dolibarr 19.0.4
Ldap Class Reference

Class to manage LDAP features. More...

Collaboration diagram for Ldap:

Public Member Functions

 __construct ()
 Constructor.
 
 connect_bind ()
 Connect and bind Use this->server, this->serverPort, this->ldapProtocolVersion, this->serverType, this->searchUser, this->searchPassword After return, this->connection and $this->bind are defined.
 
 close ()
 Simply closes the connection set up earlier.
 
 bind ()
 Anonymously binds to the connection.
 
 bindauth ($bindDn, $pass)
 Binds as an authenticated user, which usually allows for write access.
 
 unbind ()
 Unbind of LDAP server (close connection).
 
 getVersion ()
 Verification de la version du serveur ldap.
 
 setVersion ()
 Change ldap protocol version to use.
 
 setReferrals ()
 changement du referrals.
 
 add ($dn, $info, $user)
 Add a LDAP entry Ldap object connect and bind must have been done.
 
 modify ($dn, $info, $user)
 Modify a LDAP entry Ldap object connect and bind must have been done.
 
 rename ($dn, $newrdn, $newparent, $user, $deleteoldrdn=true)
 Rename a LDAP entry Ldap object connect and bind must have been done.
 
 update ($dn, $info, $user, $olddn, $newrdn=false, $newparent=false)
 Modify a LDAP entry (to use if dn != olddn) Ldap object connect and bind must have been done.
 
 delete ($dn)
 Delete a LDAP entry Ldap object connect and bind must have been done.
 
 dump_content ($dn, $info)
 Build a LDAP message.
 
 dump ($dn, $info)
 Dump a LDAP message to ldapinput.in file.
 
 serverPing ($host, $port=389, $timeout=1)
 Ping a server before ldap_connect for avoid waiting.
 
 addAttribute ($dn, $info, $user)
 Add a LDAP attribute in entry Ldap object connect and bind must have been done.
 
 updateAttribute ($dn, $info, $user)
 Update a LDAP attribute in entry Ldap object connect and bind must have been done.
 
 deleteAttribute ($dn, $info, $user)
 Delete a LDAP attribute in entry Ldap object connect and bind must have been done.
 
 getAttribute ($dn, $filter)
 Returns an array containing attributes and values for first record.
 
 getAttributeValues ($filterrecord, $attribute)
 Returns an array containing values for an attribute and for first record matching filterrecord.
 
 getRecords ($search, $userDn, $useridentifier, $attributeArray, $activefilter=0, $attributeAsArray=array())
 Returns an array containing a details or list of LDAP record(s).
 
 littleEndian ($hex)
 Converts a little-endian hex-number to one, that 'hexdec' can convert Required by Active Directory.
 
 getObjectSid ($ldapUser)
 Recupere le SID de l'utilisateur Required by Active Directory.
 
 binSIDtoText ($binsid)
 Returns the textual SID Indispensable pour Active Directory.
 
 search ($checkDn, $filter)
 Fonction de recherche avec filtre this->connection doit etre defini donc la methode bind ou bindauth doit avoir deja ete appelee Ne pas utiliser pour recherche d'une liste donnee de proprietes car conflit majuscule-minuscule.
 
 fetch ($user, $filter)
 Load all attribute of a LDAP user.
 
 getUserIdentifier ()
 Returns the correct user identifier to use, based on the ldap server type.
 
 parseUACF ($uacf)
 UserAccountControl Flgs to more human understandable form...
 
 parseSAT ($samtype)
 SamAccountType value to text.
 
 convert_time ($value)
 Convertit le temps ActiveDirectory en Unix timestamp.
 
 convFromOutputCharset ($str, $pagecodeto='UTF-8')
 Convert a string from output/memory charset.
 
 getNextGroupGid ($keygroup='LDAP_KEY_GROUPS')
 Return available value of group GID.
 

Public Attributes

 $server = array()
 Tableau des serveurs (IP addresses ou nom d'hotes)
 
 $connectedServer
 Current connected server.
 
 $dn
 Base DN (e.g.
 
 $serverType
 type de serveur, actuellement OpenLdap et Active Directory
 
 $ldapProtocolVersion
 Version du protocole ldap.
 
 $domain
 Server DN.
 
 $searchUser
 User administrateur Ldap Active Directory ne supporte pas les connexions anonymes.
 
 $searchPassword
 Mot de passe de l'administrateur Active Directory ne supporte pas les connexions anonymes.
 
 $people
 DN des utilisateurs.
 
 $groups
 DN des groupes.
 
 $ldapErrorCode
 Code erreur retourne par le serveur Ldap.
 
 $ldapErrorText
 Message texte de l'erreur.
 
 $connection
 The internal LDAP connection handle.
 
 $result
 Result of any connections etc.
 
const SYNCHRO_NONE = 0
 No Ldap synchronization.
 
const SYNCHRO_DOLIBARR_TO_LDAP = 1
 Dolibarr to Ldap synchronization.
 
const SYNCHRO_LDAP_TO_DOLIBARR = 2
 Ldap to Dolibarr synchronization.
 

Private Member Functions

 convToOutputCharset ($str, $pagecodefrom='UTF-8')
 Convert a string into output/memory charset.
 

Detailed Description

Class to manage LDAP features.

Definition at line 34 of file ldap.class.php.

Member Function Documentation

◆ add()

Ldap::add ( $dn,
$info,
$user )

Add a LDAP entry Ldap object connect and bind must have been done.

Parameters
string$dnDN entry key
array$infoAttributes array
User$userObjet user that create
Returns
int Return integer <0 if KO, >0 if OK

Definition at line 551 of file ldap.class.php.

References $dn, $ldapErrorText, $result, bind(), convFromOutputCharset(), dol_syslog(), and dump().

Referenced by update().

◆ addAttribute()

Ldap::addAttribute ( $dn,
$info,
$user )

Add a LDAP attribute in entry Ldap object connect and bind must have been done.

Parameters
string$dnDN entry key
array$infoAttributes array
User$userObjet user that create
Returns
int Return integer <0 if KO, >0 if OK

Definition at line 898 of file ldap.class.php.

References $dn, $result, bind(), convFromOutputCharset(), dol_syslog(), and dump().

◆ bind()

Ldap::bind ( )

Anonymously binds to the connection.

After this is done, queries and searches can be done - but read-only.

Returns
boolean true or false

Definition at line 439 of file ldap.class.php.

References $ldapErrorText.

Referenced by add(), addAttribute(), connect_bind(), delete(), deleteAttribute(), getAttribute(), modify(), rename(), update(), and updateAttribute().

◆ bindauth()

Ldap::bindauth ( $bindDn,
$pass )

Binds as an authenticated user, which usually allows for write access.

The FULL dn must be passed. For a directory manager, this is "cn=Directory Manager" under iPlanet. For a user, it will be something like "uid=jbloggs,ou=People,dc=foo,dc=com".

Parameters
string$bindDnDN
string$passPassword
Returns
boolean true or false

Definition at line 461 of file ldap.class.php.

References $ldapErrorText.

Referenced by connect_bind(), fetch(), getObjectSid(), getRecords(), and search().

◆ binSIDtoText()

Ldap::binSIDtoText ( $binsid)

Returns the textual SID Indispensable pour Active Directory.

Parameters
string$binsidBinary SID
Returns
string Textual SID

Definition at line 1277 of file ldap.class.php.

References $result, and littleEndian().

Referenced by getObjectSid().

◆ close()

Ldap::close ( )

Simply closes the connection set up earlier.

Returns true if OK, false if there was an error. This method seems a duplicate/alias of unbind().

Returns
boolean true or false
Deprecated
ldap_close is an alias of ldap_unbind, so use unbind() instead.
See also
unbind()

Definition at line 428 of file ldap.class.php.

References unbind().

◆ connect_bind()

Ldap::connect_bind ( )

Connect and bind Use this->server, this->serverPort, this->ldapProtocolVersion, this->serverType, this->searchUser, this->searchPassword After return, this->connection and $this->bind are defined.

Returns
int Return integer <0 if KO, 1 if bind anonymous, 2 if bind auth

Definition at line 265 of file ldap.class.php.

References $result, bind(), bindauth(), dol_syslog(), getDolGlobalString(), serverPing(), setReferrals(), setVersion(), and unbind().

◆ convert_time()

Ldap::convert_time ( $value)

Convertit le temps ActiveDirectory en Unix timestamp.

Parameters
string$valueAD time to convert
Returns
integer Unix timestamp

Definition at line 1514 of file ldap.class.php.

Referenced by fetch().

◆ convFromOutputCharset()

Ldap::convFromOutputCharset ( $str,
$pagecodeto = 'UTF-8' )

Convert a string from output/memory charset.

Parameters
string$strString to convert
string$pagecodetoPage code for result string
Returns
string Converted string

Definition at line 1551 of file ldap.class.php.

Referenced by add(), addAttribute(), delete(), deleteAttribute(), modify(), rename(), search(), and updateAttribute().

◆ convToOutputCharset()

Ldap::convToOutputCharset ( $str,
$pagecodefrom = 'UTF-8' )
private

Convert a string into output/memory charset.

Parameters
string$strString to convert
string$pagecodefromPage code of src string
Returns
string Converted string

Definition at line 1532 of file ldap.class.php.

Referenced by fetch(), and getRecords().

◆ delete()

Ldap::delete ( $dn)

Delete a LDAP entry Ldap object connect and bind must have been done.

Parameters
string$dnDN entry key
Returns
int Return integer <0 if KO, >0 if OK

Definition at line 751 of file ldap.class.php.

References $dn, $result, bind(), convFromOutputCharset(), and dol_syslog().

◆ deleteAttribute()

Ldap::deleteAttribute ( $dn,
$info,
$user )

Delete a LDAP attribute in entry Ldap object connect and bind must have been done.

Parameters
string$dnDN entry key
array$infoAttributes array
User$userObjet user that create
Returns
int Return integer <0 if KO, >0 if OK

Definition at line 990 of file ldap.class.php.

References $dn, $result, bind(), convFromOutputCharset(), dol_syslog(), and dump().

◆ dump()

Ldap::dump ( $dn,
$info )

Dump a LDAP message to ldapinput.in file.

Parameters
string$dnDN entry key
array$infoAttributes array
Returns
int Return integer <0 if KO, >0 if OK

Definition at line 821 of file ldap.class.php.

References $dn, $result, dol_mkdir(), dolChmod(), and dump_content().

Referenced by add(), addAttribute(), deleteAttribute(), modify(), and updateAttribute().

◆ dump_content()

Ldap::dump_content ( $dn,
$info )

Build a LDAP message.

Parameters
string$dnDN entry key
array$infoAttributes array
Returns
string Content of file

Definition at line 784 of file ldap.class.php.

Referenced by dump().

◆ fetch()

Ldap::fetch ( $user,
$filter )

Load all attribute of a LDAP user.

Parameters
User | string$userNot used.
string$filterFilter for search. Must start with &. Examples: &(objectClass=inetOrgPerson) &(objectClass=user)(objectCategory=person) &(isMemberOf=cn=Sales,ou=Groups,dc=opencsi,dc=com)
Returns
int >0 if OK, <0 if KO

Definition at line 1335 of file ldap.class.php.

References $domain, $people, $result, bindauth(), convert_time(), convToOutputCharset(), dol_syslog(), name, and parseUACF().

◆ getAttribute()

Ldap::getAttribute ( $dn,
$filter )

Returns an array containing attributes and values for first record.

Parameters
string$dnDN entry key
string$filterFilter
Returns
int|array Return integer <0 or false if KO, array if OK

Definition at line 1034 of file ldap.class.php.

References $dn, and bind().

◆ getAttributeValues()

Ldap::getAttributeValues ( $filterrecord,
$attribute )

Returns an array containing values for an attribute and for first record matching filterrecord.

Parameters
string$filterrecordRecord
string$attributeAttributes
Returns
array|boolean

Definition at line 1075 of file ldap.class.php.

◆ getNextGroupGid()

Ldap::getNextGroupGid ( $keygroup = 'LDAP_KEY_GROUPS')

Return available value of group GID.

Parameters
string$keygroupKey of group
Returns
int gid number

Definition at line 1570 of file ldap.class.php.

References $result, getDolGlobalString(), and search().

◆ getObjectSid()

Ldap::getObjectSid ( $ldapUser)

Recupere le SID de l'utilisateur Required by Active Directory.

Parameters
string$ldapUserLogin de l'utilisateur
Returns
string Sid

Definition at line 1227 of file ldap.class.php.

References $domain, $people, bindauth(), and binSIDtoText().

Referenced by getRecords().

◆ getRecords()

Ldap::getRecords ( $search,
$userDn,
$useridentifier,
$attributeArray,
$activefilter = 0,
$attributeAsArray = array() )

Returns an array containing a details or list of LDAP record(s).

ldapsearch -LLLx -hlocalhost -Dcn=admin,dc=parinux,dc=org -w password -b "ou=adherents,ou=people,dc=parinux,dc=org" userPassword

Parameters
string$searchValue of field to search, '*' for all. Not used if $activefilter is set.
string$userDnDN (Ex: ou=adherents,ou=people,dc=parinux,dc=org)
string$useridentifierName of key field (Ex: uid).
array$attributeArrayArray of fields required. Note this array must also contains field $useridentifier (Ex: sn,userPassword)
int$activefilter'1' or 'user'=use field this->filter as filter instead of parameter $search, 'group'=use field this->filtergroup as filter, 'member'=use field this->filtermember as filter
array$attributeAsArrayArray of fields wanted as an array not a string
Returns
array|int Array of [id_record][ldap_field]=value

Definition at line 1118 of file ldap.class.php.

References bindauth(), convToOutputCharset(), dol_syslog(), and getObjectSid().

◆ getUserIdentifier()

Ldap::getUserIdentifier ( )

Returns the correct user identifier to use, based on the ldap server type.

Returns
string Login

Definition at line 1419 of file ldap.class.php.

◆ getVersion()

Ldap::getVersion ( )

Verification de la version du serveur ldap.

Returns
string version

Definition at line 510 of file ldap.class.php.

◆ littleEndian()

Ldap::littleEndian ( $hex)

Converts a little-endian hex-number to one, that 'hexdec' can convert Required by Active Directory.

Parameters
string$hexHex value
Returns
string Little endian

Definition at line 1210 of file ldap.class.php.

References $result, and dol_strlen().

Referenced by binSIDtoText().

◆ modify()

Ldap::modify ( $dn,
$info,
$user )

Modify a LDAP entry Ldap object connect and bind must have been done.

Parameters
string$dnDN entry key
array$infoAttributes array
User$userObjet user that modify
Returns
int Return integer <0 if KO, >0 if OK

Definition at line 599 of file ldap.class.php.

References $dn, $result, bind(), convFromOutputCharset(), dol_syslog(), and dump().

Referenced by update().

◆ parseSAT()

Ldap::parseSAT ( $samtype)

SamAccountType value to text.

Parameters
string$samtypeSamType
Returns
string Sam string

Definition at line 1481 of file ldap.class.php.

◆ parseUACF()

Ldap::parseUACF ( $uacf)

UserAccountControl Flgs to more human understandable form...

Parameters
string$uacfUACF
Returns
array

Definition at line 1434 of file ldap.class.php.

Referenced by fetch().

◆ rename()

Ldap::rename ( $dn,
$newrdn,
$newparent,
$user,
$deleteoldrdn = true )

Rename a LDAP entry Ldap object connect and bind must have been done.

Parameters
string$dnOld DN entry key (uid=qqq,ou=xxx,dc=aaa,dc=bbb) (before update)
string$newrdnNew RDN entry key (uid=qqq)
string$newparentNew parent (ou=xxx,dc=aaa,dc=bbb)
User$userObjet user that modify
bool$deleteoldrdnIf true the old RDN value(s) is removed, else the old RDN value(s) is retained as non-distinguished values of the entry.
Returns
int Return integer <0 if KO, >0 if OK

Definition at line 657 of file ldap.class.php.

References $dn, $result, bind(), convFromOutputCharset(), and dol_syslog().

Referenced by update().

◆ search()

Ldap::search ( $checkDn,
$filter )

Fonction de recherche avec filtre this->connection doit etre defini donc la methode bind ou bindauth doit avoir deja ete appelee Ne pas utiliser pour recherche d'une liste donnee de proprietes car conflit majuscule-minuscule.

A n'utiliser que pour les pages 'Fiche LDAP' qui affiche champ lisibles par defaut.

Parameters
string$checkDnDN de recherche (Ex: ou=users,cn=my-domain,cn=com)
string$filterSearch filter (ex: (sn=nom_personne) )
Returns
array|int Array with answers (key lowercased - value)

Definition at line 1302 of file ldap.class.php.

References $result, bindauth(), convFromOutputCharset(), and dol_syslog().

Referenced by getNextGroupGid().

◆ serverPing()

Ldap::serverPing ( $host,
$port = 389,
$timeout = 1 )

Ping a server before ldap_connect for avoid waiting.

Parameters
string$hostServer host or address
int$portServer port (default 389)
int$timeoutTimeout in second (default 1s)
Returns
boolean true or false

Definition at line 851 of file ldap.class.php.

Referenced by connect_bind().

◆ setReferrals()

Ldap::setReferrals ( )

changement du referrals.

Returns
boolean referrals

Definition at line 534 of file ldap.class.php.

Referenced by connect_bind().

◆ setVersion()

Ldap::setVersion ( )

Change ldap protocol version to use.

Returns
boolean version

Definition at line 522 of file ldap.class.php.

Referenced by connect_bind().

◆ unbind()

Ldap::unbind ( )

Unbind of LDAP server (close connection).

Returns
boolean true or false
See also
close()

Definition at line 479 of file ldap.class.php.

References dol_syslog().

Referenced by close(), and connect_bind().

◆ update()

Ldap::update ( $dn,
$info,
$user,
$olddn,
$newrdn = false,
$newparent = false )

Modify a LDAP entry (to use if dn != olddn) Ldap object connect and bind must have been done.

Parameters
string$dnDN entry key
array$infoAttributes array
User$userObjet user that update
string$olddnOld DN entry key (before update)
string$newrdnNew RDN entry key (uid=qqq) (for ldap_rename)
string$newparentNew parent (ou=xxx,dc=aaa,dc=bbb) (for ldap_rename)
Returns
int Return integer <0 if KO, >0 if OK

Definition at line 701 of file ldap.class.php.

References $dn, $result, add(), bind(), dol_syslog(), modify(), and rename().

◆ updateAttribute()

Ldap::updateAttribute ( $dn,
$info,
$user )

Update a LDAP attribute in entry Ldap object connect and bind must have been done.

Parameters
string$dnDN entry key
array$infoAttributes array
User$userObjet user that create
Returns
int Return integer <0 if KO, >0 if OK

Definition at line 944 of file ldap.class.php.

References $dn, $result, bind(), convFromOutputCharset(), dol_syslog(), and dump().

Member Data Documentation

◆ $dn

Ldap::$dn

Base DN (e.g.

"dc=foo,dc=com")

Definition at line 64 of file ldap.class.php.

Referenced by add(), addAttribute(), delete(), deleteAttribute(), dump(), getAttribute(), modify(), rename(), update(), and updateAttribute().


The documentation for this class was generated from the following file: