function external_ldap_members($dn, $conf) { $ldap_host = $conf["ldap_server"]; $ldap_port = $conf["ldap_port"]; $ldap_admin = $conf["ldap_user"]; $ldap_password = $conf["ldap_password"]; $suffix = $conf["ldap_suffix"]; $ldap_filter_users = $conf["ldap_filter_users"]; $ldap_filter_group = $conf["ldap_filter_group"]; if (preg_match("#^ExtLdap:(.+)#", $dn, $re)) { $dn = $re[1]; } if ($GLOBALS["output"]) { echo "{$ldap_host}:{$ldap_port} -> {$ldap_filter_group}\n"; } if (!is_numeric($ldap_port)) { $ldap_port = 389; } if (!function_exists("ldap_connect")) { if (function_exists("debug_backtrace")) { $trace = debug_backtrace(); if (isset($trace[1])) { $called = " called by " . basename($trace[1]["file"]) . " {$trace[1]["function"]}() line {$trace[1]["line"]}"; writeLogs("-> Call to undefined function ldap_connect() {$called}" . __LINE__, __CLASS__ . '/' . __FUNCTION__, __FILE__, __LINE__); } } return array(); } $ldap_connection = @ldap_connect($ldap_host, $ldap_port); if (!$ldap_connection) { WLOG("Fatal: ldap_connect -> {$ldap_host}:{$ldap_port} FAILED"); return array(); } ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, 0); $ldapbind = @ldap_bind($ldap_connection, $ldap_admin, $ldap_password); if (!$ldapbind) { $error = ldap_err2str(ldap_err2str(ldap_errno($ldap_connection))); @ldap_close($ldap_connection); WLOG("Fatal: ldap_bind -> {$ldap_host}:{$ldap_port} FAILED {$error}"); return array(); } if (preg_match_all("#\\((.+?)=(.+?)\\)#", $ldap_filter_group, $re)) { while (list($key, $line) = each($re[1])) { if ($re[2][$key] == "*") { $MemberAttribute = $line; } } } if ($GLOBALS["output"]) { echo "DN -> Member attribute = {$dn}\n"; } if ($GLOBALS["output"]) { echo "{$ldap_filter_group} -> Member attribute = {$MemberAttribute}\n"; } $pattern = str_replace("%u", "*", $ldap_filter_group); $sr = @ldap_search($ldap_connection, $dn, $pattern, array()); if (!$sr) { $error = ldap_err2str(ldap_err2str(ldap_errno($ldap_connection))); @ldap_close($ldap_connection); WLOG("Fatal: ldap_search -> {$pattern} FAILED {$error}"); return array(); } $filter = array("cn", "description", 'sAMAccountName', "dn", "member", "memberOf", "userPrincipalName"); $f = array(); $result = @ldap_get_entries($ldap_connection, $sr); for ($i = 0; $i < $result["count"]; $i++) { if (isset($result[$i][$MemberAttribute]["count"])) { for ($z = 0; $z < $result[$i][$MemberAttribute]["count"]; $z++) { $uid = $result[$i][$MemberAttribute][$z]; $uids = GetAccountFromDistinguishedName($uid, $ldap_connection, $MemberAttribute, $dn); if (count($uids) > 0) { while (list($ind, $fnd) = each($uids)) { $f[$ind] = $ind; } continue; } $TRANS = explode(",", $uid); while (list($ind, $fnd) = each($TRANS)) { if (preg_match("#^(userPrincipalName|cn|uid|memberUid|sAMAccountName|member|memberOf)=(.+)#i", $fnd, $re)) { $uid = trim($re[2]); $f[$uid] = $uid; break; } } } } } return $f; }
/** * log something * * @param string $title * @param array $data * @param bool $debug */ function debugLog($title, $data, $debug = -10000) { $debug === -10000 && ($debug = defined('DEBUG_LOG') && DEBUG_LOG); if ($debug) { $echo = date('Y-m-d H:i:s', time()) . DEBUG_LOG . '|-------------------' . "\n" . $title . "\n"; $echo .= var_export($data, true) . "\n"; $echo .= '-------------------|' . "\n"; writeLogs('geo_debug.log', $echo); } }