/** * Create an organizational unit * * @param array $attributes Default attributes of the ou * @return bool */ public function create($attributes) { if (!is_array($attributes)) { return "Attributes must be an array"; } if (!is_array($attributes["container"])) { return "Container attribute must be an array."; } if (!array_key_exists("ou_name", $attributes)) { return "Missing compulsory field [ou_name]"; } if (!array_key_exists("container", $attributes)) { return "Missing compulsory field [container]"; } $attributes["container"] = array_reverse($attributes["container"]); $add = array(); $add["objectClass"] = "organizationalUnit"; $add["OU"] = $attributes['ou_name']; $containers = ""; if (count($attributes['container']) > 0) { $containers = "OU=" . implode(",OU=", $attributes["container"]) . ","; } $containers = "OU=" . implode(",OU=", $attributes["container"]); $result = ldap_add($this->adldap->getLdapConnection(), "OU=" . $add["OU"] . ", " . $containers . $this->adldap->getBaseDn(), $add); if ($result != true) { return false; } return true; }
public function authenticate() { /*if (Request::ajax()):*/ $isAccountActive = FALSE; $adldap = new adLDAP(); $username = Request::input('username'); $password = md5(Request::input('password')); $authUser = $adldap->authenticate($username, Request::input('password')); if ($authUser && $this->login_status) { $user_fields = array('displayname', 'mail', 'company', 'physicaldeliveryofficename', 'givenname', 'sn'); $this->user_info = $adldap->user()->info($username, $user_fields); //working $this->_processUser($username, $password); //return array("status" => $this->response_status, "message" => $this->response_text); } else { $this->login_status = FALSE; $this->_check_failed_login_duration($username); //return array("status" => $this->response_status, "message" => $this->response_text); } //todo WFH. SEARCH FOR VLANS if (!$this->wfh) { // if user is allowed to work from home then check his IP $user_ip_address = Request::getClientIp(true); $tmpIP = $user_ip_address; $pos = strrpos($tmpIP, '.'); $tmpIP = substr($tmpIP, 0, $pos) . '.'; $qry2 = "\n\t\t\t\tSELECT * FROM vlans v \n\t\t\t\tINNER JOIN offices o ON v.office_id = o.office_id \n\t\t\t\tWHERE subnet like '" . $tmpIP . "%';\n\t\t\t"; $res2 = DB::select($qry2); if (count($res2) == 0 && ip2long($user_ip_address)) { $this->login_status = FALSE; $this->response_text = 'You are not authorised to login remotely. If this is incorrect please contact HR.'; $this->response_status = 'failed'; Auth::logout(); return array("status" => $this->response_status, "message" => $this->response_text); } } if (!$this->login_status) { $this->response_status = 'failed'; $this->response_text = $this->messages['invalid']; } return array("status" => $this->response_status, "message" => $this->response_text); /*else: return array("status" => $this->response_status, "message" => $this->response_text); endif;*/ }
/** * Get the last logon time of any user as a Unix timestamp * * @param string $username * @return long $unixTimestamp */ public function getLastLogon($username) { if (!$this->adldap->getLdapBind()) { return false; } if ($username === null) { return "Missing compulsory field [username]"; } $userInfo = $this->info($username, array("lastLogonTimestamp")); $lastLogon = adLDAPUtils::convertWindowsTimeToUnixTime($userInfo[0]['lastLogonTimestamp'][0]); return $lastLogon; }
/** * Returns a list of Databases within any given storage group in Exchange for a given mail server * * @param string $storageGroup The full DN of an Storage Group. You can use exchange_storage_groups() to find the DN * @param array $attributes An array of the AD attributes you wish to return * @return array */ public function storageDatabases($storageGroup, $attributes = array('cn', 'distinguishedname', 'displayname')) { if (!$this->adldap->getLdapBind()) { return false; } if ($storageGroup === NULL) { return "Missing compulsory field [storageGroup]"; } $filter = '(&(objectCategory=msExchPrivateMDB))'; $sr = @ldap_search($this->adldap->getLdapConnection(), $storageGroup, $filter, $attributes); $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr); return $entries; }
/** * Coping with AD not returning the primary group * http://support.microsoft.com/?kbid=321360 * * For some reason it's not possible to search on primarygrouptoken=XXX * If someone can show otherwise, I'd like to know about it :) * this way is resource intensive and generally a pain in the @#%^ * * @deprecated deprecated since version 3.1, see get get_primary_group * @param string $gid Group ID * @return string */ public function cn($gid) { if ($gid === NULL) { return false; } $sr = false; $r = ''; $filter = "(&(objectCategory=group)(samaccounttype=" . adLDAP::ADLDAP_SECURITY_GLOBAL_GROUP . "))"; $fields = array("primarygrouptoken", "samaccountname", "distinguishedname"); $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); for ($i = 0; $i < $entries["count"]; $i++) { if ($entries[$i]["primarygrouptoken"][0] == $gid) { $r = $entries[$i]["distinguishedname"][0]; $i = $entries["count"]; } } return $r; }
/** * Get the groups a computer is in * * @param string $computerName The name of the computer * @param bool $recursive Whether to check recursively * @return array */ public function groups($computerName, $recursive = NULL) { if ($computerName === NULL) { return false; } if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it if (!$this->adldap->getLdapBind()) { return false; } //search the directory for their information $info = @$this->info($computerName, array("memberof", "primarygroupid")); $groups = $this->adldap->utilities()->niceNames($info[0]["memberof"]); //presuming the entry returned is our guy (unique usernames) if ($recursive === true) { foreach ($groups as $id => $groupName) { $extraGroups = $this->adldap->group()->recursiveGroups($groupName); $groups = array_merge($groups, $extraGroups); } } return $groups; }
public function testLdap() { $ad = new adLDAP(); //$ad->user()->modify("genesis.gallardo", array("email" => "*****@*****.**")); $results = $ad->user()->info("angelique.torrano"); echo "<pre>"; print_r($results); }
/** * Mail enable a contact * Allows email to be sent to them through Exchange * * @param string $distinguishedname The contact to mail enable * @param string $emailaddress The email address to allow emails to be sent through * @param string $mailnickname The mailnickname for the contact in Exchange. If NULL this will be set to the display name * @return bool */ public function contactMailEnable($distinguishedName, $emailAddress, $mailNickname = NULL) { return $this->adldap->exchange()->contactMailEnable($distinguishedName, $emailAddress, $mailNickname); }