;
     $ldapversion = Setting::getSettings()->ldap_version;
     // Connecting to LDAP
     $connection = ldap_connect($ldaphost) or die("Could not connect to {$ldaphost}");
     // Needed for AD
     ldap_set_option($connection, LDAP_OPT_REFERRALS, 0);
     ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, $ldapversion);
     try {
         if ($connection) {
             // binding to ldap server
             $ldapbind = ldap_bind($connection, $ldaprdn, $ldappass);
             if (($results = @ldap_search($connection, $baseDn, $filterQuery)) != false) {
                 $entry = ldap_first_entry($connection, $results);
                 if (($userDn = @ldap_get_dn($connection, $entry)) !== false) {
                     if (($isBound = ldap_bind($connection, $userDn, $password)) == "true") {
                         return $returnUser ? array_change_key_case(ldap_get_attributes($connection, $entry), CASE_LOWER) : true;
                     }
                 }
             }
         }
     } catch (Exception $e) {
         LOG::error($e->getMessage());
     }
     ldap_close($connection);
     return false;
 }
コード例 #8
0
ファイル: dt_ldap.class.php プロジェクト: codifyllc/phpopenfw
 public function close()
 {
     if ($this->handle && !$this->data_result) {
         ldap_close($this->handle);
     }
     $this->conn_open = false;
 }
コード例 #9
0
 private function getOrganizations()
 {
     // Common functions
     $common = new common();
     // Ldap Connections
     $ldap = $common->ldapConnect($this->ldap_host, $this->ldap_root_dn, $this->ldap_root_pw);
     if ($ldap) {
         $filter = "objectClass=organizationalUnit";
         $justthese = array("ou");
         $search = ldap_list($ldap, $this->ldap_context, $filter, $justthese);
         $entry = ldap_get_entries($ldap, $search);
     }
     if ($entry['count'] > 0) {
         foreach ($entry as $tmp) {
             if ($tmp['ou'][0] != "") {
                 $result_ou[] = $tmp['ou'][0];
             }
         }
     } else {
         $result_ou[] = $this->ldap_context;
     }
     natcasesort($result_ou);
     ldap_close($ldap);
     return $result_ou ? $result_ou : '';
 }
コード例 #10
0
ファイル: init_users_lcs.php プロジェクト: rhertzog/lcs
function is_prof($login)
{
    global $ldap_server, $ldap_port, $dn;
    global $error;
    $error = "";
    $filter = "(&(cn=profs*)(memberUid={$login}))";
    $ldap_groups_attr = array("cn", "memberUid");
    /*-----------------------------------------------------*/
    $ds = @ldap_connect($ldap_server, $ldap_port);
    if ($ds) {
        $r = @ldap_bind($ds);
        if (!$r) {
            $error = "Echec du bind anonyme";
        } else {
            // Recherche du groupe d'appartenance de l'utilisateur connecte
            $result = @ldap_list($ds, $dn["groups"], $filter, $ldap_groups_attr);
            if ($result) {
                $info = @ldap_get_entries($ds, $result);
                if ($info["count"]) {
                    $is_prof = true;
                } else {
                    $is_prof = false;
                }
            }
        }
    }
    @ldap_unbind($ds);
    @ldap_close($ds);
    return $is_prof;
}
コード例 #11
0
ファイル: Ldap.php プロジェクト: agentile/foresmo
 /**
  * 
  * Verifies a username handle and password.
  * 
  * @return mixed An array of verified user information, or boolean false
  * if verification failed.
  * 
  * 
  */
 protected function _processLogin()
 {
     // connect
     $conn = @ldap_connect($this->_config['uri']);
     // did the connection work?
     if (!$conn) {
         throw $this->_exception('ERR_CONNECTION_FAILED', $this->_config);
     }
     // upgrade to LDAP3 when possible
     @ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3);
     // filter the handle to prevent LDAP injection
     $regex = '/[^' . $this->_config['filter'] . ']/';
     $this->_handle = preg_replace($regex, '', $this->_handle);
     // bind to the server
     $rdn = sprintf($this->_config['format'], $this->_handle);
     $bind = @ldap_bind($conn, $rdn, $this->_passwd);
     // did the bind succeed?
     if ($bind) {
         ldap_close($conn);
         return array('handle' => $this->_handle);
     } else {
         $this->_err = @ldap_errno($conn) . " " . @ldap_error($conn);
         ldap_close($conn);
         return false;
     }
 }
コード例 #12
0
function checkAdLoginAuth($user_id, $login_passwd)
{
    //接続開始
    $ldap_conn = ldap_connect(LDAP_HOST_1, LDAP_PORT);
    if (!$ldap_conn) {
        $ldap_conn = ldap_connect("ldaps://" . LDAP_HOST_2);
    } else {
        print_r("OK" . PHP_EOL);
    }
    if (!$ldap_conn) {
        Debug_Trace("接続失敗");
        return false;
    }
    if ($ldap_conn) {
        ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, 3);
        $ldap_bind = ldap_bind($ldap_conn, "CN=" . $user_id . "," . LDAP_DN, $login_passwd);
        if ($ldap_bind) {
            Debug_Trace("ADの認証に成功しました", 3);
            return true;
        } else {
            Debug_Trace("ADの認証に失敗しました", 3);
            Debug_Trace($user_id, 3);
            return false;
        }
    } else {
        Debug_Trace('ADサーバへの接続に失敗しました');
        return false;
    }
    ldap_close($ldap_conn);
    return true;
}
コード例 #13
0
ファイル: ldap.inc.php プロジェクト: alvunera/FreeNats-PlugIn
 function DoTest($testname, $param, $hostname, $timeout, $params)
 {
     global $NATS;
     $url = $params[0];
     $bind = $params[1];
     $pasw = $params[2];
     $base = $params[3];
     $filter = $params[4];
     $ds = ldap_connect($url);
     if (!$ds) {
         return -2;
     }
     $ldap = $bind && $pasw ? ldap_bind($ds, $bind, $pasw) : ldap_bind($ds);
     if (!$ldap) {
         return -1;
     }
     if ($base && $filter) {
         $search = ldap_search($ds, $base, $filter);
         $val = ldap_count_entries($ds, $search);
     } else {
         $val = 1;
     }
     ldap_close($ds);
     return $val;
 }
コード例 #14
0
ファイル: ldap-auth.php プロジェクト: le9i0nx/ansible-root
function ldap_auth()
{
    $ldap_server = 'ldap://127.0.0.1/';
    $ldap_domain = 'dc=rugion,dc=ru';
    //$ldap_userbase = 'ou=users,ou=chelyabinsk,' . $ldap_domain;
    //$ldap_user = '******' . $_SERVER['PHP_AUTH_USER'] . ',' . $ldap_userbase;
    $ldap_user = '******';
    $ldap_pass = $_SERVER['PHP_AUTH_PW'];
    $ldapconn_s = ldap_connect($ldap_server) or die("Could not connect to LDAP server.");
    ldap_set_option($ldapconn_s, LDAP_OPT_PROTOCOL_VERSION, 3);
    if ($ldapconn_s) {
        $ldapbind_s = @ldap_bind($ldapconn_s);
        $result = ldap_search($ldapconn_s, $ldap_domain, "(&(uid=" . $_SERVER['PHP_AUTH_USER'] . ")(objectClass=sambaSamAccount)(!(sambaAcctFlags=[DU ])))");
        $info = ldap_get_entries($ldapconn_s, $result);
        $ldap_user = $info[0]["dn"];
    }
    ldap_close($ldapconn_s);
    // connect to ldap server
    $ldapconn = ldap_connect($ldap_server) or die("Could not connect to LDAP server.");
    ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
    if ($ldapconn) {
        // try to bind/authenticate against ldap
        $ldapbind = @ldap_bind($ldapconn, $ldap_user, $ldap_pass) || forbidden();
        // "LDAP bind successful...";
        error_log("success: " . $_SERVER['REMOTE_ADDR'] . ', user: '******'PHP_AUTH_USER']);
    }
    ldap_close($ldapconn);
}
コード例 #15
0
 function _encrypt($str_userpswd)
 {
     echo '&lt;h3>Prueba de consulta LDAP&lt;/h3>';
     echo 'Conectando ...';
     $ds = ldap_connect('localhost');
     echo 'El resultado de la conexi&oacute;n es ' . $ds . '&lt;p>';
     if ($ds) {
         echo 'Autentific&aacute;ndose  ...';
         $r = ldap_bind($ds);
         echo 'El resultado de la autentificaci&oacute;n es ' . $r . '&lt;p>';
         echo 'Buscando (sn=P*) ...';
         $sr = ldap_search($ds, 'o=halys, c=halys', 'sn=h*');
         echo 'El resultado de la b&uacute;squeda es ' . $sr . '&lt;p>';
         echo 'El n&uacute;mero de entradas devueltas es ' . ldap_count_entries($ds, $sr) . '&lt;p>';
         echo 'Recuperando entradas ...&lt;p>';
         $info = ldap_get_entries($ds, $sr);
         echo 'Devueltos datos de ' . $info['count'] . ' entradas:&lt;p>';
         for ($i = 0; $i < $info['count']; $i++) {
             echo 'dn es: ' . $info[$i]['dn'] . '&lt;br>';
             echo 'La primera entrada cn es: ' . $info[$i]['cn'][0] . '&lt;br>';
         }
         echo 'Cerrando conexi&oacute;n';
         ldap_close($ds);
     } else {
         echo '&lt;h4>Ha sido imposible conectar al servidor LDAP&lt;/h4>';
     }
 }
コード例 #16
0
ファイル: accorder_comptes_lcs.php プロジェクト: rhertzog/lcs
function search_uidspip ($filter,$ldap_server, $ldap_port, $dn) {
  global  $ldap_grp_attr;
  
  // LDAP attributs
  $ldap_grp_attr = array (
    "cn",
    "memberuid"  );

  $ds = @ldap_connect ( $ldap_server, $ldap_port );
  if ( $ds ) {
    $r = @ldap_bind ( $ds ); // Bind anonyme
    if ($r) {
      $result=@ldap_list ($ds, $dn["groups"], $filter, $ldap_grp_attr);
      if ($result) {
        $info = ldap_get_entries( $ds, $result );
        if ($info["count"]) {
          // Stockage des logins des membres des classes
          //  dans le tableau $ret
          $init=0;
          for ($loop=0; $loop < $info["count"]; $loop++) {
            $group=split ("[\_\]",$info[$loop]["cn"][0],2);
            for ( $i = 0; $i < $info[$loop]["memberuid"]["count"]; $i++ ) {
              $ret[$init]["uid"] = $info[$loop]["memberuid"][$i];
              $ret[$init]["cat"] = $group[0];
              $init++;
            }
          }
        }
        ldap_free_result ( $result );
      }
    } 
    @ldap_close ( $ds );
  } 
  return $ret;
}
コード例 #17
0
ファイル: Connection.php プロジェクト: ajaboa/crmpuan
 /**
  * Disconnect
  */
 public function disconnect()
 {
     \GO::debug("LDAP::disconnect()");
     if ($this->_link) {
         ldap_close($this->_link);
     }
 }
コード例 #18
0
ファイル: ldap.php プロジェクト: pihizi/qf
 function __destruct()
 {
     if ($this->ds) {
         @ldap_close($this->ds);
         $this->root_binded = FALSE;
     }
 }
コード例 #19
0
ファイル: index.php プロジェクト: JasonSFuller/depot
function my_session_login($username, $password)
{
    $domain = $GLOBALS['config']['my_ad_domain'];
    if (strpos($username, "\\")) {
        list($domain, $username) = explode("\\", $username, 2);
    }
    $domain = preg_replace("/[^0-9A-Za-z \\-\\.]/", "", $domain);
    $username = preg_replace("/[^0-9A-Za-z \\-\\.]/", "", $username);
    $ldap = ldap_connect($GLOBALS['config']['my_ad_server']);
    ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
    ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
    $bind = @ldap_bind($ldap, $domain . "\\" . $username, $password);
    if (!$bind) {
        show_error("Invalid username and/or password.");
    }
    $result = ldap_search($ldap, $GLOBALS['config']['my_ad_basedn'], "(sAMAccountName={$username})");
    $info = ldap_get_entries($ldap, $result);
    @ldap_close($ldap);
    if ($info['count'] != 1) {
        show_error("Account not found.");
    }
    $_SESSION['username'] = my_encrypt($info[0]["samaccountname"][0]);
    $_SESSION['fullname'] = my_encrypt($info[0]["displayname"][0]);
    $_SESSION['last_seen'] = my_encrypt(time());
    $_SESSION['user_agent'] = my_encrypt($_SERVER['HTTP_USER_AGENT']);
    $action = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '/';
    header("Location: " . $action);
}
コード例 #20
0
ファイル: LdapPerson.php プロジェクト: billdueber/resources
 public function __construct($userKey)
 {
     $config = new Configuration();
     //try to connect to ldap if the settings are entered
     if ($config->ldap->host) {
         //If you are using OpenLDAP 2.x.x you can specify a URL instead of the hostname. To use LDAP with SSL, compile OpenLDAP 2.x.x with SSL support, configure PHP with SSL, and set this parameter as ldaps://hostname/.
         //note that connect happens regardless if host is valid
         $ds = ldap_connect($config->ldap->host);
         //may need ldap_bind( $ds, $username, $password )
         $bd = ldap_bind($ds) or die("<br /><h3>" . _("Could not connect to ") . $config->ldap->host . "</h3>");
         if ($bd) {
             $filter = $config->ldap->search_key . "=" . $userKey;
             $sr = ldap_search($ds, $config->ldap->base_dn, $filter);
             if ($entries = ldap_get_entries($ds, $sr)) {
                 $entry = $entries[0];
                 $fieldNames = array('fname', 'lname', 'email', 'phone', 'department', 'title', 'address');
                 foreach ($fieldNames as $fieldName) {
                     $configName = $fieldName . '_field';
                     $this->{$fieldName} = $entry[$config->ldap->{$configName}][0];
                 }
                 $this->fullname = addslashes($this->fname . ' ' . $this->lname);
             }
             ldap_close($ds);
         }
     }
 }
コード例 #21
0
function auth_ldap($uid, $pwd)
{
    global $ldap_accessible, $charset, $ldap_encoding_utf8;
    if (!$ldap_accessible) {
        return 0;
    }
    $ret = 0;
    if ($pwd) {
        //Gestion encodage
        if ($ldap_encoding_utf8 && $charset != "utf-8") {
            $uid = utf8_encode($uid);
            $pwd = utf8_encode($pwd);
        } elseif (!$ldap_encoding_utf8 && $charset == "utf-8") {
            $uid = utf8_decode($uid);
            $pwd = utf8_decode($pwd);
        }
        $dn = str_replace('UID', $uid, LDAP_BINDDN);
        $conn = @ldap_connect(LDAP_SERVER, LDAP_PORT);
        // must be a valid LDAP server!
        ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, LDAP_PROTO);
        if ($conn) {
            $ret = @ldap_bind($conn, $dn, $pwd);
            ldap_close($conn);
        }
    }
    return $ret;
}
コード例 #22
0
ファイル: get_cn.php プロジェクト: rkulan007/tableau-portal
function get_ldap_cn($user, $debug = 0)
{
    try {
        if (!($ds = get_ldap_connection())) {
            throw new Exception('Unable to connect to LDAP Server');
        }
        $dn = "mail={$user}, o=com, dc=mozilla";
        //the object itself instead of the top search level as in ldap_search
        $filter = "(objectclass=inetOrgPerson)";
        // this command requires some filter
        $justthese = array("cn");
        //the attributes to pull, which is much more efficient than pulling all attributes if you don't do this
        if (!($sr = ldap_read($ds, $dn, $filter, $justthese))) {
            throw new Exception('Incorrect Username or filter');
        }
        if (!($entry = ldap_get_entries($ds, $sr))) {
            throw new Exception('Unable to find LDAP entry for ' . $user);
        }
        if ($debug != 0) {
            echo $entry[0]["cn"][0] . " is the name in LDAP for " . $user;
        }
        ldap_close($ds);
        return $entry[0]["cn"][0];
    } catch (Exception $e) {
        echo 'Oops! I countered the following error: ', $e->getMessage(), "\n";
    }
}
コード例 #23
0
ファイル: AuthController.php プロジェクト: VoiboT/snipe-it
 /**
  * Authenticates a user to LDAP
  *
  * @return  true    if the username and/or password provided are valid
  *          false   if the username and/or password provided are invalid
  *
  */
 function ldap($username, $password)
 {
     $ldaphost = Config::get('ldap.url');
     $ldaprdn = Config::get('ldap.username');
     $ldappass = Config::get('ldap.password');
     $baseDn = Config::get('ldap.basedn');
     $filterQuery = Config::get('ldap.authentication.filter.query') . $username;
     // Connecting to LDAP
     $connection = ldap_connect($ldaphost) or die("Could not connect to {$ldaphost}");
     // Needed for AD
     ldap_set_option($connection, LDAP_OPT_REFERRALS, 0);
     try {
         if ($connection) {
             // binding to ldap server
             $ldapbind = ldap_bind($connection, $ldaprdn, $ldappass);
             if (($results = @ldap_search($connection, $baseDn, $filterQuery)) !== false) {
                 $entry = ldap_first_entry($connection, $results);
                 if (($userDn = @ldap_get_dn($connection, $entry)) !== false) {
                     if (($isBound = ldap_bind($connection, $userDn, $password)) == "true") {
                         return true;
                     }
                 }
             }
         }
     } catch (Exception $e) {
         LOG::error($e->getMessage());
     }
     ldap_close($connection);
     return false;
 }
コード例 #24
0
function get_ldap_members($group, $user, $password)
{
    global $ldap_host;
    global $ldap_dn;
    $LDAPFieldsToFind = array("member");
    print "{$ldap_host} {$ldap_dn}\n";
    $ldap = ldap_connect($ldap_host) or die("Could not connect to LDAP");
    // OPTIONS TO AD
    ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
    ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
    ldap_bind($ldap, $user, $password) or die("Could not bind to LDAP");
    //check if group is just a name or an ldap string
    $group_cn = preg_match("/cn=/i", $group) ? $group : "cn={$group}";
    $results = ldap_search($ldap, $ldap_dn, $group_cn, $LDAPFieldsToFind);
    $member_list = ldap_get_entries($ldap, $results);
    $group_member_details = array();
    if (is_array($member_list[0])) {
        foreach ($member_list[0] as $list) {
            if (is_array($list)) {
                foreach ($list as $member) {
                    $member_dn = explode_dn($member);
                    $member_cn = str_replace("CN=", "", $member_dn[0]);
                    $member_search = ldap_search($ldap, $ldap_dn, "(CN=" . $member_cn . ")");
                    $member_details = ldap_get_entries($ldap, $member_search);
                    $group_member_details[] = array($member_details[0]['samaccountname'][0], $member_details[0]['displayname'][0], $member_details[0]['useraccountcontrol'][0]);
                }
            }
        }
    }
    ldap_close($ldap);
    array_shift($group_member_details);
    return $group_member_details;
    ldap_unbind($ldap);
}
コード例 #25
0
ファイル: adsync.api.php プロジェクト: fosstp/drupal4school
function ad_test()
{
    global $ad_conn;
    if (!$ad_conn) {
        $ad_host = variable_get('adsync_server_ad');
        $ad_conn = ldap_connect($ad_host, 389);
    }
    ldap_set_option($ad_conn, LDAP_OPT_PROTOCOL_VERSION, 3);
    ldap_set_option($ad_conn, LDAP_OPT_REFERRALS, 0);
    if ($ad_conn) {
        $ad_user = variable_get('adsync_server_ad_admin');
        $ad_pass = variable_get('adsync_server_ad_pass');
        $ad_bind = ldap_bind($ad_conn, $ad_user, $ad_pass);
        if ($ad_bind) {
            ldap_close($ad_conn);
            $ad_conn = ad_admin();
            if (empty($ad_conn)) {
                return 3;
            } else {
                return 0;
            }
        } else {
            return 2;
        }
    } else {
        return 1;
    }
}
コード例 #26
0
ファイル: autenticaLDAP.php プロジェクト: kractos26/orfeo
function checkldapuser($username, $password)
{
    require 'config.php';
    $username = strtolower($username);
    $connect = ldap_connect($ldapServer);
    if ($connect != false) {
        ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
        ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
        // enlace a la conexión
        $bind = ldap_bind($connect, $usrLDAP, $pwdLDAP);
        if ($bind == false) {
            $mensajeError = "Falla la conexi&oacute;n con el servidor LDAP con el usuario \n{$usrLDAP}";
            return $mensajeError;
        }
        // active directory - pch
        $bind = @ldap_bind($connect, "{$campoBusqLDAP}=" . $username . ",{$cadenaBusqLDAP}", $password);
        if ($bind == false) {
            $mensajeError = "Usuario o contraseña incorrecta";
            return $mensajeError;
        }
        // busca el usuario - pch
        if (($res_id = ldap_search($connect, $cadenaBusqLDAP, "{$campoBusqLDAP}=" . $username)) == false) {
            $mensajeError = "No encontrado el usuario en el LDAP";
            return $mensajeError;
        }
        $cant = ldap_count_entries($connect, $res_id);
        if ($cant == 0) {
            $mensajeError = "El usuario {$username} NO se encuentra en el A.D. {$bind} HLPHLP";
            return $mensajeError;
        }
        if ($cant > 1) {
            $mensajeError = "El usuario {$username} se encuentra {$cant} veces en el A.D.";
            return $mensajeError;
        }
        $entry_id = ldap_first_entry($connect, $res_id);
        if ($entry_id == false) {
            $mensajeError = "No se obtuvieron resultados";
            return $mensajeError;
        }
        if (($user_dn = ldap_get_dn($connect, $entry_id)) == false) {
            $mensajeError = "No se puede obtener el dn del usuario";
            return $mensajeError;
        }
        error_reporting(0);
        /* Autentica el usuario */
        if (($link_id = ldap_bind($connect, "{$user_dn}", $password)) == false) {
            error_reporting(0);
            $mensajeError = "USUARIO O CONTRASE&Ntilde;A INCORRECTOS";
            return $mensajeError;
        }
        return '';
        @ldap_close($connect);
    } else {
        $mensajeError = "no hay conexi&oacute;n a '{$ldap_server}'";
        return $mensajeError;
    }
    @ldap_close($connect);
    return false;
}
コード例 #27
0
ファイル: auth.php プロジェクト: max-weller/fatfree-core
 /**
  *	LDAP storage handler
  *	@return bool
  *	@param $id string
  *	@param $pw string
  **/
 protected function _ldap($id, $pw)
 {
     $dc = @ldap_connect($this->args['dc']);
     if ($dc && ldap_set_option($dc, LDAP_OPT_PROTOCOL_VERSION, 3) && ldap_set_option($dc, LDAP_OPT_REFERRALS, 0) && ldap_bind($dc, $this->args['rdn'], $this->args['pw']) && ($result = ldap_search($dc, $this->args['base_dn'], 'uid=' . $id)) && ldap_count_entries($dc, $result) && ($info = ldap_get_entries($dc, $result)) && @ldap_bind($dc, $info[0]['dn'], $pw) && @ldap_close($dc)) {
         return $info[0]['uid'][0] == $id;
     }
     user_error(self::E_LDAP, E_USER_ERROR);
 }
コード例 #28
0
ファイル: ldap.inc.php プロジェクト: eqvinox/wifisetup
 function __construct($username, $password)
 {
     $this->authenticated = false;
     $this->expirydate = 0;
     $this->error = null;
     /* Connect to LDAP */
     $ldap = ldap_connect(LDAP_HOST, LDAP_PORT);
     ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
     /* Retry bind up to 10 times. */
     for ($i = 0; $i < 10 && !($rv = @ldap_bind($ldap)); $i++) {
         sleep(1);
     }
     if (!$rv) {
         $this->error = "Anonymous bind failed";
         return;
     }
     /* Look for the user */
     $res = ldap_search($ldap, LDAP_BASE, "(&(objectclass=posixAccount)(uid=" . $this->ldap_escape($_POST['username']) . "))");
     $entries = ldap_get_entries($ldap, $res);
     if ($entries['count'] != 1) {
         $this->error = "Incorrect entry count";
         return;
     }
     /* Close the old LDAP connection */
     ldap_close($ldap);
     unset($ldap);
     /* Reconnect and bind as supplied user */
     $ldap = ldap_connect(LDAP_HOST, LDAP_PORT);
     ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
     for ($i = 0; $i < 10 && !($rv = @ldap_bind($ldap, $entries[0]['dn'], $_POST['password'])); $i++) {
         sleep(1);
     }
     if (!$rv) {
         $this->error = "Failed to bind as user.";
         return;
     }
     /* Check if the user has the right attributes */
     $res = ldap_search($ldap, LDAP_BASE, "(&(objectclass=posixAccount)(uid=" . $this->ldap_escape($_POST['username']) . "))");
     $entries = ldap_get_entries($ldap, $res);
     if ($entries['count'] != 1) {
         $this->error = "Incorrect entry count";
         return;
     }
     if (!in_array("schacuserstatus", $entries[0]) || !in_array("urn:mace:terena.org:schac:userStatus:nikhef.nl:affiliation:active", $entries[0]['schacuserstatus'])) {
         $this->error = "User is not active.";
         return;
     }
     if (!in_array("edupersonaffiliation", $entries[0]) || !in_array("member", $entries[0]['edupersonaffiliation'])) {
         $this->error = "User is not a member.";
         return;
     }
     if (!in_array("schacexpirydate", $entries[0]) || !($ts = strptime($entries[0]['schacexpirydate'][0], "%Y%m%d%H%M%SZ")) || !($expiry_date = gmmktime($ts['tm_hour'], $ts['tm_min'], $ts['tm_sec'], $ts['tm_mon'] + 1, $ts['tm_mday'], $ts['tm_year'] + 1900))) {
         $this->error = "User has invalid expiry date";
         return;
     }
     $this->authenticated = true;
     $this->expiry_date = $expiry_date;
 }
コード例 #29
0
ファイル: ldaputils.php プロジェクト: rde1024/cwrufind
function kill_ldap()
{
    global $ldapcon, $ldapstatus;
    if (!$ldapstatus) {
        return;
    }
    $ldapstatus = false;
    ldap_close($ldapcon);
}
コード例 #30
0
ファイル: LDAP.php プロジェクト: BackupTheBerlios/schulv
 function close()
 {
     if ($this->isConnected()) {
         ldap_close($this->_ldap_server);
         $this->_ldap_server = null;
         $this->_ldap_bind = null;
         $this->_ldap_search = null;
     }
 }