r2134 - new feature: LDAP username to UID mapping by Walery Wysotsky
authorDenis Ovsienko <infrastation@yandex.ru>
Wed, 13 Aug 2008 20:44:56 +0000 (20:44 +0000)
committerDenis Ovsienko <infrastation@yandex.ru>
Wed, 13 Aug 2008 20:44:56 +0000 (20:44 +0000)
ChangeLog
inc/auth.php

index 5ac5d4b..dde649b 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,7 +4,7 @@
        bugfix: work around some NET-SNMP builds (reported by Walery Wysotsky)
        new feature: "router" addresses allocations
        new feature: support for local extensions
-       new feature: IPv4 networks hierarchy
+       new feature: LDAP username to UID mapping by Walery Wysotsky
        update: 3 more switches in SNMP code by Walery Wysotsky
 0.16.1 2008-07-30
        new feature: pre-assigned tags for new VS and RS pools records
index e02e6df..9037248 100644 (file)
@@ -96,13 +96,34 @@ function authenticated ($username, $password)
 
 function authenticated_via_ldap ($username, $password)
 {
-       global $ldap_server, $ldap_domain;
+       global $ldap_server, $ldap_domain, $ldap_search_dn, $ldap_search_attr;
        if ($connect = @ldap_connect ($ldap_server))
-               if ($bind = @ldap_bind ($connect, "${username}@${ldap_domain}", $password))
+       {
+               if
+               (
+                       !isset ($ldap_search_dn) or
+                       !isset ($ldap_search_attr) or
+                       empty ($ldap_search_dn) or
+                       empty ($ldap_search_attr)
+               )
+                       $user_name = $username . "@" . $ldap_domain;
+               else
+               {
+                       $results = @ldap_search ($connect, $ldap_search_dn, "(${ldap_search_attr}=${username})", array("dn"));
+                       if (@ldap_count_entries ($connect, $results) != 1)
+                       {
+                               @ldap_close ($connect);
+                               return FALSE;
+                       }
+                       $info = @ldap_get_entries($connect,$results);
+                       $user_name = $info[0]['dn'];
+               }
+               if ($bind = @ldap_bind ($connect, $user_name, $password))
                {
                        @ldap_close ($connect);
                        return TRUE;
                }
+       }
        @ldap_close ($connect);
        return FALSE;
 }