public function UpdateLocalPeople() { foreach ($this->arrPeople as $intKey => $arrResult) { // Get the Fields $intUserAccountControl = intval($arrResult['useraccountcontrol'][0]); $blnActive = !($intUserAccountControl & 2); $strUsername = strtolower($arrResult['samaccountname'][0]); $strFirstName = $arrResult['givenname'][0]; $strMiddleInitial = array_key_exists('initials', $arrResult) ? $arrResult['initials'][0] : null; $strLastName = array_key_exists('sn', $arrResult) ? $arrResult['sn'][0] : null; $strEmail = strtolower(trim(array_key_exists('mail', $arrResult) ? strtolower($arrResult['mail'][0]) : null)); $strPasswordLastSet = $arrResult['pwdlastset'][0]; // Set/Update Login Record $objLogin = Login::LoadByUsername($strUsername); if (!$objLogin) { $objLogin = new Login(); $objLogin->Username = $strUsername; if (array_key_exists($strUsername, self::$ChmsAdminArray)) { $objLogin->RoleTypeId = RoleType::ChMSAdministrator; } else { $objLogin->RoleTypeId = RoleType::StaffMember; } if (!$blnActive) { $objLogin->LoginActiveFlag = false; $objLogin->DomainActiveFlag = false; } else { $objLogin->LoginActiveFlag = true; } } $objLogin->DomainActiveFlag = $blnActive; // Update the PWD Last Set and clear the cache (if applicable) if ($objLogin->PasswordLastSet != $strPasswordLastSet) { $objLogin->PasswordLastSet = $strPasswordLastSet; $objLogin->PasswordCache = null; } if ($strEmail && strpos($strEmail, '@alcf.net') !== false) { $objLoginToCheck = Login::LoadByEmail($strEmail); if ($objLoginToCheck && $objLoginToCheck->Id != $objLogin->Id) { throw new Exception('Duplicate Email "' . $strEmail . '" Found while processing ldap user "' . $strUsername . '" -- duplicate is ' . $objLoginToCheck->Username); } $objLogin->Email = $strEmail; } else { $objLogin->LoginActiveFlag = false; $objLogin->Email = null; } $objLogin->FirstName = $strFirstName; $objLogin->MiddleInitial = $strMiddleInitial; $objLogin->LastName = $strLastName; // Shortcut if ($objLogin->Username == 'mho') { $objLogin->PermissionBitmap = 1 | 2 | 4 | 8 | 16 | 32 | 64 | 128 | 256 | 512 | 1024; } $objLogin->Save(); // Group Memberships $objLogin->UnassociateAllMinistries(); if (array_key_exists('memberof', $arrResult)) { unset($arrResult['memberof']['count']); foreach ($arrResult['memberof'] as $strPath) { $strArray = AlcfLdap::GetValuesFromPath($strPath); $strCn = $strArray['CN'][0]; if (substr($strCn, 0, 3) == 'gg_') { $strGroupToken = strtolower(substr($strCn, 3)); $objMinistry = Ministry::LoadByToken($strGroupToken); if ($objMinistry) { $objMinistry->AssociateLogin($objLogin); } } } } } }
<?php $objParameters = new QCliParameterProcessor('ldap', 'ALCF LDAP-to-ChMS Sync Script'); $objParameters->AddDefaultParameter('username', QCliParameterType::String, 'Domain\\Username of the LDAP user that is authorized to download credentials'); $objParameters->AddDefaultParameter('password', QCliParameterType::String, 'Password of the LDAP user that is authorized to download credentials'); $objParameters->Run(); $objLdap = new AlcfLdap(LDAP_PATH, $objParameters->GetDefaultValue('username'), $objParameters->GetDefaultValue('password')); print "Pulling data from LDAP... "; $objLdap->PullDataFromLdap(); print "Done.\r\n"; // Group Sync print "Syncing Groups... "; $objLdap->UpdateLocalGroups(); print "Done.\r\n"; // People Sync print "Syncing People... "; $objLdap->UpdateLocalPeople(); print "Done.\r\n"; // Disable "admin" account $objLogin = Login::LoadByUsername('admin'); if ($objLogin) { $objLogin->LoginActiveFlag = false; $objLogin->Save(); } // TODO: Delete Old Records (?) // Disconnect $objLdap->Unbind();