use central LDAP search

This commit is contained in:
Roland Gruber 2010-02-06 11:52:48 +00:00
parent 90daf93e14
commit 2277a1ff1f
5 changed files with 54 additions and 67 deletions

View File

@ -4,7 +4,7 @@ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2006 Tilo Lutz
2009 Roland Gruber
2009 - 2010 Roland Gruber
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -310,11 +310,7 @@ function search_domains($server = null, $suffix = null) {
if ($server == null) {
$server = $_SESSION['ldap']->server();
}
$sr = @ldap_search($server, escapeDN($suffix), "objectClass=sambaDomain", $attr, 0, 0, 0, LDAP_DEREF_NEVER);
if ($sr) {
$units = ldap_get_entries($server, $sr);
// delete count entry
unset($units['count']);
$units = searchLDAPByAttribute(null, null, 'sambaDomain', $attr, array('smbDomain'));
// extract attributes
for ($i = 0; $i < sizeof($units); $i++) {
$ret[$i] = new samba3domain();
@ -328,26 +324,9 @@ function search_domains($server = null, $suffix = null) {
if (isset($units[$i]['sambaminpwdage'][0])) $ret[$i]->minPwdAge = $units[$i]['sambaminpwdage'][0];
if (isset($units[$i]['sambamaxpwdage'][0])) $ret[$i]->maxPwdAge = $units[$i]['sambamaxpwdage'][0];
}
// sort array by domain name
usort($ret, "cmp_domain");
}
return $ret;
}
/**
* Helper function to sort the domains
*
* @param string $a first argument to compare
* @param string $b second argument to compare
* @return integer 0 if equal, 1 if $a is greater, -1 if $b is greater
*/
function cmp_domain($a, $b) {
if ($a->name == $b->name) return 0;
elseif ($a->name == max($a->name, $b->name)) return 1;
else return -1;
}
/**
* Represents a Samba 3 domain entry
*
@ -547,7 +526,7 @@ function escapeDN($dn) {
* @param String $value attribute value
* @param String $objectClass object class (may be null)
* @param array $attributes list of attributes to return
* @param array $scope account types
* @param array $scopes account types
* @return array list of found entries
*/
function searchLDAPByAttribute($name, $value, $objectClass, $attributes, $scopes) {
@ -569,7 +548,7 @@ function searchLDAPByAttribute($name, $value, $objectClass, $attributes, $scopes
}
for ($s = 0; $s < sizeof($scopes); $s++) {
// search LDAP
$sr = @ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_Suffix($scopes[$s]), $filter, $attributes, 0, 0, 0, LDAP_DEREF_NEVER);
$sr = @ldap_search($_SESSION['ldap']->server(), escapeDN($_SESSION['config']->get_Suffix($scopes[$s])), $filter, $attributes, 0, 0, 0, LDAP_DEREF_NEVER);
if ($sr) {
$entries = ldap_get_entries($_SESSION['ldap']->server(), $sr);
if ($entries) {
@ -581,6 +560,30 @@ function searchLDAPByAttribute($name, $value, $objectClass, $attributes, $scopes
return $return;
}
/**
* This will search the given LDAP suffix for all entries which match the given filter.
*
* @param String $filter
* @param array $attributes list of attributes to return
* @param array $scopes account types
*/
function searchLDAPByFilter($filter, $attributes, $scopes) {
$return = array();
for ($s = 0; $s < sizeof($scopes); $s++) {
// search LDAP
$sr = @ldap_search($_SESSION['ldap']->server(), escapeDN($_SESSION['config']->get_Suffix($scopes[$s])), $filter, $attributes, 0, 0, 0, LDAP_DEREF_NEVER);
if ($sr) {
$entries = ldap_get_entries($_SESSION['ldap']->server(), $sr);
if ($entries) {
$return = array_merge($return, cleanLDAPResult($entries));
}
@ldap_free_result($sr);
}
}
return $return;
}
/**
* Cleans the result of an LDAP search.
* This will remove all 'count' entries and also all numeric array keys.

View File

@ -824,6 +824,9 @@ class kolabUser extends baseModule {
// delegates
if (in_array('kolabDelegate', $fields)) {
$delegates = array();
// $entries = searchLDAPByAttribute('mail', '*', 'inetOrgPerson', array('mail'), $this->selfServiceSettings->LDAPSuffix);
$sr = @ldap_search($_SESSION['ldapHandle'], escapeDN($this->selfServiceSettings->LDAPSuffix), '(&(objectClass=inetOrgPerson)(mail=*))', array('mail'), 0, 0, 0, LDAP_DEREF_NEVER);
if ($sr) {
$result = ldap_get_entries($_SESSION['ldapHandle'], $sr);

View File

@ -239,18 +239,9 @@ class lamGroupList extends lamList {
for ($i = 0; $i < sizeof($this->entries); $i++) {
$gid = $this->entries[$i]['gidnumber'][0];
$filter = "(&(&" . $module_filter . ")(gidNumber=" . $gid . "))";
$sr = @ldap_search($_SESSION["ldap"]->server(), escapeDN($module_suffix), $filter, $attrs, 0, 0, 0, LDAP_DEREF_NEVER);
if (ldap_errno($_SESSION["ldap"]->server()) == 4) {
StatusMessage("WARN", _("LDAP sizelimit exceeded, not all entries are shown."), _("See the manual for instructions to solve this problem."));
$this->refresh_primary = true;
}
if ($sr) {
$members = ldap_get_entries($_SESSION["ldap"]->server(), $sr);
ldap_free_result($sr);
$members = cleanLDAPResult($members);
for ($j = 0; $j < sizeof($members); $j++) {
$this->primary_hash[$gid][$j] = $members[$j]['uid'][0];
}
$entries = searchLDAPByFilter($filter, $attrs, array($scope));
for ($j = 0; $j < sizeof($entries); $j++) {
$this->primary_hash[$gid][$j] = $entries[$j]['uid'][0];
}
}
}

View File

@ -167,13 +167,9 @@ class lamUserList extends lamList {
$grp_suffix = $_SESSION['config']->get_Suffix('group');
$filter = "objectClass=posixGroup";
$attrs = array("cn", "gidNumber");
$sr = @ldap_search($_SESSION["ldap"]->server(), escapeDN($grp_suffix), $filter, $attrs, 0, 0, 0, LDAP_DEREF_NEVER);
if ($sr) {
$info = @ldap_get_entries($_SESSION["ldap"]->server(), $sr);
$info = cleanLDAPResult($info);
for ($i = 0; $i < sizeof($info); $i++) {
$this->trans_primary_hash[$info[$i]['gidnumber'][0]] = $info[$i]['cn'][0];
}
$entries = searchLDAPByAttribute(null, null, 'posixGroup', $attrs, array('group'));
for ($i = 0; $i < sizeof($entries); $i++) {
$this->trans_primary_hash[$entries[$i]['gidnumber'][0]] = $entries[$i]['cn'][0];
}
}
@ -199,7 +195,7 @@ class lamUserList extends lamList {
elseif ($attribute == "jpegphoto") {
if (sizeof($entry[$attribute][0]) < 100) {
// looks like we have read broken binary data, reread photo
$result = @ldap_search($_SESSION['ldap']->server(), escapeDN($entry['dn']), $attribute . "=*", array($attribute), 0, 0, 0, LDAP_DEREF_NEVER);
$result = @ldap_read($_SESSION['ldap']->server(), escapeDN($entry['dn']), $attribute . "=*", array($attribute), 0, 0, 0, LDAP_DEREF_NEVER);
if ($result) {
$tempEntry = @ldap_first_entry($_SESSION['ldap']->server(), $result);
if ($tempEntry) {

View File

@ -72,15 +72,9 @@ else {
* @return string DN
*/
function search_username($name) {
$filter = "(uid=$name)";
$attrs = array();
$sr = @ldap_search($_SESSION['ldap']->server(), escapeDN($_SESSION['config']->get_Suffix('user')), $filter, $attrs, 0, 0, 0, LDAP_DEREF_NEVER);
if ($sr) {
$info = ldap_get_entries($_SESSION['ldap']->server(), $sr);
// return only first DN entry
$ret = $info[0]["dn"];
ldap_free_result($sr);
return $ret;
$entries = searchLDAPByAttribute('uid', $name, null, array('dn'), array('user'));
if (sizeof($entries) > 0 ) {
return $entries[0]['dn'];
}
else return "";
}