better LDAP error messages

This commit is contained in:
Roland Gruber 2013-10-16 17:37:17 +00:00
parent 7c377bbcd2
commit 1253b2f270
8 changed files with 66 additions and 45 deletions

View File

@ -1150,7 +1150,23 @@ function getExtendedLDAPErrorMessage($server) {
if (empty($ldapMsg)) { if (empty($ldapMsg)) {
return null; return null;
} }
return _('LDAP error, server says:') . ' ' . $ldapMsg; return $ldapMsg;
}
/**
* Returns the default error message to display on the web page.
* HTML special characters are already escaped.
*
* @param handle $server LDAP server handle
* @return String error message
*/
function getDefaultLDAPErrorString($server) {
$extError = getExtendedLDAPErrorMessage($server);
$message = _('LDAP error, server says:') . ' ' . ldap_error($server);
if (!empty($extError)) {
$message .= ' - ' . $extError;
}
return htmlspecialchars($message);
} }
/** /**

View File

@ -1495,11 +1495,11 @@ class accountContainer {
'modifyTimestamp', 'hasSubordinates', 'pwdChangedTime'); 'modifyTimestamp', 'hasSubordinates', 'pwdChangedTime');
$result = @ldap_read($_SESSION['ldap']->server(), escapeDN($dn), escapeDN($search), $searchAttrs, 0, 0, 0, LDAP_DEREF_NEVER); $result = @ldap_read($_SESSION['ldap']->server(), escapeDN($dn), escapeDN($search), $searchAttrs, 0, 0, 0, LDAP_DEREF_NEVER);
if (!$result) { if (!$result) {
return array(array("ERROR", _("Unable to load LDAP entry:") . " " . htmlspecialchars($dn), ldap_error($_SESSION['ldap']->server()))); return array(array("ERROR", _("Unable to load LDAP entry:") . " " . htmlspecialchars($dn), getDefaultLDAPErrorString($_SESSION['ldap']->server())));
} }
$entry = @ldap_first_entry($_SESSION['ldap']->server(), $result); $entry = @ldap_first_entry($_SESSION['ldap']->server(), $result);
if (!$entry) { if (!$entry) {
return array(array("ERROR", _("Unable to load LDAP entry:") . " " . htmlspecialchars($dn), ldap_error($_SESSION['ldap']->server()))); return array(array("ERROR", _("Unable to load LDAP entry:") . " " . htmlspecialchars($dn), getDefaultLDAPErrorString($_SESSION['ldap']->server())));
} }
$this->dnSuffix = extractDNSuffix($dn); $this->dnSuffix = extractDNSuffix($dn);
$this->dn_orig = $dn; $this->dn_orig = $dn;
@ -1796,8 +1796,9 @@ class accountContainer {
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Renamed DN ' . $this->dn_orig . " to " . $this->finalDN); logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Renamed DN ' . $this->dn_orig . " to " . $this->finalDN);
} }
else { else {
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to rename DN: ' . $this->dn_orig . ' (' . ldap_error($_SESSION['ldap']->server()) . ').'); logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to rename DN: ' . $this->dn_orig . ' (' . ldap_error($_SESSION['ldap']->server()) . '). '
$errors[] = array('ERROR', sprintf(_('Was unable to rename DN: %s.'), $this->dn_orig), ldap_error($_SESSION['ldap']->server())); . getExtendedLDAPErrorMessage($_SESSION['ldap']->server()));
$errors[] = array('ERROR', sprintf(_('Was unable to rename DN: %s.'), $this->dn_orig), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
$stopprocessing = true; $stopprocessing = true;
} }
} }
@ -1813,10 +1814,11 @@ class accountContainer {
if (isset($attributes[$this->finalDN]['modify']) && is_array($attributes[$this->finalDN]['modify'])) { if (isset($attributes[$this->finalDN]['modify']) && is_array($attributes[$this->finalDN]['modify'])) {
$attr = array_merge_recursive($attr, $attributes[$this->finalDN]['modify']); $attr = array_merge_recursive($attr, $attributes[$this->finalDN]['modify']);
} }
$success = ldap_add($_SESSION['ldap']->server(), $this->finalDN, $attr); $success = @ldap_add($_SESSION['ldap']->server(), $this->finalDN, $attr);
if (!$success) { if (!$success) {
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to create DN: ' . $this->finalDN . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').'); logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to create DN: ' . $this->finalDN . ' (' . ldap_error($_SESSION['ldap']->server()) . '). '
$errors[] = array('ERROR', sprintf(_('Was unable to create DN: %s.'), $this->finalDN), ldap_error($_SESSION['ldap']->server())); . getExtendedLDAPErrorMessage($_SESSION['ldap']->server()));
$errors[] = array('ERROR', sprintf(_('Was unable to create DN: %s.'), $this->finalDN), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
$stopprocessing = true; $stopprocessing = true;
} }
else { else {
@ -1833,8 +1835,9 @@ class accountContainer {
if (isset($attributes[$DNs[$i]]['modify']) && !$stopprocessing) { if (isset($attributes[$DNs[$i]]['modify']) && !$stopprocessing) {
$success = @ldap_mod_replace($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['modify']); $success = @ldap_mod_replace($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['modify']);
if (!$success) { if (!$success) {
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to modify attributes of DN: ' . $DNs[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').'); logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to modify attributes of DN: ' . $DNs[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . '). '
$errors[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $DNs[$i]), ldap_error($_SESSION['ldap']->server())); . getExtendedLDAPErrorMessage($_SESSION['ldap']->server()));
$errors[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
$stopprocessing = true; $stopprocessing = true;
} }
else { else {
@ -1850,8 +1853,9 @@ class accountContainer {
if (isset($attributes[$DNs[$i]]['add']) && !$stopprocessing) { if (isset($attributes[$DNs[$i]]['add']) && !$stopprocessing) {
$success = @ldap_mod_add($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['add']); $success = @ldap_mod_add($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['add']);
if (!$success) { if (!$success) {
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add attributes to DN: ' . $DNs[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').'); logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add attributes to DN: ' . $DNs[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . '). '
$errors[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $DNs[$i]), ldap_error($_SESSION['ldap']->server())); . getExtendedLDAPErrorMessage($_SESSION['ldap']->server()));
$errors[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
$stopprocessing = true; $stopprocessing = true;
} }
else { else {
@ -1862,8 +1866,9 @@ class accountContainer {
if (isset($attributes[$DNs[$i]]['remove']) && !$stopprocessing) { if (isset($attributes[$DNs[$i]]['remove']) && !$stopprocessing) {
$success = @ldap_mod_del($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['remove']); $success = @ldap_mod_del($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['remove']);
if (!$success) { if (!$success) {
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete attributes from DN: ' . $DNs[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').'); logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete attributes from DN: ' . $DNs[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . '). '
$errors[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $DNs[$i]), ldap_error($_SESSION['ldap']->server())); . getExtendedLDAPErrorMessage($_SESSION['ldap']->server()));
$errors[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
$stopprocessing = true; $stopprocessing = true;
} }
else { else {

View File

@ -901,7 +901,7 @@ class asteriskExtension extends baseModule {
$is_rename_success = false; $is_rename_success = false;
$is_rename_success = @ldap_rename($_SESSION['ldap']->server(), $oldDN, $newRDN, $this->getAccountContainer()->dnSuffix, true); $is_rename_success = @ldap_rename($_SESSION['ldap']->server(), $oldDN, $newRDN, $this->getAccountContainer()->dnSuffix, true);
if (!$is_rename_success) { if (!$is_rename_success) {
$errors[] = array('ERROR', sprintf(_('Was unable to rename DN: %s.'), $this->getAccountContainer()->dn_orig), ldap_error($_SESSION['ldap']->server())); $errors[] = array('ERROR', sprintf(_('Was unable to rename DN: %s.'), $this->getAccountContainer()->dn_orig), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
logNewMessage(LOG_ERR, 'Unable to rename ' . $oldDN . ' to ' . $newRDN . ',' . $this->getAccountContainer()->dnSuffix); logNewMessage(LOG_ERR, 'Unable to rename ' . $oldDN . ' to ' . $newRDN . ',' . $this->getAccountContainer()->dnSuffix);
} }
} }

View File

@ -782,16 +782,16 @@ class posixAccount extends baseModule implements passwordService {
} }
$success = @ldap_mod_add($_SESSION['ldap']->server(), $toUpdate[$i], array($attrName => array($this->getAccountContainer()->finalDN))); $success = @ldap_mod_add($_SESSION['ldap']->server(), $toUpdate[$i], array($attrName => array($this->getAccountContainer()->finalDN)));
if (!$success) { if (!$success) {
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add changed user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toUpdate[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').'); logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add changed user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toUpdate[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
$messages[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $toUpdate[$i]), ldap_error($_SESSION['ldap']->server())); $messages[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $toUpdate[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
} }
else { else {
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added changed user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toUpdate[$i]); logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added changed user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toUpdate[$i]);
} }
$success = @ldap_mod_del($_SESSION['ldap']->server(), $toUpdate[$i], array($attrName => array($this->getAccountContainer()->dn_orig))); $success = @ldap_mod_del($_SESSION['ldap']->server(), $toUpdate[$i], array($attrName => array($this->getAccountContainer()->dn_orig)));
if (!$success) { if (!$success) {
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to remove changed user ' . $this->getAccountContainer()->dn_orig . ' from group: ' . $toUpdate[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').'); logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to remove changed user ' . $this->getAccountContainer()->dn_orig . ' from group: ' . $toUpdate[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
$messages[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $toUpdate[$i]), ldap_error($_SESSION['ldap']->server())); $messages[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $toUpdate[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
} }
else { else {
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed changed user ' . $this->getAccountContainer()->dn_orig . ' from group: ' . $toUpdate[$i]); logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed changed user ' . $this->getAccountContainer()->dn_orig . ' from group: ' . $toUpdate[$i]);
@ -820,8 +820,8 @@ class posixAccount extends baseModule implements passwordService {
if ($found) { if ($found) {
$success = @ldap_mod_replace($_SESSION['ldap']->server(), $ownerGroups[$i]['dn'], array('owner' => $newOwners)); $success = @ldap_mod_replace($_SESSION['ldap']->server(), $ownerGroups[$i]['dn'], array('owner' => $newOwners));
if (!$success) { if (!$success) {
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to modify attributes of DN: ' . $ownerGroups[$i]['dn'] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').'); logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to modify attributes of DN: ' . $ownerGroups[$i]['dn'] . ' (' . ldap_error($_SESSION['ldap']->server())) . ').';
$messages[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $ownerGroups[$i]['dn']), ldap_error($_SESSION['ldap']->server())); $messages[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $ownerGroups[$i]['dn']), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
} }
} }
} }
@ -835,8 +835,8 @@ class posixAccount extends baseModule implements passwordService {
} }
$success = @ldap_mod_add($_SESSION['ldap']->server(), $toAdd[$i], array($attrName => array($this->getAccountContainer()->finalDN))); $success = @ldap_mod_add($_SESSION['ldap']->server(), $toAdd[$i], array($attrName => array($this->getAccountContainer()->finalDN)));
if (!$success) { if (!$success) {
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').'); logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
$messages[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $toAdd[$i]), ldap_error($_SESSION['ldap']->server())); $messages[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $toAdd[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
} }
else { else {
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i]); logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i]);
@ -852,8 +852,8 @@ class posixAccount extends baseModule implements passwordService {
} }
$success = @ldap_mod_del($_SESSION['ldap']->server(), $toRem[$i], array($attrName => array($this->getAccountContainer()->dn_orig))); $success = @ldap_mod_del($_SESSION['ldap']->server(), $toRem[$i], array($attrName => array($this->getAccountContainer()->dn_orig)));
if (!$success) { if (!$success) {
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').'); logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
$messages[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $toRem[$i]), ldap_error($_SESSION['ldap']->server())); $messages[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $toRem[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
} }
else { else {
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i]); logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i]);
@ -2224,7 +2224,7 @@ class posixAccount extends baseModule implements passwordService {
$errors[] = array( $errors[] = array(
"ERROR", "ERROR",
_("LAM was unable to modify group memberships for group: %s"), _("LAM was unable to modify group memberships for group: %s"),
ldap_errno($_SESSION['ldap']->server()) . ": " . ldap_error($_SESSION['ldap']->server()), getDefaultLDAPErrorString($_SESSION['ldap']->server()),
array($temp['groups'][$temp['counter']]) array($temp['groups'][$temp['counter']])
); );
} }
@ -2285,7 +2285,7 @@ class posixAccount extends baseModule implements passwordService {
$errors[] = array( $errors[] = array(
"ERROR", "ERROR",
_("LAM was unable to modify group memberships for group: %s"), _("LAM was unable to modify group memberships for group: %s"),
ldap_errno($_SESSION['ldap']->server()) . ": " . ldap_error($_SESSION['ldap']->server()), getDefaultLDAPErrorString($_SESSION['ldap']->server()),
array($temp['groups'][$temp['counter']]) array($temp['groups'][$temp['counter']])
); );
} }

View File

@ -815,8 +815,8 @@ class windowsUser extends baseModule implements passwordService {
if (in_array($toAdd[$i], $groups)) { if (in_array($toAdd[$i], $groups)) {
$success = @ldap_mod_add($_SESSION['ldap']->server(), $toAdd[$i], array('member' => array($this->getAccountContainer()->finalDN))); $success = @ldap_mod_add($_SESSION['ldap']->server(), $toAdd[$i], array('member' => array($this->getAccountContainer()->finalDN)));
if (!$success) { if (!$success) {
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').'); logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
$messages[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $toAdd[$i]), ldap_error($_SESSION['ldap']->server())); $messages[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $toAdd[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
} }
else { else {
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i]); logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i]);
@ -828,8 +828,8 @@ class windowsUser extends baseModule implements passwordService {
if (in_array($toRem[$i], $groups)) { if (in_array($toRem[$i], $groups)) {
$success = @ldap_mod_del($_SESSION['ldap']->server(), $toRem[$i], array('member' => array($this->getAccountContainer()->dn_orig))); $success = @ldap_mod_del($_SESSION['ldap']->server(), $toRem[$i], array('member' => array($this->getAccountContainer()->dn_orig)));
if (!$success) { if (!$success) {
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i] . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').'); logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
$messages[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $toRem[$i]), ldap_error($_SESSION['ldap']->server())); $messages[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $toRem[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
} }
else { else {
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i]); logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i]);
@ -841,8 +841,8 @@ class windowsUser extends baseModule implements passwordService {
$attrs = array('pwdLastSet' => array($this->pwdLastSet)); $attrs = array('pwdLastSet' => array($this->pwdLastSet));
$success = @ldap_modify($_SESSION['ldap']->server(), $this->getAccountContainer()->finalDN, $attrs); $success = @ldap_modify($_SESSION['ldap']->server(), $this->getAccountContainer()->finalDN, $attrs);
if (!$success) { if (!$success) {
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to change pwdLastSet for ' . $this->getAccountContainer()->finalDN . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').'); logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to change pwdLastSet for ' . $this->getAccountContainer()->finalDN . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
$messages[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $this->getAccountContainer()->finalDN), ldap_error($_SESSION['ldap']->server())); $messages[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $this->getAccountContainer()->finalDN), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
} }
} }
return $messages; return $messages;
@ -1163,7 +1163,7 @@ class windowsUser extends baseModule implements passwordService {
$errors[] = array( $errors[] = array(
"ERROR", "ERROR",
_("LAM was unable to modify group memberships for group: %s"), _("LAM was unable to modify group memberships for group: %s"),
ldap_errno($_SESSION['ldap']->server()) . ": " . ldap_error($_SESSION['ldap']->server()), getDefaultLDAPErrorString($_SESSION['ldap']->server()),
array($group) array($group)
); );
} }
@ -1186,7 +1186,7 @@ class windowsUser extends baseModule implements passwordService {
$errors[] = array( $errors[] = array(
"ERROR", "ERROR",
_("Was unable to modify attributes of DN: %s."), _("Was unable to modify attributes of DN: %s."),
ldap_errno($_SESSION['ldap']->server()) . ": " . ldap_error($_SESSION['ldap']->server()), getDefaultLDAPErrorString($_SESSION['ldap']->server()),
array($dn) array($dn)
); );
} }

View File

@ -222,7 +222,7 @@ if (isset($_POST['delete'])) {
if (isset($attributes[$DNs[$i]]['modify']) && !$stopprocessing) { if (isset($attributes[$DNs[$i]]['modify']) && !$stopprocessing) {
$success = @ldap_mod_replace($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['modify']); $success = @ldap_mod_replace($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['modify']);
if (!$success) { if (!$success) {
$errors[] = array ('ERROR', sprintf(_('Was unable to modify attributes from DN: %s.'), $DNs[$i]), ldap_error($_SESSION['ldap']->server())); $errors[] = array ('ERROR', sprintf(_('Was unable to modify attributes from DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
$stopprocessing = true; $stopprocessing = true;
$allOk = false; $allOk = false;
} }
@ -231,7 +231,7 @@ if (isset($_POST['delete'])) {
if (isset($attributes[$DNs[$i]]['add']) && !$stopprocessing) { if (isset($attributes[$DNs[$i]]['add']) && !$stopprocessing) {
$success = @ldap_mod_add($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['add']); $success = @ldap_mod_add($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['add']);
if (!$success) { if (!$success) {
$errors[] = array ('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $DNs[$i]), ldap_error($_SESSION['ldap']->server())); $errors[] = array ('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
$stopprocessing = true; $stopprocessing = true;
$allOk = false; $allOk = false;
} }
@ -240,7 +240,7 @@ if (isset($_POST['delete'])) {
if (isset($attributes[$DNs[$i]]['remove']) && !$stopprocessing) { if (isset($attributes[$DNs[$i]]['remove']) && !$stopprocessing) {
$success = @ldap_mod_del($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['remove']); $success = @ldap_mod_del($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['remove']);
if (!$success) { if (!$success) {
$errors[] = array ('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $DNs[$i]), ldap_error($_SESSION['ldap']->server())); $errors[] = array ('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
$stopprocessing = true; $stopprocessing = true;
$allOk = false; $allOk = false;
} }
@ -341,7 +341,7 @@ function deleteDN($dn) {
} }
} }
else { else {
$errors[] = array ('ERROR', sprintf(_('Was unable to delete DN: %s.'), $dn), ldap_error($_SESSION['ldap']->server())); $errors[] = array ('ERROR', sprintf(_('Was unable to delete DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
return $errors; return $errors;
} }
// delete parent DN // delete parent DN
@ -349,8 +349,8 @@ function deleteDN($dn) {
$ldapUser = $_SESSION['ldap']->decrypt_login(); $ldapUser = $_SESSION['ldap']->decrypt_login();
$ldapUser = $ldapUser[0]; $ldapUser = $ldapUser[0];
if (!$success) { if (!$success) {
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete DN: ' . $dn . ' (' . ldap_err2str(ldap_errno($_SESSION['ldap']->server())) . ').'); logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete DN: ' . $dn . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
$errors[] = array ('ERROR', sprintf(_('Was unable to delete DN: %s.'), $dn), ldap_error($_SESSION['ldap']->server())); $errors[] = array ('ERROR', sprintf(_('Was unable to delete DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
} }
else { else {
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Deleted DN: ' . $dn); logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Deleted DN: ' . $dn);

View File

@ -569,7 +569,7 @@ if(!empty($_POST['checklogin'])) {
$searchLDAPResult = $searchLDAP->connect($searchDN, $searchPassword, true); $searchLDAPResult = $searchLDAP->connect($searchDN, $searchPassword, true);
if (! ($searchLDAPResult == 0)) { if (! ($searchLDAPResult == 0)) {
$searchSuccess = false; $searchSuccess = false;
$searchError = _('Cannot connect to specified LDAP server. Please try again.') . ' ' . @ldap_error($searchLDAP->server()); $searchError = _('Cannot connect to specified LDAP server. Please try again.') . ' ' . getDefaultLDAPErrorString($searchLDAP->server());
} }
else { else {
$searchResult = @ldap_search($searchLDAP->server(), $_SESSION['config']->getLoginSearchSuffix(), $searchFilter, array('dn'), 0, 0, 0, LDAP_DEREF_NEVER); $searchResult = @ldap_search($searchLDAP->server(), $_SESSION['config']->getLoginSearchSuffix(), $searchFilter, array('dn'), 0, 0, 0, LDAP_DEREF_NEVER);
@ -592,13 +592,13 @@ if(!empty($_POST['checklogin'])) {
else { else {
$searchSuccess = false; $searchSuccess = false;
$searchError = _('Unable to find the user name in LDAP.'); $searchError = _('Unable to find the user name in LDAP.');
if (ldap_errno($searchLDAP->server()) != 0) $searchError .= ' ' . ldap_error($searchLDAP->server()); if (ldap_errno($searchLDAP->server()) != 0) $searchError .= ' ' . getDefaultLDAPErrorString($searchLDAP->server());
} }
} }
else { else {
$searchSuccess = false; $searchSuccess = false;
$searchError = _('Unable to find the user name in LDAP.'); $searchError = _('Unable to find the user name in LDAP.');
if (ldap_errno($searchLDAP->server()) != 0) $searchError .= ' ' . ldap_error($searchLDAP->server()); if (ldap_errno($searchLDAP->server()) != 0) $searchError .= ' ' . getDefaultLDAPErrorString($searchLDAP->server());
} }
} }
if (!$searchSuccess) { if (!$searchSuccess) {

View File

@ -130,7 +130,7 @@ if (($_SESSION['mass_counter'] < sizeof($accounts)) || !isset($_SESSION['mass_po
$errorMessage = array( $errorMessage = array(
"ERROR", "ERROR",
_("LAM was unable to create account %s! An LDAP error occured."), _("LAM was unable to create account %s! An LDAP error occured."),
ldap_errno($_SESSION['ldap']->server()) . ": " . ldap_error($_SESSION['ldap']->server()), getDefaultLDAPErrorString($_SESSION['ldap']->server()),
array($_SESSION['mass_counter'])); array($_SESSION['mass_counter']));
$_SESSION['mass_errors'][] = $errorMessage; $_SESSION['mass_errors'][] = $errorMessage;
$_SESSION['mass_failed'][] = $_SESSION['mass_counter']; $_SESSION['mass_failed'][] = $_SESSION['mass_counter'];