diff options
| author | Simon Rettberg | 2016-02-18 17:56:58 +0100 |
|---|---|---|
| committer | Simon Rettberg | 2016-02-18 17:56:58 +0100 |
| commit | 4ea13ba83c760f6c2baff4d25c54f08fdb4a82ec (patch) | |
| tree | 46c375a139bce3475adf2db4b85ca310f66a8334 /modules/sysconfig/addmodule_adauth.inc.php | |
| parent | [statistics] Smart values, show last log lines, location support (diff) | |
| download | slx-admin-4ea13ba83c760f6c2baff4d25c54f08fdb4a82ec.tar.gz slx-admin-4ea13ba83c760f6c2baff4d25c54f08fdb4a82ec.tar.xz slx-admin-4ea13ba83c760f6c2baff4d25c54f08fdb4a82ec.zip | |
[adauth] Add field for homeDirectory attribute
Diffstat (limited to 'modules/sysconfig/addmodule_adauth.inc.php')
| -rw-r--r-- | modules/sysconfig/addmodule_adauth.inc.php | 92 |
1 files changed, 85 insertions, 7 deletions
diff --git a/modules/sysconfig/addmodule_adauth.inc.php b/modules/sysconfig/addmodule_adauth.inc.php index a4878a81..ed8a17ea 100644 --- a/modules/sysconfig/addmodule_adauth.inc.php +++ b/modules/sysconfig/addmodule_adauth.inc.php @@ -9,7 +9,7 @@ class AdAuth_Start extends AddModule_Base protected function renderInternal() { - $ADAUTH_COMMON_FIELDS = array('title', 'server', 'searchbase', 'binddn', 'bindpw', 'home', 'ssl', 'certificate'); + $ADAUTH_COMMON_FIELDS = array('title', 'server', 'searchbase', 'binddn', 'bindpw', 'home', 'homeattr', 'ssl', 'certificate'); $data = array(); if ($this->edit !== false) { moduleToArray($this->edit, $data, $ADAUTH_COMMON_FIELDS); @@ -75,6 +75,7 @@ class AdAuth_CheckConnection extends AddModule_Base 'binddn' => Util::normalizeDn(Request::post('binddn')), 'bindpw' => Request::post('bindpw'), 'home' => Request::post('home'), + 'homeattr' => Request::post('homeattr'), 'ssl' => Request::post('ssl'), 'certificate' => Request::post('certificate', ''), 'taskid' => $this->scanTask['id'] @@ -82,6 +83,8 @@ class AdAuth_CheckConnection extends AddModule_Base $data['prev'] = 'AdAuth_Start'; if (preg_match('#^\w+[/\\\\]\w+$#', Request::post('binddn')) || strlen(Request::post('searchbase')) < 2) { $data['next'] = 'AdAuth_SelfSearch'; + } elseif (empty($data['homeattr'])) { + $data['next'] = 'AdAuth_HomeAttrCheck'; } else { $data['next'] = 'AdAuth_CheckCredentials'; } @@ -114,11 +117,10 @@ class AdAuth_SelfSearch extends AddModule_Base AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() return; } - $parent = null; $this->originalBindDn = ''; // Fix bindDN if short name given // - if ($ssl) { + if ($ssl) { // Use the specific AD ports so the domain\username bind works $uri = "ldaps://$server:3269/"; } else { $uri = "ldap://$server:3268/"; @@ -131,7 +133,7 @@ class AdAuth_SelfSearch extends AddModule_Base 'searchbase' => $searchbase, 'binddn' => $this->originalBindDn, 'bindpw' => $bindpw, - 'username' => $user + 'filter' => "sAMAccountName=$user" )); if (!isset($selfSearch['id'])) { AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() @@ -142,7 +144,7 @@ class AdAuth_SelfSearch extends AddModule_Base protected function renderInternal() { - Render::addDialog(Dictionary::translate('config-module', 'adAuth_title'), false, 'sysconfig/ad-selfsearch', array_merge($this->taskIds, array( + $data = array( 'edit' => Request::post('edit'), 'title' => Request::post('title'), 'server' => Request::post('server'), @@ -151,10 +153,86 @@ class AdAuth_SelfSearch extends AddModule_Base 'binddn' => Request::post('binddn'), 'bindpw' => Request::post('bindpw'), 'home' => Request::post('home'), + 'homeattr' => Request::post('homeattr'), 'ssl' => Request::post('ssl') === 'on', 'fingerprint' => Request::post('fingerprint'), 'certificate' => Request::post('certificate', ''), 'originalbinddn' => $this->originalBindDn, + 'prev' => 'AdAuth_Start' + ); + if (empty($data['homeattr'])) { + $data['next'] = 'AdAuth_HomeAttrCheck'; + } else { + $data['next'] = 'AdAuth_CheckCredentials'; + } + Render::addDialog(Dictionary::translate('config-module', 'adAuth_title'), false, 'sysconfig/ad-selfsearch', + array_merge($this->taskIds, $data)); + } + +} + +class AdAuth_HomeAttrCheck extends AddModule_Base +{ + + private $taskIds; + + protected function preprocessInternal() + { + $server = Request::post('server'); + $port = Request::post('port'); + $searchbase = Request::post('searchbase', ''); + $binddn = Request::post('binddn'); + $bindpw = Request::post('bindpw'); + $ssl = Request::post('ssl', 'off') === 'on'; + if ($ssl && !Request::post('fingerprint')) { + Message::addError('error-read', 'fingerprint'); + AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() + return; + } + if (empty($server) || empty($binddn) || empty($port)) { + Message::addError('empty-field'); + AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() + return; + } + if ($ssl) { + $uri = "ldaps://$server:$port/"; + } else { + $uri = "ldap://$server:$port/"; + } + preg_match('#^(\w+=[^,]+),#', $binddn, $out); + $filter = $out[1]; + $data = array( + 'server' => $uri, + 'searchbase' => $searchbase, + 'binddn' => $binddn, + 'bindpw' => $bindpw, + 'filter' => $filter + ); + $selfSearch = Taskmanager::submit('LdapSearch', $data); + if (!isset($selfSearch['id'])) { + AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() + return; + } + $this->taskIds['self-search'] = $selfSearch['id']; + } + + protected function renderInternal() + { + Render::addDialog(Dictionary::translate('config-module', 'adAuth_title'), false, 'sysconfig/ad-selfsearch', array_merge($this->taskIds, array( + 'edit' => Request::post('edit'), + 'title' => Request::post('title'), + 'server' => Request::post('server'), + 'port' => Request::post('port'), + 'searchbase' => Request::post('searchbase'), + 'binddn' => Request::post('binddn'), + 'bindpw' => Request::post('bindpw'), + 'home' => Request::post('home'), + 'homeattr' => Request::post('homeattr'), + 'ssl' => Request::post('ssl') === 'on', + 'fingerprint' => Request::post('fingerprint'), + 'certificate' => Request::post('certificate', ''), + 'originalbinddn' => Request::post('originalbinddn'), + 'tryHomeAttr' => true, 'prev' => 'AdAuth_Start', 'next' => 'AdAuth_CheckCredentials' )) @@ -186,7 +264,6 @@ class AdAuth_CheckCredentials extends AddModule_Base AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() return; } - $parent = null; // Test query 4 users if ($ssl) { $uri = "ldaps://$server:$port/"; @@ -194,7 +271,6 @@ class AdAuth_CheckCredentials extends AddModule_Base $uri = "ldap://$server:$port/"; } $ldapSearch = Taskmanager::submit('LdapSearch', array( - 'parentTask' => $parent, 'server' => $uri, 'searchbase' => $searchbase, 'binddn' => $binddn, @@ -221,6 +297,7 @@ class AdAuth_CheckCredentials extends AddModule_Base 'binddn' => Request::post('binddn'), 'bindpw' => Request::post('bindpw'), 'home' => Request::post('home'), + 'homeattr' => Request::post('homeattr'), 'ssl' => Request::post('ssl') === 'on', 'fingerprint' => Request::post('fingerprint'), 'certificate' => Request::post('certificate', ''), @@ -282,6 +359,7 @@ class AdAuth_Finish extends AddModule_Base $module->setData('binddn', $binddn); $module->setData('bindpw', Request::post('bindpw')); $module->setData('home', Request::post('home')); + $module->setData('homeattr', Request::post('homeattr')); $module->setData('certificate', Request::post('certificate')); $module->setData('ssl', $ssl); if ($ssl) { |