function ConnectToLDAP()
{
BuildDefault();
$array = $GLOBALS["KerbAuthInfos"];
if (!is_array($array)) {
WLOG("KerbAuthInfos not an array");
return false;
}
if (!isset($array["LDAP_SERVER"])) {
WLOG("LDAP_SERVER not set");
return;
}
if (!isset($array["LDAP_SUFFIX"])) {
WLOG("LDAP_SUFFIX not set");
return;
}
$GLOBALS["SUFFIX"] = $array["LDAP_SUFFIX"];
$GLOBALS["CONNECTION"] = @ldap_connect($array["LDAP_SERVER"], $array["LDAP_PORT"]);
//WLOG("[LDAP]: Connecting to LDAP server `{$array["LDAP_SERVER"]}:{$array["LDAP_PORT"]}`");
if (!$GLOBALS["CONNECTION"]) {
WLOG("[LDAP]: Fatal: ldap_connect({$array["LDAP_SERVER"]},{$array["LDAP_PORT"]} )");
@ldap_close();
return false;
}
//WLOG("[LDAP]: Connecting to LDAP server {$array["LDAP_SERVER"]} <span style='font-weight:bold;color:#00B218'>success</span> with suffix:«{$GLOBALS["SUFFIX"]}»");
@ldap_set_option($GLOBALS["CONNECTION"], LDAP_OPT_PROTOCOL_VERSION, 3);
@ldap_set_option($GLOBALS["CONNECTION"], LDAP_OPT_REFERRALS, 0);
@ldap_set_option($GLOBALS["CONNECTION"], LDAP_OPT_PROTOCOL_VERSION, 3);
// on passe le LDAP en version 3, necessaire pour travailler avec le AD
@ldap_set_option($GLOBALS["CONNECTION"], LDAP_OPT_REFERRALS, 0);
if (preg_match("#^(.+?)\\/(.+?)\$#", $array["WINDOWS_SERVER_ADMIN"], $re)) {
$array["WINDOWS_SERVER_ADMIN"] = $re[1];
}
if (preg_match("#^(.+?)\\\\(.+?)\$#", $array["WINDOWS_SERVER_ADMIN"], $re)) {
$array["WINDOWS_SERVER_ADMIN"] = $re[1];
}
//$GLOBALS["BIND"]=ldap_bind($GLOBALS["CONNECTION"], $array["LDAP_DN"], $array["LDAP_PASSWORD"]);
$GLOBALS["BIND"] = @ldap_bind($GLOBALS["CONNECTION"], "{$array["WINDOWS_SERVER_ADMIN"]}@{$array["WINDOWS_DNS_SUFFIX"]}", $array["WINDOWS_SERVER_PASS"]);
if (!$GLOBALS["BIND"]) {
if (@ldap_get_option($GLOBALS["CONNECTION"], LDAP_OPT_DIAGNOSTIC_MESSAGE, $extended_error)) {
$error = $error . " {$extended_error}";
}
switch (ldap_errno($GLOBALS["CONNECTION"])) {
case 0x31:
$error = $error . " Bad username or password. Please try again.";
break;
case 0x32:
$error = $error . " Insufficient access rights.";
break;
case 81:
$error = $error . " Unable to connect to the LDAP server \n\t\t\t\t{$array["LDAP_SERVER"]} please, verify if ldap daemon is running or the ldap server address";
break;
case -1:
break;
default:
$error = $error . " Could not bind to the LDAP server." . " " . @ldap_err2str($GLOBALS["CONNECTION"]);
}
WLOG("[LDAP]:" . __LINE__ . " Connecting to LDAP server {$array["LDAP_SERVER"]} failed {$error}");
return false;
}
//WLOG("[LDAP]: Binding to LDAP server {$array["LDAP_SERVER"]} <span style='font-weight:bold;color:#00B218'>success</span>.");
return true;
}
if (!$users->kas_installed) {
die;
}
if ($argv[1] == '--rebuild-tables') {
rebuildtables();
die;
}
if ($argv[1] == '--dograph') {
dograph();
die;
}
BuildRobots();
filter_conf();
removes();
ListOU();
BuildDefault();
shell_exec("/bin/chown mailflt3:mailflt3 /usr/local/ap-mailfilter3/conf/def/group/*");
shell_exec("/usr/local/ap-mailfilter3/bin/mkprofiles");
shell_exec("/usr/local/ap-mailfilter3/bin/kas-restart -f -p -m");
function dograph()
{
exec("/usr/local/ap-mailfilter3/control/bin/stat -c /usr/local/ap-mailfilter3/control/stat/stat.conf >/dev/null 2>&1");
exec("/usr/local/ap-mailfilter3/control/bin/statvisual -c /usr/local/ap-mailfilter3/control/stat/stat.conf");
}
function removes()
{
@unlink("/usr/local/ap-mailfilter3/conf/def/common/common-allow.xml");
shell_exec('/bin/touch /usr/local/ap-mailfilter3/conf/def/common/common-allow.xml');
@unlink("/usr/local/ap-mailfilter3/conf/def/common/common-deny.xml");
shell_exec('/bin/touch /usr/local/ap-mailfilter3/conf/def/common/common-deny.xml');
$dir_handle = @opendir("/usr/local/ap-mailfilter3/conf/def/group");
