better LDAP error messages
This commit is contained in:
parent
7c377bbcd2
commit
1253b2f270
|
@ -1150,7 +1150,23 @@ function getExtendedLDAPErrorMessage($server) {
|
||||||
if (empty($ldapMsg)) {
|
if (empty($ldapMsg)) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
return _('LDAP error, server says:') . ' ' . $ldapMsg;
|
return $ldapMsg;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the default error message to display on the web page.
|
||||||
|
* HTML special characters are already escaped.
|
||||||
|
*
|
||||||
|
* @param handle $server LDAP server handle
|
||||||
|
* @return String error message
|
||||||
|
*/
|
||||||
|
function getDefaultLDAPErrorString($server) {
|
||||||
|
$extError = getExtendedLDAPErrorMessage($server);
|
||||||
|
$message = _('LDAP error, server says:') . ' ' . ldap_error($server);
|
||||||
|
if (!empty($extError)) {
|
||||||
|
$message .= ' - ' . $extError;
|
||||||
|
}
|
||||||
|
return htmlspecialchars($message);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -1495,11 +1495,11 @@ class accountContainer {
|
||||||
'modifyTimestamp', 'hasSubordinates', 'pwdChangedTime');
|
'modifyTimestamp', 'hasSubordinates', 'pwdChangedTime');
|
||||||
$result = @ldap_read($_SESSION['ldap']->server(), escapeDN($dn), escapeDN($search), $searchAttrs, 0, 0, 0, LDAP_DEREF_NEVER);
|
$result = @ldap_read($_SESSION['ldap']->server(), escapeDN($dn), escapeDN($search), $searchAttrs, 0, 0, 0, LDAP_DEREF_NEVER);
|
||||||
if (!$result) {
|
if (!$result) {
|
||||||
return array(array("ERROR", _("Unable to load LDAP entry:") . " " . htmlspecialchars($dn), ldap_error($_SESSION['ldap']->server())));
|
return array(array("ERROR", _("Unable to load LDAP entry:") . " " . htmlspecialchars($dn), getDefaultLDAPErrorString($_SESSION['ldap']->server())));
|
||||||
}
|
}
|
||||||
$entry = @ldap_first_entry($_SESSION['ldap']->server(), $result);
|
$entry = @ldap_first_entry($_SESSION['ldap']->server(), $result);
|
||||||
if (!$entry) {
|
if (!$entry) {
|
||||||
return array(array("ERROR", _("Unable to load LDAP entry:") . " " . htmlspecialchars($dn), ldap_error($_SESSION['ldap']->server())));
|
return array(array("ERROR", _("Unable to load LDAP entry:") . " " . htmlspecialchars($dn), getDefaultLDAPErrorString($_SESSION['ldap']->server())));
|
||||||
}
|
}
|
||||||
$this->dnSuffix = extractDNSuffix($dn);
|
$this->dnSuffix = extractDNSuffix($dn);
|
||||||
$this->dn_orig = $dn;
|
$this->dn_orig = $dn;
|
||||||
|
@ -1796,8 +1796,9 @@ class accountContainer {
|
||||||
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Renamed DN ' . $this->dn_orig . " to " . $this->finalDN);
|
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Renamed DN ' . $this->dn_orig . " to " . $this->finalDN);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to rename DN: ' . $this->dn_orig . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to rename DN: ' . $this->dn_orig . ' (' . ldap_error($_SESSION['ldap']->server()) . '). '
|
||||||
$errors[] = array('ERROR', sprintf(_('Was unable to rename DN: %s.'), $this->dn_orig), ldap_error($_SESSION['ldap']->server()));
|
. getExtendedLDAPErrorMessage($_SESSION['ldap']->server()));
|
||||||
|
$errors[] = array('ERROR', sprintf(_('Was unable to rename DN: %s.'), $this->dn_orig), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
$stopprocessing = true;
|
$stopprocessing = true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1813,10 +1814,11 @@ class accountContainer {
|
||||||
if (isset($attributes[$this->finalDN]['modify']) && is_array($attributes[$this->finalDN]['modify'])) {
|
if (isset($attributes[$this->finalDN]['modify']) && is_array($attributes[$this->finalDN]['modify'])) {
|
||||||
$attr = array_merge_recursive($attr, $attributes[$this->finalDN]['modify']);
|
$attr = array_merge_recursive($attr, $attributes[$this->finalDN]['modify']);
|
||||||
}
|
}
|
||||||
$success = ldap_add($_SESSION['ldap']->server(), $this->finalDN, $attr);
|
$success = @ldap_add($_SESSION['ldap']->server(), $this->finalDN, $attr);
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to create DN: ' . $this->finalDN . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').');
|
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to create DN: ' . $this->finalDN . ' (' . ldap_error($_SESSION['ldap']->server()) . '). '
|
||||||
$errors[] = array('ERROR', sprintf(_('Was unable to create DN: %s.'), $this->finalDN), ldap_error($_SESSION['ldap']->server()));
|
. getExtendedLDAPErrorMessage($_SESSION['ldap']->server()));
|
||||||
|
$errors[] = array('ERROR', sprintf(_('Was unable to create DN: %s.'), $this->finalDN), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
$stopprocessing = true;
|
$stopprocessing = true;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
@ -1833,8 +1835,9 @@ class accountContainer {
|
||||||
if (isset($attributes[$DNs[$i]]['modify']) && !$stopprocessing) {
|
if (isset($attributes[$DNs[$i]]['modify']) && !$stopprocessing) {
|
||||||
$success = @ldap_mod_replace($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['modify']);
|
$success = @ldap_mod_replace($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['modify']);
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to modify attributes of DN: ' . $DNs[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').');
|
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to modify attributes of DN: ' . $DNs[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . '). '
|
||||||
$errors[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $DNs[$i]), ldap_error($_SESSION['ldap']->server()));
|
. getExtendedLDAPErrorMessage($_SESSION['ldap']->server()));
|
||||||
|
$errors[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
$stopprocessing = true;
|
$stopprocessing = true;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
@ -1850,8 +1853,9 @@ class accountContainer {
|
||||||
if (isset($attributes[$DNs[$i]]['add']) && !$stopprocessing) {
|
if (isset($attributes[$DNs[$i]]['add']) && !$stopprocessing) {
|
||||||
$success = @ldap_mod_add($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['add']);
|
$success = @ldap_mod_add($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['add']);
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add attributes to DN: ' . $DNs[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').');
|
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add attributes to DN: ' . $DNs[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . '). '
|
||||||
$errors[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $DNs[$i]), ldap_error($_SESSION['ldap']->server()));
|
. getExtendedLDAPErrorMessage($_SESSION['ldap']->server()));
|
||||||
|
$errors[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
$stopprocessing = true;
|
$stopprocessing = true;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
@ -1862,8 +1866,9 @@ class accountContainer {
|
||||||
if (isset($attributes[$DNs[$i]]['remove']) && !$stopprocessing) {
|
if (isset($attributes[$DNs[$i]]['remove']) && !$stopprocessing) {
|
||||||
$success = @ldap_mod_del($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['remove']);
|
$success = @ldap_mod_del($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['remove']);
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete attributes from DN: ' . $DNs[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').');
|
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete attributes from DN: ' . $DNs[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . '). '
|
||||||
$errors[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $DNs[$i]), ldap_error($_SESSION['ldap']->server()));
|
. getExtendedLDAPErrorMessage($_SESSION['ldap']->server()));
|
||||||
|
$errors[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
$stopprocessing = true;
|
$stopprocessing = true;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
|
|
@ -901,7 +901,7 @@ class asteriskExtension extends baseModule {
|
||||||
$is_rename_success = false;
|
$is_rename_success = false;
|
||||||
$is_rename_success = @ldap_rename($_SESSION['ldap']->server(), $oldDN, $newRDN, $this->getAccountContainer()->dnSuffix, true);
|
$is_rename_success = @ldap_rename($_SESSION['ldap']->server(), $oldDN, $newRDN, $this->getAccountContainer()->dnSuffix, true);
|
||||||
if (!$is_rename_success) {
|
if (!$is_rename_success) {
|
||||||
$errors[] = array('ERROR', sprintf(_('Was unable to rename DN: %s.'), $this->getAccountContainer()->dn_orig), ldap_error($_SESSION['ldap']->server()));
|
$errors[] = array('ERROR', sprintf(_('Was unable to rename DN: %s.'), $this->getAccountContainer()->dn_orig), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
logNewMessage(LOG_ERR, 'Unable to rename ' . $oldDN . ' to ' . $newRDN . ',' . $this->getAccountContainer()->dnSuffix);
|
logNewMessage(LOG_ERR, 'Unable to rename ' . $oldDN . ' to ' . $newRDN . ',' . $this->getAccountContainer()->dnSuffix);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -782,16 +782,16 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
}
|
}
|
||||||
$success = @ldap_mod_add($_SESSION['ldap']->server(), $toUpdate[$i], array($attrName => array($this->getAccountContainer()->finalDN)));
|
$success = @ldap_mod_add($_SESSION['ldap']->server(), $toUpdate[$i], array($attrName => array($this->getAccountContainer()->finalDN)));
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add changed user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toUpdate[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').');
|
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add changed user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toUpdate[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$messages[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $toUpdate[$i]), ldap_error($_SESSION['ldap']->server()));
|
$messages[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $toUpdate[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added changed user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toUpdate[$i]);
|
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added changed user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toUpdate[$i]);
|
||||||
}
|
}
|
||||||
$success = @ldap_mod_del($_SESSION['ldap']->server(), $toUpdate[$i], array($attrName => array($this->getAccountContainer()->dn_orig)));
|
$success = @ldap_mod_del($_SESSION['ldap']->server(), $toUpdate[$i], array($attrName => array($this->getAccountContainer()->dn_orig)));
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to remove changed user ' . $this->getAccountContainer()->dn_orig . ' from group: ' . $toUpdate[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').');
|
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to remove changed user ' . $this->getAccountContainer()->dn_orig . ' from group: ' . $toUpdate[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$messages[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $toUpdate[$i]), ldap_error($_SESSION['ldap']->server()));
|
$messages[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $toUpdate[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed changed user ' . $this->getAccountContainer()->dn_orig . ' from group: ' . $toUpdate[$i]);
|
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed changed user ' . $this->getAccountContainer()->dn_orig . ' from group: ' . $toUpdate[$i]);
|
||||||
|
@ -820,8 +820,8 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
if ($found) {
|
if ($found) {
|
||||||
$success = @ldap_mod_replace($_SESSION['ldap']->server(), $ownerGroups[$i]['dn'], array('owner' => $newOwners));
|
$success = @ldap_mod_replace($_SESSION['ldap']->server(), $ownerGroups[$i]['dn'], array('owner' => $newOwners));
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to modify attributes of DN: ' . $ownerGroups[$i]['dn'] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').');
|
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to modify attributes of DN: ' . $ownerGroups[$i]['dn'] . ' (' . ldap_error($_SESSION['ldap']->server())) . ').';
|
||||||
$messages[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $ownerGroups[$i]['dn']), ldap_error($_SESSION['ldap']->server()));
|
$messages[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $ownerGroups[$i]['dn']), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -835,8 +835,8 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
}
|
}
|
||||||
$success = @ldap_mod_add($_SESSION['ldap']->server(), $toAdd[$i], array($attrName => array($this->getAccountContainer()->finalDN)));
|
$success = @ldap_mod_add($_SESSION['ldap']->server(), $toAdd[$i], array($attrName => array($this->getAccountContainer()->finalDN)));
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').');
|
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$messages[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $toAdd[$i]), ldap_error($_SESSION['ldap']->server()));
|
$messages[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $toAdd[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i]);
|
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i]);
|
||||||
|
@ -852,8 +852,8 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
}
|
}
|
||||||
$success = @ldap_mod_del($_SESSION['ldap']->server(), $toRem[$i], array($attrName => array($this->getAccountContainer()->dn_orig)));
|
$success = @ldap_mod_del($_SESSION['ldap']->server(), $toRem[$i], array($attrName => array($this->getAccountContainer()->dn_orig)));
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').');
|
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$messages[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $toRem[$i]), ldap_error($_SESSION['ldap']->server()));
|
$messages[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $toRem[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i]);
|
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i]);
|
||||||
|
@ -2224,7 +2224,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$errors[] = array(
|
$errors[] = array(
|
||||||
"ERROR",
|
"ERROR",
|
||||||
_("LAM was unable to modify group memberships for group: %s"),
|
_("LAM was unable to modify group memberships for group: %s"),
|
||||||
ldap_errno($_SESSION['ldap']->server()) . ": " . ldap_error($_SESSION['ldap']->server()),
|
getDefaultLDAPErrorString($_SESSION['ldap']->server()),
|
||||||
array($temp['groups'][$temp['counter']])
|
array($temp['groups'][$temp['counter']])
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
@ -2285,7 +2285,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$errors[] = array(
|
$errors[] = array(
|
||||||
"ERROR",
|
"ERROR",
|
||||||
_("LAM was unable to modify group memberships for group: %s"),
|
_("LAM was unable to modify group memberships for group: %s"),
|
||||||
ldap_errno($_SESSION['ldap']->server()) . ": " . ldap_error($_SESSION['ldap']->server()),
|
getDefaultLDAPErrorString($_SESSION['ldap']->server()),
|
||||||
array($temp['groups'][$temp['counter']])
|
array($temp['groups'][$temp['counter']])
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
|
@ -815,8 +815,8 @@ class windowsUser extends baseModule implements passwordService {
|
||||||
if (in_array($toAdd[$i], $groups)) {
|
if (in_array($toAdd[$i], $groups)) {
|
||||||
$success = @ldap_mod_add($_SESSION['ldap']->server(), $toAdd[$i], array('member' => array($this->getAccountContainer()->finalDN)));
|
$success = @ldap_mod_add($_SESSION['ldap']->server(), $toAdd[$i], array('member' => array($this->getAccountContainer()->finalDN)));
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').');
|
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$messages[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $toAdd[$i]), ldap_error($_SESSION['ldap']->server()));
|
$messages[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $toAdd[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i]);
|
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i]);
|
||||||
|
@ -828,8 +828,8 @@ class windowsUser extends baseModule implements passwordService {
|
||||||
if (in_array($toRem[$i], $groups)) {
|
if (in_array($toRem[$i], $groups)) {
|
||||||
$success = @ldap_mod_del($_SESSION['ldap']->server(), $toRem[$i], array('member' => array($this->getAccountContainer()->dn_orig)));
|
$success = @ldap_mod_del($_SESSION['ldap']->server(), $toRem[$i], array('member' => array($this->getAccountContainer()->dn_orig)));
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').');
|
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$messages[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $toRem[$i]), ldap_error($_SESSION['ldap']->server()));
|
$messages[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $toRem[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i]);
|
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i]);
|
||||||
|
@ -841,8 +841,8 @@ class windowsUser extends baseModule implements passwordService {
|
||||||
$attrs = array('pwdLastSet' => array($this->pwdLastSet));
|
$attrs = array('pwdLastSet' => array($this->pwdLastSet));
|
||||||
$success = @ldap_modify($_SESSION['ldap']->server(), $this->getAccountContainer()->finalDN, $attrs);
|
$success = @ldap_modify($_SESSION['ldap']->server(), $this->getAccountContainer()->finalDN, $attrs);
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to change pwdLastSet for ' . $this->getAccountContainer()->finalDN . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').');
|
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to change pwdLastSet for ' . $this->getAccountContainer()->finalDN . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$messages[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $this->getAccountContainer()->finalDN), ldap_error($_SESSION['ldap']->server()));
|
$messages[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $this->getAccountContainer()->finalDN), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return $messages;
|
return $messages;
|
||||||
|
@ -1163,7 +1163,7 @@ class windowsUser extends baseModule implements passwordService {
|
||||||
$errors[] = array(
|
$errors[] = array(
|
||||||
"ERROR",
|
"ERROR",
|
||||||
_("LAM was unable to modify group memberships for group: %s"),
|
_("LAM was unable to modify group memberships for group: %s"),
|
||||||
ldap_errno($_SESSION['ldap']->server()) . ": " . ldap_error($_SESSION['ldap']->server()),
|
getDefaultLDAPErrorString($_SESSION['ldap']->server()),
|
||||||
array($group)
|
array($group)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
@ -1186,7 +1186,7 @@ class windowsUser extends baseModule implements passwordService {
|
||||||
$errors[] = array(
|
$errors[] = array(
|
||||||
"ERROR",
|
"ERROR",
|
||||||
_("Was unable to modify attributes of DN: %s."),
|
_("Was unable to modify attributes of DN: %s."),
|
||||||
ldap_errno($_SESSION['ldap']->server()) . ": " . ldap_error($_SESSION['ldap']->server()),
|
getDefaultLDAPErrorString($_SESSION['ldap']->server()),
|
||||||
array($dn)
|
array($dn)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
|
@ -222,7 +222,7 @@ if (isset($_POST['delete'])) {
|
||||||
if (isset($attributes[$DNs[$i]]['modify']) && !$stopprocessing) {
|
if (isset($attributes[$DNs[$i]]['modify']) && !$stopprocessing) {
|
||||||
$success = @ldap_mod_replace($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['modify']);
|
$success = @ldap_mod_replace($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['modify']);
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
$errors[] = array ('ERROR', sprintf(_('Was unable to modify attributes from DN: %s.'), $DNs[$i]), ldap_error($_SESSION['ldap']->server()));
|
$errors[] = array ('ERROR', sprintf(_('Was unable to modify attributes from DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
$stopprocessing = true;
|
$stopprocessing = true;
|
||||||
$allOk = false;
|
$allOk = false;
|
||||||
}
|
}
|
||||||
|
@ -231,7 +231,7 @@ if (isset($_POST['delete'])) {
|
||||||
if (isset($attributes[$DNs[$i]]['add']) && !$stopprocessing) {
|
if (isset($attributes[$DNs[$i]]['add']) && !$stopprocessing) {
|
||||||
$success = @ldap_mod_add($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['add']);
|
$success = @ldap_mod_add($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['add']);
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
$errors[] = array ('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $DNs[$i]), ldap_error($_SESSION['ldap']->server()));
|
$errors[] = array ('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
$stopprocessing = true;
|
$stopprocessing = true;
|
||||||
$allOk = false;
|
$allOk = false;
|
||||||
}
|
}
|
||||||
|
@ -240,7 +240,7 @@ if (isset($_POST['delete'])) {
|
||||||
if (isset($attributes[$DNs[$i]]['remove']) && !$stopprocessing) {
|
if (isset($attributes[$DNs[$i]]['remove']) && !$stopprocessing) {
|
||||||
$success = @ldap_mod_del($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['remove']);
|
$success = @ldap_mod_del($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['remove']);
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
$errors[] = array ('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $DNs[$i]), ldap_error($_SESSION['ldap']->server()));
|
$errors[] = array ('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
$stopprocessing = true;
|
$stopprocessing = true;
|
||||||
$allOk = false;
|
$allOk = false;
|
||||||
}
|
}
|
||||||
|
@ -341,7 +341,7 @@ function deleteDN($dn) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$errors[] = array ('ERROR', sprintf(_('Was unable to delete DN: %s.'), $dn), ldap_error($_SESSION['ldap']->server()));
|
$errors[] = array ('ERROR', sprintf(_('Was unable to delete DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
return $errors;
|
return $errors;
|
||||||
}
|
}
|
||||||
// delete parent DN
|
// delete parent DN
|
||||||
|
@ -349,8 +349,8 @@ function deleteDN($dn) {
|
||||||
$ldapUser = $_SESSION['ldap']->decrypt_login();
|
$ldapUser = $_SESSION['ldap']->decrypt_login();
|
||||||
$ldapUser = $ldapUser[0];
|
$ldapUser = $ldapUser[0];
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete DN: ' . $dn . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').');
|
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete DN: ' . $dn . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$errors[] = array ('ERROR', sprintf(_('Was unable to delete DN: %s.'), $dn), ldap_error($_SESSION['ldap']->server()));
|
$errors[] = array ('ERROR', sprintf(_('Was unable to delete DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Deleted DN: ' . $dn);
|
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Deleted DN: ' . $dn);
|
||||||
|
|
|
@ -569,7 +569,7 @@ if(!empty($_POST['checklogin'])) {
|
||||||
$searchLDAPResult = $searchLDAP->connect($searchDN, $searchPassword, true);
|
$searchLDAPResult = $searchLDAP->connect($searchDN, $searchPassword, true);
|
||||||
if (! ($searchLDAPResult == 0)) {
|
if (! ($searchLDAPResult == 0)) {
|
||||||
$searchSuccess = false;
|
$searchSuccess = false;
|
||||||
$searchError = _('Cannot connect to specified LDAP server. Please try again.') . ' ' . @ldap_error($searchLDAP->server());
|
$searchError = _('Cannot connect to specified LDAP server. Please try again.') . ' ' . getDefaultLDAPErrorString($searchLDAP->server());
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$searchResult = @ldap_search($searchLDAP->server(), $_SESSION['config']->getLoginSearchSuffix(), $searchFilter, array('dn'), 0, 0, 0, LDAP_DEREF_NEVER);
|
$searchResult = @ldap_search($searchLDAP->server(), $_SESSION['config']->getLoginSearchSuffix(), $searchFilter, array('dn'), 0, 0, 0, LDAP_DEREF_NEVER);
|
||||||
|
@ -592,13 +592,13 @@ if(!empty($_POST['checklogin'])) {
|
||||||
else {
|
else {
|
||||||
$searchSuccess = false;
|
$searchSuccess = false;
|
||||||
$searchError = _('Unable to find the user name in LDAP.');
|
$searchError = _('Unable to find the user name in LDAP.');
|
||||||
if (ldap_errno($searchLDAP->server()) != 0) $searchError .= ' ' . ldap_error($searchLDAP->server());
|
if (ldap_errno($searchLDAP->server()) != 0) $searchError .= ' ' . getDefaultLDAPErrorString($searchLDAP->server());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$searchSuccess = false;
|
$searchSuccess = false;
|
||||||
$searchError = _('Unable to find the user name in LDAP.');
|
$searchError = _('Unable to find the user name in LDAP.');
|
||||||
if (ldap_errno($searchLDAP->server()) != 0) $searchError .= ' ' . ldap_error($searchLDAP->server());
|
if (ldap_errno($searchLDAP->server()) != 0) $searchError .= ' ' . getDefaultLDAPErrorString($searchLDAP->server());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (!$searchSuccess) {
|
if (!$searchSuccess) {
|
||||||
|
|
|
@ -130,7 +130,7 @@ if (($_SESSION['mass_counter'] < sizeof($accounts)) || !isset($_SESSION['mass_po
|
||||||
$errorMessage = array(
|
$errorMessage = array(
|
||||||
"ERROR",
|
"ERROR",
|
||||||
_("LAM was unable to create account %s! An LDAP error occured."),
|
_("LAM was unable to create account %s! An LDAP error occured."),
|
||||||
ldap_errno($_SESSION['ldap']->server()) . ": " . ldap_error($_SESSION['ldap']->server()),
|
getDefaultLDAPErrorString($_SESSION['ldap']->server()),
|
||||||
array($_SESSION['mass_counter']));
|
array($_SESSION['mass_counter']));
|
||||||
$_SESSION['mass_errors'][] = $errorMessage;
|
$_SESSION['mass_errors'][] = $errorMessage;
|
||||||
$_SESSION['mass_failed'][] = $_SESSION['mass_counter'];
|
$_SESSION['mass_failed'][] = $_SESSION['mass_counter'];
|
||||||
|
|
Loading…
Reference in New Issue