public function UpdateLocalPeople()
{
foreach ($this->arrPeople as $intKey => $arrResult) {
// Get the Fields
$intUserAccountControl = intval($arrResult['useraccountcontrol'][0]);
$blnActive = !($intUserAccountControl & 2);
$strUsername = strtolower($arrResult['samaccountname'][0]);
$strFirstName = $arrResult['givenname'][0];
$strMiddleInitial = array_key_exists('initials', $arrResult) ? $arrResult['initials'][0] : null;
$strLastName = array_key_exists('sn', $arrResult) ? $arrResult['sn'][0] : null;
$strEmail = strtolower(trim(array_key_exists('mail', $arrResult) ? strtolower($arrResult['mail'][0]) : null));
$strPasswordLastSet = $arrResult['pwdlastset'][0];
// Set/Update Login Record
$objLogin = Login::LoadByUsername($strUsername);
if (!$objLogin) {
$objLogin = new Login();
$objLogin->Username = $strUsername;
if (array_key_exists($strUsername, self::$ChmsAdminArray)) {
$objLogin->RoleTypeId = RoleType::ChMSAdministrator;
} else {
$objLogin->RoleTypeId = RoleType::StaffMember;
}
if (!$blnActive) {
$objLogin->LoginActiveFlag = false;
$objLogin->DomainActiveFlag = false;
} else {
$objLogin->LoginActiveFlag = true;
}
}
$objLogin->DomainActiveFlag = $blnActive;
// Update the PWD Last Set and clear the cache (if applicable)
if ($objLogin->PasswordLastSet != $strPasswordLastSet) {
$objLogin->PasswordLastSet = $strPasswordLastSet;
$objLogin->PasswordCache = null;
}
if ($strEmail && strpos($strEmail, '@alcf.net') !== false) {
$objLoginToCheck = Login::LoadByEmail($strEmail);
if ($objLoginToCheck && $objLoginToCheck->Id != $objLogin->Id) {
throw new Exception('Duplicate Email "' . $strEmail . '" Found while processing ldap user "' . $strUsername . '" -- duplicate is ' . $objLoginToCheck->Username);
}
$objLogin->Email = $strEmail;
} else {
$objLogin->LoginActiveFlag = false;
$objLogin->Email = null;
}
$objLogin->FirstName = $strFirstName;
$objLogin->MiddleInitial = $strMiddleInitial;
$objLogin->LastName = $strLastName;
// Shortcut
if ($objLogin->Username == 'mho') {
$objLogin->PermissionBitmap = 1 | 2 | 4 | 8 | 16 | 32 | 64 | 128 | 256 | 512 | 1024;
}
$objLogin->Save();
// Group Memberships
$objLogin->UnassociateAllMinistries();
if (array_key_exists('memberof', $arrResult)) {
unset($arrResult['memberof']['count']);
foreach ($arrResult['memberof'] as $strPath) {
$strArray = AlcfLdap::GetValuesFromPath($strPath);
$strCn = $strArray['CN'][0];
if (substr($strCn, 0, 3) == 'gg_') {
$strGroupToken = strtolower(substr($strCn, 3));
$objMinistry = Ministry::LoadByToken($strGroupToken);
if ($objMinistry) {
$objMinistry->AssociateLogin($objLogin);
}
}
}
}
}
}
<?php
$objParameters = new QCliParameterProcessor('ldap', 'ALCF LDAP-to-ChMS Sync Script');
$objParameters->AddDefaultParameter('username', QCliParameterType::String, 'Domain\\Username of the LDAP user that is authorized to download credentials');
$objParameters->AddDefaultParameter('password', QCliParameterType::String, 'Password of the LDAP user that is authorized to download credentials');
$objParameters->Run();
$objLdap = new AlcfLdap(LDAP_PATH, $objParameters->GetDefaultValue('username'), $objParameters->GetDefaultValue('password'));
print "Pulling data from LDAP... ";
$objLdap->PullDataFromLdap();
print "Done.\r\n";
// Group Sync
print "Syncing Groups... ";
$objLdap->UpdateLocalGroups();
print "Done.\r\n";
// People Sync
print "Syncing People... ";
$objLdap->UpdateLocalPeople();
print "Done.\r\n";
// Disable "admin" account
$objLogin = Login::LoadByUsername('admin');
if ($objLogin) {
$objLogin->LoginActiveFlag = false;
$objLogin->Save();
}
// TODO: Delete Old Records (?)
// Disconnect
$objLdap->Unbind();
