/**
* Check user against AD
*/
function checkADLogin($username, $password)
{
/* get All settings */
$settings = getAllSettings();
//include login script
include dirname(__FILE__) . "/adLDAP/src/adLDAP.php";
//open connection
try {
//get settings for connection
$ad = getADSettings();
//AD
$adldap = new adLDAP(array('base_dn' => $ad['base_dn'], 'account_suffix' => $ad['account_suffix'], 'domain_controllers' => $ad['domain_controllers'], 'use_ssl' => $ad['use_ssl'], 'use_tls' => $ad['use_tls'], 'ad_port' => $ad['ad_port']));
// set OpenLDAP flag
if ($settings['domainAuth'] == "2") {
$adldap->setUseOpenLDAP(true);
}
} catch (adLDAPException $e) {
die('<div class="alert alert-error">' . $e . '</div>');
}
//user authentication
$authUser = $adldap->authenticate($username, $password);
if ($authUser == true) {
global $db;
$database = new database($db['host'], $db['user'], $db['pass'], $db['name']);
$query = "SELECT id FROM users WHERE username = '******';";
$user_id = $database->getRow($query);
if (count($user_id) == 0) {
$real_name = str_replace('.', ' ', $username);
$real_name = ucwords($real_name);
$email = $username . "@enovance.com";
$query = "INSERT INTO users (username, role, real_name, email, domainUser, lang) VALUES ('{$username}', 'Administrator', '{$real_name}', '{$email}', 1, 1);";
$database->executeQuery($query);
$user_id = $database->insert_id;
if (count($user_id) > 0) {
updateLogTable('Created user ' . $username . ' successfully', "", 0);
}
}
$database->close();
if (count($user_id) > 0) {
updateLogTable('User ' . $username . ' authenticated against AD.', "", 0);
return 'ok';
} else {
updateLogTable('Failed to create user .' . $username, "", 2);
return "Failed to creater user {$username}";
}
} else {
updateLogTable('User ' . $username . ' failed to authenticate against AD.', "", 2);
$err = $adldap->getLastError();
return 'Failed to authenticate user via AD!';
}
}
require_once '../../functions/functions.php';
/* verify that user is admin */
checkAdmin();
/* filter input */
$_POST = filter_user_input($_POST, true, true, false);
//dont debug
ini_set('display_errors', 1);
error_reporting(E_ERROR);
//include AD script
include dirname(__FILE__) . "/../../functions/adLDAP/src/adLDAP.php";
// get All settings
$settings = getAllSettings();
//open connection
try {
//get settings for connection
$ad = getADSettings();
//AD
$adldap = new adLDAP(array('base_dn' => $ad['base_dn'], 'account_suffix' => $ad['account_suffix'], 'domain_controllers' => explode(";", $ad['domain_controllers']), 'use_ssl' => $ad['use_ssl'], 'use_tls' => $ad['use_tls'], 'ad_port' => $ad['ad_port']));
//try to login with higher credentials for search
$authUser = $adldap->user()->authenticate($ad['adminUsername'], $ad['adminPassword']);
if ($authUser == false) {
throw new adLDAPException('Invalid credentials');
}
// set OpenLDAP flag
if ($settings['domainAuth'] == "2") {
$adldap->setUseOpenLDAP(true);
}
//search for domain user!
$userinfo = $adldap->user()->info("{$_POST['dname']}*", array("*"));
//echo $adldap->getLastError();
} catch (adLDAPException $e) {
/**
* Check user against AD
*/
function checkADLogin($username, $password)
{
/* first checked if it is defined in database - username and ad option */
global $db;
# get variables from config file
/* global $ad; */
/* check if user exists in local database */
$database = new database($db['host'], $db['user'], $db['pass'], $db['name']);
$query = 'select count(*) as count from users where `username` = binary "' . $username . '" and `domainUser` = "1";';
/* execute */
try {
$result = $database->getArray($query);
} catch (Exception $e) {
$error = $e->getMessage();
print "<div class='alert alert-danger'>" . _('Error') . ": {$error}</div>";
return false;
}
/* close database connection */
$database->close();
/* get All settings */
$settings = getAllSettings();
/* if yes try with AD */
if ($result[0]['count'] == "1") {
//include login script
include dirname(__FILE__) . "/adLDAP/src/adLDAP.php";
//open connection
try {
//get settings for connection
$ad = getADSettings();
//AD
$adldap = new adLDAP(array('base_dn' => $ad['base_dn'], 'account_suffix' => $ad['account_suffix'], 'domain_controllers' => $ad['domain_controllers'], 'use_ssl' => $ad['use_ssl'], 'use_tls' => $ad['use_tls'], 'ad_port' => $ad['ad_port']));
// set OpenLDAP flag
if ($settings['domainAuth'] == "2") {
$adldap->setUseOpenLDAP(true);
}
} catch (adLDAPException $e) {
die('<div class="alert alert-danger">' . $e . '</div>');
}
//user authentication
$authUser = $adldap->authenticate($username, $password);
if ($authUser == true) {
updateLogTable('User ' . $username . ' authenticated against AD.', "", 0);
return 'ok';
} else {
updateLogTable('User ' . $username . ' failed to authenticate against AD.', "", 2);
$err = $adldap->getLastError();
print "<div class='alert alert-danger'>{$err}</div>";
return 'Failed to authenticate user via AD!';
}
} else {
return false;
}
}
/**
* Check user against AD
*/
function checkADLogin($username, $password)
{
/* get All settings */
$settings = getAllSettings();
# include login script
include dirname(__FILE__) . "/adLDAP/src/adLDAP.php";
# open connection
try {
# get settings for connection
$ad = getADSettings();
# AD
$adldap = new adLDAP(array('base_dn' => $ad['base_dn'], 'account_suffix' => $ad['account_suffix'], 'domain_controllers' => $ad['domain_controllers'], 'use_ssl' => $ad['use_ssl'], 'use_tls' => $ad['use_tls'], 'ad_port' => $ad['ad_port']));
# set OpenLDAP flag
if ($settings['domainAuth'] == "2") {
$adldap->setUseOpenLDAP(true);
}
} catch (adLDAPException $e) {
die('<div class="alert alert-danger">' . $e . '</div>');
}
# user authentication
$authUser = $adldap->authenticate($username, $password);
# result
if ($authUser == true) {
return 'ok';
} else {
$err = $adldap->getLastError();
print "<div class='alert alert-danger'>{$err}</div>";
return 'Failed to authenticate user via AD!';
}
}
<?php
/**
* Script to get all active IP requests
****************************************/
/* verify that user is admin */
checkAdmin();
/* get AD settings */
$adSettings = getADSettings();
/* get settings */
$settings = getallSettings();
/* set title */
if ($settings['domainAuth'] == "2") {
include 'manageAD_LDAP.php';
} else {
include 'manageAD_AD.php';
}