clemens/kaffeeliste
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2126f9d1475f6c173a366ef1c2ce9d55fb50e552
kaffeeliste/functionsLDAP.php
T
clemens cd182a1fb9 Dateien nach "/" hochladen
2026-03-05 15:28:03 +01:00

166 lines
3.8 KiB
PHP
Raw Blame History

<?php
#$kennungtemp = $_SERVER['AUTH_USER'];
#$teile = explode("\\", $kennungtemp);
#$kennung = $teile[1];
$ad = ldap_connect("ldap://{$domain}") or die('Could not connect to LDAP server.');
ldap_set_option($ad, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ad, LDAP_OPT_REFERRALS, 0);
@ldap_bind($ad, "{$aduser}@{$domain}", $adpassword) or die('Could not bind to AD.');
$userdn = getDN($ad, $kennung, $basedn);
$mailadress = getADMail($ad, $kennung, $basedn);
ldap_unbind($ad);
/**
* This function searchs in LDAP tree entry specified by samaccountname and
* returns its DN or epmty string on failure.
*
* @param resource $ad
* An LDAP link identifier, returned by ldap_connect().
* @param string $samaccountname
* The sAMAccountName, logon name.
* @param string $basedn
* The base DN for the directory.
* @return string
*/
function getDN($ad, $samaccountname, $basedn)
{
$result = ldap_search($ad, $basedn, "(samaccountname={$samaccountname})", array(
'dn'
));
if (! $result)
{
return '';
}
$entries = ldap_get_entries($ad, $result);
if ($entries['count'] > 0)
{
return $entries[0]['dn'];
}
return '';
}
function getADMail($ad, $samaccountname, $basedn)
{
$attributes = array('mail');
$resultz = ldap_search($ad, $basedn, "(samaccountname={$samaccountname})", $attributes);
$entriesz = ldap_get_entries($ad, $resultz);
#return $entriesz[0]['mail'];
# $entries = ldap_get_entries($ad, $result);
if ($entriesz['count'] > 0)
{
return $entriesz[0]['mail'][0];
}
return 'nichts gefunden';
}
/**
* This function retrieves and returns Common Name from a given Distinguished
* Name.
*
* @param string $dn
* The Distinguished Name.
* @return string The Common Name.
*/
function getCN($dn)
{
preg_match('/[^,]*/', $dn, $matchs, PREG_OFFSET_CAPTURE, 3);
return $matchs[0][0];
}
/**
* This function checks group membership of the user, searching only in
* specified group (not recursively).
*
* @param resource $ad
* An LDAP link identifier, returned by ldap_connect().
* @param string $userdn
* The user Distinguished Name.
* @param string $groupdn
* The group Distinguished Name.
* @return boolean Return true if user is a member of group, and false if not
* a member.
*/
function checkGroup($ad, $userdn, $groupdn)
{
$result = ldap_read($ad, $userdn, "(memberof={$groupdn})", array(
'members'
));
if (! $result)
{
return false;
}
$entries = ldap_get_entries($ad, $result);
return ($entries['count'] > 0);
}
/**
* This function checks group membership of the user, searching in specified
* group and groups which is its members (recursively).
*
* @param resource $ad
* An LDAP link identifier, returned by ldap_connect().
* @param string $userdn
* The user Distinguished Name.
* @param string $groupdn
* The group Distinguished Name.
* @return boolean Return true if user is a member of group, and false if not
* a member.
*/
function checkGroupEx($ad, $userdn, $groupdn)
{
if ($groupdn == "")
{
return false;
}
$result = ldap_read($ad, $userdn, '(objectclass=*)', array(
'memberof'
));
if (! $result)
{
return false;
}
$entries = ldap_get_entries($ad, $result);
if ($entries['count'] <= 0)
{
return false;
}
if (empty($entries[0]['memberof']))
{
return false;
}
for ($i = 0; $i < $entries[0]['memberof']['count']; $i ++)
{
if ($entries[0]['memberof'][$i] == $groupdn)
{
return true;
}
elseif (checkGroupEx($ad, $entries[0]['memberof'][$i], $groupdn))
{
return true;
}
}
return false;
}
?>
Reference in New Issue View Git Blame Copy Permalink