mConfig, "", false, $user, $pass); // check if the login correct $a->login(); $ret = ''; switch ($a->getStatus()) { case AUTH_LOGIN_OK: $ret=USER_VALID; $ds=ldap_connect($this->mConfig["host"], $this->mConfig["port"]); // Connects to LDAP Server if ($ds) { $r=ldap_bind($ds, $this->mConfig["adminuser"], $this->mConfig["adminpass"]); if ($r) { $attrs = array("cn", "mail"); $sr=ldap_search($ds, $this->mConfig["basedn"], "(".$this->mConfig["userattr"]."=".$user.")", $attrs); // Search $info = ldap_get_entries($ds, $sr); $this->mInfo["real_name"] = $info[0]["cn"][0]; if(empty($this->mConfig["email"])) { if(empty($info[0]["mail"][0])) { $this->mInfo["email"] = $info[0][$this->mConfig["userattr"]][0]; } else { $this->mInfo["email"] = $info[0]["mail"][0]; } } else { $replace_func = create_function('$matches','$info = '.var_export($info,true).'; $m = $matches[0]; $m = substr($m,1,strlen($m)-2); if(empty($info[0][$m][0])) return ""; return strtolower($info[0][$m][0]);'); $this->mInfo["email"] = preg_replace_callback('/%.*?%/',$replace_func,$this->mConfig["email"]); } } ldap_close($ds); } break; case AUTH_USER_NOT_FOUND: $ret=USER_NOT_FOUND; break; case AUTH_WRONG_LOGIN: $ret=PASSWORD_INCORRECT; break; default: $ret=SERVER_ERROR; break; } return $ret; } function isSupported() { $ret = true; if (! class_exists("Auth")) { $this->mErrors['support']=tra("LDAP Authentication is not supported as PEAR Package Auth is not availible."); $ret = false; } if (!function_exists('ldap_connect')) { $this->mErrors['support']=tra("LDAP Authentication is not supported as PHP LDAP Extention not loaded."); $ret = false; } return $ret; } // create a new user in the Auth directory function createUser(&$userattr) { global $gBitDb; // set additional attributes here if (empty($userattr["email"])) { $userattr["email"] = $gBitDb->getOne("select `email` from `".BIT_DB_PREFIX."users_users` where `login`=?", array($userattr["login"])); } // set the Auth options $a = new Auth("LDAP", $this->mConfig); // check if the login correct if ($a->addUser($userattr["login"], $userattr["password"], $userattr) === true) { return true; } else { // otherwise use the error status given back $this->mErrors['create'] = $a->getStatus(); return false; } } function canManageAuth() { return true; } function getSettings() { global $gBitUser; $listHash = array(); $groups = $gBitUser->getAllGroups($listHash); $groupsD =array(); foreach ($groups as $g) { $groupsD[$g['group_id']]= "{$g['group_name']} ( {$g['group_desc']} )"; } $groups = $groupsD; return array( 'users_ldap_host' => array( 'label' => "LDAP Host", 'type' => "text", 'note' => "", 'default' => 'localhost', ), 'users_ldap_port' => array( 'label' => "LDAP Port", 'type' => "text", 'note' => "", 'default' => '389', ), 'users_ldap_basedn' => array( 'label' => "LDAP Base DN", 'type' => "text", 'note' => "", 'default' => '', ), 'users_ldap_userdn' => array( 'label' => "LDAP User DN", 'type' => "text", 'note' => "", 'default' => '', ), 'users_ldap_userattr' => array( 'label' => "LDAP User Attribute", 'type' => "text", 'note' => "", 'default' => 'uid', ), 'users_ldap_email' => array( 'label' => "LDAP User E-Mail Address", 'type' => "text", 'note' => "If empty the attribute \"mail\" is used, if it not set for a user, LDAP User Attribute is used instead.
Otherwise all %fields% are replaced with the first value from the ldap attribute of the same name, and the result used as the email address.
Please remember to include the @ sign", 'default' => '', ), 'users_ldap_useroc' => array( 'label' => "LDAP User OC", 'type' => "text", 'note' => "", 'default' => 'inetOrgPerson', ), 'users_ldap_groupdn' => array( 'label' => "LDAP Group DN", 'type' => "text", 'note' => "", 'default' => '', ), 'users_ldap_groupattr' => array( 'label' => "LDAP Group Atribute", 'type' => "text", 'note' => "", 'default' => 'cn', ), 'users_ldap_groupoc' => array( 'label' => "LDAP Group OC", 'type' => "text", 'note' => "", 'default' => 'groupOfUniqueNames', ), 'users_ldap_memberattr' => array( 'label' => "LDAP Member Attribute", 'type' => "text", 'note' => "", 'default' => 'uniqueMember', ), 'users_ldap_memberisdn' => array( 'label' => "LDAP Member Is DN", 'type' => "text", 'note' => "", 'default' => '', ), 'users_ldap_adminuser' => array( 'label' => "LDAP Admin User", 'type' => "text", 'note' => "", 'default' => '', ), 'users_ldap_adminpass' => array( 'label' => "LDAP Admin Pwd", 'type' => "password", 'note' => "", 'default' => '', ), 'users_ldap_scope' => array( 'label' => "LDAP Scope", 'type' => "option", 'note' => "", 'default' => 'sub', 'options' => array( 'sub' => "Sub", 'one' => "One", 'base' => "Base", ), ), 'users_ldap_group' => array( 'label' => "LDAP Group", 'type' => "option", 'note' => "", 'default' => '3', 'options' => $groups, ), ); } } ?>