$new_user['uid'] = $config['system']['nextuid']++; $config['system']['user'][] = $new_user; local_user_set($new_user); } global $config; // attributes used in page $ldap_users = array(); $ldap_is_connected = false; $exit_form = false; // find gui auth server $authcfg = auth_get_authserver($config['system']['webgui']['authmode']); if ($authcfg['type'] == 'ldap') { // setup peer ca ldap_setup_caenv($authcfg); // connect to ldap server $ldap_auth = new OPNsense\Auth\LDAP($authcfg['ldap_basedn'], $authcfg['ldap_protver']); $ldap_is_connected = $ldap_auth->connect($authcfg['ldap_full_url'], $authcfg['ldap_binddn'], $authcfg['ldap_bindpw']); if ($ldap_is_connected) { // collect list of current ldap users from config $confDNs = array(); foreach ($config['system']['user'] as $confUser) { if (!empty($confUser['user_dn'])) { $confDNs[] = trim($confUser['user_dn']); } } // search ldap $result = $ldap_auth->searchUsers("*", $authcfg['ldap_attr_user'], $authcfg['ldap_extended_query']); // actual form action, either save new accounts or list missing if ($_SERVER['REQUEST_METHOD'] === 'POST') { // create selected accounts $exit_form = true;
if (isset($_GET['cert'])) { $authcfg = array(); $authcfg['ldap_caref'] = $_GET['cert']; ldap_setup_caenv($authcfg); } $ldap_authcn = isset($_GET['authcn']) ? explode(";", $_GET['authcn']) : array(); if (isset($_GET['urltype']) && strstr($_GET['urltype'], "Standard")) { $ldap_full_url = "ldap://"; } else { $ldap_full_url = "ldaps://"; } $ldap_full_url .= is_ipaddrv6($_GET['host']) ? "[{$_GET['host']}]" : $_GET['host']; if (!empty($_GET['port'])) { $ldap_full_url .= ":{$_GET['port']}"; } $ldap_auth = new OPNsense\Auth\LDAP($_GET['basedn'], isset($_GET['proto']) ? $_GET['proto'] : 3); $ldap_is_connected = $ldap_auth->connect($ldap_full_url, !empty($_GET['binddn']) ? $_GET['binddn'] : null, !empty($_GET['bindpw']) ? $_GET['bindpw'] : null); if ($ldap_is_connected) { $ous = $ldap_auth->listOUs(); } } ?> <body> <script type="text/javascript"> function post_choices() { var ous = <?php echo count($ous); ?> ;
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ require_once "guiconfig.inc"; require_once "auth.inc"; include 'head.inc'; if (isset($config['system']['authserver'][0]['host'])) { $auth_server = $config['system']['authserver'][0]['host']; $authserver = $_GET['authserver']; $authcfg = auth_get_authserver($authserver); $ldap_auth = new OPNsense\Auth\LDAP($authcfg['ldap_basedn'], $authcfg['ldap_protver']); ldap_setup_caenv($authcfg); $ldap_is_connected = $ldap_auth->connect($authcfg['ldap_full_url'], $authcfg['ldap_binddn'], $authcfg['ldap_bindpw']); } ?> <body> <form method="post" name="iform" id="iform"> <?php if (!$authcfg) { printf(gettext("Could not find settings for %s%s"), htmlspecialchars($authserver), "<p/>"); } else { echo "<table class='table table-striped'>"; echo "<tr><th colspan='2'>" . sprintf(gettext("Testing %s LDAP settings... One moment please..."), $g['product_name']) . "</th></tr>"; echo "<tr><td>" . gettext("Attempting connection to") . " " . $authserver . "</td>";