diff options
| author | Simon Rettberg | 2016-10-27 18:57:05 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2016-10-27 18:57:05 +0200 |
| commit | f7b2aa8e3bb66f9c1c0dd3489152cc71bd1e7da8 (patch) | |
| tree | 45a5efbd8b0418f53eecbf5bd0907ff1ea255a0a /modules-available/sysconfig/addmodule_adauth.inc.php | |
| parent | [baseconfig_bwlp] Reintroduce SLX_REBOOT_SCHEDULE (diff) | |
| download | slx-admin-f7b2aa8e3bb66f9c1c0dd3489152cc71bd1e7da8.tar.gz slx-admin-f7b2aa8e3bb66f9c1c0dd3489152cc71bd1e7da8.tar.xz slx-admin-f7b2aa8e3bb66f9c1c0dd3489152cc71bd1e7da8.zip | |
[sysconfig] Improve binddn parsing for AD wizard
Diffstat (limited to 'modules-available/sysconfig/addmodule_adauth.inc.php')
| -rw-r--r-- | modules-available/sysconfig/addmodule_adauth.inc.php | 35 |
1 files changed, 25 insertions, 10 deletions
diff --git a/modules-available/sysconfig/addmodule_adauth.inc.php b/modules-available/sysconfig/addmodule_adauth.inc.php index 2949928b..4c65f7f9 100644 --- a/modules-available/sysconfig/addmodule_adauth.inc.php +++ b/modules-available/sysconfig/addmodule_adauth.inc.php @@ -67,12 +67,14 @@ class AdAuth_CheckConnection extends AddModule_Base protected function renderInternal() { + $searchBase = Ldap::normalizeDn(Request::post('searchbase', '', 'string')); + $bindDn = Ldap::normalizeDn(Request::post('binddn', '', 'string')); $data = array( 'edit' => Request::post('edit'), 'title' => Request::post('title'), 'server' => $this->server, - 'searchbase' => Util::normalizeDn(Request::post('searchbase')), - 'binddn' => Util::normalizeDn(Request::post('binddn')), + 'searchbase' => $searchBase, + 'binddn' => $bindDn, 'bindpw' => Request::post('bindpw'), 'home' => Request::post('home'), 'homeattr' => Request::post('homeattr'), @@ -81,7 +83,7 @@ class AdAuth_CheckConnection extends AddModule_Base 'taskid' => $this->scanTask['id'] ); $data['prev'] = 'AdAuth_Start'; - if (preg_match('#^\w+[/\\\\]\w+$#', Request::post('binddn')) || strlen(Request::post('searchbase')) < 2) { + if ((preg_match('#^\w+[/\\\\]\w+$#', $bindDn) > 0) || (strlen($searchBase) < 2)) { $data['next'] = 'AdAuth_SelfSearch'; } elseif (empty($data['homeattr'])) { $data['next'] = 'AdAuth_HomeAttrCheck'; @@ -125,16 +127,29 @@ class AdAuth_SelfSearch extends AddModule_Base } else { $uri = "ldap://$server:3268/"; } - preg_match('#^\w+[/\\\\](\w+)$#', $binddn, $out); - $user = $out[1]; - $this->originalBindDn = str_replace('/', '\\', $binddn); - $selfSearch = Taskmanager::submit('LdapSearch', array( + // Set up selfSearch task + $taskData = array( 'server' => $uri, 'searchbase' => $searchbase, - 'binddn' => $this->originalBindDn, 'bindpw' => $bindpw, - 'filter' => "sAMAccountName=$user" - )); + ); + if (preg_match('#^\w+[/\\\\](\w+)$#', $binddn, $out) && !empty($out[1])) { + $this->originalBindDn = str_replace('/', '\\', $binddn); + $taskData['filter'] = 'sAMAccountName=' . $out[1]; + } elseif (preg_match('/^cn=([^=]+),.*?,dc=([^=]+),/i', Ldap::normalizeDn($binddn), $out)) { + if (empty($searchbase)) { + $this->originalBindDn = $out[2] . '\\' . $out[1]; + $taskData['filter'] = 'sAMAccountName=' . $out[1]; + } else { + $this->originalBindDn = $binddn; + $taskData['filter'] = "distinguishedName=$binddn"; + } + } else { + Message::addError('could-not-determine-binddn', $binddn); + $this->originalBindDn = $binddn; + } + $taskData['binddn'] = $this->originalBindDn; + $selfSearch = Taskmanager::submit('LdapSearch', $taskData); if (!isset($selfSearch['id'])) { AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() return; |