/** * Create an Exchange account * * @param string $username The username of the user to add the Exchange account to * @param array $storageGroup The mailbox, Exchange Storage Group, for the user account, this must be a full CN * If the storage group has a different base_dn to the adLDAP configuration, set it using $base_dn * @param string $emailAddress The primary email address to add to this user * @param string $mailNickname The mail nick name. If mail nickname is blank, the username will be used * @param bool $mdbUseDefaults Indicates whether the store should use the default quota, rather than the per-mailbox quota. * @param string $baseDn Specify an alternative base_dn for the Exchange storage group * @param bool $isGUID Is the username passed a GUID or a samAccountName * @return bool */ public function createMailbox($username, $storageGroup, $emailAddress, $mailNickname = NULL, $useDefaults = TRUE, $baseDn = NULL, $isGUID = false) { if ($username === NULL) { return "Missing compulsory field [username]"; } if ($storageGroup === NULL) { return "Missing compulsory array [storagegroup]"; } if (!is_array($storageGroup)) { return "[storagegroup] must be an array"; } if ($emailAddress === NULL) { return "Missing compulsory field [emailAddress]"; } if ($baseDn === NULL) { $baseDn = $this->adldap->getBaseDn(); } $container = "CN=" . implode(",CN=", $storageGroup); if ($mailNickname === NULL) { $mailNickname = $username; } $mdbUseDefaults = $this->adldap->utilities()->boolToString($useDefaults); $attributes = array('exchange_homemdb' => $container . "," . $baseDn, 'exchange_proxyaddress' => 'SMTP:' . $emailAddress, 'exchange_mailnickname' => $mailNickname, 'exchange_usedefaults' => $mdbUseDefaults); $result = $this->adldap->user()->modify($username, $attributes, $isGUID); if ($result == false) { return false; } return true; }
/** * Coping with AD not returning the primary group * http://support.microsoft.com/?kbid=321360 * * This is a re-write based on code submitted by Bruce which prevents the * need to search each security group to find the true primary group * * @param string $gid Group ID * @param string $usersid User's Object SID * @return mixed */ public function getPrimaryGroup($gid, $usersid) { if ($gid === NULL || $usersid === NULL) { return false; } $sr = false; $gsid = substr_replace($usersid, pack('V', $gid), strlen($usersid) - 4, 4); $filter = '(objectsid=' . $this->adldap->utilities()->getTextSID($gsid) . ')'; $fields = array("samaccountname", "distinguishedname"); $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); if (isset($entries[0]['distinguishedname'][0])) { return $entries[0]['distinguishedname'][0]; } return false; }
/** * Converts a username (samAccountName) to a GUID * * @param string $username The username to query * @return string */ public function usernameToGuid($username) { if (!$this->adldap->getLdapBind()) { return false; } if ($username === null) { return "Missing compulsory field [username]"; } $filter = "samaccountname=" . $username; $fields = array("objectGUID"); $sr = @ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); if (ldap_count_entries($this->adldap->getLdapConnection(), $sr) > 0) { $entry = @ldap_first_entry($this->adldap->getLdapConnection(), $sr); $guid = @ldap_get_values_len($this->adldap->getLdapConnection(), $entry, 'objectGUID'); $strGUID = $this->adldap->utilities()->binaryToText($guid[0]); return $strGUID; } return false; }
/** * Get the groups a computer is in * * @param string $computerName The name of the computer * @param bool $recursive Whether to check recursively * @return array */ public function groups($computerName, $recursive = NULL) { if ($computerName === NULL) { return false; } if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it if (!$this->adldap->getLdapBind()) { return false; } //search the directory for their information $info = @$this->info($computerName, array("memberof", "primarygroupid")); $groups = $this->adldap->utilities()->niceNames($info[0]["memberof"]); //presuming the entry returned is our guy (unique usernames) if ($recursive === true) { foreach ($groups as $id => $groupName) { $extraGroups = $this->adldap->group()->recursiveGroups($groupName); $groups = array_merge($groups, $extraGroups); } } return $groups; }