/**
* Create an Exchange account
*
* @param string $username The username of the user to add the Exchange account to
* @param array $storageGroup The mailbox, Exchange Storage Group, for the user account, this must be a full CN
* If the storage group has a different base_dn to the adLDAP configuration, set it using $base_dn
* @param string $emailAddress The primary email address to add to this user
* @param string $mailNickname The mail nick name. If mail nickname is blank, the username will be used
* @param bool $mdbUseDefaults Indicates whether the store should use the default quota, rather than the per-mailbox quota.
* @param string $baseDn Specify an alternative base_dn for the Exchange storage group
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return bool
*/
public function createMailbox($username, $storageGroup, $emailAddress, $mailNickname = NULL, $useDefaults = TRUE, $baseDn = NULL, $isGUID = false)
{
if ($username === NULL) {
return "Missing compulsory field [username]";
}
if ($storageGroup === NULL) {
return "Missing compulsory array [storagegroup]";
}
if (!is_array($storageGroup)) {
return "[storagegroup] must be an array";
}
if ($emailAddress === NULL) {
return "Missing compulsory field [emailAddress]";
}
if ($baseDn === NULL) {
$baseDn = $this->adldap->getBaseDn();
}
$container = "CN=" . implode(",CN=", $storageGroup);
if ($mailNickname === NULL) {
$mailNickname = $username;
}
$mdbUseDefaults = $this->adldap->utilities()->boolToString($useDefaults);
$attributes = array('exchange_homemdb' => $container . "," . $baseDn, 'exchange_proxyaddress' => 'SMTP:' . $emailAddress, 'exchange_mailnickname' => $mailNickname, 'exchange_usedefaults' => $mdbUseDefaults);
$result = $this->adldap->user()->modify($username, $attributes, $isGUID);
if ($result == false) {
return false;
}
return true;
}
/**
* Coping with AD not returning the primary group
* http://support.microsoft.com/?kbid=321360
*
* This is a re-write based on code submitted by Bruce which prevents the
* need to search each security group to find the true primary group
*
* @param string $gid Group ID
* @param string $usersid User's Object SID
* @return mixed
*/
public function getPrimaryGroup($gid, $usersid)
{
if ($gid === NULL || $usersid === NULL) {
return false;
}
$sr = false;
$gsid = substr_replace($usersid, pack('V', $gid), strlen($usersid) - 4, 4);
$filter = '(objectsid=' . $this->adldap->utilities()->getTextSID($gsid) . ')';
$fields = array("samaccountname", "distinguishedname");
$sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
$entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
if (isset($entries[0]['distinguishedname'][0])) {
return $entries[0]['distinguishedname'][0];
}
return false;
}
/**
* Converts a username (samAccountName) to a GUID
*
* @param string $username The username to query
* @return string
*/
public function usernameToGuid($username)
{
if (!$this->adldap->getLdapBind()) {
return false;
}
if ($username === null) {
return "Missing compulsory field [username]";
}
$filter = "samaccountname=" . $username;
$fields = array("objectGUID");
$sr = @ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
if (ldap_count_entries($this->adldap->getLdapConnection(), $sr) > 0) {
$entry = @ldap_first_entry($this->adldap->getLdapConnection(), $sr);
$guid = @ldap_get_values_len($this->adldap->getLdapConnection(), $entry, 'objectGUID');
$strGUID = $this->adldap->utilities()->binaryToText($guid[0]);
return $strGUID;
}
return false;
}
/**
* Get the groups a computer is in
*
* @param string $computerName The name of the computer
* @param bool $recursive Whether to check recursively
* @return array
*/
public function groups($computerName, $recursive = NULL)
{
if ($computerName === NULL) {
return false;
}
if ($recursive === NULL) {
$recursive = $this->adldap->getRecursiveGroups();
}
//use the default option if they haven't set it
if (!$this->adldap->getLdapBind()) {
return false;
}
//search the directory for their information
$info = @$this->info($computerName, array("memberof", "primarygroupid"));
$groups = $this->adldap->utilities()->niceNames($info[0]["memberof"]);
//presuming the entry returned is our guy (unique usernames)
if ($recursive === true) {
foreach ($groups as $id => $groupName) {
$extraGroups = $this->adldap->group()->recursiveGroups($groupName);
$groups = array_merge($groups, $extraGroups);
}
}
return $groups;
}
