1 |
dpavlin |
1.1 |
<? |
2 |
|
|
|
3 |
|
|
/* |
4 |
|
|
Document manager handling for users in LDAP |
5 |
|
|
Created by Will LaSala (will@dahome.org) |
6 |
|
|
February 10th, 2002 |
7 |
|
|
Belenos INC |
8 |
|
|
For use with the DocMgr PHP scripts |
9 |
|
|
|
10 |
|
|
arguments in docman.conf file are: |
11 |
|
|
$ldapServer="x.x.x.x"; This can be in Dotted Notation or a DNS FQN |
12 |
|
|
$ldapServerPort="389"; This is the default port and doesnt need to be changed |
13 |
|
|
$basedn="o=CompanyName"; Branch of tree that your search will start on |
14 |
|
|
$bind="cn=Manager, o=CompanyName"; Login that allows password searching |
15 |
|
|
$bindpw=""; Password for the above account |
16 |
|
|
|
17 |
|
|
LDAP query must return login, password full_name and e-mail |
18 |
|
|
In order to do this it may be possible that you may need to modify a section of |
19 |
|
|
the code below, however this is highly unlikly and usually only a person |
20 |
|
|
that has in-depth knowledge of thier LDAP tree structure will |
21 |
|
|
even know if they do have to make changes. |
22 |
|
|
The items that may need to changed are: |
23 |
|
|
$entries[0]["cn"][0]; This should return the Full Name |
24 |
|
|
$entries[0]["userpassword"][0]; This should return the Password |
25 |
|
|
$entries[0]["mail"][0]; This should return the Email |
26 |
|
|
|
27 |
|
|
This file is included early in docman.php and it should return: |
28 |
|
|
$gblUserName descriptive username |
29 |
|
|
$gblPw md5 hash of joint login and password |
30 |
|
|
$gblEmail e-mail address of user |
31 |
|
|
|
32 |
|
|
*/ |
33 |
|
|
|
34 |
|
|
if ($ds = ldap_connect_bind($bind, $bindpw, $ldapServer, $ldapServerPort)) { |
35 |
|
|
$sres = ldap_search($ds, $basedn, "uid=".$PHP_AUTH_USER); |
36 |
|
|
If ($sres) { |
37 |
|
|
$entries = ldap_get_entries($ds, $sres); |
38 |
|
|
$gblUserName = $entries[0]["cn"][0]; //Full Name |
39 |
|
|
$gblPw = $entries[0]["userpassword"][0]; //Password |
40 |
|
|
$gblEmail = $entries[0]["mail"][0]; //Email |
41 |
|
|
}else{ |
42 |
|
|
Error("Not Found","LDAP Search returned false"); |
43 |
|
|
} |
44 |
|
|
ldap_close($ds); |
45 |
|
|
} |
46 |
|
|
|
47 |
|
|
|
48 |
|
|
function ldap_connect_bind($bindRDN, $bindpass, $ldapServer, $ldapServerPort) { |
49 |
|
|
$linkid = ldap_connect($ldapServer, $ldapServerPort); |
50 |
|
|
if ($linkid) { |
51 |
|
|
if (!ldap_bind($linkid, $bindRDN, $bindpass)) { |
52 |
|
|
Error("LDAP BIND","Unable to bind to LDAP server!"); |
53 |
|
|
return 0; |
54 |
|
|
} else { |
55 |
|
|
return $linkid; |
56 |
|
|
} |
57 |
|
|
} else { |
58 |
|
|
Error("LDAP CONNECT","Unable to connect to LDAP server!"); |
59 |
|
|
return 0; |
60 |
|
|
} |
61 |
|
|
} |
62 |
|
|
?> |